Peter N. M. Hansteen @pitrh@mastodon.social

For a little background, https://bsdly.blogspot.com/2018/08/badness-enumerated-by-robots.html and links therein may be useful.

Almost a full day of it now,

Nov 15 21:38:19 skapet sshd[13857]: Failed password for invalid user azSXdc from 103.240.79.67 port 37658 ssh2

Somebot got their usernames and passwords lists confused. Fun to be had for log junkies via https://bsdly.net/~peter/newpart.txt (also https://bsdly.net/~peter/2020-11-16_bunch_overnight_ssh.txt - usernames (passwords really) only).

Enjoy!

OpenBSD and you, the 6.8 update https://undeadly.org/cgi?action=article;sid=20201109055713

What I did on my late fall break, 2020 edition:

This morning I remote participated in Sofia, Bulgaria’s OpenFest (https://www.openfest.org/2020/en/full-schedule/). The talk was live and the videos from the event will be available after the conference concludes (soon after, I hope).

But if you like you can take in my recorded dry run here: https://www.bsdly.net/~peter/openbsd_6.8_and_you_OpenFest_2020.mkv (826MB, approximately 43 minutes IIRC), with slides to follow along at https://home.nuug.no/~peter/openbsd_and_you_68/

NUUG 2020-11-10 18:30 CET Flying rockets with Free Software, Bdale Garbeehttps://www.nuug.no/aktiviteter/20201110-free-software-rockets/ Online meeting *DATE CORRECTED*

NUUG 2020-11-20 18:30 CET: Flying rockets with Free Software, Bdale Garbee https://www.nuug.no/aktiviteter/20201110-free-software-rockets/ - Online meeting

How the OpenBSD -stable packages are built https://undeadly.org/cgi?action=article;sid=20201030073502

A question for #Spamassassin users:

What (custom) value, if any, do you assign to

SPF_FAIL SPF: sender does not match SPF record (fail)
TO_EQ_FM_DOM_SPF_FAIL To domain == From domain and external SPF failed

in your config? Comments on why welcome too.

BLUG, Bergen 2020-10-29: Reproducible builds (online meeting) - https://www.blug.linux.no/talk/2020-10-reproducible-builds/
Youtube: https://youtu.be/Tzc8arUBiRM
MPEG Dash: https://blug.linux.no/live.m3u

This just happened:

(jpg https://bsdly.net/~peter/20201021_account_notification_mailer-daemon_at_skapet_bsdly.net.zimbra.team_vs1056.server4u.cz.jpg, text with full headers: https://bsdly.net/~peter/20201021_account_notification_mailer-daemon_at_skapet_bsdly.net.zimbra.team_vs1056.server4u.cz.txt) #spam #mailer-daemon #phishing

OpenBSD 6.8 Released https://undeadly.org/cgi?action=article;sid=20201018175726

Cryptographic Signing using ssh-keygen(1) with a FIDO Authenticator https://undeadly.org/cgi?action=article;sid=20201016053038

RETGUARD for powerpc and powerpc64 added to -current https://undeadly.org/cgi?action=article;sid=20201013055904

I've been reading the install instructions for several security products and I keep seeing required steps like

"1.Use SSH to log in to the system as a root user.
2.Modify the SELINUX value in the /etc/sysconfig/selinux file to SELINUX=disabled, and restart the host.
3.Use SSH to log back in to the system as the root user."

How many fireable offenses do you see in that procedure?

The Norwegian Unix User Group (NUUG), continues its series of online events, next up on 2020-10-13: 0G: Escaping the Surveillance Blackhole with Free Mobile Computing

http://nuug.no/aktiviteter/20201013-mobile-computing-with-privacy/

http://nuug.no/aktiviteter/20201013-mobile-computing-with-privacy/

I've come across a network where not unlike the one in https://bsdly.blogspot.com/2018/02/a-life-lesson-in-mishandling-smtp.html do they check for SPF et al in the wrong place, but they also appear to block DNS over TCP (which means null answers on SPF, DKIM et al so the mail gets delivered). Is there any quasi-rational reason behind this, such as a 'ping of death' style tale from the crypt? If there is, I look forward to some campfire time.