Profile

Cover photo
Peter Bance
Works at Rhye Internet Solutions Limited
Attended University of Portsmouth
118,358 views
AboutPostsPhotosVideos+1's

Stream

Peter Bance

Shared publicly  - 
 
I'd go further... It's far too easy now for any opinion, however bonkers, to be published, propagated and discussed. "Comment sections", I'm looking at you (or, rather, trying to avoid looking at you)...!
1
Matthew Pemble's profile photo
 
There is also the issue where people demand that your platform must give them space. The free speech issue is an anti-censorship one (and we have too much censorship in the UK, even if most of it is 'after the fact'.) It's not an "all spaces must be open" one.
Add a comment...

Peter Bance

Shared publicly  - 
 
Not particularly interested in the story, but loved the headline.
Clinton's private email earns prez candidate the attention of the Feds
1
Add a comment...

Peter Bance

Shared publicly  - 
 
Attention CLAS Consultants

In case you didn't receive my recent e-mail, I've had a disastrous server outage over the past week.  It's only when such things happen you discover flaws in your continuity plans...

If you were on any of my CLAS-only mailing lists, they all disappeared.  I've recreated them (under a new domain, for various reasons), but the subscriber lists were unrecoverable :-(

Please feel free to resubscribe and I'll pass requests through as quickly as I can.
www.trustedsecurityadvisersregister.com Mailing Lists. Welcome! Below is a listing of all the public mailing lists on www.trustedsecurityadvisersregister.com. Click on a list name to get more information about the list, or to subscribe, unsubscribe, and change the preferences on your ...
1
Add a comment...

Peter Bance

Shared publicly  - 
 
Oh, I dunno. Staplers now, but what next? Drugs? Fair enough. Encryption? Wait, what?
1
Add a comment...

Peter Bance

Shared publicly  - 
 
I'm absolutely certain this picture would be good for a "caption competition"...!
 
Germany State Visit
The Queen and President Gauck with Frankfurt's Mayor Peter Feldmann at St. Paul's Church on Day Two of the State Visit to Germany, 25 June 2015. 
View original post
1
Martin Hepworth's profile photo
 
Only day 2...!
Add a comment...

Peter Bance

Shared publicly  - 
 
Dear spammer,

I'm not going to reply to you directly, for obvious reasons, but perhaps you'll see this response and learn something.

Hello,

Hello to you too.  I'd use your name, but like you (thinking I'm called "postmaster") I haven't got a clue what it is.  I could guess from your e-mail address, but you gave me two different ones (one in the "From", and one in the body).

Not sure if you received my email from last week?

Yes, I did, thank you.  It went straight into my "Junk" folder.

You might want to check your Spam folder

No, I don't have one of those.  I have a "Junk" folder that my server clears automatically at 3am every day, and pumps the contents into a bayesian learning algorithm that's supposed to make it so I don't hear from you again.  I'm about to go and check it's working properly.

Do you need our marketing solutions?

No, I don't, especially if your approach to "marketing" is to send spam via open mail relays to the "postmaster" at random domains.  That wouldn't be the greatest way to maintain my professional reputation.  I wish you luck with others, though - they may have lower standards.

We can generate you more customers and leads also bring more sales for you.

Oh, I doubt that very much indeed.  Especially when your communications strategy is to use other people's mail servers in the US, pretend to have a German e-mail address and ask for replies to be sent to somewhere entirely different.  That doesn't work for my business (not that you have any idea what my business is).
 
If you have interests just let us send you a proposal with pricing.

I have lots of interests, but how is that even relevant?

We look forward to working with you.

I'm sure you do.  But please don't base your business plan on this project - it might not go anywhere.

Thanks!

You're welcome!

Jonathan

Really?  Your e-mail address suggests you're called "Burt", and you want me to reply to "Vivian".

Let's just call you "Dick" and be done with it.  OK?
2
1
Byrne Ghavalas's profile photo
Add a comment...

Peter Bance

Shared publicly  - 
 
Found on Twitter. Pretty good summary...
1
Add a comment...

Peter Bance

Shared publicly  - 
 
Well, that's different...
1
Add a comment...

Peter Bance

Shared publicly  - 
 
Sharing this again, now I've figured out the "og" tag incantations to make it look prettier! The Trusted Security Advisers Register (TSAR) is intended to be a central, verified register of credentials for Infosec professionals - it was created to meet a need as CLAS consultants started disappearing from CESG's website, but allows many other credentials to be displayed. Each individual entry has a unique URL for easy sharing/linking.
1
Add a comment...

Peter Bance

Shared publicly  - 
 
Over the course of a few days, +Wendy Bance and I have put together a new site/service for Information Security Professionals - the Trusted Security Advisers Register (TSAR).  The aim is for this to serve as a central, "verified" list of professional credentials, primarily for those working in or with the public sector and its supply chain, but potentially more widely.

I hope especially that CLAS members will find this useful - as CESG removes consultants' listings in the run up to the closure of the scheme, this should provide a continuing reference point for consultants, recruiters and customers.

Do feed back if you have any comments.
1
1
Matthew J. Harmon's profile photo
Add a comment...

Peter Bance

Shared publicly  - 
 
From somewhere on Twitter, I think. Made everyone here LOL...
1
Peter Bance's profile photo
 
Found it again: @shokufeyesib, RT'd by @egyp7
Add a comment...

Peter Bance

Shared publicly  - 
 
SSH Dictionary Attack Madness

My server blocks several dozen attempts against SSH every day.  I'm probably tired or something, but today I found myself wondering what the server would think if it was sentient and saw some of the nonsense being thrown at it...

[Client Connects]

Oh, hello Client. In Germany, huh? OK, you're not explicitly blocked like some countries I could name, even though I don't think we have customers out there.  Someone might be travelling, I suppose.

[Username kadmin]
[Password xxxxxx]

Eh?  There's never been a user by that name - are you sure you got that right?

[Username root]
[Password xxxxxx]

Oh, it's YOU!  No idea what that "kadmin" nonsense was about, I guess you're busy and confused.  You're certainly typing quickly enough - two login attempts within one second?

Wait, hang on a minute, you told me not to allow remote login as "root".  Sorry, boss, I have to reject this.

[Username kadmin]
[Password zzzzzz]

What?  Did you ignore my previous response?  There's nobody here by that name.  Stop it.

[Username root]
[Password xxxxxx]

You must really be having a bad day, Sir - is your SSH client broken, and you can't see my responses?

[Username guest]
[Password xxxxxx]

Sir?  You know there isn't a guest account - that would be mad.

[Username pi]
[Password xxxxxx]

Now that's just weird of you, and actually slightly offensive.  I'm much bigger and more powerful than one of those diddy Raspberry things.  I'm a proper server, me.

[Username ubnt]
[Password xxxxxx]

Yes, that's right - Ubuntu!  But you never created a user account with that name, so I'm sorry Sir, I still can't let you in.

[Username xbian]
[Password xxxxxx]

Who?  Why can't you remember your username, Sir?  I haven't been configured to tell you, I'm so sorry.

[Username admin]
[Password xxxxxx]

I'm sorry, you're still not getting there - don't you remember, we avoided all of the obvious usernames. Who in their right mind would run an Internet-facing service with an account called "admin"?!

[Username guest]
[Password xxxxxx]

We talked about that - why are you ignoring me?  Did I do something wrong?  I'm really starting to think there's something wrong with your SSH client, perhaps we should step away from this for a while and try again later.

[Username test]
[Password xxxxxx]

Jeez, enough is enough, that's just ridiculous.  Oi, Fail2Ban, tell IPTables to block this Client for a while, will you?  I need to calm down.

Fail2Ban: Sure.  Blocked.  I'll let them try again in an hour.
1
Peter Bance's profile photoToby Seaman's profile photo
3 comments
 
Grin. I have set to three and I thought I was being generous ;-)
Add a comment...
Story
Tagline
Information Security Artisan (and CLAS Consultant)
Introduction
I am Peter Bance, Information Security Consultant (and CLAS Consultant). I live in a rural part of the UK, with my wife and two children.
Education
  • University of Portsmouth
    BSc (Hons) Computer Science, 1991 - 1995
Work
Occupation
Information Security Artisan
Employment
  • Rhye Internet Solutions Limited
    Technical Director, 1997 - present
Basic Information
Gender
Male
Relationship
Married
Peter Bance's +1's are the things they like, agree with, or want to recommend.
Let's Encrypt Launch Schedule
letsencrypt.org

Let’s Encrypt is a free, automated, and open certificate authority brought to you by the Internet Security Research Group (ISRG). ISRG is a

Countries whose names don’t work with ‘-exit’ barred from leaving EU
www.thedailymash.co.uk

BRITAIN has been cleared to leave the EU because Brexit is perfectly usable while other countries have been permanently barred.

Nigel Farage calls for discriminatory asylum process favouring Christian...
humanism.org.uk

Appearing on BBC Breakfast, United Kingdom Independence Party (UKIP) leader, Nigel Farage, has claimed that Christians ought to be given pre

Mumsnet to decide general election | NewsBiscuit
www.newsbiscuit.com

Debate asks 'whether or not it is fair to exclude children from wedding invites.'

The economy is stupid, agree political leaders | NewsBiscuit
www.newsbiscuit.com

Leaders from seven political parties last night agreed that the UK economy was stupid, but that it wasn’t its fault. All agreed that it hadn

RFC 7511 - Scenic Routing for IPv6
tools.ietf.org

[Docs] [txt|pdf] [draft-scenig-routing] [Diff1] [Diff2] [Errata] INFORMATIONAL Errata Exist Independent Submission M. Wilhelm Request for Co

Savoy Hotel closes after bad TripAdvisor review
www.thedailymash.co.uk

LONDON hotel The Savoy has closed its doors after more than 125 years following a one-star TripAdvisor review.

Tools secretly are left in van overnight
www.thedailymash.co.uk

WORKMEN throughout the UK are covertly leaving tools in their vans overnight despite baldly stating the complete opposite.

GNU Terry Pratchett
www.gnuterrypratchett.com

A man is not dead while his name is still spoken. GNU Terry Pratchett.

BBC News - Barbie doll will be internet connected to chat to kids
www.bbc.co.uk

Mattel, the toy firm behind iconic doll Barbie, is to make a smart version of the doll that will chat to children.

BBC News - MPs say yes to three-person babies
www.bbc.co.uk

MPs have voted overwhelmingly in favour of the creation of babies with DNA from two women and one man.

Labour in crisis as Ed Miliband loses mock debate to 'empty chair'
newsthump.com

Labour party strategists have gone back to the drawing board after Ed Miliband lost a behind-closed-doors mock debate against an empty chair

BBC News - Apology for 'Muslim Birmingham' Fox News claim
www.bbc.co.uk

A US terrorism commentator apologises for describing Birmingham as a "Muslim-only city" where non-Muslims "don't go" during an interview on

The Internet's Original Sin
www.theatlantic.com

It's not too late to ditch the ad-based business model and build a better web.

The American Scholar: Solitude and Leadership - William Deresiewicz
theamericanscholar.org

If you want others to follow, learn to be alone with your thoughts

Cryptoy
market.android.com

Delve into the world of cryptography with Cryptoy!This fun and educational app teaches you about the mysterious world of cryptography. It he

Odd new ssh scanning, possibly for D-Link devices - Internet Security | ...
isc.sans.edu

SANS Internet Storm Center - A global cooperative cyber threat / internet security monitor and alert system. Featuring daily handler diaries