March 25, 2008 at 23:34 | categories: security
wrote in December 2006 the RBL at ordb.org has been shut down. From the
nameserver traffic, there's quite a few who
didn't react to the shutdown notice. In fact so many that the traffic is quite
significant. From today, they're sending a wakeup call to admins who haven't
fixed their configurations yet.
The result of still using relays.ordb is likely to be blocking of all mails.
UPDATE: More details here.
December 19, 2006 at 00:24 | categories: security
Today the Open Relay DataBase announced
that they are shutting down, have already removed all the listings from the zone and will be removing their website at the
end of the month.
For some people it happened very suddenly, but I know the guys and they've been talking about shutting down for more than a year. That it happened now, was just a result of some external factors, forcing them to either do a fair amount of work now or just finalise the long awaited shutdown. A look at their New and fixed relays statistics show that there really hasn't been much change in a very long time. That might hint towards there not being enough open relays to care, but the graph below shows that there still is a fair number of open relays out there. As an ordb user, I've not seen many spams originating from open relays in the last couple of years, but it will be very interesting to see if the more than 200k open relays won't tempt spammers...
Slashdot coverage. As always, slashdot seems to attract some "interesting" comments like these.
Heise writes: Anti-Spam-Datenbank ORDB streicht die Segel.
UPDATE: The story makes it to AP.
Thursday night I went to the first meeting of the
Netherlands Opensolaris User Group.
The program was quite interesting (even if I only understood half of it). Both Bart Muijzer and Casper Dik spoke in dutch but at least their slides were in english so that I think I might have understood the important parts and only missed most of the jokes. The one joke I didn't entirely miss was the one about why they chose NLOSUG rather than NOSUG. The main talk of the night was Darren Moffat talking about opensolaris development and zfs crypto. The zfs crypto project looks very interesting and I was quite pleased to hear that many of the hard bits in the implementation of an encrypted filesystem already has been identified and are being handled in the implementation. I hope Darren will soon manage to get some code online because I think this code has the potential to become one of the most solid implementations of an encrypted filesystem and by using the Solaris crypto providers, support for hardware acceleration and key storage should be simple.
The turnout was quite impressive with something like 60 people there.
The trip there and back again was a bit more interesting than I had planned. First was a 1:30 train ride through Utrect to Amersfoort and then the fun began. I'd looked at the usually quite practical 9292ov site and found that the last bit of way from the station was supposed to take around 30 minutes involving 2 busses and a fair bit of walking as well. Rather than having to deal with that, I opted for the 45 minute walk that viamichelin suggested. Note to self:not all routes suggested by them for walking are good - a sidewalk would have been a nice feature rather than having to walk the grass at the roadside. The walk back to the station was a lot less eventful, although I'd have preferred a map with slightly more detail than the whole city in 2x2 inches. The usual trick of checking that you're headed in the right direction by looking at the maps in bus stops also failed because for some reason they had taken away the detailed maps from every stop I passed leaving only a large map with less detail than my own. Other than that, it was quite uneventful, I got some good exercise and was back at my place by 1:30.
Saturday I met up with a couple of friends and went to Bof day and was quite impressed by the turnout at the opensolaris bof. For some time I've been talking to a friend about starting a DK OSUG, but we were still in the early planning stages because Solaris isn't all that widely used in Denmark and most of the opensource activities in the Copenhagen area seems to be either Linux or BSD. The turnout at the bof and the enthusiasm and curiosity displayed by the people there has made us rethink the whole thing and we've started looking at the possibility of doing an evening with a couple of introductory presentations and a sort of installfest. Watch this space and announcements going to opensource.dk for more details. The bof day also had sessions about virtualisation and tuning of live systems where we got to talk even more about opensolaris.
PC and Pixel predicts a bleak future for airline travel.
It all fits pretty well with the wondermark comic I wrote about.
I wonder how long this can go on before people get enough? I for one don't much fancy the idea of flying to .us and I'd absolutely refuse to go there via .uk.
As I was playing around with Sun Studio 11 and trying out different compile options on httpd I bumped into the old problem of not being allowed to bind port 80. In usual circumstances I'd just switch to a port above 1024, but why not use Solaris privileges instead?
The usual error:
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:80
Finding the missing privilege:
# ppriv -eD ./httpd -k start
httpd: missing privilege "net_privaddr" (euid = 100, syscall = 232) needed at tcp_bind+0x631
As root add the missing privilege:
# usermod -K defaultpriv=basic,net_privaddr apache
# grep apache /etc/user_attr
Start httpd as the apache user and you're done.
Next Page »
- Andrew Godwin - What can programmers learn from pilots
- New blog software and layout
- Today I made it into Flickrs TwitterTuesday
- bread meatloaf recipe
- Osso buco
- XKCD gets close to the truth
- Open Source Days 2010
- Autumn has arrived
- Recipes - Sottofiletto di Manzo al Pepe Verde and Pere al Vino Rosso
- Nearby parks