six demon bag

Wind, fire, all that kind of thing!

2017-03-21

Verifying checksums on Windows systems - correctly

Posted here, since the Fedora people apparently can't be bothered to fix their documentation.

In January 2016 I came across this question on StackOverflow, asking about an OutOfMemory error when validating the SHA256 checksum of a Fedora ISO image. The Fedora documentation suggested reading the full file and then calculating the checksum from the bytes:

$sha256.ComputeHash([System.IO.File]::ReadAllBytes("$PWD\$image"))

Why anyone would even want to read an entire ISO image into memory for a checksum calculation is beyond me. The recommended way of doing this is to open the file as a stream and calculate the checksum on that stream:

See more ...

Posted 00:24 [permalink]

2010-05-30

Backscatter protection

What is backscatter?

When mail servers accept mail and later discover that for some reason they are unable to actually deliver it, RFC 821 specifies that a Non-Delivery Notification (NDN, also known as "bounce") must be sent to the originator of the mail.

However, the "From" address can be spoofed most easily, so there is no guarantee whatsoever that the mail actually originated from that address. In case of a spoofed address, the NDN will be sent to someone who hadn't sent the original mail to begin with. These bounces going back to someone else but the original sender are called "backscatter".

Why is that a problem?

Because spammers tend to send their bulk e-mails to anything that looks even remotely like an e-mail address, the "To" addresses usually include lots of invalid addresses. Therefore spam-runs can cause massive waves of backscatter flooding the mailboxes of those people whose addresses were spoofed in the "From" field. However, it's not sensible to simply block all incoming bounces, because there are legitimate bounces as well.

See more ...

Posted 22:41 [permalink]