Peter N. M. Hansteen @pitrh@mastodon.social

SMT Disabled by Default in -current
https://undeadly.org/cgi?action=article;sid=20180620110722

The slides from the just completed BSDCan "PF and networking" tutorial are up at https://home.nuug.no/~peter/pftutorial/ - a slight refresh from previous versions. Enjoy!

With only minutes to go before starting the #bsdcan #PF and #Networking with #OpenBSD tutorial, I finally remembered the username convention for the labs.

An interesting question turns up via email, but my answer bounces in the exact way described in this article: https://bsdly.blogspot.com/2017/08/twenty-plus-years-on-smtp-callbacks-are.html - it appears that snakeoil is still considered a vitally important ingredient in Rube Goldberg 'antispam' contraptions.

Just registered for @BSDCan 2018. See you all (or quite a few of you?) in Ottawa in June!

If you haven't done so already, go to https://www.bsdcan.org/2018/schedule/ and check the program, then register while the online option is still open.

It appears that my spamtraps have entered a canon of sorts. On our freshly configured imapd, this https://www.bsdly.net/~peter/20180509_imap-gropers.txt happened. Login attemps to spamtrap IDs, earning of course only a place in the permanent blocks (as described in https://bsdly.blogspot.no/2017/04/forcing-password-gropers-through.html)

So happy to hear that somebody appreciates root@$mymailserver's writing - https://home.nuug.no/~peter/20180508_wholesalersorb_adalinejehles71.txt but I would prefer they go read what https://bsdly.blogspot.com is actually about.

p2k18 Hackathon Report: Klemens Nanini on ports and pledges https://undeadly.org/cgi?action=article;sid=20180430061520

p2k18 Hackathon report: Marc Espie (espie@) on pkg_* and packages progress
https://undeadly.org/cgi?action=article;sid=20180429190200

p2k18 Hackathon report: Solene Rapenne (solene@) on joining the project, packages progress https://undeadly.org/cgi?action=article;sid=20180429101745

This somehow made it to my inbox - spam of course but with some real translation gems - as text with headers here, https://home.nuug.no/~peter/spam-and-scams/kontor_av_hodet.txt graphic preserved at https://home.nuug.no/~peter/spam-and-scams/kontor_av_hodet.png

I take log entries like

Apr 23 12:27:16 skapet sshd[55094]: Failed password for invalid user admin@bsdly.net from 74.208.218.114 port 38760 ssh2

as evidence that the "salting the mine, poisoning the well" (as outlined in https://www.bsdly.net/~peter/traplist_ethics.shtml) project is succeeding.

I suppose it takes a special kind of weird to be truly happy to see pop3 gropers auto-LART themselves by trying to read noreply's mail. This https://bsdly.blogspot.co.uk/2017/04/forcing-password-gropers-through.html from last year explains it all, and it's still happening. Nothing to add, I'm just happy to see the setup works.

Don't worry, that was not a creative explosion happening over at bsdly.blogspot.com.

Only me making bad formatting of old posts slightly less awful. But do come read anyway :)

While looking for something else in my webserver logs I notice that there are several hosts that try to fetch the hourly traplist dumps https://www.bsdly.net/~peter/bsdly.net.traplist but via http and ignoring the redirect to https. Both sites (bsdly and nuug) now force https, update your setups!

MAP_STACK Stack Register Checking Committed to -current https://undeadly.org/cgi?action=article;sid=20180413065457

Looking at the SSH bruteforcers (password guesssing) by country data so far this month it looks like RU has overtaken CN for the first time in a while. Is this a trend? Anybody else looking at this angle, I would like to hear from you!