Box-Admins August 2017

box-admins@lists.squeakfoundation.org

7 participants
5 discussions

Access to the new server(s)
by Tobias Pape 05 Apr '19

05 Apr '19

Dear all [ACTIONS AT END] with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace. Here's the overview: ======================================================================================================================= Name Name (ext) intended use Unix Users Public Ports Private Ports Public IPv4 Private IPv4 ----------------------------------------------------------------------------------------------------------------------- ian ssh.squeak.org ssh-gateway ssh 1022 22 104.130.6.82 10.208.225.29 alan *.squeak.org webserver webteam 80, 443 22 104.239.229.92 10.176.200.8 adele lists.... mailinglists (tbd) 25, 587, 465 22, 8080 162.242.237.43 10.208.160.56 andreas -------- source.squeak chrismuller* -------- 22, 8080 irrelevant 10.208.161.222 dan -------- squeaksource davidlewis* -------- 22, 8080 irrelevant 10.176.197.150 ted -------- squeak wiki+map (tbd) -------- 22, 8080, 8081 irrelevant 10.176.130.111 david -------- jenkins (tbd) -------- 22, 8080 irrelevant 10.208.194.45 scott -------- misc (tbd) -------- 22, 8080, 8081 irrelevant 10.176.199.169 ======================================================================================================================= Currently, Levente and me have sudo on all these machines. Users with * also do. Note that _no_ server exposes SSH on port 22 on a public IP. This is intentional to narrow attack vectors for script kiddies. How to login? Ian is the ssh gateway so you have to connect to ian _first_ and use (1) local forwarding or (2) proxy jumping. I have installed the Public keys from most of you for the 'ssh' user on ian. Please verify by ssh -p1022 -lssh 104.130.6.82 you should see restrict shell, no commands # (you get out with crtl-d, ctrl-c, or killing ssh) How to reach the other servers? Example for 'andreas' variant (1): Do a local forward by ssh -AN -L22221:10.176.200.8:22 -p1022 -lssh 104.130.6.82 and then ssh -lYOURNAME -p22221 localhost (-N maybe optional, but then you see 'restrict shell, no commands #') Or in your .ssh/config you can put Host ian.squeak.org User ssh Hostname 104.130.6.82 Port 1022 LocalForward 222221 10.176.200.8:22 Host andreas.squeak.org User YOURNAME Hostname localhost Port 222221 And then say 'ssh -AN ian.squeak.org' and then 'ssh andreas.squeak.org' variant (2): (a) You have OpenSSH >= 7.3 Do a Jump with ssh -J ssh@104.130.6.82:1022 YOURNAME(a)10.176.200.8 Or in your .ssh/config you can put Host ian.squeak.org User ssh Hostname 104.130.6.82 Port 1022 Host andreas.squeak.org User YOURNAME Hostname 10.176.200.8 ProxyJump ian.squeak.org And then say 'ssh andreas.squeak.org' (b) You have OpenSSH >= 5.4 Do a Jump via ssh -o ProxyCommand="ssh -lssh -p1022 -W %h:%p 104.130.6.82" YOURNAME(a)10.176.200.8 Or in your .ssh/config you can put Host ian.squeak.org User ssh Hostname 104.130.6.82 Port 1022 Host andreas.squeak.org User YOURNAME Hostname 10.176.200.8 ProxyCommand ssh -W %h:%p ian.squeak.org And then say 'ssh andreas.squeak.org' (c) You have OpenSSH < 5.4 Use variant (1) We will shortly start RSYNC-ing over data from box3 and box4 as well as replicatiing DNS entries before switching over. [ACTION REQUIRED] - Who needs access to which servers? - Do we need Jenkins anymore? As always, questions appreciated. Best regards -Tobias

8 36

Voting Mailing List
by Ron Teitelbaum 29 Aug '17

29 Aug '17

HI all, Goran asked me if he could be taken off of the voters(a)squeak.org mailing list as the moderator. I don't believe I have access to the admin console on that list. Could you remove Goran and add me instead? Thanks! Ron Teitelbaum

3 5

A place for Scratch
by tim Rowledge 28 Aug '17

28 Aug '17

Hi folks, please could you make a place on files.squeak.org where I can put a release of NuScratch ? Since it’s 5.1 based I suppose one might argue it should go under the 5.1 branch but I really don’t mind much. Thanks tim -- tim Rowledge; tim(a)rowledge.org; http://www.rowledge.org/tim USER ERROR: replace user and press any key to continue.

2 1

Re: [Box-Admins] [Board] Recent spam on the lists
by David T. Lewis 08 Aug '17

08 Aug '17

Adding the sample spam email attachment. On Mon, Aug 07, 2017 at 07:44:39AM -0400, David T. Lewis wrote: > CC box-admins > > Hi Marcel, > > I am quite sure that our lists are under attack, but as far as I know nothing > bad is actually getting getting distributed to list subscribers. > > Which lists do you see this on? I am not seeing anything that reaches the archives > on http://lists.squeakfoundation.org/pipermail/ (but maybe someone already > deleted things?). > > For what it's worth, the vm-dev-owner(a)lists.squeakfoundation.org address (which > is redirected to me) has again been under attack for the last serveral days. This > happened once before (around July 20). Levente reduced the problem by blocking > a range of addresses: > > http://lists.squeakfoundation.org/pipermail/box-admins/2017-July/002427.html > > And the attacks stopped entirely after a week or so, then resumed a few days ago. > I am attaching an example of one of the recent spam emails. > > I am not sure if this is related to whatever problem you are seeing on forum.world.st, > but my assumption is that someone is attempting to gain access to mailing lists > in order to use them for distributing spam. Presumably the source is a bot of > some kind. > > Dave > > > On Mon, Aug 07, 2017 at 10:41:48AM +0200, Marcel Taeumel wrote: > > Hi, there. > > > > Could somebody block this user "pfizerobataborsi" and delete all its postings (Aug 1 - 6)? > > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=370940 [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=37…] > > > > Same for users "eyangsemar004" and??"eyangsemar003": > > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=370954 [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=37…] > > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=370946 [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=37…] > > > > Same for user "dion": > > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=370800 [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=37…] > > > > Same for user "kusmiati88": > > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=a13532… [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=a1…] > > > > Same for user "BASERRR888": > > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=a13528… [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=a1…] > > > > ... Wait ... Basically all users that posted on this "global" location here, which dates back to June 5: > > http://forum.world.st/Smalltalk-f1294792.standard.html [http://forum.world.st/Smalltalk-f1294792.standard.html] > > > > Woah, what's happening? :-/ > > > > Best, > > Marcel > >From SRS0=9hiW=7J=lists.squeak.org=mailman-bounces(a)squeak.org Sun Aug 6 22:49:19 2017 > Return-Path: <SRS0=9hiW=7J=lists.squeak.org=mailman-bounces(a)squeak.org> > Received: from mail.squeak.org (mail.squeak.org [162.242.237.43]) > by shell.msen.com (8.14.3/8.14.3) with ESMTP id v772nJ2D079063; > Sun, 6 Aug 2017 22:49:19 -0400 (EDT) > (envelope-from SRS0=9hiW=7J=lists.squeak.org=mailman-bounces(a)squeak.org) > Received: from localhost (localhost [127.0.0.1]) > by mail.squeak.org (Postfix) with ESMTP id 5AED7BD9F0 > for <lewis(a)mail.msen.com>; Mon, 7 Aug 2017 02:49:13 +0000 (UTC) > Received: from mail.squeak.org ([127.0.0.1]) > by localhost (mail.squeak.org [127.0.0.1]) (amavisd-new, port 10024) > with ESMTP id uuqRI-hyB5s3 for <lewis(a)mail.msen.com>; > Mon, 7 Aug 2017 02:49:13 +0000 (UTC) > Received: from mail.squeak.org (localhost [IPv6:::1]) > by mail.squeak.org (Postfix) with ESMTP id 4B4C3BC63C > for <lewis(a)mail.msen.com>; Mon, 7 Aug 2017 02:49:13 +0000 (UTC) > X-Original-To: vm-dev-owner(a)lists.squeakfoundation.org > Delivered-To: vm-dev-owner(a)mail.squeak.org > Received: from localhost (localhost [127.0.0.1]) > by mail.squeak.org (Postfix) with ESMTP id 5B754BD9F0 > for <vm-dev-owner(a)lists.squeakfoundation.org>; > Mon, 7 Aug 2017 02:49:12 +0000 (UTC) > Received: from mail.squeak.org ([127.0.0.1]) > by localhost (mail.squeak.org [127.0.0.1]) (amavisd-new, port 10024) > with ESMTP id DCNKtbN7Tchy > for <vm-dev-owner(a)lists.squeakfoundation.org>; > Mon, 7 Aug 2017 02:49:12 +0000 (UTC) > Received: from cl68.com (unknown [IPv6:240e:f2:c001:eab6:1885:1ccf:2215:7cda]) > by mail.squeak.org (Postfix) with ESMTP id 5048ABC63C > for <vm-dev-owner(a)lists.squeakfoundation.org>; > Mon, 7 Aug 2017 02:49:11 +0000 (UTC) > MIME-Version: 1.0 > Date: Mon, 07 Aug 2017 10:49:05 +0800 > Message-ID: <875a72865f1358a5@8f5598c8031dbf91> > Subject: =?utf-8?Q?------=E9=9A=A9=E9=97=A8=E5=A8=81=E5=B0=BC=E6=96=AF=E4=BA=BA=E5=AE=98=E7=BD=91336468=E3=80=82C0M=E9=82=80=E6=82=A8=E4=BD=8F=E5=86=8A=E5=B6=BA=E2=91=B6?= > =?utf-8?Q?=E2=92=8F=E7=80=9B38O=E6=8F=90=E7=8E=B0=EE=A0=BE=E4=BC=BD=E7=A2=A6=E6=9C=8D=E6=89=A3:2855592926=E5=B6=BA=EE=A0=BE=E7=BA=A2=E5=AE=9D=E5=A4=A9=E5=A4=A9=E6=8A=A2?= > =?utf-8?Q?=EE=A0=BE=EE=A0=BE=E5=91=A8=E5=91=A8=E9=A2=86=E5=B7=A5=E8=B5=80=EE=A0=BE=E6=9C=88=E6=9C=88=E7=BB=99=E4=BF=B8=E7=A6=84=EF=BC=8C=E5=85=A5=E7=AA=BE=E9=A4=B82%=E9=A6=96=E5=AD=98=E5=8F=AF=E8=8E=B7=E6=9C=80=E9=AB=983888=E5=85=83?= > =?utf-8?Q?=EE=A0=BE-----?= > To: vm-dev-owner(a)lists.squeakfoundation.org > Received: from cl68.com (unknown (247.81.36.233]) > by cl68.com with SMTP id 6bb1d819-dd40-4468-9bd1-6e016a726446; > for <vm-dev-owner(a)lists.squeakfoundation.org>; Mon, 07 Aug 2017 10:49:05 +08:00 > From: =?utf-8?Q?=E6=88=90=E5=BF=A0?= <824498549(a)qq.com> > Content-Type: multipart/alternative; > boundary="f763a86d-162b-4b5f-bece-83f669b2bb79" > Errors-To: mailman-bounces(a)lists.squeak.org > Sender: "Vm-dev" <mailman-bounces(a)lists.squeak.org> > Received-SPF: Pass; receiver=msen.com; client-ip=162.242.237.43; envelope-from=<SRS0=9hiW=7J=lists.squeak.org=mailman-bounces(a)squeak.org> > Received-SPF: Pass; receiver=msen.com; client-ip=162.242.237.43; helo=mail.squeak.org > X-Keywords: > X-UID: 3332 > Status: RO > Content-Length: 220 > Lines: 7 > > --f763a86d-162b-4b5f-bece-83f669b2bb79 > Content-Type: text/html; > charset="utf-8" > Content-Transfer-Encoding: quoted-printable > > <p>=e8=bb=ba=e6=a5=82=e5=94=af=e6=a4=92=e8=96=88</p> > --f763a86d-162b-4b5f-bece-83f669b2bb79-- >

2 2

Re: [Box-Admins] [Board] Recent spam on the lists
by David T. Lewis 07 Aug '17

07 Aug '17

CC box-admins Hi Marcel, I am quite sure that our lists are under attack, but as far as I know nothing bad is actually getting getting distributed to list subscribers. Which lists do you see this on? I am not seeing anything that reaches the archives on http://lists.squeakfoundation.org/pipermail/ (but maybe someone already deleted things?). For what it's worth, the vm-dev-owner(a)lists.squeakfoundation.org address (which is redirected to me) has again been under attack for the last serveral days. This happened once before (around July 20). Levente reduced the problem by blocking a range of addresses: http://lists.squeakfoundation.org/pipermail/box-admins/2017-July/002427.html And the attacks stopped entirely after a week or so, then resumed a few days ago. I am attaching an example of one of the recent spam emails. I am not sure if this is related to whatever problem you are seeing on forum.world.st, but my assumption is that someone is attempting to gain access to mailing lists in order to use them for distributing spam. Presumably the source is a bot of some kind. Dave On Mon, Aug 07, 2017 at 10:41:48AM +0200, Marcel Taeumel wrote: > Hi, there. > > Could somebody block this user "pfizerobataborsi" and delete all its postings (Aug 1 - 6)? > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=370940 [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=37…] > > Same for users "eyangsemar004" and??"eyangsemar003": > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=370954 [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=37…] > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=370946 [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=37…] > > Same for user "dion": > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=370800 [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=37…] > > Same for user "kusmiati88": > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=a13532… [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=a1…] > > Same for user "BASERRR888": > http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=a13528… [http://forum.world.st/template/NamlServlet.jtp?macro=user_nodes&user=a1…] > > ... Wait ... Basically all users that posted on this "global" location here, which dates back to June 5: > http://forum.world.st/Smalltalk-f1294792.standard.html [http://forum.world.st/Smalltalk-f1294792.standard.html] > > Woah, what's happening? :-/ > > Best, > Marcel >From SRS0=9hiW=7J=lists.squeak.org=mailman-bounces(a)squeak.org Sun Aug 6 22:49:19 2017 Return-Path: <SRS0=9hiW=7J=lists.squeak.org=mailman-bounces(a)squeak.org> Received: from mail.squeak.org (mail.squeak.org [162.242.237.43]) by shell.msen.com (8.14.3/8.14.3) with ESMTP id v772nJ2D079063; Sun, 6 Aug 2017 22:49:19 -0400 (EDT) (envelope-from SRS0=9hiW=7J=lists.squeak.org=mailman-bounces(a)squeak.org) Received: from localhost (localhost [127.0.0.1]) by mail.squeak.org (Postfix) with ESMTP id 5AED7BD9F0 for <lewis(a)mail.msen.com>; Mon, 7 Aug 2017 02:49:13 +0000 (UTC) Received: from mail.squeak.org ([127.0.0.1]) by localhost (mail.squeak.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uuqRI-hyB5s3 for <lewis(a)mail.msen.com>; Mon, 7 Aug 2017 02:49:13 +0000 (UTC) Received: from mail.squeak.org (localhost [IPv6:::1]) by mail.squeak.org (Postfix) with ESMTP id 4B4C3BC63C for <lewis(a)mail.msen.com>; Mon, 7 Aug 2017 02:49:13 +0000 (UTC) X-Original-To: vm-dev-owner(a)lists.squeakfoundation.org Delivered-To: vm-dev-owner(a)mail.squeak.org Received: from localhost (localhost [127.0.0.1]) by mail.squeak.org (Postfix) with ESMTP id 5B754BD9F0 for <vm-dev-owner(a)lists.squeakfoundation.org>; Mon, 7 Aug 2017 02:49:12 +0000 (UTC) Received: from mail.squeak.org ([127.0.0.1]) by localhost (mail.squeak.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DCNKtbN7Tchy for <vm-dev-owner(a)lists.squeakfoundation.org>; Mon, 7 Aug 2017 02:49:12 +0000 (UTC) Received: from cl68.com (unknown [IPv6:240e:f2:c001:eab6:1885:1ccf:2215:7cda]) by mail.squeak.org (Postfix) with ESMTP id 5048ABC63C for <vm-dev-owner(a)lists.squeakfoundation.org>; Mon, 7 Aug 2017 02:49:11 +0000 (UTC) MIME-Version: 1.0 Date: Mon, 07 Aug 2017 10:49:05 +0800 Message-ID: <875a72865f1358a5@8f5598c8031dbf91> Subject: =?utf-8?Q?------=E9=9A=A9=E9=97=A8=E5=A8=81=E5=B0=BC=E6=96=AF=E4=BA=BA=E5=AE=98=E7=BD=91336468=E3=80=82C0M=E9=82=80=E6=82=A8=E4=BD=8F=E5=86=8A=E5=B6=BA=E2=91=B6?= =?utf-8?Q?=E2=92=8F=E7=80=9B38O=E6=8F=90=E7=8E=B0=EE=A0=BE=E4=BC=BD=E7=A2=A6=E6=9C=8D=E6=89=A3:2855592926=E5=B6=BA=EE=A0=BE=E7=BA=A2=E5=AE=9D=E5=A4=A9=E5=A4=A9=E6=8A=A2?= =?utf-8?Q?=EE=A0=BE=EE=A0=BE=E5=91=A8=E5=91=A8=E9=A2=86=E5=B7=A5=E8=B5=80=EE=A0=BE=E6=9C=88=E6=9C=88=E7=BB=99=E4=BF=B8=E7=A6=84=EF=BC=8C=E5=85=A5=E7=AA=BE=E9=A4=B82%=E9=A6=96=E5=AD=98=E5=8F=AF=E8=8E=B7=E6=9C=80=E9=AB=983888=E5=85=83?= =?utf-8?Q?=EE=A0=BE-----?= To: vm-dev-owner(a)lists.squeakfoundation.org Received: from cl68.com (unknown (247.81.36.233]) by cl68.com with SMTP id 6bb1d819-dd40-4468-9bd1-6e016a726446; for <vm-dev-owner(a)lists.squeakfoundation.org>; Mon, 07 Aug 2017 10:49:05 +08:00 From: =?utf-8?Q?=E6=88=90=E5=BF=A0?= <824498549(a)qq.com> Content-Type: multipart/alternative; boundary="f763a86d-162b-4b5f-bece-83f669b2bb79" Errors-To: mailman-bounces(a)lists.squeak.org Sender: "Vm-dev" <mailman-bounces(a)lists.squeak.org> Received-SPF: Pass; receiver=msen.com; client-ip=162.242.237.43; envelope-from=<SRS0=9hiW=7J=lists.squeak.org=mailman-bounces(a)squeak.org> Received-SPF: Pass; receiver=msen.com; client-ip=162.242.237.43; helo=mail.squeak.org X-Keywords: X-UID: 3332 Status: RO Content-Length: 220 Lines: 7 --f763a86d-162b-4b5f-bece-83f669b2bb79 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable <p>=e8=bb=ba=e6=a5=82=e5=94=af=e6=a4=92=e8=96=88</p> --f763a86d-162b-4b5f-bece-83f669b2bb79--

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Box-Admins August 2017