#node

bkoehn@diaspora.koehn.com

I’m moving my mail server on prem (read: to the basement). One of the complexities is that inbound messages lose their IP address due to NAT/port forwarding. Since I’m already using #AWS #SES for delivering email to work around my ISP blocking port 25 outbound, I wanted to try to use SES for receiving incoming mail. It took a few hours, but I eventually got it set up and working.

I had already configured an SES identity for koehn.com in order to manage outbound email. For inbound, I decided to test with a subdomain while I worked through the bugs. I wound up creating:
1. An SES RuleSet to deliver testmail.koehn.com mail to an #SNS topic.
2. A #Lambda function to receive these messages and send them to an HTTP API I created. The Lambda function handled errors that occurr by putting messages in an #SQS queue with a few minute delay. The same Lambda is triggered by the SNS topic and the SQS queue.
3. An HTTP API hosted in my email infrastructure. Written in Node.js, it receives the message from the Lambda and stores it in a Postgres table that acts as a queue. The messages are then de-queued by the same, run through Rspamd for spam analysis, and then either discarded or sent to Dovecot for storage. Again, any errors processing a message put it back on the queue for later processing. The service is run in my existing k3s infrastructure.

This architecture not only handles the problem of NAT losing sender IP information, but it’s far more resilient than anything I can self-host (or even my previous cloud versions). SES will be up nearly all the time, and messages will sit there in the queue when my servers at home offline. Once they’re back up, messages will flow through again.

Setting it all up involved (re-)learning #Lambda, #Node, #IAM, #SQS, #SNS, and a bunch of APIs. Still, I’m elated with how well it all worked out. It’s highly resilient and manages to leverage cheap AWS services (total cost should be less than $0.25/month) while avoiding the spendy ones.

bkoehn@diaspora.koehn.com

I wanted a quick and dirty way to invoke a bash script remotely, and what I got was four hours of #node programming and an (mostly) exercise in curl uploads.

Protip: curl -d @filename munges the file. `curl --data-binary @filename -H “Content-Type: application/octet-stream” is what you want.

ramnath@nerdpol.ch

enter image description here

#Shatabhisha #Nakshatra - Shatabhisha is the twenty-fourth Nakshatra in #Vedic #astrology ranging from 6°40' to 20° Kumbha.

Symbol - The symbol of this Nakshatra is #empty #circle or 1,000 #flowers or #stars.

Astronomical Name - The astronomical name of this Nakshatra is Gamma #Aquarii.

Deity of Nakshatra - #Varuna, the god of celestial waters is the deity of Shatabhisha Nakshatra.

Ruling Planet - Shatabhisha Nakshatra is ruled by #Rahu (north lunar #node).

Others - Shatabisha also translates as 'the hundred healers' or 'the hundred flowers'. Natives are harsh in speech but honest and truthful and follow their independent ways. The symbol for Shatabisha is an empty circle reflecting the independent nature and autonomy experienced through this lunar mansion. This lunar mansion can also be a challenging #birth star for early marriage. It has a Rakshasa temperament with the primary motivation being Dharma or right action. Rahu as the ruling planet of this Nakshatra indicates a love for travel and adventure.

https://www.drikpanchang.com/tutorials/nakshatra/shatabhisha-nakshatra.html

memo@pod.mv2k.com

Ich habe mich einmal in das Thema #Meshtastic eingelesen und werde hier in #Schwerin wohl den ersten #Node mit, wenn in der Software verfügbar, #Internet #Gateway einrichten.

Ich finde derartige Projekte sehr schön und unterstützte sie wirklich gerne.

Bei #Freifunk ist das in dieser Region leider nicht so einfach, da hier eine Mitgliedschaft in einem #Verein (!) Voraussetzung ist 🙄

Deshalb ist dies eine, nicht nur im Katastrophenfall, für mich wirklich schöne Alternative 😀

🔗 https://meshtastic.org/

anonymiss@despora.de

#node.js used by #Adobe, #Logitech, #Nvidia and others can be used to #exploite #Windows 😱

Source: https://nitter.eu/Laughing_Mantis/status/1512081814994575377

So what can you do with these and how can they be abused:

You can modify the JSON and JS files mentioned in order to:
- arbitrary download binaries
- ignore download checksums
- execute commands as SYSTEM
- C2 on the behalf of applications
- perform file I/O as SYSTEM
etc.

...

A good generic tool should scan the local appdata and program file folders for instances of NODE.JS or JSON files (Maybe not Microsoft Store instances) and then have templates for trojanizing each vendor's custom #NodeJS and #JSON.

#Microsoft #warning #danger #0day #software #news #Trojan #problem #hack #hacker #driver #install #fail #security