On 1/13/2014 9:35 PM, Sampsa Laine wrote:
Anybody know what happened with that discussion re: EISNER and HECnet?
Also, is EISNER even up any more? I can't seem to connect to it.
sampsa <sampsa at mac.com>
mobile +44 7961 149465
Eisner is down for a physical move. Last I saw posted was on 7-Jan-2014 on comp.os.vms was that they expected it back up "soon". It was moving from Wisconsin to the Nemonix HQ in Massachusetts.
https://groups.google.com/forum/?fromgroups#!topic/comp.os.vms/qh3oFl11Olw
John H. Reinhardt
OK, I'm at the hair-tearing-out stage... Who here has a TOPS-20 system
connected to HECnet? I'm trying to peer with Sampsa with "bridge" in
his same area as an endnode. Bridge works fine on my end, lots of
activity in debug mode, and I see lots of node number entries if I
send it a SIGUSR1. However I never "see" the adjacent node in NCP,
though my circuit and line are up and active. Adding a few nodes
manually with NCP SET NODE and then trying a SET HOST in the monitor
just times out. If I do this while watching my ethernet with tcpdump,
I see my real DECnet traffic, immediately followed by its encapsulated
udp packet going out over port 4711. However, I never get any
responses to my SET HOST from the remote bridge side. Any suggestions
on debugging this?
Thanks,
Mark
Anybody know what happened with that discussion re: EISNER and HECnet?
Also, is EISNER even up any more? I can't seem to connect to it.
sampsa <sampsa at mac.com>
mobile +44 7961 149465
On Sun, 12 Jan 2014, Brian Hechinger wrote:
Has been offline for almost a week now. I let the colo host at OVH expire because while it was a good deal the network connectivity was very bad.
I'll be moving it to the host Ian has running hopefully sometime this week.
Stay tuned for details.
-brian
Replying to this made Alpine dump core...Hmmm.
I was wondering about that. Not surprised to hear OVH connectivity wasn't
fantastic.
--
Cory Smelosky
http://gewt.net Personal stuff
http://gimme-sympathy.org Projects
Has been offline for almost a week now. I let the colo host at OVH expire because while it was a good deal the network connectivity was very bad.
I'll be moving it to the host Ian has running hopefully sometime this week.
Stay tuned for details.
-brian
Actually, no one has resumed their "hacking" after I launch my anti-hacking script.
I'm happy with my method.
sampsa <sampsa at mac.com>
mobile +44 7961 149465
On 8 Jan 2014, at 23:08, Sampsa Laine <sampsa at mac.com> wrote:
They can try, none have succeeded so far. They're script kiddies / bots anyway.
sampsa <sampsa at mac.com>
mobile +44 7961 149465
On 8 Jan 2014, at 23:01, "Brian Schenkenberger, VAXman-" <system at TMESIS.COM> wrote:
Sampsa Laine <sampsa at mac.com> writes:
On 8 Jan 2014, at 22:30, Bob Armstrong <bob at jfcl.com> wrote:
I've seen idiots attacking ... via the SSH connection,=20
=20
FWIW, I've put all my public SSH ports on non-standard port numbers. =
It's
pretty much eliminated all the attacks.
=20
I think most of these attackers are bots and script kiddies, and they =
only
try the well known ports.
=20
Bob
=20
=20
=20
I personally run sshd in pubkey auth mode only, and when I see login =
attempts, I bombard the source IP with packets using nmap. Tends to stop =
them in about 30-90 secs.
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
Cory Smelosky <b4 at gewt.net> writes:
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
So long as that's not the only method of "security" used. Auto portscan
and quick telnet probe can find SSH on port 1337 instead of 22 with ease.
It's no security! It does, however, keep the persistent port scanners from
consuming system resources. On VMS, touching the ssh port will initiate a
process to handle the authentication and create a pseudo-terminal for each
instance of a possible ssh session. This wastes process slots and carves a
lot of memory from the NPP.
Ahhhhh. I get what you're saying. I wasn't thinking in a VMS sense.
That is certainly sensible.
--
Cory Smelosky
http://gewt.net Personal stuff
http://gimme-sympathy.org Projects
Cory Smelosky <b4 at gewt.net> writes:
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
So long as that's not the only method of "security" used. Auto portscan
and quick telnet probe can find SSH on port 1337 instead of 22 with ease.
It's no security! It does, however, keep the persistent port scanners from
consuming system resources. On VMS, touching the ssh port will initiate a
process to handle the authentication and create a pseudo-terminal for each
instance of a possible ssh session. This wastes process slots and carves a
lot of memory from the NPP.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
They can try, none have succeeded so far. They're script kiddies / bots anyway.
sampsa <sampsa at mac.com>
mobile +44 7961 149465
On 8 Jan 2014, at 23:01, "Brian Schenkenberger, VAXman-" <system at TMESIS.COM> wrote:
Sampsa Laine <sampsa at mac.com> writes:
On 8 Jan 2014, at 22:30, Bob Armstrong <bob at jfcl.com> wrote:
I've seen idiots attacking ... via the SSH connection,=20
=20
FWIW, I've put all my public SSH ports on non-standard port numbers. =
It's
pretty much eliminated all the attacks.
=20
I think most of these attackers are bots and script kiddies, and they =
only
try the well known ports.
=20
Bob
=20
=20
=20
I personally run sshd in pubkey auth mode only, and when I see login =
attempts, I bombard the source IP with packets using nmap. Tends to stop =
them in about 30-90 secs.
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
Well I speak to machines with the voice of humanity.
On Wed, 8 Jan 2014, Brian Schenkenberger, VAXman- wrote:
You'd still be beter off running it on a non-standard port. Also, doing
onto others as they do on to you should be reserved only for good tasks;
bombing the source is a good way to get them to really go after you and
your systems.
So long as that's not the only method of "security" used. Auto portscan
and quick telnet probe can find SSH on port 1337 instead of 22 with ease.
--
Cory Smelosky
http://gewt.net Personal stuff
http://gimme-sympathy.org Projects
