GNU/Linux

.Best TLD - Spam Like the Best

I’ve made the decision to go ahead and block another one of those pesky new gTLDs that are seemingly exclusively used by malicious actors. Email delivery from .best domains will no longer get past any spam filter under my control.

Enterprise support for Slackware

As a managed service provider (MSP) we’re using an off the shelf remote monitoring and management (RMM) platform. Recently, and just for curiosity’s sake, I decided to take a closer look at the Linux agent offered by this platform. I’ll admit to being somewhat shell-shocked when I discovered that the installer had Slackware Linux on the list of supported distributions.

The joys of cloud computing

Yesterday, my Scaleway hosted VPS was scheduled for migration to another physical server. According to Scaleway, the expected downtime was only a few minutes. The maintenance was scheduled to begin at 10:00 UTC, so I was expecting the server to be available when I tried to connect over SSH at 11:30 UTC. Unfortunately, there was no sign of life to be found.

Blogger.com powered cryptocurrency scam

Over the last several months, I’ve seen a steady flow of spam emails containing only a single line of text encouraging recipients to visit a blogspot.com address. Should the recipient choose to follow the link, they would soon find themselves on a cryptocurrency scam site with amazing propositions.

.ICU TLD - I See You Spammer

ICANN’s decision to cash in and allow an unlimited number of new gTLDs has provided us with several new TLDs used predominantly for criminal purposes by malicious actors. My inbound mail servers have been flooded with spam from thousands of .icu domains for the better part of 2019.

The Slackware Linux Patreon page is officially confirmed

Patrick Volkerding has finally confirmed the authenticity of the Slackware Linux Patreon page in a post over at LinuxQuestions.org.

After the Slackware Patreon page was initially discovered in mid-June 2019, it has been the source of quite a bit of debate regarding its authenticity. Anyhow, with that question out of the way, the bigger question now is whether there is still enough interest in Slackware Linux to make it a sustainable business for Mr. Volkerding.

A digital ocean of bots

Last week I noticed yet another ongoing brute-force attack against our managed WordPress hosting. The botnet is very low key and each bot connects on average only once per day. Up until now, I’ve collected in the ballpark of 3100 unique bots.

How to enable TLS 1.3 on Gentoo Linux

I figured it was about time for this Gentoo powered blog to enjoy the security and performance enhancements provided by TLSv1.3. However, that meant leaving “Gentoo stable” behind and travel on a journey of discovery into the land of the unmasked and dangerous.

An insignificant WordPress brute-force attack

Earlier this week I noticed a minor brute-force attack against our managed WordPress hosting. The attack lasted for 72 hours and deployed around 2000 unique bots. The botnet attempted on average 100 logins per hour while rotating bots to avoid triggering our automatic defense systems.