New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Uses of VPS
As many VPS are just doing nothing. So if possible share your uses of VPS. There are already threads on this topic and there is no harm to revisit it now. Here are some of my uses
OpenVZ.
Caddy proxy,
Asterisk voip,
VestaCP DNS only
VestaCP Webhosting.
VestaCP Email only
Rsync backup server
Softether VPN
OpenVPN
Transmission torrent server
KVM
Window Server(no uses till now)
Proxmox for nated LXC
Portainer
Homelab
Proxmox
Pihole
Borg Backup
Windows Server
Caddy Proxy
Transmission torrent server through VPN
Thanked by 1ehab
Comments
All my servers/ vps are not doing "nothing". They are "idling"
Nice to know, I removed Servers from my Idling list as they are costly for this task.
Idle massive.
SSH Jumphost
reverse proxy IPv4 to IPv6 or vice versa
Nagios satelite monitor
TOR proxy
I'm using my VPS for running nginx/postfix/bind. One vps is always master for some service, others are acting as backup/slave/failover (and master for some other service)...
Absolutely, nothing.
https://www.reddit.com/r/selfhosted/
A bit of this and a bit of that. Mostly nothing...
I am hosting htop on my dedicated servers.
Install botnet then reinstall
Lol htop in a tmux session is what my idlers get to do.
proxy/VPN
password manager
nextcloud
How about detecting TCP port scans from suspected malware-infected computers?
The software I misuse for this is HAProxy. All you need to do is changing the haproxy.cfg and issuing 3 commands under Debian Linux. A single VPS can detect more than 200 IPs scanning daily in my experience.
TCP port scan detection with HAProxy: Revised
imho it is not very smart to do it on app level. Why not using two simple iptables-rules (after all those rules allowing traffic you want to allow)?
iptables -a input -j log --log-level debug --log-prefix "unknown, probably scan: "
iptables -a input -j drop
(I'd use "-m limit --limit ... --limit-burst ..." for the first rule too, to prevent log-file filling up very quickly)
Unwanted traffic should be dropped as soon as possible. No need to see it passing through your whole network stack to application...
1 "OpenVZ" Live broadcasting (ffmpeg) ,
2d "KVM" ideal most of the time since it has on 128MB RAM
I want to report those scanning my VPSes to their network service providers. The correctness of source IP addresses is thus very important. Data collected by HAProxy have gone through TCP's 3-way handshake, so forged source IP addresses have no chance to pass. IPTables can't do TCP's 3-way handshake.
And how could someone do port-scanning with forged source-IP? He would never get any reply, so he could hardly finish 3way handshake (guessing gives him little chance). And with no reply received, what is such a port-scanning good for? Nothing.
As you wrote, data collected by haproxy have gone through 3way handshake. So haproxy could not detect half-empty (unfinished) connections. Iptables can.
Spoofed source-IP is used generaly for ddos/drdos. And especially for ddos/drdos: it is important to block/drop it as soon as possible, so that it does not tie up your resources.
BTW, udp & icmp (and other protocols) can be used for port-scanning too. Not sure how haproxy could deal with it...
Just to be sure: I'm not trying to "downgrade" solution you suggested. I just think in some cases there might be better ways of dealing with port-scanning...
benchmarking 24/7
He could use random packets of forged source IP along with real attack (with his real IP), to hide his own track. With TCP's 3-way handshake, this trick won't work.
No matter how powerful a detection can be, if the source IP can be forged, I can only give it up.
A lot of providers ban TOR nodes and bittorrent protocol, but are there any other P2P resource sharing services worth installing?
Game servers (Minecraft etc)
VPS can be used for setting up IRC or messaging or chat server.
It can also be used for monitoring tools like cacti and Nagios
VPS can be used to impress the opposite sex.
This is how I met your mother
LET Distributed Idling Project.
to bypass my 10Mbps internet speed.
To run my Yeti porn empire of course.
mine are filled with selfhosted apps, check out the awesome list on github