Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜

Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.

First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.

Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.

Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.

Dealing with attacks and getting hacked.

Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.

linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)

How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!

One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)

Dealing with different kinds of attacks:

Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.

So yah, hereby :P

Hate to say this.

I regret my last year's purchase of macbook air. I could've easily purchased a powerful laptop with atleast 16 GB RAM and high end Graphics.... Instead i choose to go with this piece of shit for a change.. :/

Also Ubuntu is much user friendly than macos.

I can maintain your shitty legacy node 6 code
And the shitty m3 ec2 instance with Ubuntu 16 that it runs on
And another one with postgres 9
But if I have to make a powerpoint presentation, I am jumping ship.
A man has his limits

I just fixed a wireless driver issue on my friend's HP laptop. I had to download driver source separately and build it and install it..

Bloody RT3290.. Turns out the WiFi doesn't work by default on laptops with this chip and Ubuntu 16**

My uncle was a programmer. My whole extended family lived very close together, so I saw him almost every weekend. He would tell me tall tales about the war between corporations and open source. I started hating all things Microsoft and advocating for Linux. For my 12th birthday, he gave me a computer he had recently fixed. Of course, it had Ubuntu Linux.

That's when he started teaching me the basics: Bash, Lisp, and C. I know some of you are tired of the cliche "I started coding at 12 and built my first OS at 16," but of course that's not reality. I really just wrote simple math formulas like chicarronera^[1] for my homework, a super simple text-input videogame, and a button-filled GUI. That's nothing compared to what I do now, so I won't dare put that into my resume. But it did give me an advantage over my peers, and by the time I had to self-learn web development for my job, my uncle had already given me all of these tools.

[1] Spanish slang for the quadratic equation. Literally means "street vendor who sells chicharron". The formula is taught so fierce in school that even street vendors must know it.

!rant
I'm just amazed what 512MB of RAM can do :O
That's htop from my VPS I feel sorry for the CPU though.

It is running three docker containers:
1. Dotnet Core
2. MySQL
3. OpenVPN

Did you know?
Ubuntu 16.04 can't build ROS.

Fsck!
I look retarded running a VM of Ubuntu 14 in Ubuntu 16

Moving legacy app from ubuntu 10 server to ubuntu 16 server

Yay!

So I finally dual booted ubuntu 16 lts alongside w10 on a laptop with nvidia optimus.

As have next to 0 XP with linux systems almost every step needed extensive googling, but in the end I have

- cinnamon
- vs code
- git
- cloned my xmlRant repo that uses asp.net core 1.1.2
- built it sucessfully
- *bonus* figured out how to use remmina to connect rdp to workplaces win 2008 r2 gateway

Very happy ^___^

my first day with Linux.

1. downloaded the Ubuntu 16. 04 LTS and made bootable.
2. install it on my system.
3. after installing wifi is not working.
4. searched on internet with my phone and connected my PC with USB thetering.
5. now installed wifi driver.
6. now my Nvidia card is not working installed its driver too.
6.finally i look at my desktop and its looking really ancient and old.
7. installed gnome desktop and switch to it.
8. now gnome is not much functional so added some extensions like dash to dock, dynamic transparency.
9. now setup java and android studio.
10. after that android studio font is looking blurry. finally stackoverflow made my life easy and i fixed it.

now after all this my system is working crazy fast.. Android studio is opening in just 5-6 seconds.
really happy.. 😍 😍

So friend of mine gave me a laptop because she is used to Ubuntu and wanted me to install it on her Windows 10 laptop. She also said to copy files from folder to external hard drive.

I said, sure!
So I went back home, copied all the files to my external HDD, everything copied successfully. I formated the laptop, installed the Ubuntu and set it up.
Time to move the files. I hooked up the HDD, I click on the folder... It's blank...
Okay, so I thought thats maybe Ubuntu's fault. I hooked the HDD to my brother's Windows machine, I open the folder...

"File or folder is corrupted"

Well fuck my life. 8 hours have passed since I started the file restoration tool on my computer. It says it's 16 hours to go. Luckily it restored 214 files already, so there's a hope

When people don't upgrade from Ubuntu 14 to 16 :(

Ubuntu 16 lts wifi drivers have problem and i am unable to fix this shit, everytime there's a new problem with ubuntu I hate ubuntu now for these many problems I'm not going to use it again.
If I didn't find any good linux distro I think I should switch to mac

when you realize Ubuntu 12 is not LTE any more.... tought it was going to be forever....Well yeah let's try lte 16.

My first exposure to computers was when i was 7 in 98. Hp Palvillion with windows 98. Got it from walmart and it cost around $1100. Brought it home and i hooked it up on my own on the living room floor. First program installed was "who wants to be a millionare", fitting that a game be the first thing installed since it was for homework. I lived 16 miles from town at the time so i really had no friends and the isolation made it hard for me to adjust in school to the point that i was a loud kid seeking attention. Then we got dialup and i found invisionfree forums which my first programing experiance with javascript started. And no I'm not talking about jquery I'm talking about the real thing.

Fast foward a year. I find an opensource arcade and learn php while writting an arcade from scratch that uses curl to mitm login to verify the user. Later that month i create a small project that dynamicly creates a signature image for the top 1000 posters on a coding forum i liked.

Then all hell broke loose when i found osdev.org, thought i was going to be a badass and make the ultimate operating system that would combine linux, windows, and mac where it could run anything. Reality Check hit me like a semi and train hitting at full force trying that and made me look into hacking. Spent alittle while breaking windows in so many ways and talking to others on irc until i was about to turn 18. Switched to ubuntu 12.04 my senior year while that was occuring.

Don't call is ECMAScript 6 — call it JS 2015.
Don't call it iPhone 16 — call it iPhone 2024. Or Apple Phone 2024.
Don't call it Ubuntu 24.10 Oracular Oriole — call it Ubuntu 2024.
Don't call it WiFi 802.11 b/g/n/ac/ax — call it WiFi 1 gb/s.
Don't call it SDXC II 3 10 — call it SD 300 mb/s.
Don't call it USB 3.2 gen 2x2 — call it USB 20 gb/s.
Don't call it Google Pixel 6A — call it Google Phone 2022 Lite.

STOP. Giving. Bullshit. Names! Make it SIMPLER for once.

sigh. I hope one day Linux can be rewritten in something with more sensible package management. C/C++ can just be a real pain more often that not. My case was trying to install CUDA on ubuntu 16 following the OFFICIAL developer guide. gave up after trying for an hour. It needed the kernel headers for compile the drivers and it was jsut alot of pain dealing with files being in the wrong place and gcc version mismatching and tons of other cryptic errors. and this is for ubuntu which is a pretty mainstream distro.

No no no, that's not for what I came to linux.
Opened couple of tasks including one browser with < 10 tabs, sublime, skype and it starts fucking hang.
I have 8g ram, core i3 .
I'm using Ubuntu 16 lts. Its such a shame

I've been wondering about renting a new VPS to get all my websites sorted out again. I am tired of shared hosting and I am able to manage it as I've been in the past.

With so many great people here, I was trying to put together some of the best practices and resources on how to handle the setup and configuration of a new machine, and I hope this post may help someone while trying to gather the best know-how in the comments. Don't be scared by the lengthy post, please.

The following tips are mainly from @Condor, @Noob, @Linuxxx and some other were gathered in the webz. Thanks for @Linux for recommending me Vultr VPS. I would appreciate further feedback from the community on how to improve this and/or change anything that may seem incorrect or should be done in better way.

1. Clean install CentOS 7 or Ubuntu (I am used to both, do you recommend more? Why?)
2. Install existing updates
3. Disable root login
4. Disable password for ssh
5. RSA key login with strong passwords/passphrases
6. Set correct locale and correct timezone (if different from default)
7. Close all ports
8. Disable and delete unneeded services
9. Install CSF
10. Install knockd (is it worth it at all? Isn't it security through obscurity?)
11. Install Fail2Ban (worth to install side by side with CSF? If not, why?)
12. Install ufw firewall (or keep with CSF/Fail2Ban? Why?)
13. Install rkhunter
14. Install anti-rootkit software (side by side with rkhunter?) (SELinux or AppArmor? Why?)
15. Enable Nginx/CSF rate limiting against SYN attacks
16. For a server to be public, is an IDS / IPS recommended? If so, which and why?
17. Log Injection Attacks in Application Layer - I should keep an eye on them. Is there any tool to help scanning?

If I want to have a server that serves multiple websites, would you add/change anything to the following?
18. Install Docker and manage separate instances with a Dockerfile powered base image with the following? Or should I keep all the servers in one main installation?
19. Install Nginx
20. Install PHP-FPM
21. Install PHP7
22. Install Memcached
23. Install MariaDB
24. Install phpMyAdmin (On specific port? Any recommendations here?)

I am sorry if this is somewhat lengthy, but I hope it may get better and be a good starting guide for a new server setup (eventually become a repo). Feel free to contribute in the comments.

What is the Best IDE for MySql in Ubuntu 16?

:P Dont say wine or dbviewer, I am fed up with those

Sleep states in Ubuntu 16.04 is shit, it restarts your pc without the user's knowledge

So one of my aunt who is a school teacher had her Windows 10 + Ubuntu 16 dual boot laptop updated with Ubuntu 18 by the school principal. The school principal having no clue what she was doing, ended up messing up the boot manager. I hear she simply deleted the Ubuntu 16 system files to make space and proceeded to install Ubuntu 18. The school principal took no responsibility of the catastrophe because it worked fine with other laptop.

The school has no IT department or anything of that sort either.

Guess who had to help there? Me. However, I have no clue about that area, anyhow, I managed to show a way to bootup Ubuntu 18 which is what they use at school. Windows won't boot anymore.

About a month later, now I hear the drive where Ubuntu 18 is installed is full and it is causing some issues. There is no delete option on right to make space.

May God help them. 🤷🏻‍♂️

Question for those running Linux on a Dell XPS 13 with a 4k display. What distro do you use? I tried using Ubuntu 16 but had to uninstall it due to absolutely terrible battery life and heat.

Ive been doing fine using the Linux subsystem for windows, but I kinda wanted to give Linux another go and dual boot just for the heck of it.

Inspite of having a decent pc setup, ubuntu keeps stopping.

My pc specs are as follows :-

RAM - 16 GB DDR4

HDD - 1TB (Windows 10 professional)

SSD - 240 GB(Ubuntu 20.04LTS)

GPU - Nvidia Geforce GTX 1050 ti

CPU - Intel i5-9400F (6) @ 4.100GHz

My daily usage hardly requires 5 gigs of ram. Ubuntu works suddenly hangs and works fine again...after sometime again this thing happens...in discord the same thing happens but more frequently than the normal workstation. When i give my password to login, then also it takes time more than normal to start. Even bootup takes like roughly 40 seconds whereas windows boots within 2-3 seconds. Any help would be appreciated.

How reliable or better freebsd is? I was thinking to use it in production server instead of ubuntu 16 LTS. I've heard it has pretty good networking stack and whatsapp uses it in their prod machines.

Hey guys. Planning on getting a Dell Inspiron 13 7373 2 in 1 with i7/16 GB RAM config. Has anyone used it? Would you recommend it? My primary OS is Ubuntu and use it for Android development, js and php.

!Rant

I've spent a week now. Lenovo laptops, specifically the ones that aren't high end like the ThinkPad or the Yogas have shit compatibility with Linux.

For some really weird reason the colors look like I'm using a 16 bit and lib-input just wouldn't work properly with my track pad.

I can live with the display but can't simply remove lib-input and switch to synaptic without deleting the whole gnome-shell on the Ubuntu Gnome.

I deleted windows and there's no fucking way to reset the battery threshold back to 100% from 60% without installing windows because there's no driver for it. Tlp along with ThinkPad configurations doesn't help too.

(Lenovo G50-80)