Notices by Peter N. M. Hansteen (pitrh@mastodon.social)

APNIC Blog: IP addresses through 2024

"There is still no evidence of any common sense of urgency about the deployment of [IPv6] ..." https://blog.apnic.net/2025/01/13/ip-addresses-through-2024/

#networking #IPv6 #infrastructure #transition

@solene for the spamd generated list, the expiry is 24 hours (IIRC counted from last seen activity). For the others it's six weeks similarly as described in "Badness, Enumerated by Robots" https://nxdomain.no/~peter/badness_enumerated_by_robots.html.

I offer removal for the kinds of situations you mention (https://www.bsdly.net/~peter/traplist_ethics.shtml) but I have only ever received removal requests for outdated entries and for hosts still actively spamming for some reason.

I tell them to fix, I will provide evidence for handing to law enforcement.

@gyptazy @solene spamd is a lot more targeted than that (SMTP only).

Any attempt to deliver mail to the trap addresses will lead to the sender IP getting stuttered at by my system and any similar system that imports my exported data on subsequent SMTP connection attempts for 24 hours.

If anybody out there uses the exported list of IP addresses for any other purpose, that is both stupid and entirely their responsibility.

SSH and POP3 gropers on the other hand are subject to "block drop" here.

@gyptazy @solene That said, if you run a mail service and you don't entirely trust your users to not get cracked or do stupid things, intercepting any SMTP delivery attempts from your networ to the trap email addresses is likely a good idea for safeguarding your IP reputation score among those who keep track.

@gyptazy @solene More specifics and less handwaving and FUD, please.

The trap addresses are all in domains we own and control.

In addition anyone mistaking our system for an open SMTP relay will be greytrapped, as described in https://nxdomain.no/~peter/domain-only-trapping.html -- this happens *a lot* -- (or for a fuller but still brief explanation, https://nxdomain.no/~peter/minimalist_spamd_configs.html

An update on #green #cybercrime #prevention: "Harvesting the Noise While it's Fresh, Revisited" https://nxdomain.no/~peter/harvesting_the_noise_revisited.html (tracked, prettified https://bsdly.blogspot.com/2022/12/that-grumpy-bsd-guy-harvesting-noise.html) now has an update about harvesting even more useful data from #openbsd #spamd log file noise.
#antispam #greytrapping #greencomputing #spam #email #smtp

BSDCan 2025 in Ottawa:

Tutorials: June 11-12, 2025
Conference: June 13-14, 2025

https://www.bsdcan.org/2025/

CFP proposal deadline 12 February 2025 https://www.bsdcan.org/2025/papers.html

#bsdcan #bsd #freebsd #openbsd #netbsd #freesoftware #opensource #development #conference

@kaia Same with BSD date (confirmed just now on #openbsd)

[Mon Dec 30 13:08:45] peter@skapet:~$ cal jan 25
January 25
Su Mo Tu We Th Fr Sa
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31

[Mon Dec 30 13:08:50] peter@skapet:~$

Rafael Sadowski on dpb(1) https://www.undeadly.org/cgi?action=article;sid=20241130183941 #openbsd #dpb #ports #packages #packagebuilding

One thing puzzled me slightly over the last couple of days. Watching the auth logs I see login attempts with the following user IDs:

2024-11-30 SSH ALLIN1MAIL
2024-11-30 SSH PDP11
2024-11-30 SSH PDP8
2024-11-30 SSH TELEDEMO
2024-11-30 SSH DECMAIL
2024-11-30 SSH DECNET
2024-11-30 SSH SYSMAINT
2024-12-01 SSH SYSTEST_CLIG

which to this #oldfart #greybeard sounds very #DEC #VAX-like.

Anyone else seeing this? Or is somebody out there actually running an Internet-accessible VAX somewhere?

The #eurobsdcon 2024 videos are starting to appear at https://www.youtube.com/@EuroBSDcon/videos #bsd #freebsd #netbsd #openbsd #conference #freesoftware @EuroBSDCon - expect more to appear soon!

@0xabad1dea On approximately the same level of crazy I have seen

* PDFs embedded in word .docx files,

as well as

* screenshots of pages on a web site carefully inserted in .docx

I'm sure other equally horrible variations exist, limited only by the particular combinations of imbecility and imagination present in the specific individuals.

How much carbon was in the atmosphere when you were born? (compared to right now)

Select your birth year to find out https://www.nature.org/en-us/get-involved/how-to-help/carbon-footprint-calculator/carbon-by-birth-year/ #carbon #carboncrisis #climate #climatechange

For those looking for OpenBSD advocacy material, I will allow myself to push my own "What every IT person needs to know about OpenBSD", as a three part series on the APNIC blog starting with part one at https://blog.apnic.net/2021/10/28/openbsd-part-1-how-it-all-started/, also available in one big chunk without tracking at my webspace https://nxdomain.no/~peter/what_every_it_person_needs_to_know_about_openbsd.html or *with* trackers and slightly nicer formatting at https://bsdly.blogspot.com/2021/09/what-every-it-person-needs-to-know.html - enjoy!

(also links therein) #openbsd #securebydefault #qualitysoftware

@czero @AdrianVovk @LaF0rge While individual contributors might decide to contribute to a free software project "out of the goodness of their heart", no commercial entity, whatever their business actually does. (defense or other sector, no matter)

Rather, they see the positive potential of utilizing the combined efforts of other developers as well as their own in maintaining and improving whatever it is they make their money from.

@starbreaker I would submit that all of the "social web" thingies are attempts at re-inventing USENET (OK showing my age, I know)

You Have Installed OpenBSD. Now For The Daily Tasks. https://nxdomain.no/~peter/openbsd_installed_now_for_the_daily_tasks.html (prettified, tracked: https://bsdly.blogspot.com/2024/09/you-have-installed-openbsd-now-for.html) #OpenBSD #install #syspatch #supported #releases #packages #pkg_add #sysupgrade #release #snapshot #current #sysadmin

20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) https://www.undeadly.org/cgi?action=article;sid=20240409044953 #openbsd #openbsdjournal #undeadly #20years #anniversary #news

This is one of the best explanations of the xz matter I have seen so far:
https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor

and it leads in with a quote to remember -

"This dependency existed not because of a deliberate design decisionby the developers of OpenSSH, but because of a kludge added by some Linux distributions to integrate the tool with the operating system’s newfangled orchestration service, systemd."

Enjoy!

#xz #opensource #security #openssh

@feld Color me unsurprised. Anyway, their MX does not receive mail from my domains or even gmail.com.