This section contains notes on various services and systems I've explored or setup. These are frequently stream of conciousness notes and may have dead ends, multiple attempts, or be outdated. I periodically go through them and attempt to rewrite them to make them more consumable by others and myself.
I hope these can help guide people on their own attempts to understand the services that they host. Please always double check the facts and don't take a random netizen's personal assessment will match your use cases.
Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices. Used primarily on GNU/Linux and Unix based systems to access shell accounts, SSH was designed as a replacement for Telnet and other insecure remote shells, which send information, notably passwords, in plaintext, rendering them susceptible to packet analysis. The encryption used by SSH provides confidentiality and integrity of data over an insecure network, such as the Internet.
The Network Time Protocol (NTP) is a protocol for synchronizing the clocks of computer systems over packet-switched, variable-latency data networks. NTP uses UDP on port 123 as its transport layer. It is designed particularly to resist the effects of variable latency by using a jitter buffer.
Auditd collects any configured syscall execution with critical security metadata associated with the event. This can help enrich other security tools such as AIDE to determine what user and process are responsible for the change.