Jump to content

N0TIC

Member
  • Posts

    8
  • Joined

  • Last visited

Awards

This user doesn't have any awards

1 Follower

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Here’s my TRS-80 and my ibm x61 (it’s currently my NAS/pihole server).
  2. Neither! Go grab an old computer from the closet and put a couple NICs in it and a WiFi adaptor. Install Linux dhcpcd and hostapd. Configure your firewall and be glad that you won’t have to worry about your router becoming part of someone’s botnet.
  3. I’ve never grounded myself while building a pc, but then again I live in Florida where it’s really humid. If I was worried though, I’d just discharge myself through the power supply chassis or a nearby water pipe. I wouldn’t worry about it too much.
  4. Unforunatly the the best knowledge you can get would be from setting up your own email server. You can look for something like “hardening email servers” or “system administration” but really the best way is to dig in. Go grab a cheap vm from a place like linnode or digital ocean and check out ispconfig for articles on how to get started. After a few years you’ll likely have a better skill set then you can get from a class room.
  5. Back when I ran an email server I’d basically trust nothing but the headers that connected to my server and the smtp server logs. If you don’t have access to the smtp server logs then you can be reasonably sure the ip is valid. Look up the ip and if your server isn’t hardened enough you may find the ip from a dsl or cable connection, or an open relay somewhere. I use to get tons of spam from misconfigured Apache web servers in various third world nations like Iran. These servers generally had misconfigured relaying rules that accepted whatever you threw at them. Rarely, did I get a misconfigured spf but it happened sometimes, so check for an bad spf record on the relay server. You can try to contact the owner of the server that relayed the email but it’s likely that they will ignore you; this is what I ran into when running email servers for 5ish years. You contact the owner and the owner wouldnt reply, so all you can do is blacklist their email and put it on one of the widely known spam lists like spamcop.
  6. They basically forge the headers in th email. Use your email client to open the raw email and you can see how easily one can just type in whatever ip addresses and domains. The email server which accepts the email generally inspects the ip and domains that the “connected client” is claiming it’s from but this inspection isnt perfect. The remaining of the header before the “connected client” can’t easily be checked for validity. This is how spamming works. Essentially the client lies about where the email came from by using a bunch of fake routes. One mechanism people have been using to try to prevent this are to include a DKIM signature within the header which insures that all routes are valid, but not every isp uses them so servers are usually setup to just warn the user when a hash doesn’t match or if the email is missing a hash.
  7. Interesting I just got this email today and the password didn’t match the email they sent it to. I use a catch all for one of my email domains and it looks like one of the databases was from rent-a-coder. Rent a coder is like guru.com (they have code development gigs listed). I had to change all of my passwords as the password in the email was one I used in quite a few places. I won’t be making that mistake again. Now each login has another password and everything had two factor authentication. ill be keeping an eye on this thread.
×