endlessh
watchtower
Our great sponsors
endlessh | watchtower | |
---|---|---|
40 | 214 | |
6,769 | 16,559 | |
- | 3.3% | |
0.0 | 8.4 | |
9 months ago | 8 days ago | |
C | Go | |
The Unlicense | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
endlessh
-
Why so many bots?
You can reduce the noise a lot by moving ssh to a non standard port. Security through obscurity isn't actually security, but it will reduce the number of attempts you receive. Another thing I like to do is put Endlessh on the standard port 22. That way as bots go by they will get stuck or at least slow down on that connection.
-
ChatGPT doxes itself
Even this requires you to successfully guess the username and password correctly, and if it's just not the default most people won't bother brute forcing further. Sidenote: you can use endlessh on a computer and port forward port 22 to trap scanners that scan the entire internet for open ssh ports to exploit.
-
Ssh brute force attack with fail2ban.
The fun way is moving your ssh port somewhere else and installing endlessh to f the bots.
-
Security for your Homeserver
Such as endlessh
-
Keep it tight everyone! This is a day of sshd logs from a proxy server in China pinging my SSH server and trying every username imaginable. Does anyone have any tips to increase security?
But, as a prank to Chinese hackers, what I did on my system was to run endless ssh. It keeps the ssh client busy as it slowly sends the ssh banner. I modified the code to send strings like:
Install https://github.com/skeeto/endlessh to run on eg. port 22233 (in /etc/endlessh.conf)
this'll help
- Any app out there to trap port scanners?
- Mein Server wird für Bruteforce Attacken genutzt, was kann ich tun?
-
Just so we're clear - you do all know your passwords, right?
I have port 22 open on my home server, but I have this running on that port: https://github.com/skeeto/endlessh. It's quite wild seeing the amount of connection attempts for this.
watchtower
- PSA - Run "docker image prune" once in a while.
-
Roundcube Open-Source Webmail Software Merges with Nextcloud
> if you're using the docker image, upgrades are a breeze. Just bump the tag on the image, redeploy, and you're done.
Or you could just run Watchtower beside it and it will automatically update your docker containers. https://github.com/containrrr/watchtower If you are OK with automated updates.
-
The Curse of Docker
So i primarily use containers on my local machine walled off from the internet, so it's not a big concern for me. Watchtower [1] is popular among home server users too which automatically updates containers to the latest image.
For production uses I think companies generally build their own containers. They would have a common base linux container and build the other containers based off that with a typical CI/CD pipeline. So if glibc is patched, it's probably patched in the base container and the others are then rebuilt. You don't have to patch each container individually, just the base. Production also minimizes the scope of containers with nothing installed except what's necessary so they have few dependencies.
-
Ask HN: If you were to build a web app today what tech stack would you choose?
You can use Watchtower (https://containrrr.dev/watchtower/) that solves problem of manual pulling on VPS.
-
Long Term Ownership of an Event-Driven System
Again, there are options to automate some of the burden here by using tools such as Watchtower.
-
Update containers/images to latest version in Docker Desktop (windows)
Watchtower is a popular thing to also run in a container, and it can check all your containers for updates and optionally also pull and restart them them. However there are some risks to automatically update software right away when its released. Typically i would recommend you set Watchtower to only notify you about available updates, and then you can check the releasenotes and decide when its safe to update.
-
Seatch for apps updates notifier app
If your apps are container images, then there are tools like diun, watchtower and whatsupdocker, those can watch the image repository (like Docker Hub) and notify you if a new/updated image has been found. Some can even download and auto-update for you, but that comes at some risk of course.
-
Automatic Deployment using Docker and GitHub Actions
Watchtower is an open-source software that automatically recreates your containers with the new version of the image as soon as it is available on the registry.
-
Is there a centralized Docker Container Management for updating containers?
Watchtower is quite popular. It is a watchdog that monitors the images your containers are using, and at regular intervals, checks their registries (Docker Hub, GitHub, etc) if there are new "versions" available. Then it can either automatically pull the image and restart the container to immediately use it. Or it can just notify you about it and you manage the updating yourself.
-
How do you guys monitor K8s core services new versions
https://containrrr.dev/watchtower/ ??
What are some alternatives?
ouroboros - Automatically update running docker containers with newest available image
Diun - Receive notifications when an image is updated on a Docker registry
Portainer - Making Docker and Kubernetes management easy.
docker-socket-proxy - Proxy over your Docker socket to restrict which requests it accepts
shepherd - Docker swarm service for automatically updating your services whenever their image is refreshed
whats-up-docker - What's up Docker ( aka WUD ) gets you notified when a new version of your Docker Container is available.
awesome-home-kubernetes - ⚠️ Deprecated: Awesome projects involving running Kubernetes at home
docker-pi-hole - Pi-hole in a docker container
tubearchivist - Your self hosted YouTube media server
dockupdater - Automatically keep your docker services and your docker containers up-to-date with the latest version
unpackerr - Extracts downloads for Radarr, Sonarr, Lidarr, Readarr, and/or a Watch folder - Deletes extracted files after import
swarmpit - Lightweight mobile-friendly Docker Swarm management UI