[Dshield] Newbie submission questions

Johannes B. Ullrich jullrich at euclidian.com
Fri Jun 17 13:42:30 GMT 2005


>First:
>The Linux iptable script send log submissions to report at dshield.org.
>However, all the documentation indicates that submissions should go to
>reports at dshield.org (extra s).  report at dshield.org seems to work, but is
>all the documentation wrong or are the two addresses supposed to be
>equivalent?
reports and report at dshield.org are equivalent.

>he reporting web page.
>
>Second:
>Acknowledgment emails say "PGP: No" at the bottom.  Taking a hint from
>http://www.dshield.org/pgp_doc.php, I hacked the .pl script to add a GPG
>signature, and I uploaded my public key to my DShield profile (days
>ago).  I have tested the resultant email.  Enigmail, the Mozilla Mail
>GPG plugin, verifies the signature, so I know my hack is good.  However,
>the acknowledgment emails say the GPG signature lines are rejected, and
>the bottom still says "PGP: No."  What's up?
>
It takes a while to import the PGP key you add to your account to the
PGP keyring of the validation script. This is also one of the less
tested functions (only have 1 or  users that use it so far).

>Third:
>The (expired January 2005) GPG key to encrypt submissions is for
>reports at dshield.org.  I did find an old key (expired 2001 sometime, I
>think) for report at dshield.org.  Does DShield support encryption
>currently (unrecognized correct signatures suggest not)?  What should be
>the recipient address for encrypted mail: report, reports, or something
>else?
>

Hm. I thought I posted a new key. Let me check on that and if it is
expired, I will post a new key.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://www.dshield.org/pipermail/list/attachments/20050617/52befe0b/signature.bin


More information about the list mailing list