Skip to content

Piero Bosio Social Web Site Personale Logo Fediverso

Social Forum federato con il resto del mondo. Non contano le istanze, contano le persone
  1. Home
  2. Categories
  3. Uncategorized
  4. I am beyond shocked!

I am beyond shocked!

Uncategorized
2 2 1
Log in to reply

Feed RSS
I am beyond shocked!

Gli ultimi otto messaggi ricevuti dalla Federazione
@pierobosio@soc.bosio.info
Post suggeriti
  • larvitz@mastodon.bsd.cafeundefined

    New blog post: GeoIP-Aware Firewalling with PF on FreeBSD

    Uncategorized freebsd infosec sysadmin devops
    1
    0 Votes
    1 Posts
    12 Views
    larvitz@mastodon.bsd.cafeundefined
    New blog post: GeoIP-Aware Firewalling with PF on FreeBSDRunning a mail server means constant brute-force attempts. My solution: geographic filtering. SMTP stays open for global mail delivery, but client ports (IMAP, Submission, webmail) are restricted to Central European IP ranges only.Result: ~90% reduction in attack logs, cleaner signal-to-noise ratio, smaller attack surface.Using MaxMind GeoLite2 + PF tables with ~273k CIDR blocks.https://blog.hofstede.it/geoip-aware-firewalling-with-pf-on-freebsd/#FreeBSD #InfoSec #SysAdmin #pf #DevOps
  • beyondmachines1@infosec.exchangeundefined

    Massive 16TB database leaks 4.3 billion professional records

    Uncategorized cybersecurity infosec incident databreach
    1
    0 Votes
    1 Posts
    8 Views
    beyondmachines1@infosec.exchangeundefined
    Massive 16TB database leaks 4.3 billion professional recordsAn unsecured 16-terabyte MongoDB database containing approximately 4.3 billion professional records was exposed without authentication from November 23-25, 2025, including names, emails, phone numbers, work histories, and other personally identifiable information. It's suspected that the data set is owned by a data broker or a lead-generation company, but the researchers did not disclose any details.**Data brokers are just greedy, but not at all good with their data protection. Because it's not their data, it's simply grabbed and abused.**#cybersecurity #infosec #incident #databreachhttps://beyondmachines.net/event_details/massive-16tb-database-leaks-4-3-billion-professional-records-v-8-u-f-u/gD2P6Ple2L
  • teajaygrey@snac.bsd.cafeundefined

    I submitted a Pull Request to update MacPorts' OpenSSH to 10.1p1 here:https://github.com/macports/macports-ports/pull/28592GitHub Continuous Integration checks passed OK

    Uncategorized openssh macports secureshell macos encryption security infosec
    1
    0 Votes
    1 Posts
    27 Views
    teajaygrey@snac.bsd.cafeundefined
    I submitted a Pull Request to update MacPorts' OpenSSH to 10.1p1 here:https://github.com/macports/macports-ports/pull/28592GitHub Continuous Integration checks passed OK!Alas, the agent.patch that iamGavinJ had created, doesn't apply cleanly, in large part because ssh-agent.c has been reworked significantly with this release.Subsequently, I closed this previous Pull Request: https://github.com/macports/macports-ports/pull/28592 not because I didn't want to restore that functionality to launchd, but because it will require more effort than I can give such things at this time.But, check out these improvements to ssh-agent from the OpenSSH 10.1 release notes:"ssh-agent(1)](https://man.openbsd.org/ssh-agent.1), sshd(8): move agent listener sockets from /tmp tounder ~/.ssh/agent for both ssh-agent(1) and forwarded socketsin sshd(8).This ensures processes that have restricted filesystem accessthat includes /tmp do not ambiently have the ability to use keysin an agent.Moving the default directory has the consequence that the OS willno longer clean up stale agent sockets, so ssh-agent now gainsthis ability.To support $HOME on NFS, the socket path includes a truncatedhash of the hostname. ssh-agent will, by default, only clean upsockets from the same hostname.ssh-agent(1) gains some new flags: -U suppresses the automaticcleanup of stale sockets when it starts. -u forces a cleanupwithout keeping a running agent, -uu forces a cleanup that ignoresthe hostname. -T makes ssh-agent put the socket back in /tmp."Anyway, I updated this as well:https://trac.macports.org/ticket/72482I should probably actually close this ticket now that I think of it (fingers crossed that adding that to the PR is sufficient, since I forgot to add that note to the commit message as is typically preferred: https://trac.macports.org/ticket/73084).#OpenSSH #MacPorts #SecureShell #macOS #encryption #security #infosec
  • markwyner@mas.toundefined

    VPNs aren’t all built the same.

    Uncategorized internetsafety infosec privacy vpn
    1
    0 Votes
    1 Posts
    16 Views
    markwyner@mas.toundefined
    VPNs aren’t all built the same. Many of you know this, and some of you don’t. For the latter, here’s a really informative report on a number of them. The “VPN Transparency Report 2025.”The TLDR is on page 50, but I recommend at least skimming all of it. Especially if you want to use a VPN with integrity.I use Mullvad, so I was happy to see it near the top in most sections.https://www.opentech.fund/wp-content/uploads/2025/08/VPN-Transparency-Report.pdf#VPN #Privacy #InfoSec #InternetSafety