GnomeComedy @ GnomeComedy @beehaw.org

Posts

0

Comments

77

Joined

2 yr. ago

https://www.zdnet.com/article/opensuse-seeks-a-leap-replacement-but-will-distro-community-rise-to-the-challenge/

If you think ClamAV on your mom's laptop on Starbucks WiFi is doing anything useful, but you think fail2 ban isn't - you're naive.

On phishing - you've got another great example. ublock origin or any other decent adblocker will do WAAAAY more to help than ClamAV.

Ideally you keep your configs in a git repo (like github). You know what's modified because you're the one who modified them. If you modify them - put that config file in the git repo.

As for "put down" I just meant copied to the system (from github) by your automation (like ansible)

https://docs.ansible.com/ansible/latest/getting_started/index.html

Sounds like you've got a better solution, but I think you forgot to mention what it was.

That, and:

• put down config files that were modified
• enable/start services that were installed
• modify the firewall to open necessary ports

Basically: put everything back as it was right before the ransomware encrypted your system on you.

Then of course - fix what you did wrong that got you compromised. ;-)

No, most desktops behind a NAT probably dont need fail2ban (though it wouldn't hurt).

Everyone's security profile/needs are different.

The point is that list does a hell of a lot more useful than ClamAV

Expensive if you want 1 hoodie, plus most of us would prefer if at least some tiny portion of the money supported the project.

You'd be better served learning how to setup and use:

• backups (and test them)
• automate your reinstall (see ansible)
• firewalld (RHEL/Fedora) or ufw (Ubuntu)
• fail2ban
• SELinux (RHEL/Fedora) or AppArmor (Ubuntu)
• disable SSH via password, use keys only
• adblocker (like ublock origin) - credit to whale@lemm.ee for the idea below

Precision are much better than XPS

Hi - been a sysadmin for 19 years and I can tell you why: software that 'requires' Ubuntu. I work at a University and all of our required software runs on either RHEL or Ubuntu. I would LOVE to move everything to RHEL and rid my life of Canonical shenanigans, but we have software that just won't run (in any sane form) on RHEL. The researchers especially love Ubuntu because much of the software used in the LLM/AI explosion is generally released with Ubuntu packages, or install instructions based on Ubuntu package dependencies.

tl;dr - it's not the sysadmin choosing, it's the developer choosing.

What, no Phoenix icon? Or even Firebird?

https://pbs.twimg.com/media/FdZzbrpUoAAvaly.jpg

https://3.bp.blogspot.com/-KHyzU-FxzD8/VCYTo8-8UGI/AAAAAAAAUr8/DQlkaMqHR9s/s1600/04-14%2BEfemerides%2Bde%2BTecnologia%2Bphoenix_firebird.jpg

No problem. If you can't get it working hit me up and I'll see what I can do to help.

I was curious and I was able to use ansible to install a list of flatpaks without problem

In fedora podcast #30 just a week or so ago there was some discussion about ansible and silverblue. I don't think it specifically answers your questions, but may be an interesting listen since you're looking into this. https://fedoraproject.org/podcast/

As someone who uses GNOME on two monitors...I dont understand

If you aren't already. Check out "Eternity" for lemmy. It's Infinity, but for lemmy. Feels really nice having basicly the same app, just pointed at lemmy instead of reddit.

At least that's what they said it uses.