Author Archives: The Quantum Physicist

Does using a VPN to allow ssh connections provide better security, especially after seeing how CVE-2024-3094 (XZ backdoor) is done?

Posted on by

For my own (public) servers, is it considered a good idea to only allow ssh connections from VPN connections (OpenVPN, Wireguard or otherwise), to mitigate any possible attacks in the future on ssh?
It seems that ssh is constantly under at… Continue reading Does using a VPN to allow ssh connections provide better security, especially after seeing how CVE-2024-3094 (XZ backdoor) is done?

Backup to a remote Encrypted APFS drive mounted through Samba. Is this a sound plan?

Posted on by

Say I have a remote machine (something like a VPS) that I have no physical access or physical authority over other than a user on it (with root access). However, I’d like to do Time Machine backups on it.
Time Machine is a mac tool for inc… Continue reading Backup to a remote Encrypted APFS drive mounted through Samba. Is this a sound plan?

Use mining to prevent DDOS attacks on websocket: Is this a viable solution?

Posted on by

I’m thinking whether the following way is a good way to completely and totally prevent ddos on my server. My idea is to use the same mechanism of cryptocurrency mining (bitcoin, with sha256 or any other hash) to prevent DDOS.

Note: I’m no… Continue reading Use mining to prevent DDOS attacks on websocket: Is this a viable solution?

Should I store my encrypted password’s salt and initialization vector as clear text?

Posted on by

I’m encrypting some file with AES-256-CBC, and I’m planning to store the cipher text in a json file, with something like:

{
“data”: “0123456789ABCDEF…”,
“salt”: “00123ABCAABBCCDD…”,
“iv”: “000111ABCCBBCCDDFD…. Continue reading Should I store my encrypted password’s salt and initialization vector as clear text?