Mast Security @mastsec@noc.social

Analysis of a HTTP-based DDoS.

-7,000 different attacking IP addresses.

-20,000+ requests per second.

-DDoS-for-hire?

https://trunc.org/learning/http-flood-attack-ddos-analyzed

We are starting to add quite a few logging specific articles here:

https://trunc.org/learning/

If there is any logging content you would like to see (or learn more), let me know.

I managed to "rm * .exe" and delete a week of work while trying to port some C code to work on Windows.

Put the steps I took to recover them using PhotoRec here:

https://trunc.org/learning/recovering-lost-files-ubuntu

If anyone is ever stuck trying to recover rm'ed files, that may help.

*will migrate that article elsewhere later, but for now, it is ^^

We are sharing jndi (log4j) attack logs here:

https://reputation.noc.org/jndi-attack-logs/

Might be useful to find variation of attacks and IPs abusing it.

We need less of Google, less Facebook, less Twitter, less Apple and more decentralization.

https://wptavern.com/amp-has-irreparably-damaged-publishers-trust-in-google-led-initiatives

They're called "Meta" because their business is selling your metadata.

You may have noticed some sites that immediately redirect you to another page or site if you have JS disabled, prompting you to enable it

This is done with a <meta> refresh inside <noscript>

This #DarkPattern can be circumvented in uMatrix by turning off "Spoof <noscript> tags"

Do you know the difference between a Registrar, a Registry, a Recursive DNS and an authoritative DNS?

https://noc.org/2021/03/17/registries-registrars-and-authoritative-dns/

After you are done reading, you will know. 😂

Good article by @tony

Trying to do my part:

$ curl -sD - https://dcid.me | grep 'permissions-policy'
permissions-policy: interest-cohort=()

Have you blocked FLoC yet? If you are using NOC, you can disable it with 1-click here:

https://my.noc.org/dashboard?page=cdn

More details on how to do it yourself:

https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network

One thing I love about the https://noc.org DNS is the visibility it provides - including regions and resolvers.

If you want to move away from big tech and give a small provider a chance, you may like it :)

Been saying that SMS is a bad 2FA for years....

Post from 2013: https://dcid.me/notes/2013-apr-19

And new report from Krebs:

https://krebsonsecurity.com/2021/03/can-we-stop-pretending-sms-is-secure-now/

#Tusky has been removed from the PlayStore by Google

The Mastodon account search is back online (and running a lot faster):

https://search.noc.social/

Sorry for the downtime and sluggish performance it was having.

One of the many reasons why I am looking for Google alternatives:

https://arstechnica.com/gadgets/2021/02/terraria-developer-cancels-google-stadia-port-after-youtube-account-ban/

"The YouTube account of Spinks' game dev company, Re-Logic, was hit with some kind of terms-of-service violation, resulting in Google banning Spinks' *entire Google account*, greatly disrupting his company's ability to do business. ". Including his 15 yo gmail account.

Something I love about #mathematics is it has problems simple enough for a child to understand, but to which nobody knows the solution. I recall having fun setting this problem to students : given four houses at vertices of a square, what is the shortest length of road needed to connect them all? Before spoiling the answer, look at this very simple related problem - no one has been able to identify and prove the optimal answer:

https://en.m.wikipedia.org/wiki/Opaque_forest_problem