Email or username:

Password:

Forgot your password?
mcc's posts Post Back to profile
Top-level
Sven

@leo @mcc It's not, they do that (for Telnet and a bunch of other things like open database servers). Usually not directly, but rather they email the admin contacts of the IP address blocks, who are then asked/in some cases in principle legally required to tell their customers in turn.

10 Oct 2023 at 19:36 | Wall-to-wall | Open on chaos.social
7 comments
Dan Cassidy 🦌

@HeNeArXn @leo @mcc Is this the BND (German CIA) or some other branch of the government? Because I remember the BND being quite proactive in protecting civilians from hacking attacks in the early 2000s and it's good to hear if that's still the case.

10 Oct 2023 at 20:20 | Open on chitter.xyz
Maxi 10x 💉

@whimsy @HeNeArXn @leo @mcc The BND is for exterior espionage, if this warning procedure is still ongoing it would be the BSI (Bundesamt für Sicherheit in der Informationstechnik).

11 Oct 2023 at 0:04 | Open on chaos.social
leo vriscrab² (homestuck) :dado_verified:

@HeNeArXn I meant that @mcc's reply could've been read as calling the German government a joke

10 Oct 2023 at 20:28 | Open on 60228.dev
Sven
mcc

@HeNeArXn @leo no sorry I just legitimately had not heard of this before

10 Oct 2023 at 20:38 | Open on mastodon.social
â„¢

@HeNeArXn @leo @mcc I also hadn't heard this. In such a case, what information are they asked/required to provide to their customers? (Surely not the address of the open server...?)

10 Oct 2023 at 21:41 | Open on mastodon.social
Sven

@1358531 @mcc BSI emails owner of the IP range, owner of the IP range looks up if they can match the IP to a customer (i.e. it's a statically assigned one and not a dynamic pool) and if they can they email the customer "hey your server has this weird open port/resolver/..., could you please check on that, and fix it if it is actually a problem?"
(I got such a mail in the past, but can't find it and can't 100% say if it was based on a BSI report or just something the provider noticed themselves)

11 Oct 2023 at 3:29 | Open on chaos.social
Go Up