Where would you host the script? If it’s expected that the server that fires it off is always online and performing health checks, why not have it host a load-balancer? Or another local instance of the website? It’s something fun to play around with, but if this is for anything beyond a fun exercise there are much better ways to accomplish this.

If you don’t want to mess with another VPS you can use a global server load balancer (GSLB) provider like Akamai, Cloudflare, Azure, etc.

This being a self-host community though it’s unlikely you’d want to pursue something like this, but without knowing more about your specific use case it’s tough to make a recommendation.

If global high-availability is your primary goal then a hosted solution is probably best.

If this is just an exercise you and your friend are working on for giggles and it’s not for a mission-critical Production instance, then presumably self-hosting a load-balancer on each of your servers that includes both nodes in a target group would achieve this, though somewhat counterintuitive; if the website goes down at either location, I would imagine there’s a pretty high likelihood the LB itself would be down as well.

No joke, I thought for a second you were referring to Infinite Solutions and were trolling hardcore. I haven’t thought about that in a long time.

sungloc.utus

It’s an odd position to be in; I work in the private sector but my company deals almost exclusively with government and NGO contracts, so at times I feel like I’m public sector.

What I’ve noticed is that even though the desired outcome is nearly identical for both sectors, the buzz words associated with each is what determines who responds to my job applications. As an example:

Private: IaC and Policy-as-Code, supply chain and software composition analysis, SAST, DAST, etc.

Public: Compliance automation, risk management frameworks, risk quantification (this one has generated a lot of excitement recently), etc.

This is purely anecdotal, but you may find adjusting your resume to include some of these buzzwords as applicable to the industry to which you are applying may help you get your foot in the door.

To reiterate, yes I know in the end all of these companies strive toward the same goals, whether it be passing audits or being able to demonstrate prudent security practices to clients, sometimes the hiring manager is looking for specific terminology and will discard any applications that exclude it.

One of my home servers was popped once, they stuck a new MOTD on there to let me know how foolish I was and I haven’t made that mistake since. So… yay greyhat?

For Chiefly reasons of course. Now whether or not that server is active in the cluster is another matter entirely, but hey if it makes him/her feel important /shrug

Figure ~45 minutes to run to the liquor store for a decent single malt, another ~25 minutes for the pizza rolls, quick power nap, wake up and redeploy. That’s about 2 hours.

Unix is the kind of friend who won’t bat an eye about holding your beer while you go and do something incredibly stupid

Should have paid for upgrade to a 10/8

Breathing exercises mostly. Helps me get through the day.

Some questions come to mind:

1. Do you have a static IP address from your ISP?

2. Dynamic DNS?

3. Have you verified the listening service is a box you own?

4. Is there a reverse proxy set up?

5. Checked the edge router logs to see if it rebooted recently and reloaded firewall rules?

6. What else sits between your router and the listening server?

This could be any number of things, maybe this will help point you in the right direction.

Just make sure it is only accessible in trusted networks though!!

Aw you’re no fun. Next you’ll be telling me to block all emails over 500 miles.

For me it’s not about the traffic, more the log spam.

Generally I’ll have :22 enabled internally, and anything non-standard is defined in ~/.ssh/config and shared out so I don’t have to remember things.

Troubleshooting checklist:

1. DNS
2. Fuck if I know

Edit: Didn’t notice you said your router can’t issue out two DNS servers. I’ve never heard of that.

Ugh. When I moved into my new place I bought a NetGear Orbi system to hold me over until I got my Ubiquiti gear put in place. Never again.

It’s well worth it for this reason alone. Unless you’re running a honeypot, getting that noise out of your access logs can provide more actionable data to work with for more persistent threats.