1. 3

    Hey, I occasionally blog about reverse engineering, networking and other stuff that I find interesting. I can’t find too much time to blog due to my work but still I’m trying to keep it going.

    https://gkbrk.com/

    1. 2

      By the way, this guide, and the crate it showcases, assumes that you have an IPFS node running on your localhost. It seems that setting that up and running it is out of scope for this guide.

      1. 2

        Yeah, I didn’t go over that part because it’s quite easy to set up ipfs. Just get the package from your repos or download the binary (statically compiled Go).

        After that it’s just ipfs init to initialize everything and ipfs daemon to run your local daemon.

      1. 5

        No example pictures? :(

        1. 5

          Hey, sorry I didn’t put any since I’ve done this a while ago. I don’t have too many on hand. Here’s a couple I found on my computer.

          https://imgur.com/a/Ewwe7
          https://imgur.com/a/fokYq

        1. 1

          Can you fix the link to the place where you say you can read this article on IPFS here - where here links back to your article? I assume it should go somewhere else.

          But it looks real interesting.

          1. 3

            That link is right. It’s pointed at an ipfs gateway (ipfs.io), which is what the story link here also points to. So yes, you’re reading the article hosted on ipfs.

            1. 3

              As duclare said, I posted the link from an IPFS gateway instead of my server. Which means you are already reading the article on IPFS.

              Also if you have IPFS installed on your computer, you can read directly from that.

              1. 2

                I misread that completely! I though it said “you can read about IPFS here” Doh!

            1. 3

              So if I update my blog every other day, I will have to update my DNS records to the new hash?

              I use a statically generated folder structure. If I change one file within that folder, does the top-level hash change?

              Can you host a DB-backed site in this way?

              1. 3

                If you update your blog, you can run ipfs name publish <new hash>, so your blog should update automatically with IPNS.

                If you change one file, the top level hash changes, but people won’t need to re-download the old files (I think).

                There are some projects about db-backed sites, but I’m not sure if any of them are ready yet. You can ipfs pubsub for sending p2p data to channels, I think you can use this for some dynamic content.

                1. 2

                  Do you still have to republish the IPNS stuff every day? When I last looked IPNS hashes would only last for one day.

                  1. 1

                    Looks like it. I push my site ( http://chriswarbo.net ) to IPFS, IPNS and an EC2 server. I’ve not updated it for several days, and the IPNS name doesn’t resolve anymore ( http://ipns.io/ipns/chriswarbo.net )

              1. 4

                The post doesn’t mention any results from this approach, do you have any?

                1. 3

                  I can’t publish actual results for obvious reasons, but it does find a few servers in a short time (~15-30 minutes maybe, I wasn’t paying attention to the terminal)

                  1. 1

                    Cool, that’s all I meant really. Can you say how many IPs you had to hit before finding those few? Or the average IPs per second? Thanks.

                  2. 2

                    Scanning the internet randomly in that way is not gonna lead to a lot of results, at least not in any reasonable time frame. If you instead look at sites that crawl the internet for a living, you get 17.000 results. Not all are actually Redis nodes and not all Redis nodes are completely open.

                    Attack vectors on Redis to compromise the whole system are known for quite some time, and Redis now has better defaults and a protected-mode by default. But people tend to not update it. We still reguarly have users coming into the IRC channel asking for help with cleaned/exploited Redis node.

                    I keep reminding people to not open up each and every service to the whole wide internet.

                    1. 2

                      Yeah indeed, that’s exactly why I asked for the results - I’m curious to see if they found a single one with this technique.