|
Same thing happened to me yesterday but my setup isn't externally available so I don't know how anyone got my api key.
|
# ? May 31, 2016 13:36 |
|
|
# ? May 21, 2024 15:00 |
|
its almost like they are blaming everyone but themselves
|
# ? May 31, 2016 14:17 |
|
Sonarr defaulted to listening on all interfaces with no password the last time I tried it, if you've got IPv6 that's an easy entry point to scooping up all your API keys.
|
# ? May 31, 2016 17:38 |
|
Keito posted:Sonarr defaulted to listening on all interfaces with no password the last time I tried it, if you've got IPv6 that's an easy entry point to scooping up all your API keys. IPv6 space is huge and mostly empty. While this is definitely a real risk, the odds of an attacker randomly scanning the range even finding a live address in the first place is slim. I have two /64s just for my home. Thats two times the square of the entire IPv4 address space, and in that space are around a dozen machines. Finding one with a random scan would be like finding a needle in a Walmart-sized haystack.
|
# ? May 31, 2016 18:54 |
|
Seems odd we're just seeing it happen to nzbcat too if it was a sonarr thing
|
# ? May 31, 2016 20:35 |
|
wolrah posted:IPv6 space is huge and mostly empty. While this is definitely a real risk, the odds of an attacker randomly scanning the range even finding a live address in the first place is slim. That is true but then again it's on all interfaces as I said, so IPv4 connections will also be accepted unless you're behind a firewall (which you should of course be, but I get the feeling a lot of people getting into this kind of setup aren't really coming in with much security knowledge). Just out of curiosity when I found a security problem with my own services in the past, I tried googling a bit and discovered several completely unprotected installations exposed right there in the search index in a matter of minutes. My setup these days is more on the paranoid side, everything encrypted and passworded with nginx as a reverse proxy but not actually receiving any incoming connections through the firewall before sending an SPA packet to fwknopd. It's a bit much honestly. Skarsnik posted:Seems odd we're just seeing it happen to nzbcat too if it was a sonarr thing Keito fucked around with this message at 22:32 on May 31, 2016 |
# ? May 31, 2016 22:29 |
|
wolrah posted:IPv6 space is huge and mostly empty. While this is definitely a real risk, the odds of an attacker randomly scanning the range even finding a live address in the first place is slim. Yeah but that space gets significantly smaller if someone targets your isp's block. And maybe they narrowed it down further if the ISP is segmenting up it's blocks in some predictable way? I'm sure it's still a lot of addresses but they can be narrowed down quite a bit since they are not totally random Edit: dur, read your post wrong. Yeah that's pretty unlikely
|
# ? Jun 2, 2016 01:10 |
|
Skarsnik posted:its almost like they are blaming everyone but themselves Yeah, sounds like they got compromised and are either too afraid to admit to it or too incompetent to notice. I'd cycle passwords and only use giftcards or Bitcoins if you have to pay for VIP on that site.
|
# ? Jun 2, 2016 05:32 |
|
Couple pages late on server recs, but Sunny Usenet has been treating me well. I have the slowest unlimited package since with automation I'm almost never sitting waiting on something to finish anyway.
|
# ? Jun 2, 2016 09:58 |
|
Finally figured out why CP wasn't picking up finished downloads immediately, since it's dockers, the file path is relative to the docker. /downloads/completed in the sabnzbd folder doesn't exist from CP's perspective unless you use the exact same path and volume. I realized it when I was looking through the manual directory and realized the root directory was /data, cause that's what the volume was called by default.
|
# ? Jun 2, 2016 15:43 |
|
Squibbles posted:Yeah but that space gets significantly smaller if someone targets your isp's block. And maybe they narrowed it down further if the ISP is segmenting up it's blocks in some predictable way? It's just not possible. IPv6 is a 128-bit address and IPv4 is a 32-bit address. In IPv4, your ISP will probably assign you a single IPv4 address. IPv6 is designed where your ISP is going to give you a whole subnet. When you are assigned an IPv4 subnet, you will usually get either a /48 block or a /64 block. These are the amount of bits out of the 128-bit address that are "set" and unchangeable by you, so a /48 block is larger than a /64 block. Comcast gives out /64 blocks. That means you have 2^64 possible addresses that you can use. Let's compare how many possible IP addresses you can have in a /64 block versus the entire IPv4 internet: code:
|
# ? Jun 2, 2016 19:37 |
|
Random searches for IPv6 addresses are pretty unlikely, but they aren't the only option For example, send victim to a website with an image that's only served over IPv6, or start s conversation with them on some chat service that exposes endpoint IPs, etc. It does make "send racist text/malformed postscript to every Internet-exposed printer in the world" attack nicely impractical though
|
# ? Jun 2, 2016 19:50 |
|
Nalin posted:This means that in order to POSSIBLY find your computer's IP address by random searching, the attacker would have to do the equivalent of searching the entire possible Internet 4,294,967,296 times over. It's quite a bit less than that. For the most part it's probably a safe assumption that those with /64s will be using SLAAC for addressing. At minimum that assumption gets you two of the remaining 8 bytes and tells you that the first three are all but guaranteed to be on this list of a bit over 21,000 possibilities. That still leaves a bit shy of 360 billion addresses to search, but it's a lot less daunting of a task than 2^64. If you know the manufacturer of the target device (or the target's NIC in some cases) you could knock it down as low as 16.7 million possibilities if that manufacturer is small enough to only have a single OUI.
|
# ? Jun 3, 2016 01:34 |
|
At any rate, my ISP doesn't provide IPv6 and I had external access blocked over IPv4 so
|
# ? Jun 3, 2016 02:18 |
|
Got this in an email from NewsDemon - $50 per year special. I've been with them for a couple of years and they seem OK to me, but I've got 2 block account backups. I have heard some bad stories about them in the past though so do your research before signing up.
|
# ? Jun 7, 2016 12:43 |
|
There's zero wrong with any Highwinds reseller so long as you use Couch or Drone to download things within 5-10 hours of release.
|
# ? Jun 7, 2016 13:05 |
|
Greekonomics posted:Same here. But they told me that it was either due to SABnzbd or Sonarr. Same here, but mine was my nzbs.org key. My dogznb had no problems however..
|
# ? Jun 7, 2016 14:46 |
|
bobfather posted:There's zero wrong with any Highwinds reseller so long as you use Couch or Drone to download things within 5-10 hours of release. Yep, been with mine for what must be 10+ years now and I don't bother with backups or block accounts. Only issue is during backfill, but for anything that airs it works perfectly and there's still a bunch of stuff at 7 years old that'll come down without issue. Which is kind of unbelievable.
|
# ? Jun 7, 2016 19:12 |
|
bobfather posted:There's zero wrong with any Highwinds reseller so long as you use Couch or Drone to download things within 5-10 hours of release. What's wrong is that you're funding their ongoing monopolization efforts and as such also contributing to the centralization of Usenet, neither of which are desirable outcomes for anyone but Highwinds.
|
# ? Jun 7, 2016 19:26 |
|
Build a better mousetrap, etc. It might be unfair if they can starve out competition with artificially low prices, but they're charging similar to Frugal so I feel there's legitimate competition.
|
# ? Jun 7, 2016 20:33 |
|
Keito posted:What's wrong is that you're funding their ongoing monopolization efforts and as such also contributing to the centralization of Usenet, neither of which are desirable outcomes for anyone but Highwinds. You've got to be joking. I've used Astraweb, Giganews, and a plethora of Highwinds-based providers, and (especially nowadays) there are no advantages to paying any company more than $5-$8 a month for service. In fact, I pay $4 a month for mine. Every usenet host gets hit equally-hard by DMCA takedowns, and for a while Astraweb was one of the quickest providers to process takedowns in spite of being among the most expensive. Centralization and monopolization are a non-issue here, since the content is zapped from every major usenet host within hours of being posted. In the present climate, downloading quickly is the only thing that matters, and the usenet host matters almost not at all.
|
# ? Jun 7, 2016 21:16 |
|
I've been out of the game a while and I've lost my bookmarks containing all of the indexers I previously used, I assume most of them probably aren't active any-more anyway? Is talking about specific indexers allowed? or is it just the discussion of content? If yes to the former then where's a good place to start (again)?
|
# ? Jun 7, 2016 21:29 |
|
Whenever I need a new index I just browse through the usenet subreddit. There is almost always a couple advertising open and free signups.
|
# ? Jun 7, 2016 21:56 |
|
The Modern Leper posted:Build a better mousetrap, etc. It might be unfair if they can starve out competition with artificially low prices, but they're charging similar to Frugal so I feel there's legitimate competition. bobfather posted:there are no advantages to paying any company more than $5-$8 a month for service. In fact, I pay $4 a month for mine. bobfather posted:I've used Astraweb, Giganews, and a plethora of Highwinds-based providers [...] Every usenet host gets hit equally-hard by DMCA takedowns [...] Centralization and monopolization are a non-issue here
|
# ? Jun 7, 2016 23:17 |
|
I thought BlockNews was independent. Ah well
|
# ? Jun 8, 2016 00:37 |
|
Keito posted:What's wrong is that you're funding their ongoing monopolization efforts and as such also contributing to the centralization of Usenet, neither of which are desirable outcomes for anyone but Highwinds. I'm pretty sympathetic to this viewpoint because as soon as they own all the stuff, prices are going to go up.
|
# ? Jun 8, 2016 00:40 |
|
Did nzb.su finally die? I don't use it but I'm helping a friend out and the site won't load at all. At some point I guess I should just build my own indexer.
|
# ? Jun 14, 2016 15:44 |
|
EC posted:Did nzb.su finally die? I don't use it but I'm helping a friend out and the site won't load at all. I just checked it, working fine here.
|
# ? Jun 14, 2016 15:47 |
|
Keito posted:What's wrong is that you're funding their ongoing monopolization efforts and as such also contributing to the centralization of Usenet, neither of which are desirable outcomes for anyone but Highwinds. sorry what reseller should we use? i cant keep track of who is a reseller to who
|
# ? Jun 14, 2016 16:05 |
|
EC posted:Did nzb.su finally die? I don't use it but I'm helping a friend out and the site won't load at all. It redirects if you go to just nzb.su, the full url works though.
|
# ? Jun 14, 2016 16:53 |
|
There was a post here, but it is gone now. Please ignore.
hotdog feet fucked around with this message at 02:22 on Jun 15, 2016 |
# ? Jun 15, 2016 02:20 |
|
usenet.farm is running a sale based on the temperature in Amsterdam... pick up a block on the cheap while it's hot, I guess. They don't have the longest retention but seem pretty reliable for filling in fresh posts, and it's hard to beat 500gb/€15.
|
# ? Jun 16, 2016 18:58 |
|
I'm with Astraweb right now, and I really do not like the service. There are so many parts missing from even very recent stuff that it's an exercise in frustration. I went for them based on a good price and some free someware, but I won't be going with them again. In the past, I've found the slightly more expensive Supernews to be good on most fronts. Is this still the case? Or is there someone that's better regarded?
|
# ? Jun 21, 2016 17:02 |
|
I dumped Astra a few months ago because of the almost consistent broken files and speed slowing to a crawl on Sundays. Since switching off it, I've had much better luck. If you're looking for stuff posted recently, there's really no better deal than Frugal at $6/mo which uses Highwinds servers. It has 600 days retention which isn't amazing but their speeds, price and website are all pretty good otherwise. Adding a block account on top of that isn't a terrible idea and usenet.farm has some deal right now where the current centigrade temperature is the % off. If you want longer retention for your main server, Supernews is among the more reliable with higher completion rates from what I've seen/heard recently. I'd still suggest a block account from an alternative server source such as Blocknews (Highwinds, don't go this route if you use frugal) or usenet.farm which use their own servers for 30 days, XSnews 31-1000 days and Highwinds up to 2800 days. Another thing to try, if you haven't already, is to add the European servers to your lower server priority on Astra. DMCA takedowns are notoriously high on Astra's US servers but their EU ones respond a lot more slowly or not at all. I'd still suggest dumping Astra all together but it might be worth a shot. Nairbo fucked around with this message at 19:14 on Jun 22, 2016 |
# ? Jun 22, 2016 19:05 |
|
Godinster posted:If you want longer retention for your main server, Supernews is among the more reliable with higher completion rates from what I've seen/heard recently. I'd still suggest a block account from an alternative server source such as Blocknews (Highwinds, don't go this route if you use frugal) or usenet.farm which use their own servers for 30 days, XSnews 31-1000 days and Highwinds up to 2800 days.
|
# ? Jun 22, 2016 19:16 |
|
Is there a reason to use multiple indexers? Been relying on dog, but I've noticed Sonarr has been grabbing a lot via bittorrent recently (even with 30 min delay on torrents). How many usenet indexers do you guys rock?
|
# ? Jun 25, 2016 08:24 |
|
tonic posted:Is there a reason to use multiple indexers? Been relying on dog, but I've noticed Sonarr has been grabbing a lot via bittorrent recently (even with 30 min delay on torrents). Three currently. Ideally ones with different filtering and groups.
|
# ? Jun 25, 2016 13:06 |
|
So I'm using a combo of newshosting (unlimited for $99/yr), nzb.su (vip for $10ish/yr), and sabnzbd. I utilize the my shows functionality on nzb.su which generates an RSS feed of my shows, and then have a few RSS feeds for various things like motogp and formula 1. I never run into DMCA takedowns because I'm always only ever getting new stuff, and I'm really satisfied with the speeds I'm getting. How behind the times am I with this setup and is there new stuff I'm missing out on?
|
# ? Jun 25, 2016 14:42 |
|
GutBomb posted:So I'm using a combo of newshosting (unlimited for $99/yr), nzb.su (vip for $10ish/yr), and sabnzbd. You could install Sonarr and add the shows you watch. It will automatically search nzb.su for new/past episodes that you don't have, download them with SAB, and organize things for you. Personally, I've never used RSS feeds for Usenet, always relied upon sonarr or sickbeard, so I'm not sure how much easier this will make your life, especially if you are only grabbing a few shows--it may not be worth it. I've also made the switch from SAB to NZBget which seems to have the same functionality but uses massively fewer resources on my machine.
|
# ? Jun 26, 2016 03:37 |
|
|
# ? May 21, 2024 15:00 |
|
After looking back at my NZBGet history, I realized I was only using about ~100GB/month of Usenet on average and decided to make the switch to just using block accounts to save some cash. Figured I should diversify with block accounts across a few servers that should last me a while. Any recommendations? Right now I've only got Newsgroupdirect. The astraweb 1tb block is also insanely cheap, but reading this thread is giving me second thoughts on that. Are there any good EU block servers that don't respond to DMCA (or, at least, do it very slowly)?
|
# ? Jun 26, 2016 03:43 |