badger.foo - Slashdot User

Submission + - Are Sensible Password Policies Starving The Hail M (blogspot.com)

Submitted by

badger.foo

on Saturday October 29, 2011 @10:39AM

badger.foo writes: "Remember the Hail Mary Cloud of distributed ssh password guessing bots? They're back (or may have been active all along), but the latest news is that they seem to be numbering hundreds, not thousands like they did some years ago. Peter Hansteen speculates that maybe we are seeing the effect of sensible passwords polidies or a move to key only ssh logins. And they're still not even attempting to attack OpenBSD systems."

Submission + - What to expect in OpenBSD 5.0 onwards (blogspot.com)

Submitted by

badger.foo

on Tuesday July 19, 2011 @11:51AM

badger.foo writes: "OpenBSD-current just turned 5.0-beta, providing us a preview of what the upcoming release (slated for November 1st) will look like. Book of PF author Peter Hansteen takes us through the main new features and explains the development process that has consistently turned out high-quality releases on time, every six months for more than a decade."

Submission + - Anticipating the Post-ALTQ World (blogspot.com)

Submitted by

badger.foo

on Saturday July 09, 2011 @01:08PM

badger.foo writes: "In a new article, Book of PF author Peter Hansteen takes a peek at new features in the upcoming OpenBSD 5.0 release and the plan for upcoming releases (hint: ALTQ is on its way out). He also asks the crucial question: How do we teach our favorite operating system better? Comments and suggestions welcome via email or the comment field here."

Submission + - IPv6 Spam Shows IPv6 Is No Reason To Ease Security (blogspot.com)

Submitted by

badger.foo

on Wednesday June 08, 2011 @05:33PM

badger.foo writes: "Today is World IPv6 Day. On the day of this Great Experiment, Peter Hansteen digs out an anecdote to show how much the world stays the same even with IPv6, security-wise. There's no reason to stay all dotty, this is when the fun starts in all possible meanings of the word."

Submission + - How to reward my 100,000th tutorial visitor (blogspot.com) 2

Submitted by

badger.foo

on Sunday June 05, 2011 @04:01PM

badger.foo writes: "I've been maintaining a PF tutorial for a few years, and the tea leaves (and apache logs) tell me that in the near future my unique visitor number 100,000 will turn up. How do we celebrate the event appropriately? The tutorial has morphed into The Book of PF, so an obvious prize possibility exists, but I would welcome suggestions from Slashdot readers."

Submission + - RFC1149: Ten Years of In-Flight Internet (blogspot.com)

Submitted by

badger.foo

on Friday April 29, 2011 @05:03AM

badger.foo writes: "It's been ten years since a small group of Bergen hackers implemented RFC1149, the Carrier Pigeon Internet Protocol, making in-flight Internet a reality well ahead of any airline. The working group is looking for independent, interoperable implementations in order to get moving on the standards track"

Submission + - The Problem Isn't Email, It's Microsoft Exchange (blogspot.com)

Submitted by

badger.foo

on Sunday February 27, 2011 @07:05PM

badger.foo writes: "There have been gripes in C?O circles lately about time wasted on email. Peter Hansteen takes those gripes apart and points a finger at the real time-waster: Microsoft Exchange."

Submission + - BSD: Bounties Offered for iPSEC Backdoor Evidence (blogspot.com)

Submitted by

badger.foo

on Wednesday December 15, 2010 @01:24PM

badger.foo writes: "In response to the recent claims that the OpenBSD IPSEC stack contains backdoor code covertly added to the code base by developers working for the FBI, FreeBSD developer Dag-Erling Smørgrav is now offering triple $100 bounties for credible evidence to back up those claims. You have until New Year's Eve, 2012 to collect your bounties if you can find the backdoor code. See DES' blog at http://maycontaintracesofbolts.blogspot.com/2010/12/openbsd-ipsec-backdoor-allegations.html for details. You can even contribute your matching funds to make the bounties bigger!"

Submission + - Possible OpenBSD-targeted attack code found (blogspot.com)

Submitted by

Peter N. M. Hansteen

on Sunday October 24, 2010 @05:19PM

Peter N. M. Hansteen writes: "A high profile security professional tweeted for help to analyze what could be 'an OpenBSD boot sector trojan worm'. If we are starting to see targeted attacks on OpenBSD systems, the world has become more interesting, see a preliminary analysis over at Peter's blog."

Submission + - BSD: The Finest Software Tool, A Creative Force (blogspot.com)

Submitted by

badger.foo

on Wednesday October 13, 2010 @04:07AM

badger.foo writes: "After 30+ years, the BSD family of operating systems is still a creative force to be reckoned with. In his conference report Peter Hansteen writes: From mainframe replacements to firewall appliances, the BSD family of systems is a toolbox flexible enough to baffle insiders and newbies alike. EuroBSDCon 2010 was good fun. Read on for the full story."

Submission + - OpenBSD 4.7 preorders are up (openbsd.org)

Submitted by badger.foo on Saturday March 13, 2010 @08:15PM

badger.foo writes: The OpenBSD 4.7 pre-orders are up. That means the release is done, sent off to CD production, and snapshots will turn -current again. Order now and you more likely than not will have your CD set, T-shirt or other cool stuff before the official release date. You get the chance to support the most important free software project on the planet, and get your hands on some cool playables and wearables early. The release page is still being filled in, the changelog has detailed information about the goodies in this release.

Submission + - The Goodness of Men and Machinery (blogspot.com)

Submitted by badger.foo on Sunday January 03, 2010 @04:47PM

badger.foo writes: Peter Hansteen writes: If you keep them to their promises, what will corporations and individuals do? Specifically, how do you go about actually getting a refund for that pesky bundled Windows license? The first of likely several installments. Plus, a fresh look at the general goodness of OpenBSD and its installer.

Submission + - The Hail Mary Cloud is Growing (blogspot.com)

Submitted by badger.foo on Sunday November 15, 2009 @10:19AM

badger.foo writes: The .au Rickrolling of jailbroken iPhones only goes to prove that bad passwords are bad for you, Peter Hansteen points out before he reports on the further exploits of password-guessing Hail Mary Cloud (previously /.ed here). The article contains log data that could indicate that the cloud of distributed password guessing hosts is growing.

Submission + - Sloppy Linux Admins Enable Slow Bruteforcers (blogspot.com) 1

Submitted by badger.foo on Sunday October 04, 2009 @04:34PM

badger.foo writes: Peter N. M. Hansteen reports that a third round of the low-intensity, distributed bruteforce attacks is now in progress, and that sloppy admin practices on Linux systems is the main enabler: The fact that your rig runs Linux does not mean you're home free. You need to keep paying attention. When your spam washer has been hijacked and tries to break into other people's systems, you urgently need to get your act together, right now. The article has more info and references.

Submission + - The slow brute zombies are back (blogspot.com)

Submitted by

Peter N. M. Hansteen

on Sunday April 12, 2009 @04:37PM

Peter N. M. Hansteen writes: "In real life, zombies feed off both weak minds and the weak passwords they choose. When the distributed brute force attempts stopped abruptly after a couple of months of futile pounding on ssh server, most of us thought they had seen sense and given up. Now it seem that they have not. They are back. The article has some analysis and links to fresh log data."

Slashdot Top Deals