• 0 Posts
  • 12 Comments
Joined 1 year ago
cake
Cake day: June 13th, 2023

help-circle
  • a surprisingly disappointing article from ars, i expect better from them.

    the author appears to be confusing “relay attacks” with “cloning” and doesn’t really explain the flow of the attach that well.

    really this just sounds like a complicated MitM attack, using the victim’s phone as the “middle” component between the victim’s physical card and the attacker’s rooted phone.

    the whole “cloning the UID attack” at the end of the article is irrelevant, NFC payment cards don’t work like that.


  • start with basics:

    • install iperf on every device you can between an external device and your internal host(s) and use it to find any bottlenecks
    • use tools like tcpdump to analyze packets flowing over the network. you can often find surprising results this way
    • start with a simple test best (again, iperf) with the most simple config (no nginx etc) and add the complexity of your config bit by bit until the issue returns










  • no, and that’s be a pretty bad idea, you’re opening up all your internal hosts to the public internet.

    a VPN is specifically designed to keep all your internal hosts off the public internet. When you authenticate with the VPN server the remote device you are using effectively “joins” the internal network, using the VPN to act like a tunnel between you and your network.

    it has the benefits of better security as well as the fact that once you set it up, you can access any services you host, not just HTTP ones.