Docker

Background Last month, Cisco researchers detected over 1,000 Ollama instances within the first 10 minutes using Shodan scanning on 11434 port. Other services such as vLLM/llama.cpp/LangChain on 8000, LM Studio on 1234, GPT4All on 4891, are also identified. Later, Censys found 10.6K Ollama instances publicly available online, and 1.5K of these instances respond to prompts. That poses not only a great security risk of RCE, injection and poisoning, but also possible to expose private chat memory via unauthorized prompting. ...

Recently, I started sending/receiving documents to/from untrusted sources. In my threat model, this requires extra operational security to prevent privacy exposure and security risk. Since the offical guide is not so detailed for Windows, I decided to write one while installing on a Windows 11 LTSC. First, in Windows Terminal/PowerShell, run wsl --install to setup WSL2. Read my previous post for more detail. Because the latest verisons of Dangerzone 0.9.1 and docker desktop 4.44.3 have unsolvable bug (reports unknown error '2'), I have to choose the ealier version which works properly. ...

In the past, I have covered how to set up Ubuntu in WSL2 and hosting local LLMs with Harbor, now I want to migrate my Harbor instance from baremetal Linux into WSL2 so that I don’t have to set it up from scratch. First thing to do is to open firewall port netsh interface portproxy add v4tov4 listenport=33811 listenaddress=0.0.0.0 connectport=33801 connectaddress=172.xx.xxx.xxx On Linux hardware: copy Harbor files from /home/username/Harbor /home/username/.ollama On Windows hardware: connect the USB drive containing Harbor files and run ...

Lately, there is a need of private chatbot service as a complete alternative to OpenAI’s ChatGPT. So, I decide to implement one at home and make it accessible to everyone in my household alongside with my network printer and NAS (OpenMediaVault). In the past, I used to recommend people using Llama series for English tasks and Qwen series for Chinese tasks. There was no open-source model that’s strong enough in multilingual tasks comparing to proprietary ones (GPT/Claude). ...

RustDesk is my favorite remote desktop tool which is the best alternative to any closed-source solutions, such as TeamViewer and Anydesk. It’s kinda like Bitwarden in the post-breach era of the cloud password manager (LastPass/1Password) market. As a light user of RustDesk, I use it only occasionally. So I didn’t setup my own RD server on VPS even though I suppose to. For some reason, one of my RustDesk client got blocked to the official servers. So now I have enough reason to properly making it up. ...