Με αφορμή τις ανασκαφές της βιβλιοθήκης του Γιώργου ανοίγω κι εγώ το χρονοντούλαπο πίσω μου και βρίσκω ένα θυσαυρό..
Οδηγοί και «Service definition documents» 15+ χρονών της ΑΡΙΑΔΝΗΣ.
FORTHnet 1997
Τρία χρόνια μετά το FORTHnet που γνωρίσαμε στη δημοσίευση του Γιώργου, «το (δικτυο) FORTHnet» έχει γίνει πλέον «η (εταιρία) FORTHnet».
FORTHnet brochure 1997, PDF 7.5 MB
inbox-outbox minutes
Μόλις κυκλοφόρισαν τα πρακτικά του anti-spam workshop που είχα παρακολουθήσει το Νοέμβρη στο Inbox-Outbox.
"The workshop was set up in order to bring technical and non-technical anti-spam experts together to give an overview about current situation in the area of anti-spam. Professionals from both sides gave contributions about spam trends, current legal and technical anti-spam issues and newest research results. Discussions during the workshop made clear that providers are fighting spam, but need support from different areas. In general, support from legal experts is highly appreciated by providers. They often seem to stumble in difficult legal aspects regarding email or virus filtering. This workshop made clear which measures are actually desirable and required by policy makers. Moreover, providers welcomed the efforts from research institutes developing new anti-spam technologies. All in all, the results of the workshop and ENISA's upcoming deliverable on provider security measures give a comprehensive overview about current anti-spam best practice. However, during the workshop it raised up that spam should be considered as a symptom of network abuse. Solving spam therefore requires, next to current efforts, also approaches to mitigate net abuse in general. As a consequence, ENISA will concentrate next year on resilience as a main part of its Working Programme 2008 and put forth efforts making network abuse more transparent to legal and technical experts."
Thanks Pascal ;)
locally bypass dnsbl listing
Τι κάνεις όταν θέλεις να δεχτείς mail από κάποιο IP που είναι listed σε κάποια dnsbl και δε μπορείς να το βγάλεις;
Το κάνεις whitelist στον mail server ή στο antispam software που χρησιμοποιείς..
Κι αν το whitelisting δε δουλεύει ή δεν έχεις τον έλεγχο τους;
Τότε κάνεις bypass το dnsbl listing, γιατί έχεις έλεγχο του DNS server που χρησιμοποιούνε!
Εστω ότι το listed IP είναι το 193.194.195.196, και είναι listed στην bl.spamcop.net.
$ host 196.195.194.193.bl.spamcop.net 196.195.194.193.bl.spamcop.net has address 127.0.0.2
Φτιάχνεις ένα κενό zone file στον DNS σαν το παρακάτω
$ cat etc/noblacklist.zone
$TTL 86400
;
;name addr-cl SOA Origin Person in charge
;
@ IN SOA localhost. root.localhost. (
2008011600 ; Serial
21600 ; Refresh 6 hours
3600 ; Retry 1 hours
3600000 ; Expire 41 days 16 hours
172800 ) ; Minimum 2 days
IN NS localhost.
Στο etc/named.conf του bind δηλώνεις το παρακάτω:
zone "195.194.193.bl.spamcop.net" {
type master;
file "/etc/noblacklist.zone";
};
Κάνεις reconfig στο bind και ως δια μαγείας ..δεν είσαι πλεον listed
$ host 196.195.194.193.bl.spamcop.net Host 196.195.194.193.bl.spamcop.net not found: 3(NXDOMAIN)
Getting Things Done
Ο David Allen, δημιουργός της μεθόδου Getting Things Done μίλησε σε άτομα που δουλεύουν στο Google για τη μέθοδό του.. Εχετε 45 λεπτά να το παρακολουθήσετε;
(via)
ENISA Quarterly Magazine Q4 2007
ENISA Quarterly Magazine is always good to read.. The 4th Quarter 2007 issue is now available online at ENISA’s website.
In this issue the focus is on Secure Software. Here is a quick sample of the articles you will find in this issue:
- From the World of Security Experts
- Cycles of Software Crises
- The Whys and Hows of Assuring Secure Software
- Technology Leaders Tackle Software Assurance
- The 10 Most Common Sins of Software Developers
- Security Skills of Software Developers
- Leading the Way to More Secure Software
- Providing Assurance for Security Software ? Insights into the Common Criteria
- From our own Experts
- ENISA Position Papers: Network and Information Security risks affecting Social Networks, Reputation Systems, and Botnets
- Towards a European Information Sharing and Alerting System
- Food for Thought
- Stop using the Traffic Analogy for NIS!
Don't fear the penguin 