brentobi.bsky.social
@brentobi.bsky.social
According to BSI, they work with ShadowServer Foundation, which scans the internet and reports found open and / or vulnerable webservices globally, i.e. to national authorities, or anyone who subscribes to their services.
www.bsi.bund.de/EN/Themen/Un...
www.bsi.bund.de/EN/Themen/Un...
Reports on Openly Accessible Server Services
www.bsi.bund.de
January 16, 2026 at 11:29 PM
According to BSI, they work with ShadowServer Foundation, which scans the internet and reports found open and / or vulnerable webservices globally, i.e. to national authorities, or anyone who subscribes to their services.
www.bsi.bund.de/EN/Themen/Un...
www.bsi.bund.de/EN/Themen/Un...
Probably not domain names, but content.
If I wanted to know, I'd check url paths, rendered content, raw HTTP response headers and bodies of the page itself, as well as it's loaded scripts, stylesheets, images, for clues that hint at well-known software and versions. That can be automated of course.
If I wanted to know, I'd check url paths, rendered content, raw HTTP response headers and bodies of the page itself, as well as it's loaded scripts, stylesheets, images, for clues that hint at well-known software and versions. That can be automated of course.
January 16, 2026 at 11:29 PM
Probably not domain names, but content.
If I wanted to know, I'd check url paths, rendered content, raw HTTP response headers and bodies of the page itself, as well as it's loaded scripts, stylesheets, images, for clues that hint at well-known software and versions. That can be automated of course.
If I wanted to know, I'd check url paths, rendered content, raw HTTP response headers and bodies of the page itself, as well as it's loaded scripts, stylesheets, images, for clues that hint at well-known software and versions. That can be automated of course.
Your (sub)domain names are probably made public by your CA via CT logs when they issue an SSL cert, which most do.
So, the knowing part wouldn't be too hard, if someone automatically reads DNS records and matches IPs against known IP ranges to identify scan targets. Even without Hetzner's help.
So, the knowing part wouldn't be too hard, if someone automatically reads DNS records and matches IPs against known IP ranges to identify scan targets. Even without Hetzner's help.
January 15, 2026 at 11:44 PM
Your (sub)domain names are probably made public by your CA via CT logs when they issue an SSL cert, which most do.
So, the knowing part wouldn't be too hard, if someone automatically reads DNS records and matches IPs against known IP ranges to identify scan targets. Even without Hetzner's help.
So, the knowing part wouldn't be too hard, if someone automatically reads DNS records and matches IPs against known IP ranges to identify scan targets. Even without Hetzner's help.
FolderSync support is informed. In the best case, my posts are not relevant for long.
January 5, 2026 at 9:20 PM
FolderSync support is informed. In the best case, my posts are not relevant for long.
Of course, disabling chunked uploads in #FolderSync and increasing connection timeout would work too.
But sometimes your #Nextcloud server limits get in the way or you want chunked uploads to work around unstable network connections.
But sometimes your #Nextcloud server limits get in the way or you want chunked uploads to work around unstable network connections.
January 5, 2026 at 9:20 PM
Of course, disabling chunked uploads in #FolderSync and increasing connection timeout would work too.
But sometimes your #Nextcloud server limits get in the way or you want chunked uploads to work around unstable network connections.
But sometimes your #Nextcloud server limits get in the way or you want chunked uploads to work around unstable network connections.
Seems like setting auth types "Basic" / "Basic(UTF8)" in #FolderSync does not work for chunked uploads. "Auto" does.
You might need to use a non-UTF-8 #Nextcloud password then.
@nextcloud.bsky.social
You might need to use a non-UTF-8 #Nextcloud password then.
@nextcloud.bsky.social
January 5, 2026 at 9:20 PM
Seems like setting auth types "Basic" / "Basic(UTF8)" in #FolderSync does not work for chunked uploads. "Auto" does.
You might need to use a non-UTF-8 #Nextcloud password then.
@nextcloud.bsky.social
You might need to use a non-UTF-8 #Nextcloud password then.
@nextcloud.bsky.social