[Dxspider-support] Network v2.0 - A PROPOSAL FOR DISCUSSION

Fri Nov 4 10:44:20 GMT 2022

Hi all,

 > I WILL NOT distribute login information around the network. However 
one does it, it has a number of security risks associated with it. It's 
simply not going to happen. PS Even if it were, it certainly wouldn't be 
MD5 hashes.

Per se, as you well know, Telnet sends all information in plain text, 
between user and node and between nodes, with or without authentication. 
I understand that you don't want to use MD5, it's logical, but it was 
just the way to indicate that the information should be encrypted (that 
of the user/node). If the encryption is strong and is identical to what 
should be in user_json, I don't see a problem, but it's just an opinion.

 > What I can do (and will implement) is a new PC41 type 6 message which 
will be structured like all the others PC41^6^user call^registration 
node call^user IP address[:IP address...]^H99.

…

If we are going to have all the IP addresses of the users, there could 
be a command like set/badip <callsign> <IP> and its corresponding file.
It could even be globalized to affect the whole nod, something like 
set/badip ALL <IP>.
And if you refine further, you can go as far as defining an IP/MASK subnet.

 > … It also improves analysis and detection, after the fact, if 
something bad happens.

When the administrator registers a user, I think it would be convenient 
for any SSID associated with that user to be registered, and for the 
associated password (if it is done like this) to also be common to all 
the SSIDs of that callsign.

As a suggestion in the use of SP, it would be that once SP <callsign> is 
executed, the node should stop sending spots/ann until it is completed 
with /EX, timed or aborted. Users are uncomfortable mixing the 
information that reaches them with what they are trying to send.

 > … But I am also happy to consider other, bot unfriendly, suggestions.

One of the problems that has been occurring for a week is that the bot 
starts from a FREQ+n, where "n" increases by 1 kHz, which should be 
taken into account along with the duplicity of the comment field.

A weak point that they are using successfully, I think, is in the 
analysis of the comment field in search of "bad words". Either a 
regex-based mechanism for the badwords dictionary is missing, or I 
haven't been able to make it work.

Attached is a small schematic.

I only have 1 penny left 😊

73 de Kin EA3CV

El 02/11/2022 a las 23:06, Dirk Koopman via Dxspider-support escribió:
> But I am also happy to consider other, bot unfriendly, suggestions. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.tobit.co.uk/pipermail/dxspider-support/attachments/20221104/73687d89/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 1.pdf
Type: application/pdf
Size: 464495 bytes
Desc: not available
URL: <https://mailman.tobit.co.uk/pipermail/dxspider-support/attachments/20221104/73687d89/attachment-0001.pdf>