Quantcast
Peter N.M. Hansteen

Areas of Expertise:

  • FreeBSD
  • OpenBSD
  • documentation
  • PF
  • consulting
  • speaking
  • writing

Biography

Peter N. M. Hansteen is a consultant, writer and sysadmin based in Bergen, Norway. A longtime Freenix advocate, Hansteen is a frequent lecturer on FreeBSD and OpenBSD topics. His expertise as a documentation consultant (and humorous work with the RFC 1149 implementation team) have helped him gain regard in Norwegian IT publications. The Book of PF, Hansteen's first book, is an expanded follow-up to his very popular online PF tutorial.

Books

The Book of PF The Book of PF (No Starch)
by Peter N.M. Hansteen
December 2007
Print: $29.95
Ebook: $23.95

starstarstarstarstar (4)
(Read Reviews)

Blog

Peter N.M.'s blog posts are hosted at:
http://bsdly.blogspot.com/

A Third Time, Uncharmed

October 04 2009

Spamwashers hijacked, a wake-up call for lazy sysadmins everywhere. The slow bruteforcers are back for another round.A new round of slow, distributed bruteforce attacks is in progress. Just like the other times we know about (see references later), the initial target is root. This time around I see only one… read more

The slow brute zombies are back

April 12 2009

Real-life zombies feed off weak passwords.Regular readers will remember that late last year we saw a peculiar form of distributed bruteforce attack on certain ssh servers. What made this particular batch of failed login attempts stand out was that unlike the traditional rapid-fire bruteforce attempts we were quite adept at… read more

Oh yes, you signed up for this. You did. Honest.

March 22 2009

Honesty in marketing. You may have heard of it.It may come as a surprise to some, but I generally do not spend much time on spam related matters. Occasionally I need to do some manual labor to keep spamd and spamassasin in trim, but at most times my little robot… read more

What have the black boxes wrought

March 14 2009

How compartmentalization turned into a security disaster. Greed, incompetence and dishonesty was involved.IT security or the lack of any such thing has grabbed headlines lately here in Norway. A series of high profile public institutions have seen large scale worm infections on their Microsoft based networks. Late last year the… read more

The slow brutes, a findal roundup

January 22 2009

The slow brutes stopped their churning. Their last call was for sophia.Over the last few columns, we have followed the progress of what appears to be a botnet cloud's attempt at gaining access to a couple of FreeBSD machines I have in my care. One of my predictions about the… read more

Into a new year, slowly pounding the gates

December 21 2008

The distributed but clearly coordinated bruteforcers are still at it. How long until they reach the end of the alphabet? And why are they staying away from my OpenBSD machines? Are we seeing the contours of a controlling intelligence?As large parts of the Western world prepares for the holidays, the… read more

A Small Update About The Slow Brutes

December 06 2008

Slow and steady might actually do it, eventually.The reactions to my December 2nd column hit me with a bit of surprise. The column was taken on by slashdot and Linux Today both, producing a largish number of page views, but only two clicks on my featured ads. But while my… read more

A low intensity, distributed bruteforce attempt

December 02 2008

We have seen the future of botnets, and it is a distributed, low-key affair. Are sites running free software finally becoming malware targets?Phase 1: “That's odd …”During the last few weeks, I noticed an anomaly in the authenticationlogs on one of my listening posts. There were a larger than usualnumber… read more

IETF failed to account for greylisting

October 20 2008

The potential for conflict between greylisting and sites with large pools of outgoing SMTP senders is well known and in need of resolution. Why does the SMTP RFC moving along the standards track fail to address this?Standardization efforts rarely grab headlines. Except in rather exceptional circumstances (think Microsoft's recent ISO… read more

“Name and Shame”, or socially responsible use of your log data

September 22 2008

Your logs contain an ever-growing mass of data on spammers. How about making an effort to make that data useful to others?Those of us who run email services know, from sometimes painful experience, what it takes to ensure that the minimum possible amount of unwanted advertising and scams that may… read more

[.NO] “Name and Shame” eller samfunnsnyttig bruk av loggdata om spammere

August 31 2008

Today's post is in Norwegian - I'll be back in English laterVi sitter med stadig voksende mengder med data om spammere. Kan vi bruke dette på en måte som er nyttig for andre?Vi som selv står for driften av eposttjenester vet av tidvis smertelig erfaring hva som skal til for… read more

Logfiles in the buff

August 27 2008

Search engine optimization, deflowered.Logs are important. Depending on the specific kind of log, the data may shape lives and generate fortunes (how many times were those ads displayed, your clickthrough rate), reveal suspicious behavior and trigger actions (such as shutting the door to that bruteforcer) or provide sysadmins such as… read more

Is one of your machines secretly a spambot?

August 09 2008

Some times we just need facts on the table, automated.In my previous blog post, I wondered aloud about publishing data about the machines that verifiably tried to spam us. The response was other than overwhelming, and with the script running once per day anyway, I now publish the results via… read more

Now that we have their addresses, do we name and shame?

August 07 2008

Earlier this week a friendly Australian who I think had been reading my blog sent me a few questions about spam, spammers and what to do with them. Would it for example be useful to forward the IP addresses in the local traplist to law enforcement? After all, I publish… read more

Is there really a market for an open source router?

July 02 2008

Open source goodness. Coming soon to a router near you (if it isn't there already).I have a confession to make. Today's headline isn't mine. I snatched it from Dana Blankenhorn's June 30th piece over at ZDNet. It almost made me utter a Simpsonian grunt and start ranting about my more… read more
Peter N.M. Hansteen