This post refers to the cover by Kotoringo (コトリンゴ) for the movie “In this Corner of the World” (この世界の片隅に), released in 2016. I would have probably never found this piece if it wasn’t for the great movie.
You shouldn’t expect heavy action scenes in this movie though, as it is pretty much a slice-of-life anime revolving around a family during the end of WW2.
Great movie and definitely worth to watch, maby even more so than “Your Name” (君の名は)?
This is the cover by Kotoringo, which is used in the movie as an OST:
The original work by “The Folk Crusaders” (ザ・フォーク・クルセダーズ) from 1968:
It turns out that SSH brute-force attacks, dictionary attacks or combinations of those are daily routines nowadays. Server logs are quickly filled with login attempts, in the hopes that one of them is right. The best prevention against these kind of attacks is to - obviously - have a secure password, or even better to force key-based authentication.
However, this won’t stop automated attacks from trying out dozens of usernames and passwords anyway, which is generally annoying. Thus, the approach to hide the SSH port, which by default is 22. One solution some people do is moving SSH to a non-standard port. Basically, some random number that won’t conflict with anything else.
Another interesting trick is to not immediately expose the SSH port, but only when a client is saying “Open Sesame”. Jokes aside, that’s roughly what port knocking allows us to do. There are many variants on port knocking and many programs that implement it. The following tutorial will use knockd as port-knocking server.
Install Prerequisites
Download and install the knock-server rpm package:
In the above configuration, we’ve stated that any host that sends a TCP SYN message to port 6000, then 7000 and finally to 8000, within 15 seconds, will cause the iptables command to be run. As you can see, the use of iptables is not hard-coded to knockd at all, meaning that any command can be run when the port sequence is triggered, allowing us to do all sorts of fancy stuff. To close it up, we do the same sequence in reverse order (that’s because we have configured it to do so).
GnuPG (GNU Privacy Guard) is a tool for encrypting and signing data. It is a completely free implementation of the OpenPGP standard (defined by RFC4880), which is also known as GPG. This post contains a brief overview of the most important commands you probably have to use when working with GnuPG.
Generating GPG Keys
1
$ gpg --gen-key
You will be asked what kind of key you want, simply proceed with the instructions that are given to you.
A XML (short for Extensible Markup Language) document consists of:
the prolog (optional)
the document type definition (DTD, optional)
the root element (which furthermore consists of more elements, tree structure)
Comments and processing instructions can be defined outside of tags.
Prolog
The basic prolog looks like this: <?xml version="1.0" ?> An extended version: <?xml version="1.0" encoding="ISO-8859-1" standalone="yes" ?>
Attributes explained:
version: XML version
encoding: Character set, defaults to UTF-8
standalone: define if extern entities or DTDs are being referenced in this document
Document Type Definition
The DTD defines structure validation rules for our documents. We fundamentally construct elements with their respective type (analogous to the database schema).