Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - SPAM: Forcing the password gropers through a smaller hole with OpenBSD's PF queues writes: While preparing material for the upcoming BSDCan PF and networking tutorial, I realized that the pop3 gropers (previously reported here) were actually not much fun to watch anymore. So I used the traffic shaping features of my OpenBSD firewall to let the miscreants inflict some pain on themselves. Watching logs became fun again. Read the full story here for how to use traffic shaping as effective (and fun!) network defense.
Link to Original Source

Submission + - NSA Front Equation Group May In Fact Be Russian ( writes: The well-known NSA front or hackers-for-hire The Equation Group may in fact be Russian, or at least operating out of a 'forward base' close to Russian networks, if Peter Hansteen reads subtle hints in the recent Shadow Brokers data dump correctly. The clue: Several Russian hosts identified by RFC1918 local net addresses. You can read the whole story, with links to the data, here.

Submission + - SPAM: The Voicemail Scam Spam Campaign Never Got Past OpenBSD Greylisting writes: "We usually don't see much of the scammy spam and malware", writes Peter Hansteen, "But that one time we went looking for them, we found a campaign where our OpenBSD greylisting setup was 100% effective in stopping the miscreants' messages." The article The Voicemail Scammers Never Got Past Our OpenBSD Greylisting shows how that scammy spam campaign looked like from behind a simple greylisting setup, with links to relevant data and articles.
Link to Original Source

Submission + - Chinese Are Hunting Chinese Over POP3 In Fjord Country ( writes: Yes, you read that right: There is a coordinated effort in progress to steal Chinese-sounding users' mail, targeting machines at the opposite end of the Eurasian landmass (and probably elsewhere), with the attempts coming exclusively from Chinese networks. This weirdness of course turned up on Peter Hansteen's doorstep (or rather his servers), and it's the topic of his latest column.

Submission + - Have Google forgotten what a joejob is? Or is it bullying smaller operators? ( writes: Joejobs are a fact of life for everyone running a mail service. In his latest piece, Does Your Email Provider Know What A "Joejob" is? Peter Hansteen describes an investigation into why messages sent to Google hosted domains started disappearing into thin air. An unexpected bounce message provided clues, but the question remains, is this a matter of incompetence, bad luck or something more sinister like one operator trying to bully itself into dominance?

Submission + - Coming Soon to OpenBSD/amd64: A Native Hypervisor ( writes: Earlier today, Mike Larkin (mlarkin@) published a teaser for something he's been working on for a while. Then a little later in the day, an announcement appeared on tech@:

TL;DR — a native hypervisor is coming. stay tuned.

For the last few months, I've been working on a hypervisor for OpenBSD. The idea for this started a few years ago, and after playing around with it from time to time, things really started to take shape around the time of the Brisbane hackathon earlier this year. As development accelerated, the OpenBSD Foundation generously offered to fund the project so that I could focus on it in more earnest.

See the full story over on the OpenBSD Journal news site.

Submission + - The OpenSSH Bug That Wasn't ( writes: Get your facts straight before reporting, is the main takeaway from Peter Hansteen's latest piece, The OpenSSH Bug That Wasn't. OpenSSH servers that are set up to use PAM for authentication and with a very specific (non-default on OpenBSD and most other places) setup are in fact vulnerable, and fixing the configuration is trivial.

Submission + - Solaris 11.3 Onwards Will Feature OpenBSD's PF Packet Filter ( writes: In his most recent article, Solaris Admins: For A Glimpse Of Your Networking Future, Install OpenBSD, Peter Hansteen points to leaked information (via a patch to a mailing list) that Oracle's Solaris from version 11.3 (expected this year) onwards is joining the ranks of OSes using the OpenBSD PF firewall. From version 12 onwards, PF will be the only packet filter, replacing the legacy IPF system. Which was the software PF was designed to replace, due to performance and rather nasty licensing reasons.

Submission + - The Password? You Changed It, Right? ( writes: Right at this moment, there's a swarm of little password guessing robots trying for your router's admin accounts. Do yourself a favor and do some logs checking right away. Some European ISPs have been forced to do some ad-hoc reconfigs to end user equipment recently, so do check you equipment. And of course, this turned up in my lap while I was on my way back from a most enjoyable passwords conference — traces of what appears to be a distributed password guessing efforts. Read on for data and the beginnings of analysis.

Submission + - Password Gropers Hit Peak Stupid, Take the Spamtrap Bait ( 1 writes: Peter Hansteen reports that a new distributed and slow-moving password guessing effort is underway, much like the earlier reports, but this time with a twist: The users they are trying to access do not exist. Instead, they're take from the spamtrap address list, where all listed email addresses are guaranteed to be invalid in their listed domains. There is a tiny chance that this is an elaborate prank or joke, but it's more likely that via excessive automation, the password gropers have finally Peak Stupid.

Submission + - Have you changed your password lately? Does it even matter? ( writes: Do frequent password changes actually matter security wise? Or do they just make us pick the minimum complexity password the system will accept? I want your opinion. In his latest piece, Peter Hansteen wants your opinion on common security enforcement practices and even offers a poll about enforced password changes. Let loose the debate rage!

Submission + - What is it that you want to learn about OpenBSD 5.5? ( writes: In the upcoming OpenBSD 5.5 release there will be a number of improvements, including a whole new traffic shaping system, automatic installer improvements and the switch to 64-bit time_t.

But OpenBSD has been the source of lots of innovation and improvements in BSD and Unix in general over the years, and in preparation for his two BSDCan tutorials, Peter Hansteen asks, What do you want to learn about OpenBSD 5.5 (and possibly future directions)?

Submission + - Yes, You Too Can Be An Evil Network Overlord - On The Cheap With OpenBSD, pflow ( writes: Have you ever wanted to know what's really going on in your network? Some free tools with surprising origins can help you to an almost frightening degree. Peter Hansteen shares some monitoring insights, anecdotes and practical advice in his latest column on how to really know your network. All of it with free software, of course.

Slashdot Top Deals

Every young man should have a hobby: learning how to handle money is the best one. -- Jack Hurley