drkt_

I ask because a 'homelab' isn't usually just one machine. I have Debian on literally every computer, container and VM I have tho

OS on what?

If I set a static on my side, it'll work until they fuck up again.

The excuse I got last time was that, due to a power outage where I live, they lost the configs in the splitter box near me. That didn't fill me with confidence and you're probably very correct that whatever they're doing is very dumb and or incompetent.

I pray your ISP is more competent than mine!

Sometimes I'll lose the static IP I pay them for and they say it's not their fault. Why am I paying you for it, then!?

Why is it so important to them that their antagonists are queer? They keeps mentioning it as if that matters.

I don't know this project or this person, but this reads like someone who has really bad opinions and people told them so repeatedly.

At that point just get a GSM router

Oh for the 5th year in a row? Alright, I'll believe that when I see it.

Change swappiness to 10 and ensure that you don't have anything dynamically adjusting it.

I wouldn't even know where to begin, but I also don't think that what I'm doing is anything special. These NVR IPs are hurling abuse at the whole internet. Anyone listening will have seen them, and anyone paying attention would've seen the pattern.

The NVRs I get the most traffic from have been a known hacked IoT device for a decade and even has a github page explaining how to bypass their authentication and pull out arbitrary files like passwd.

I love the idea of abuseipdb and I even contributed to it briefly. Unfortunately, even as a contributor, I don't get enough API resources to actually use it for my own purposes without having to pay. I think the problem is simply that if you created a good enough database of abusive IPs then you'd be overwhelmed in traffic trying to pull that data out.

I have plenty of spare bandwidth and babysitting-resources so my approach is largely to waste their time. If they poke my honeypot they get poked back and have to escape a tarpit specifically designed to waste their bandwidth above all. It costs me nothing because of my circumstances but I know it costs them because their connections are metered. I also know it works because they largely stop crawling my domains I employ this on. I am essentially making my domains appear hostile.

It does mean that my residential IP ends up on various blocklists but I'm just at a point in my life where I don't give an unwiped asshole about it. I can't access your site? I'm not going to your site, then. Fuck you. I'm not even gonna email you about the false-positive.

It is also fun to keep a log of which IPs have poked the honeypot have open ports, and to automate a process of siphoning information out of those ports. Finding a lot of hacked NVR's recently I think are part of some IoT botnet to scrape the internet.

Any file manager on Linux supports this