I used to provide a public instance of sish (a similar app) [0] and can say abus... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		antoniomika on April 9, 2022 \| parent \| context \| favorite \| on: Bore: A simple CLI tool for making tunnels to loca... I used to provide a public instance of sish (a similar app) [0] and can say abuse is most definitely a problem. People were using sish for command-and-control servers, especially because it used only SSH for establishing tunnels. It was specifically chosen because nothing else needed to be installed. Really only worth it if a service provider (DO, AWS, etc) provides free compute and acknowledges the risk involved. [0] https://github.com/antoniomika/sish

ekzhang on April 9, 2022 [–]

Interesting! Thanks for sharing your story. I'll keep an eye out for abuse of the kind you mention. Maybe if that seems to be an issue, I'd turn off the explicit `--port` option on the public server, which would only allow randomly assigned ports.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact