Have you been on social media? A lot of ppl acting up participating in racism, transphobia, hate speech etc. do not give a shit about protecting their identity. If the real name is not already on their profile, then their post makes them easily identifiable.
Also, there are enough laws out there that force social media providers to give out information about the users who do illegal stuff online. That would make almost everyone identifiable.
The reality is that law enforcment gives a shit about doing their job.
And Social Media providers give a shit about actively protect users of those points, even tho they are obliged to in many jurisdictions.
For data integrity you do not rely on single drives but on for example FS that handle that.
As i said in another post, the important thing about smart is not the values itself but if they are start to increase or not.
And even if an read error occurs, the sector gets remapped and you can restore the block/file from backup or the fs will handle it without interference.
It is much more important if the numbers are increasing then how high the numbers are. You can have multiple bad sectors or on SSDs Media Errors and the drive will be good for years to come.
I would recommend data hygiene in the first place. Have a working backup! And if you can afford it (can you afford to loose your data) some kind of redundancy like raid zfs or therelike.
I have as of now multiple drives at home and work in operation that have some form of error but have not changed their error values in literally years.
Could i have afforded to replace the drives? Sure, but i also could have had a drive as a replacement that fails during the first resilver of the array.
There is a box for manually added monthly savings. But yes, hard to classify what you would actually subscribe to if you would not have a server already.
But same for video. I would never buy 3 streaking service at a time.
The other answer is already good but I answer more general.
Rate limiting. Do not allow as many requests as your CPU can handle but limit authentication requests. Like a couple requests per second already goes a long way.
The 'immediate attacks' ppl mention is just static background noise. Server / scripts that run trying to find misconfigured, highly out to date or exploitable endpoints/servers/software.
Once you update your software, set up basic brute force protection and maybe regional blocking, you do not have to worry about this kind of attack.
Much more scary are so called 0-Day attacks.
No one will waste an expensive exploit on you
It sometimes can happen that 0-Days that get public get widly exploited and take long time to get closed like for example log4shell was. Here is work necessary to inform yourself and disable things accorsing to what is patched and what not.
As i already said, no one will waste time on you, there are so much easier targets out there that do not follow those basic rules or actually valuable targets.
There is obviously more that you can do, like hiding everything behind a VPN or advanced thread detections. Also choosing the kind of software you want to run is relevant.
Yeah I'm not saying its perfect and LLMs are non-deterministic so it could give you some crap. You're not wrong and it's good to be aware of that. How do you verify some random stranger from the internet wasn't an asshole and gave you malicious config? 🤷
There is no guarantee either, but on a public forum at least a couple of eyes look at it too. Not saying that this makes it trust worthy.
But a LLM usually words it output very direct and saying "this is the absolut truth" which can lead to a much higher trust relation then a stranger on a forum that writes "maybe try this".
I generelly would not recommend using the llm for potential security related questions (or important or professionally questions) were your own knowledge is not big enough to quickly vet the output.
Have you been on social media? A lot of ppl acting up participating in racism, transphobia, hate speech etc. do not give a shit about protecting their identity. If the real name is not already on their profile, then their post makes them easily identifiable.
Also, there are enough laws out there that force social media providers to give out information about the users who do illegal stuff online. That would make almost everyone identifiable.
The reality is that law enforcment gives a shit about doing their job. And Social Media providers give a shit about actively protect users of those points, even tho they are obliged to in many jurisdictions.