Discussion:
Old articles
(too old to reply)
Nigel Reed
2024-01-20 00:21:16 UTC
Permalink
it looks like someone ejaculated a bunch of old articles. Was it just
me getting these or everyone else?

Not really complaining, I'm happy to take old articles, but just
wondered if this was someone's config error.
--
End Of The Line BBS - Plano, TX
telnet endofthelinebbs.com 23
Ivo Gandolfo
2024-01-20 00:40:58 UTC
Permalink
Post by Nigel Reed
it looks like someone ejaculated a bunch of old articles. Was it just
me getting these or everyone else?
Not really complaining, I'm happy to take old articles, but just
wondered if this was someone's config error.
I just receive this: <01cf36e8$Blat.v3.2.0$c03e52fa$***@127.0.0.1>

And on the path: I see this

Path:
paganini.bofh.team!newsfeed.endofthelinebbs.com!news.corradoroberto.it!nnrp.usenet.blueworldhosting.com!!news.usenet.blueworldhosting.com!spool1.usenet.blueworldhosting.com!injection-bsd1!not-for-mail

It's the newsserver corradoroberto.it grepping history from
blueworldhosting (I think with pullnews), and inject to his newsserver,
without filtering in newsfeeds file, and resend him to all his peers
(you included)


Sincerely
--
Ivo Gandolfo
Nigel Reed
2024-01-20 00:42:18 UTC
Permalink
On Sat, 20 Jan 2024 01:40:58 +0100
Post by Ivo Gandolfo
Post by Nigel Reed
it looks like someone ejaculated a bunch of old articles. Was it
just me getting these or everyone else?
Not really complaining, I'm happy to take old articles, but just
wondered if this was someone's config error.
And on the path: I see this
paganini.bofh.team!newsfeed.endofthelinebbs.com!news.corradoroberto.it!nnrp.usenet.blueworldhosting.com!!news.usenet.blueworldhosting.com!spool1.usenet.blueworldhosting.com!injection-bsd1!not-for-mail
It's the newsserver corradoroberto.it grepping history from
blueworldhosting (I think with pullnews), and inject to his
newsserver, without filtering in newsfeeds file, and resend him to
all his peers (you included)
Sincerely
Thanks for the investigation. We were all noobs once I guess..some of
us still are lol.
--
End Of The Line BBS - Plano, TX
telnet endofthelinebbs.com 23
yamo'
2024-01-20 08:48:41 UTC
Permalink
Hi,
Post by Ivo Gandolfo
paganini.bofh.team!newsfeed.endofthelinebbs.com!news.corradoroberto.it!nnrp.usenet.blueworldhosting.com!!news.usenet.blueworldhosting.com!spool1.usenet.blueworldhosting.com!injection-bsd1!not-for-mail
It's the newsserver corradoroberto.it grepping history from
blueworldhosting (I think with pullnews), and inject to his newsserver,
without filtering in newsfeeds file, and resend him to all his peers
(you included)
Thanks Ivo,

So by security I reject withs newsfeeds : "injection-bsd1".

It explain the TooOld that I received from paganini.bofh.team :

<http://pasdenom.info/usenet/news-notice.2024.01.19-06.15.03.html#inn_unwanted>
--
Stéphane
Jesse Rehmer
2024-01-20 16:52:53 UTC
Permalink
Post by yamo'
Hi,
Post by Ivo Gandolfo
paganini.bofh.team!newsfeed.endofthelinebbs.com!news.corradoroberto.it!nnr
p.usenet.blueworldhosting.com!!news.usenet.blueworldhosting.com!spool1.usene
t.blueworldhosting.com!injection-bsd1!not-for-mail
It's the newsserver corradoroberto.it grepping history from
blueworldhosting (I think with pullnews), and inject to his newsserver,
without filtering in newsfeeds file, and resend him to all his peers
(you included)
Thanks Ivo,
So by security I reject withs newsfeeds : "injection-bsd1".
<http://pasdenom.info/usenet/news-notice.2024.01.19-06.15.03.html#inn_unwanted>
The administrator of news.corradoroberto.it was using suck, pulling from my
server and those articles made their way back out through other peers of
news.corradoroberto.it who accepted the old articles. The injection-bsd1 node
is only in a handful of articles on my server, so it likely won't do you much
good to filter based on that.

News administrators should have a proper article cutoff set on the servers
which they peer with others. If only the administrator of
news.corradoroberto.it made the mistake originally it would not have leaked
beyond.
yamo'
2024-01-21 08:30:12 UTC
Permalink
Hi,
[FU2 news.software.nntp]
Post by Jesse Rehmer
The administrator of news.corradoroberto.it was using suck, pulling from my
server and those articles made their way back out through other peers of
news.corradoroberto.it who accepted the old articles. The injection-bsd1 node
is only in a handful of articles on my server, so it likely won't do you much
good to filter based on that.
Yes, nothing found in innreport today!
Post by Jesse Rehmer
News administrators should have a proper article cutoff set on the servers
which they peer with others. If only the administrator of
news.corradoroberto.it made the mistake originally it would not have leaked
beyond.
Yes good advice but sometimes the newsmaster has to modify "artcutoff"
in inn.conf and forget changing it after...

Maybe reporting the value of "artcutoff" in log and INNReport
would be a nice thing.
--
Stéphane
Sorry for my bad English
R. C.
2024-01-21 09:00:23 UTC
Permalink
Post by yamo'
Yes good advice but sometimes the newsmaster has to modify "artcutoff"
in inn.conf and forget changing it after...
Yes, that's true, I modified it.
Post by yamo'
Maybe reporting the value of "artcutoff" in log and INNReport
would be a nice thing.
Thank you for the advice, i will take in consideration

-Roberto

R. C.
2024-01-20 05:34:05 UTC
Permalink
Post by Nigel Reed
Not really complaining, I'm happy to take old articles, but just
wondered if this was someone's config error.
I'm sorry, that was my config mistake but i made already amends
closing the exitind feed.

"""
$ /usr/inn/ctlinnd reload newsfeeds "old article inject temporaney block"
Ok
$ date
fri 19 gen 2024, 17:08:43, CET
"""

Loading Image...

-Roberto.
Loading...