Security

XOR and RC4: From Principles to Go Practice (with Safer Alternatives) Subtitle / Abstract Use minimal math to explain XOR and RC4, provide runnable Go examples, and clarify why RC4 is considered insecure with recommended alternatives. Target readers Backend engineers reading legacy RC4 code Beginners who confuse encoding and encryption Intermediate developers building a stream-cipher mental model Background / Motivation Many systems still contain RC4 or custom decryption logic. Common mistakes include treating Base64 as encryption and ignoring integrity checks. Understanding XOR and RC4 helps you evaluate security correctly and avoid copying outdated designs into new systems. ...

UFW + CrowdSec: Stop Malicious Port Scans Subtitle / Abstract: How do you protect exposed server ports? This guide shows how to move past Fail2ban regex hell and build a stable, automated, intelligent port-scan defense system. Target readers Developers using FRP or reverse tunnels Operators of cloud servers (Tencent, Alibaba, AWS, etc.) Linux users who want to stop port scans and SSH brute force People using Fail2ban who want a modern alternative Anyone improving personal server security Background / Motivation: Why you need port-scan defense When you run FRP (frps + frpc) or expose multiple ports, you will often see: ...