Sysadmin-ish updates

I collaborate in a small school club, it's called Rising Edge. It was born as a competitive programming initiative, but eventually merged with the agonizing cibersecurity club from the master's program. Nowadays, we have two main areas, cibersecurity and programming.

In previous years we've experienced that students who joined the club didn't stay longer than a couple of months (I understand people have other things to do, or eventually lose the interest). This represented a problem, since, the members leading and organizing the club cannot stay too much time.

The last period we decided to include an "applying" phase for the cibersecurity division. Applicants were supposed to find 4 flags hidden in the main website of the club (the classic HTML comment, CSS, robots.txt and another that I cannot remember). This "filtering" phase seemed to have a positive effect, since most of the applicants that were accepted remained constant during the scholar period, and almost half of them plan to return this semester to the club. :D

Four days ago we started planning the new filtering phase. Now, I deployed a full fledge Debian VM on Azure (2 CPUs, 4GB RAM), running a CTFd Docker container with a nice theme. All thanks to this guide. I took a Wayback Machine snapshot, if you want to check it out.

This time we created more beginner friendly challenges, few of them required background of Linux, or advanced topics like reverse engineering/network analysis. The "difficult" ones, were designed for club members.

We've around 50 participants signed in the platform. So far the reactions are great, some people say they've never played anything like this, and even though they had zero cybersecurity background, they're having fun, and most importantly, learning new things.

The only downside is that, only 35 participants solved more than a couple of challenges. That means, 15 of them solved none or just the "sanity check". Anyway, the results seem promising, but I wish more people solved more than just the "sanity check".

Maybe next term we can implement a more robust infra, improve the challenges, or even deploy a vulnerable machine, for the most experienced ones. Time and preparation will tell.

¡Oh the IRC land!, of course, a technical and mythical place where most (at least me) beginners of FOSS wish to hang out. Years ago I started using Irssi, registered my Libera Chat account, and eventually created my own certificates. But none of them were as useful as having a method for logging the messages while I was offline.

A couple of attempts were made in vain (me trying to deploy a ZNC container or a Convos container using Azure). And since I'm more familiar with VMs than I'm with containers, I decided to create a second VM (1 CPU, 1GB RAM), this time for the Convos instance.

The SSH connection was a little bit lagged, but it eventually allowed me to install Nginx as a reverse proxy for the application. So far, I'm really glad that I can no longer miss a message from this strange protocol, even when you can get more popular alternatives like Matrix.

Another thing that I've been wanting to do was to get my own domain name, the free ones from Github and Sourcehut are good, but I wanted one that I could choose. Yesterday, I finally decided to get apocalipsisvirtual.org, since I didn't like to watch the IP of the Convos instance on my URL bar (I also took the chance to generate the SSL certificates).

The first deployments were not straightforward. I renamed my repo to match the domain, and also removed the old A DNS record (Thanks to Mau for the guidance). After fixing this, it eventually… ¡worked! We'll see what we do with the domain once it expires the next year.

As I wrote back in November, things are a little bit difficult at a personal level. I can feel the weight of uncertainty, sadness and fatigue in my shoulders. Despite this, small accomplishments like these, bring me joy, even for short moments.

I don't like the whole new year idea, because, everyday you get a new chance, so it makes no sense to me, to behave different on the first couple of months using this excuse. I know it's difficult to remember that every day is a new opportunity, when we live our lives and we're absorbed by our surroundings. But it's nice to remember it from time to time.

Anyway, I like this epitaph that I read from my aunt's WhatsApp about section (the literal english translation is not great, it lacks essence, I need to find a more poetic one).

La vida se me fue en abrir los ojos. Morí antes de darme cuenta.

• José Emilio Pacheco.

Oh, the domain name references the song "Apocalipsis Virtual" from "Depresión Sonora". :D