Email or username:

Password:

Forgot your password?
Top-level
leo vriscrab² (homestuck) :dado_verified:

@mcc did you know that Germany will email you if you have an open telnet server

17 comments
mcc

@leo is this a joke. like the german government

leo vriscrab² (homestuck) :dado_verified:

@mcc unless that was a joke which i just realized it might have been

Sven

@leo @mcc It's not, they do that (for Telnet and a bunch of other things like open database servers). Usually not directly, but rather they email the admin contacts of the IP address blocks, who are then asked/in some cases in principle legally required to tell their customers in turn.

Dan Cassidy 🦌

@HeNeArXn @leo @mcc Is this the BND (German CIA) or some other branch of the government? Because I remember the BND being quite proactive in protecting civilians from hacking attacks in the early 2000s and it's good to hear if that's still the case.

Maxi 10x 💉

@whimsy @HeNeArXn @leo @mcc The BND is for exterior espionage, if this warning procedure is still ongoing it would be the BSI (Bundesamt für Sicherheit in der Informationstechnik).

leo vriscrab² (homestuck) :dado_verified:

@HeNeArXn I meant that @mcc's reply could've been read as calling the German government a joke

mcc

@HeNeArXn @leo no sorry I just legitimately had not heard of this before


@HeNeArXn @leo @mcc I also hadn't heard this. In such a case, what information are they asked/required to provide to their customers? (Surely not the address of the open server...?)

Sven

@1358531 @mcc BSI emails owner of the IP range, owner of the IP range looks up if they can match the IP to a customer (i.e. it's a statically assigned one and not a dynamic pool) and if they can they email the customer "hey your server has this weird open port/resolver/..., could you please check on that, and fix it if it is actually a problem?"
(I got such a mail in the past, but can't find it and can't 100% say if it was based on a BSI report or just something the provider noticed themselves)

mcc

@leo that is creepy but I suppose legitimately helpful

DELETED

@mcc @leo also if you have like open ports that NFS uses for RPC or something like that

Motor Sprite

@mcc @leo this reminds me of the Dutch government sending that one person a tshirt that said “I hacked the Dutch government and all I got was this tshirt”

オセロットオセロ (VF/AC)

@leo @mcc Wow, a government that points out your security holes so you can close them instead of just exploiting them.

Panama Red

@leo
I read that at first as "open toilet server," which made it even creepier.

@mcc

Go Up