Punkie

Specialization can breed a narrow limit of scope when it come to general knowledge. Sometimes the best lawyers and surgeons are complete idiots when it comes to falling for things like, say, internet scams. I am not sure if that’s what’s happening here, but I have known enough assistants of big skilled people that they always say “This guy is a brilliant surgeon, but doesn’t know how to cook or even how to shop for his own groceries.”

It’s the “not handling” part that gets us as kids. We knew better. Adults didn’t. In my case, I was in high school, but it was on a “Teacher workday, student holiday” we had each semester. I watched it live on NASA TV, which we had on channel UHF 55 in the DC area. Even the voice of mission control delayed about a minute or two. I remember thinking, “THAT didn’t look good…” but then they said nothing but normal speed and temp readings, so I thought it was just the angle of the chase plane. Only when the famous “forked cloud” appeared that the announcer said, “we have an apparent major malfunction,” or something.

Also does anyone still port knock these days?

If they did, would we know?

Basic setup for me is scripted on a new system. In regards to ssh, I make sure:

• Root account is disabled, sudo only
• ssh only by keys
• sshd blocks all users but a few, via AllowUsers
• All ‘default usernames’ are removed, like ec2-user or ubuntu for AWS ec2 systems
• The default ssh port moved if ssh has to be exposed to the Internet. No, this doesn’t make it “more secure” but damn, it reduces the script denials in my system logs, fight me.
• Services are only allowed connections by an allow list of IPs or subnets. Internal, when possible.

My systems are not “unhackable” but not low-hanging fruit, either. I assume everything I have out there can be hacked by someone SUPER determined, and have a vector of protection to mitigate backwash in case they gain full access.

I have been using Kubuntu as a daily driver for almost 10 year now, and never regretted it. I had one Windows box for things like special cases (like dumb website forms that won’t let me use Linux), Pearson Vue exams, and edge cases related to work, but it’s on standby as a secondary system I RDP into. I am not a gamer, so I didn’t need it for that. I saved so much money not having to buy hardware in the last decade or so.

Sadly, Windows 11 won’t work on anything I have (TPM issues, too old), so I recently got a cheap Windows 11 laptop before the tariffs hit and I pay more for dumb Windows-only reasons.

Linux all the way, man. Gave me a career, a life, and my hardware back.

“… I was now… a fem-MAN!” [Orchestra music swells]