tuxec

joined 6 months ago
sorted by: new top controversial old
[Discussion] Auto-disable Remote Access on Vunerable Selfhosted Services in c/selfhosted
[โ€“] [email protected] 1 points 1 month ago

I'm available for part-time ๐Ÿ˜

[Discussion] Auto-disable Remote Access on Vunerable Selfhosted Services in c/selfhosted
[โ€“] [email protected] 1 points 1 month ago

The first thing that comes to mind is a combination between SBOMs generated for your self-hosted services (trivy, syfy, etc) which are pushed to OWASP Dependency-Track and whenever some vulnebrabilies are detected (note: you'll get lot of notifications if the application is using a lot of libraries), trigger an event (not sure if node red can help here) which would run a script to disabled the vhost. (just a thought. I haven't seen an actual solution)

How do you manage the software on your personal workstation? in c/[email protected]
[โ€“] [email protected] 2 points 4 months ago

I think distrobox is the distro you are referring to.