Re: [bitfolk] Proposal: Security incidents postings

Top Page
This message is part of the following thread:
M-+++++++++++\the complete thread tree sorted by date
M\MMMMMMMMMMMMAndy Bennett at <-
MM.M..M.MM.MMHugo Mills at ->

Reply to this message
Author: Jeremy Kitchen
Date:  
Subject: Re: [bitfolk] Proposal: Security incidents postings
lk.com?subject=subscribe>
X-List-Received-Date: Sat, 08 Dec 2012 21:39:36 -0000


--SFyWQ0h3ruR435lw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Sat, Dec 08, 2012 at 01:36:08PM -0800, Jeremy Kitchen wrote:
[snip]
> Also, it's always fun to find a fellow mutt user in the wild ;)

Wild? I was *livid*! [1]

Hugo (also a mutt user).

[1] https://www.youtube.com/watch?v=beCYGm1vMJ0 

-- 
=== Hugo Mills: hugo@... carfax.org.uk | darksatanic.net | lug.org.uk ===
  PGP key: 515C238D from wwwkeys.eu.pgp.net or http://www.carfax.org.uk
    --- We demand rigidly defined areas of doubt and uncertainty! ---


--SFyWQ0h3ruR435lw
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIVAwUBUMOzk79z9OVl50rAAQI70BAAgF/ZCN/NR2G2S3PwgRZPDnfMxMty7dz/
Z96FeZXcCRRnU9wKYvjdEUa2BH5tbxEp6oW7tm7VxhuWKiglL2ozl5U4VkiiCmFI
RAE4Xyf94uAtqCjBiyOocffLpD4uIn1n8jT5VlMjVbAW7aLPXOjBKUTkSTIgHgj3
dDtKkuCoblA0H+6G56qHIZ6AHO62SXGnlP/oYEC4/porEhkWNPgPpJ86A1iu/dGU
BvWIJSBJVnl1b18y60hjauUxspMmnwSAKj7cbyNfyQHwNI8jnOruPjRvJVV27a6Z
g4VYCK8+/dowa6FDXIppSpHzkh4Nu2qXQWWwvQuMjCoZ4EQ/ZBVyq8uaGxONnO56
fUiJS0BA9peBtjaMe1sMFDQrIu4GqA0fV36EVFTcXj6okxacQuQexR5+9hEJYFrh
am/l4agk7ARa2/i7lSobZvR9+gef1X0S85+0mMGkHcZBbmQ2MbG2g8G6hbuUSxgz
0ivkky3OKJoyT1bXV3kKHhFkrj41xkxHwR5PPT/0VN0C9DXY65fUgkwubKiJHm/a
jncQO0qWkIwznc7/TxxAm/dtfqVCc56S27iddiCVOcFGYuNM81+nXVYI8MyHclY+
LXKCMZUGBsP3IpHsBGrWX9FMx7ZCrok1bjA/aganFacmwS0mVkDJOnCV2daqLqIy
PZG9V093RY8=
=7iRK
-----END PGP SIGNATURE-----

--SFyWQ0h3ruR435lw-- 


From wiggly@??? Sun Dec 09 02:46:32 2012
Received: from [2001:ba8:1f1:f03f:216:4eff:fe05:ae0f] (helo=otter.wiggly.org)
    by mail.bitfolk.com with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
    (Exim 4.72) (envelope-from <wiggly@???>) id 1ThWuV-0002lW-TA
    for users@???; Sun, 09 Dec 2012 02:46:32 +0000
Received: from cpe-66-69-32-191.satx.res.rr.com ([66.69.32.191]:49597
    helo=[192.168.0.18])
    by otter.wiggly.org with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
    (Exim 4.72) (envelope-from <wiggly@???>) id 1ThWuU-0000nr-Ro
    for users@???; Sun, 09 Dec 2012 02:46:31 +0000
Message-ID: <50C3FB7E.1020107@???>
Date: Sat, 08 Dec 2012 20:46:22 -0600
From: Nigel Rantor <wiggly@???>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
    rv:16.0) Gecko/20121028 Thunderbird/16.0.2
MIME-Version: 1.0
To: users@???
References: <20121207021942.GT3867@???>
In-Reply-To: <20121207021942.GT3867@???>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam_score: -1.0
X-Spam_score_int: -9
X-Spam_bar: -
X-bitfolk.com-Metrics-Host-Lookup-Failed: Reverse DNS lookup failed for
    2001:ba8:1f1:f03f:216:4eff:fe05:ae0f (failed)
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Sun,
    09 Dec 2012 02:46:31 +0000
X-SA-Exim-Connect-IP: 2001:ba8:1f1:f03f:216:4eff:fe05:ae0f
X-SA-Exim-Mail-From: wiggly@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
    spamd1.lon.bitfolk.com
X-Spam-Level: 
X-Spam-ASN: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,SHORTCIRCUIT
    shortcircuit=ham autolearn=disabled version=3.3.1
X-Spam-Report: * -0.0 SHORTCIRCUIT Not all rules were run,
    due to a shortcircuited rule
    * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
X-SA-Exim-Version: 4.2.1 (built Mon, 22 Mar 2010 06:51:10 +0000)
X-SA-Exim-Scanned: Yes (on mail.bitfolk.com)
Subject: Re: [bitfolk] Proposal: Security incidents postings
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
    <mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
    <mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Sun, 09 Dec 2012 02:46:32 -0000



+1

Good idea.

On 06/12/12 20:19, Andy Smith wrote:
> Hello,
>
> From time to time BitFolk customer VPSes occasionally become subject
> to various kinds of compromise. Frustratingly, the kinds of
> compromise encountered are generally the result of run of the mill,
> completely preventable and unremarkable root causes.
>
> I would like to find a way to raise awareness of these very simple
> security concerns amongst the customer base, in order to hopefully
> cut down on how often they happen.
>
> I was thinking that if customers saw how often these things happen
> to people very much like themselves then it might help remove some
> of the "yeah I've heard of that but it will never happen to me"
> mindset that we all regrettably can fall into.
>
> So I was contemplating posting an email thread to this ("users")
> list every time we become aware of a customer compromise, and I was
> wondering what you thought of that idea.
>
> It might look something like this:
>
>      Today at around 04:30 we became aware of a customer VPS
>      initiating an abnormal amount of outbound SSH connections (~200

>
This message was posted to the following mailing lists:
users
Mailing List Info | Nearby Messages		<-Re: [bitfolk] Proposal: Security incidents postingsRe: [bitfolk] Proposal: Security incidents postings->
Bitfolk Mailing List Archive administrated by List AdminLurker (version 2.3)