--- Log opened Sun May 09 00:00:54 2021
12:56 -!- NotLarry [~NotLarry@066-190-177-036.res.spectrum.com] has quit [Ping timeout: 252 seconds]
13:07 -!- rpifan_ [~rpifan@p200300d2672b5d00665991acc575e50b.dip0.t-ipconnect.de] has joined #se2600
13:10 <@Catonic> One local bar has a similar password, "tipyourbartenders"
13:25 -!- rpifan_ is now known as rpifan
14:11 < xtort-[df-org]> tipmeforthepassword
15:32 <@Dagmar> Mirage: You need to double down on it and print a QR code ;)
15:35 <@Mirage> Discovered sshguard, which has apparently been around a long time.   Doc claim it works for more than just ssh, but id doesn't appear to be working for anything but SSH so far.   I did figure out that for the sendmail spammer crap I could just do my own script to identify abusers to block, then add them to the sshguard blacklist file and restart the service to let it manage blocking them via ipsets in
15:35 <@Mirage> firewalld.
16:00 <@Evilpig> just read up on that.  like fail2ban just lighter
16:20 <@eryc> shouldnt need to restart any firewall services
16:21 <@eryc> on some dedicated equipment the trick is to make a new randomly names ruleset, apply it, remove the real one, then rename
16:21 <@Mirage> eryc: restart sshguard, not firewalld
16:21 <@eryc> ah
16:22 <@eryc> even still it should support HUP
16:23 <@Mirage> systemctl reload sshguard is an unsupported option for the service.  Granted I could make it supported by editing the .service file, but meh...just restart it and call it good.
16:23 <@eryc> from github:  signal(SIGHUP, sigfin_handler);
16:23 <@eryc> it treats hup as term
16:24 <@eryc> at any rate china has been brute forcing me for 10 years and hasn't got in and i'm sure my passwords are in the wild
16:26 <@Mirage> eryc: yeah, i just get annoyed by all the log messages.  Outside my network SSH is key or 2FA and has been for over 10 years.
16:28 <@Mirage> I also have a pam listfile configured for users allowed to ssh in
17:38 < jb7od> I can't be alone in this- when's the last time anybody had a good old fashioned "oh! but that sucker's 32-bit!"
17:39 < jb7od> I'm having one. Have had with everything from phone systems to exchange databases, but I'm all old-- but yeah, there's holdouts out here-- adventures in lostware
18:16 -!- lastchild [~lastchild@c-67-187-104-215.hsd1.tn.comcast.net] has quit [Ping timeout: 246 seconds]
20:03 <@eryc> https://www.youtube.com/watch?v=LZo4YPRHask
20:03 < PigBot> snl moments that are hilarious chaos - YouTube (at www.youtube.com) https://tinyurl.com/ydl89r3r
20:28 -!- rpifan [~rpifan@p200300d2672b5d00665991acc575e50b.dip0.t-ipconnect.de] has quit [Ping timeout: 245 seconds]
--- Log closed Mon May 10 00:00:56 2021