I don't even know if I can answer that. As Debian's firmware even in sid is
ancient I'm using the ones from kernel.org, so the old firmware can't
really be the issue like the gitlab entry suggests. But my issue always was
that it only happened when I least expected it. It never was reproducible
by
On Wed Jul 3 11:56:12 2024 Greg Marks wrote:
> I'm not sure if this is related, but a couple years ago I had multiple
> computer freezes possibly caused by nouveau. The screen froze; the
> keyboard and mouse were unresponsive. (If I remember correctly, the
> mouse pointer could be moved
If it is of any interest...
Two of us are using AMDGPU for Radeon RX 7700 (one computer) and RX 6600 (four
computers). Two computers have XFCE the other have KDE (no Gnome).
The Radeon RX 7700 runs Arch Linux, the other Debian 12 (Bookworm), all kept up
to date.
A while ago we had a few lock
On 02/07/24 at 22:23, Van Snyder wrote:
I updated another computer with an NVidia Quadro graphics card. NVidia
says the Debian nvidia-driver package works -- but it's not part of the
default net-install, and apt-get refuses to install it. And it refuses
to install the nvidia-tesla drivers. I
On 2024-07-03 Wed 19:31 UTC+0800, Richard said:
Have the same issue, though it's pretty much impossible to reproduce it
reliably. But it seems to be a general issue with the AMDGPU driver in
Linux 6.1+:
https://bbs.archlinux.org/viewtopic.php?id=292673=2
Have the same issue, though it's pretty much impossible to reproduce it
reliably. But it seems to be a general issue with the AMDGPU driver in
Linux 6.1+:
https://bbs.archlinux.org/viewtopic.php?id=292673=2
It also seems to already have an official tracker:
> > My problem is that sometimes the screen just freezes entirely, and I have to
> > switch to another TTY and back in order to get it unstuck. But the same
> > freeze will usually happen again after I get the things unstuck. Restart my
> > PC doesn't fix the problem.
>
> I have a similar
On Wed, 2024-07-03 at 03:37 +0800, CToID wrote:
> I wonder if any of you who is using an AMD GPU (especially newer
> ones)
> has encountered the same problem as I do.
>
> My problem is that sometimes the screen just freezes entirely, and I
> have to switch to another TTY and back in order to
Hello folks,
I wonder if any of you who is using an AMD GPU (especially newer ones)
has encountered the same problem as I do.
My problem is that sometimes the screen just freezes entirely, and I
have to switch to another TTY and back in order to get it unstuck. But
the same freeze will
On Tue, Mar 26, 2024 at 7:12 PM Björn Persson wrote:
>
> Jeffrey Walton wrote:
> > For what you want to do, and if I am parsing it correctly... I would
> > write a daemon in C [...]
>
> Only in the unlikely case that both RNGD and SCDrand turn out unsuitable
> somehow. Writing and compiling a
Jeffrey Walton wrote:
> For what you want to do, and if I am parsing it correctly... I would
> write a daemon in C [...]
Only in the unlikely case that both RNGD and SCDrand turn out unsuitable
somehow. Writing and compiling a daemon is no less work than compiling
an already written daemon.
>
t; able to extract the entropy from the card, and then use it to seed
> > /dev/{u}random.
>
> This job requires a daemon. OpenSSL is a library. Or do you mean its
> command-line tool? So how would I tell that to fetch random data
> through PKCS #11?
>
> GnuPG at least has a da
figure it can be used with devices it supports even if there are some
other devices it doesn't support – but it looks like I'd have to build
it from source myself.
> OpenSSL and GnuPG should be
> able to extract the entropy from the card, and then use it to seed
> /dev/{u}random.
This job requires
On Mon, Mar 25, 2024 at 4:33 PM Björn Persson wrote:
>
> In a quest to acquire hardware random number generators for seeding
> /dev/random on servers that lack a built-in entropy source, I'm
> investigating how random data can be obtained from a security key such
> as a Ni
Andy Smith wrote:
> EntropyKey is a dead product that can no longer be obtained
I've seen several like that. They're permanently sold out, or the
webshops are abandoned and half-broken. Pure random number generators
that are actually possible to buy are rare. That's why I'm
investigating whet
On Mon, Mar 25, 2024 at 06:09:02PM -0400, e...@gmx.us wrote:
> On 3/25/24 17:27, Andy Smith wrote:
> > The thread covers how to make rngd feed /dev/random from a OneRNG in
> > Debian 12, but it is no longer possible to tell if that does
> > anything useful.
>
> If not f
On 3/25/24 17:27, Andy Smith wrote:
The thread covers how to make rngd feed /dev/random from a OneRNG in
Debian 12, but it is no longer possible to tell if that does
anything useful.
If not from devices like this, from where does Debian get its randomness?
--
For is it not written
Hi,
On Mon, Mar 25, 2024 at 09:24:23PM +0100, Björn Persson wrote:
> Does anyone know of another way to obtain random data from devices of
> this kind?
I have some EntropyKeys and some OneRNGs. I have the rngd packaged
in Debian feeding /dev/random from them.
This had an actual noti
Hello!
In a quest to acquire hardware random number generators for seeding
/dev/random on servers that lack a built-in entropy source, I'm
investigating how random data can be obtained from a security key such
as a Nitrokey, Yubikey or a similar device.
RNGD version 6 from https://github.com
David Christensen writes:
On 2/12/24 08:30, Linux-Fan wrote:
David Christensen writes:
On 2/11/24 02:26, Linux-Fan wrote:
I wrote a program to automatically generate random bytes in multiple threads:
https://masysma.net/32/big4.xhtml
What algorithm did you implement?
I copied
On 2/12/24 08:30, Linux-Fan wrote:
David Christensen writes:
On 2/11/24 02:26, Linux-Fan wrote:
I wrote a program to automatically generate random bytes in multiple
threads:
https://masysma.net/32/big4.xhtml
What algorithm did you implement?
I copied the algorithm from here:
https
On Mon, Feb 12, 2024 at 3:02 PM Linux-Fan wrote:
>
> David Christensen writes:
>
> > On 2/11/24 02:26, Linux-Fan wrote:
> >> I wrote a program to automatically generate random bytes in multiple
> >> threads:
> >> https://masysma.net/32/big4.xhtml
> &
David Christensen writes:
On 2/11/24 02:26, Linux-Fan wrote:
I wrote a program to automatically generate random bytes in multiple threads:
https://masysma.net/32/big4.xhtml
Before knowing about `fio` this way my way to benchmark SSDs :)
Example:
| $ big4 -b /dev/null 100 GiB
| Ma_Sys.ma Big
On 2/11/24 02:26, Linux-Fan wrote:
I wrote a program to automatically generate random bytes in multiple
threads:
https://masysma.net/32/big4.xhtml
Before knowing about `fio` this way my way to benchmark SSDs :)
Example:
| $ big4 -b /dev/null 100 GiB
| Ma_Sys.ma Big 4.0.2, Copyright (c) 2014
+0 records out
1073741824 bytes (1.1 GB, 1.0 GiB) copied, 3.0122 s, 356 MB/s
Now lets do it right and use random..
dd if=/dev/random of=/dev/null bs=1M count=1K
1024+0 records in
1024+0 records out
1073741824 bytes (1.1 GB, 1.0 GiB) copied, 2.9859 s, 360 MB/s
Secure Random can
Hi,
Linux-Fan wrote:
> I wrote a program to automatically generate random bytes in multiple
> threads:
> https://masysma.net/32/big4.xhtml
> ...
> || Wrote 102400 MiB in 13 s @ 7812.023 MiB/s
That's impressive.
> Secure Random can be obtained from OpenSSL:
>
> | $ time
+262=1,002 MB/s
5 225+214+210+224+225=1,098 MB/s
6 223+199+199+204+213+205=1,243 MB/s
7 191+209+210+204+213+201+197=1,425 MB/s
8 205+198+180+195+205+184+184+189=1,540 MB/s
I wrote a program to automatically generate random bytes in multiple threads:
https://masysma.net/32
On 25/09/2023 00:27, Greg Wooledge wrote:
On Sun, Sep 24, 2023 at 01:05:32PM -0400, Dan Ritter wrote:
Tom Browder wrote:
Every time I set up a new host, I have to jump through the hoops trying to
get the same PATH for ordinary users as well as root, regardless of how
they log in. Reading the
davidson wrote:
> Debian Bug #1041007
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041007#10
Yes, that seems to be exactly my problem. So it's not intentionally
disabled. Then I can hope that it may be fixed some day. Thanks for
your help.
Björn Persson
pgpRmFKPdRagm.pgp
Description:
On Mon, 14 Aug 2023 Björn Persson wrote:
David Wright wrote:
On Mon 14 Aug 2023 at 11:26:13 (+0200), Björn Persson wrote:
Other functions in the same source file create /dev/tpm0, and it looks
like the random number generator should get registered together with
the TPM. It's conditional
David Wright wrote:
> On Mon 14 Aug 2023 at 11:26:13 (+0200), Björn Persson wrote:
> > Other functions in the same source file create /dev/tpm0, and it looks
> > like the random number generator should get registered together with
> > the TPM. It's conditional on CONFIG_HW_RA
On Mon 14 Aug 2023 at 11:26:13 (+0200), Björn Persson wrote:
> Other functions in the same source file create /dev/tpm0, and it looks
> like the random number generator should get registered together with
> the TPM. It's conditional on CONFIG_HW_RANDOM_TPM. Where can I check
&g
are TPM that comes with newer
> > Ryzen processors. Older Ryzens supposedly don't have it. The processor
> > in my APU2 is a GX-412TC, not a Ryzen at all, and my TPM is a discrete
> > chip from Infineon. The change in question is supposed to disable the
> > random number generato
unctions in the same source file create /dev/tpm0, and it looks
like the random number generator should get registered together with
the TPM. It's conditional on CONFIG_HW_RANDOM_TPM. Where can I check
the value of that option?
Björn Persson
pgperdoICnD28.pgp
Description: OpenPGP digital signatur
supposedly don't have it. The processor
> in my APU2 is a GX-412TC, not a Ryzen at all, and my TPM is a discrete
> chip from Infineon. The change in question is supposed to disable the
> random number generator only if the TPM lists AMD as its manufacturer.
I agree that the patch looks ok, but I
my TPM is a discrete
chip from Infineon. The change in question is supposed to disable the
random number generator only if the TPM lists AMD as its manufacturer.
Björn Persson
pgpeOz3MAeGrY.pgp
Description: OpenPGP digital signatur
On Sun, Aug 13, 2023 at 5:13 AM Björn Persson wrote:
>
> Hello, I upgraded from Debian 11 to Debian 12, and my random number
> generator disappeared.
>
> When I boot vmlinuz-5.10.0-23-amd64, there are two hardware random
> number generators available:
>
> # cat /
Hello, I upgraded from Debian 11 to Debian 12, and my random number
generator disappeared.
When I boot vmlinuz-5.10.0-23-amd64, there are two hardware random
number generators available:
# cat /sys/class/misc/hw_random/rng_available
ccp-1-rng tpm-rng-0
ccp-1-rng is nonfunctional because AMD's
Le mardi 31 janvier 2023 à 11:49 +0100, didier gaumet a écrit :
>
> *hypothèses* (vu mes connaissances sur le sujet) :-) :
>
> - ton lien vers /var est *peut-être* la cause parce qu'il serait
> présent
C'est bien la cause.
> en situation ordinaire mais absent lors du début du boot?
> - donc
Le mardi 31 janvier 2023 à 11:42 +0100, Basile Starynkevitch a écrit :
>
>
> A mon avis le problème est là! Avoir mis un lien symbolique sur /var
> est probablement une mauvaise idée!
>
Probablement.
> Toutes les fois où (sous Debian comme Ubuntu) /var est un lien
> symbolique (vers un autre
Le 31/01/2023 à 10:37, Christophe Maquaire a écrit :
Moui mais:
- Il n'y a pas de raison, même si l'entropie générée est faible, que le
service ne démarre pas correctement, j' ai vérifié sur d'autres
machines (bon en stable, certes), et c'est un service "standard" de
systemd installé par debian
On 31/01/2023 10:48, Christophe Maquaire wrote:
Le lundi 30 janvier 2023 à 13:13 +0100, ajh-valmer a écrit :
Bonjour et merci de t'être peché sur la question
Désolé, ce lien (désolé sur Ubuntu) semble répondre à la question :
ice; donc en continuant ma reflexion je me dis qu'il
faudrait que je sache comment faire pour que l'execution du service
soit postérieure au montage complet de l'arborescence.
Bon, bin je vais regarder de plus près cette section de systemd-random-
seed.service, bien que ça sorte largement de mon domaine d
as been mounted writable. Many
> system
> services require entropy much earlier than this — this service is
> hence
> of limited use for complex system. It is recommended to use a
> bootloader that can pass an initial random seed to the kernel to
> ensure
> that entropy is av
e depuis un certain temps (plusieurs années)
> J'ai un souci avec le service systemd-random-seed (depuis plusieurs mois)
> root@salicyline:~# systemctl status --failed
> Son démarrage échoue systematiquement au boot, mais tout se passe bien
> ensuite...
> Il semble qu'il y ait un p
Le lundi 30 janvier 2023 à 11:12 +0100, Christophe Maquaire a écrit :
> Bonjour la liste,
>
> J'ai une machine en unstable depuis un certain temps (plusieurs
> années)
>
> J'ai un souci avec le service systemd-random-seed (depuis plusieurs
> mois)
[...]
> janv. 30 10:
Bonjour la liste,
J'ai une machine en unstable depuis un certain temps (plusieurs années)
J'ai un souci avec le service systemd-random-seed (depuis plusieurs
mois)
root@salicyline:~# systemctl status --failed
× systemd-random-seed.service - Load/Save Random Seed
Loaded: loaded (/lib
On Sun 31 Jul 2022 at 17:19:22 (+0100), Piscium wrote:
> On Sun, 31 Jul 2022 at 13:49, David wrote:
>
> > > It seems like preseeding requires the building of an iso? If so that
> > > is not I was looking for as there is a bit of work to do that that!
> >
> > You haven't explained what you're
On Sun, 31 Jul 2022 10:01:11 +0100
Piscium wrote:
> It seems like preseeding requires the building of an iso? If so that
> is not I was looking for as there is a bit of work to do that that!
That is one of several ways to do it. You can script building the ISO,
of course, to automate it.
I
On Sun, 31 Jul 2022 at 13:49, David wrote:
> > It seems like preseeding requires the building of an iso? If so that
> > is not I was looking for as there is a bit of work to do that that!
>
> You haven't explained what you're thinking, or why, but it sounds wrong.
> Most people would preseed a
> > │
> > │ 100%
> > │
> > │
> > │
> > │ The installer is now overwriting SCSI1 (0,0,0), partition #5 (sda)
> > │
> > │ with random data to prevent meta-information leaks from the encrypted
> > │
> > │ volume. This step may be
org/DebianInstaller/Preseed
> > │ The installer is now overwriting SCSI1 (0,0,0), partition #5 (sda)
> > │
> > │ with random data to prevent meta-information leaks from the encrypted
> > │
> > │ volume. This step may be skipped by cancelling this a
100% │
> │ │
> │ The installer is now overwriting SCSI1 (0,0,0), partition #5 (sda) │
> │ with random data to prevent meta-information leaks from the encrypted │
> │ volume. This ste
On Fri 29 Jul 2022 at 19:19:43 (+0100), Piscium wrote:
> When using netinst iso to install Debian, one is offered the
> possibility of guided install with encrypted LVM. if such a choice is
> made the installer fills the partition with random data. That is
> generally the correct
On 7/29/22 11:19, Piscium wrote:
When using netinst iso to install Debian, one is offered the
possibility of guided install with encrypted LVM. if such a choice is
made the installer fills the partition with random data. That is
generally the correct thing to do but in some cases
Am Fri, 29 Jul 2022 19:19:43 +0100
schrieb Piscium :
> Is there a way to disable that?
You can immediately cancel it after it started.
When using netinst iso to install Debian, one is offered the
possibility of guided install with encrypted LVM. if such a choice is
made the installer fills the partition with random data. That is
generally the correct thing to do but in some cases that is not needed
or desired
i filed a bug report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014394
greetings...
in the host and guest, respectively,
and everything seems to be fine, so far...
i still get the occasional
Jul 05 10:39:28 vmguest kernel: hrtimer: interrupt took 92917571 ns
kernel message, but otherwise it's quiet, and no more random process
crashes.
so, this seems to be an issue introduced
hey,
thanks for the hint! :)
i have the same kernel versions you have, but only tried the 5.10.0-14
kernel version in the guest, but not on the host... m(
i will try the 5.10.0-14 kernel on the host later this afternoon... let's
see, if it helps...
greetings...
Hello Michael,
I am seeing a similar issue but only when using the kernel
5.10.0-15-amd64 on the virtual host.
I run Firefox inside a virtual machine. Both the host and the virtual
guest run Debian Bullseye and both are fully patched.
If I run the following setup then everything is OK
Host:
hey,
i run debian 11 on both host and guest and experience random process
crashes in virtual box guests under load. i.e. just reading a lot of files
from any disk on the host system causes the guests to randomly crash a
process...
e.g. if i move a large file
# mv -nv
or if i do just
On 2022-06-15 15:10:17 +0200, Vincent Lefevre wrote:
> They set LogLevel to DEBUG, which explains that the debug3() message
> doesn't appear. They can see debug lines when my connection succeeds,
> but nothing in case of immediate failure. So this would mean that it
> is the pipe() from
On 2022-06-15 03:48:38 +0200, Vincent Lefevre wrote:
> The source from misc.c is
>
> int
> unset_nonblock(int fd)
> {
> int val;
>
> val = fcntl(fd, F_GETFL);
> if (val < 0) {
> error("fcntl(%d, F_GETFL): %s", fd, strerror(errno));
> return
On 2022-06-14 19:17:01 +0100, Tim Woodall wrote:
[MaxStartups limit]
> In the case where I hit it it was a cron job starting an ssh connection
> from multiple machines - 'out of hours' where 'convenience' was more
> valuable than 'performance'.
Note that I get the errors at ran
On Tue, 14 Jun 2022, Vincent Lefevre wrote:
On 2022-06-07 17:19:12 +0100, Tim Woodall wrote:
On Tue, 7 Jun 2022, Vincent Lefevre wrote:
I eventually did a packet capture on the client side as I was able to
reproduce the problem. When it occurs, I get the following sequence:
Client ? Server:
On 2022-06-07 17:19:12 +0100, Tim Woodall wrote:
> On Tue, 7 Jun 2022, Vincent Lefevre wrote:
> > I eventually did a packet capture on the client side as I was able to
> > reproduce the problem. When it occurs, I get the following sequence:
> >
> > Client ? Server: [SYN] Seq=0
> > Server ?
On Tue, 7 Jun 2022, Vincent Lefevre wrote:
On 2022-02-05 18:39:27 -0300, Henrique de Moraes Holschuh wrote:
If it is sshd, ensure it is actually logging all you need, and carefully
study the logs.
Nothing interesting in the logs, according to the admins of the server.
If nothing helps,
On 2022-02-05 18:39:27 -0300, Henrique de Moraes Holschuh wrote:
> If it is sshd, ensure it is actually logging all you need, and carefully
> study the logs.
Nothing interesting in the logs, according to the admins of the server.
> If nothing helps, packet-dump both sides (client and server) and
On 4/5/2022 3:30 AM, to...@tuxteam.de wrote:
You gotta be careful: kicking out an IP for just one login failure
might shut *you* out because you forgot to ssh-add your key (or because
you mistyped your password once). OTOH, if "they" keep changing their
IP address for each retry, you
On Tue 05 Apr 2022 at 03:01:30 (-0400), gene heskett wrote:
> mail2world, whom shentel uses as a mailserver, running dovecot could do a
> better job of filtering that, but I probably field 2 to 4 such emails
> that aren't actually addressed to me a day. I don't understand the
> mechanism that
On Tue, Apr 05 2022 at 09:23:11 AM, wrote:
> On Tue, Apr 05, 2022 at 03:01:30AM -0400, gene heskett wrote:
>> On Tuesday, 5 April 2022 01:46:32 EDT to...@tuxteam.de wrote:
>
> [fail2ban]
>
>> Well, it seems to me that if something as automatic as fail2ban were to
>> be used, its better use would
tomas writes:
> Yes, some providers would get my "trusted" badge. Don't know much
> about those two, though.
Pobox is owned by Fastmail, which has been in business for more than
twenty years. They were recommended by several friends. Email is their
only business. Gandi has also been in
On Tue, Apr 05, 2022 at 09:28:00AM -0500, John Hasler wrote:
> I wrote:
> > Too late. Note the part about POP3. The upstream MTA is Pobox or
> > Gandi. They have already completed the SMTP transaction with the sender.
> > Any anti-spam efforts involving SMTP termination are in their hands.
>
>
I wrote:
> Too late. Note the part about POP3. The upstream MTA is Pobox or
> Gandi. They have already completed the SMTP transaction with the sender.
> Any anti-spam efforts involving SMTP termination are in their hands.
tomas writes:
> That's why I run my own MTA :)
I did that for many years.
writes:
> On Tue, Apr 05, 2022 at 08:09:10AM -0500, John Hasler wrote:
>> tomas writes:
>> > The only credible action left is to decide while the SMTP transaction
>> > is in process, and to terminate it early. Then, the upstream MTA will
>> > notice that something went wrong.
>>
>> > Most MTAs
On Tue, Apr 05, 2022 at 08:09:10AM -0500, John Hasler wrote:
> tomas writes:
> > The only credible action left is to decide while the SMTP transaction
> > is in process, and to terminate it early. Then, the upstream MTA will
> > notice that something went wrong.
>
> > Most MTAs these days support
tomas writes:
> The only credible action left is to decide while the SMTP transaction
> is in process, and to terminate it early. Then, the upstream MTA will
> notice that something went wrong.
> Most MTAs these days support this option.
Too late. Note the part about POP3. The upstream MTA is
On Tuesday, 5 April 2022 03:23:11 EDT to...@tuxteam.de wrote:
> On Tue, Apr 05, 2022 at 03:01:30AM -0400, gene heskett wrote:
> > On Tuesday, 5 April 2022 01:46:32 EDT to...@tuxteam.de wrote:
> [fail2ban]
>
> > Well, it seems to me that if something as automatic as fail2ban were
> > to be used,
On Tue, Apr 05, 2022 at 03:01:30AM -0400, gene heskett wrote:
> On Tuesday, 5 April 2022 01:46:32 EDT to...@tuxteam.de wrote:
[fail2ban]
> Well, it seems to me that if something as automatic as fail2ban were to
> be used, its better use would be in the router, stopping such before it
> reaches
On Tuesday, 5 April 2022 01:46:32 EDT to...@tuxteam.de wrote:
> On Mon, Apr 04, 2022 at 03:44:24PM -0400, gene heskett wrote:
> > On Monday, 4 April 2022 12:03:59 EDT to...@tuxteam.de wrote:
> > > On Mon, Apr 04, 2022 at 11:51:47AM -0400, gene heskett wrote:
> [...]
>
> > Tomas, I've had fail2ban
On Mon, Apr 04, 2022 at 04:03:57PM -0500, John Hasler wrote:
> Joe writes:
> > Generally, 'impossible' email names are aimed at situations where an
> > in-house SMTP server downloads domain email from an external POP3
> > server,
>
> I do exactly that, except for the bounce part. All incoming
On Mon, Apr 04, 2022 at 03:44:24PM -0400, gene heskett wrote:
> On Monday, 4 April 2022 12:03:59 EDT to...@tuxteam.de wrote:
> > On Mon, Apr 04, 2022 at 11:51:47AM -0400, gene heskett wrote:
[...]
> Tomas, I've had fail2ban installed and running since wheezy. I don't
> believe that in all that
Nicholas Geovanis writes:
> On Mon, Apr 4, 2022 at 12:27 PM Joe Pfeiffer wrote:
>
> It's software written by folks who sometimes know what they're doing.
> There are only so many Kevin Mitnick's and Phyber Optik's in the world at
> time
> :-)
For which we're all grateful!
> > So here's
Joe writes:
> Generally, 'impossible' email names are aimed at situations where an
> in-house SMTP server downloads domain email from an external POP3
> server,
I do exactly that, except for the bounce part. All incoming mail
regardless of recipient is handed to spamassassin which disposes of
On Mon, 04 Apr 2022 07:40:47 -0600
Joe Pfeiffer wrote:
> This isn't really debian-specific, but I don't know a better place to
> ask... recently, I've been having servers make a large number of
> attempts to access my mail host using what appear to be random strings
> as usernames
without limits and (b) IP addresses
> get a second chance (useful in the case they land in the hands of
> an admin with a clue).
>
> Since those attacks are pretty well distributed since a while (meaning
> that they come from many random IPs), the real question is: do the
>
On Mon, Apr 04, 2022 at 12:53:34PM -0400, gene heskett wrote:
[...]
> One of the things I've noted about bullseye, is that apache2 is no longer
> generating the "other" logs like it did for stretch for many years. That
> was where all the bots wound up and I'm guessing there must be north of
aving servers make a large number of
> > attempts to access my mail host using what appear to be random strings
> > as usernames -- it looks like this:
> >
> > Apr 4 03:04:30 snowball saslauthd[1179]: pam_unix(:auth): check pass;
> user unknown
> > Apr 4 03:04:30 s
Nicholas Geovanis writes:
> On Mon, Apr 4, 2022 at 9:06 AM Joe Pfeiffer wrote:
>
> This isn't really debian-specific, but I don't know a better place to
> ask... recently, I've been having servers make a large number of
> attempts to access my mail host using what appe
without limits and (b) IP addresses
> get a second chance (useful in the case they land in the hands of
> an admin with a clue).
>
> Since those attacks are pretty well distributed since a while (meaning
> that they come from many random IPs), the real question is: do the
>
a clue).
Since those attacks are pretty well distributed since a while (meaning
that they come from many random IPs), the real question is: do the
IPs repeat sufficiently to justify the (manual or automated) effort?
If an IP only repeats after, say, 10^4 or 10^5 attempts, I'd say "nah&q
On Mon, Apr 4, 2022 at 9:06 AM Joe Pfeiffer wrote:
> This isn't really debian-specific, but I don't know a better place to
> ask... recently, I've been having servers make a large number of
> attempts to access my mail host using what appear to be random strings
> as usernames -- i
mail host using what appear to be random
> > strings
> > as usernames -- it looks like this:
> >
> > They all have the same form: > random>.f...@pfeifferfamily.net
>
> That pattern is the Message-ID field generated by Emacs message-mode
> (or some compone
> NOTES: all risk is your responsiblity ;;;
Please take tomas' message: (better way)
https://lists.debian.org/debian-user/2022/04/msg00128.html
Sincerely, Linux fan Byung-Hee
--
^고맙습니다 _救濟蒼生_ 감사합니다_^))//
my mail host using what appear to be random strings
> > as usernames -- it looks like this:
>
> > They all have the same form: .f...@pfeifferfamily.net
>
> That pattern is the Message-ID field generated by Emacs message-mode (or
> some component under it). Just look at yo
Joe Pfeiffer writes:
> This isn't really debian-specific, but I don't know a better place to
> ask... recently, I've been having servers make a large number of
> attempts to access my mail host using what appear to be random strings
> as usernames -- it looks like this:
>
&g
Teemu writes:
> I would guess that someone has tried to automatically collect a lot of
> email addresses and ended up getting also those message id's. Then an
> attacker tries to intrude with those addresses.
Web sites insisting on using email addresses as user names is one of the
many pernicious
* 2022-04-04 07:40:47-0600, Joe Pfeiffer wrote:
> This isn't really debian-specific, but I don't know a better place to
> ask... recently, I've been having servers make a large number of
> attempts to access my mail host using what appear to be random strings
> as usernames -- i
On Mon, Apr 04, 2022 at 07:40:47AM -0600, Joe Pfeiffer wrote:
> This isn't really debian-specific, but I don't know a better place to
> ask... recently, I've been having servers make a large number of
> attempts to access my mail host using what appear to be random strings
>
1 - 100 of 800 matches
Mail list logo