Analysis of a HTTP-based DDoS.
-7,000 different attacking IP addresses.
-20,000+ requests per second.
-DDoS-for-hire?
We are starting to add quite a few logging specific articles here:
If there is any logging content you would like to see (or learn more), let me know.
I managed to "rm * .exe" and delete a week of work while trying to port some C code to work on Windows.
Put the steps I took to recover them using PhotoRec here:
https://trunc.org/learning/recovering-lost-files-ubuntu
If anyone is ever stuck trying to recover rm'ed files, that may help.
*will migrate that article elsewhere later, but for now, it is ^^
We are sharing jndi (log4j) attack logs here:
https://reputation.noc.org/jndi-attack-logs/
Might be useful to find variation of attacks and IPs abusing it.
We need less of Google, less Facebook, less Twitter, less Apple and more decentralization.
https://wptavern.com/amp-has-irreparably-damaged-publishers-trust-in-google-led-initiatives
You may have noticed some sites that immediately redirect you to another page or site if you have JS disabled, prompting you to enable it
This is done with a <meta> refresh inside <noscript>
This #DarkPattern can be circumvented in uMatrix by turning off "Spoof <noscript> tags"
Do you know the difference between a Registrar, a Registry, a Recursive DNS and an authoritative DNS?
https://noc.org/2021/03/17/registries-registrars-and-authoritative-dns/
After you are done reading, you will know. 😂
Good article by @tony
Trying to do my part:
$ curl -sD - https://dcid.me | grep 'permissions-policy'
permissions-policy: interest-cohort=()
Have you blocked FLoC yet? If you are using NOC, you can disable it with 1-click here:
https://my.noc.org/dashboard?page=cdn
More details on how to do it yourself:
https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
Create an empty 8G file to save you in case your disk gets full:
https://brianschrader.com/archive/why-all-my-servers-have-an-8gb-empty-file/
Not sure I like this technique, but I have to agree that is pretty difficult to troubleshoot a server when the disks gets full.
That little file can save you a lot of hours.
One thing I love about the https://noc.org DNS is the visibility it provides - including regions and resolvers.
If you want to move away from big tech and give a small provider a chance, you may like it :)
Been saying that SMS is a bad 2FA for years....
Post from 2013: https://dcid.me/notes/2013-apr-19
And new report from Krebs:
https://krebsonsecurity.com/2021/03/can-we-stop-pretending-sms-is-secure-now/
#Tusky has been removed from the PlayStore by Google
The Mastodon account search is back online (and running a lot faster):
Sorry for the downtime and sluggish performance it was having.
Quoting Chris Krebs:
"This is the real deal. If your organization runs an OWA server exposed to the internet, assume compromise between 02/26-03/03. Check for 8 character aspx files in C:\\inetpub\wwwroot\aspnet_client\system_web\. If you get a hit on that search, you’re now in incident response mode."
https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/
"The only way to force companies to provide safety and security features for customers and users is with government intervention.
They routinely legislate safety — pollution standards, automobile seat belts, lead-free gasoline, food service regulations.
We need to do the same with cybersecurity: the federal government should set minimum security standards for software and software development."
https://www.schneier.com/blog/archives/2021/03/national-security-risks-of-late-stage-capitalism.html
Agree?
Before buying a NYT subscription, here's what it will take you to cancel it.
I was expecting them to require a snail mail or a fax, but still a pain to have it cancelled.
Until they fix it, might be better not to subscribe to the NYT.
One of the many reasons why I am looking for Google alternatives:
"The YouTube account of Spinks' game dev company, Re-Logic, was hit with some kind of terms-of-service violation, resulting in Google banning Spinks' *entire Google account*, greatly disrupting his company's ability to do business. ". Including his 15 yo gmail account.
Something I love about #mathematics is it has problems simple enough for a child to understand, but to which nobody knows the solution. I recall having fun setting this problem to students : given four houses at vertices of a square, what is the shortest length of road needed to connect them all? Before spoiling the answer, look at this very simple related problem - no one has been able to identify and prove the optimal answer:
Barcode Scanner app on Google Play infects 10 million users with one update
Do you have this Barcode scanner app on your Android?
Infosec, Networking and Hacking stuff - on Mastodon.