Analysis of a HTTP-based DDoS.

-7,000 different attacking IP addresses.

-20,000+ requests per second.


We are starting to add quite a few logging specific articles here:

If there is any logging content you would like to see (or learn more), let me know.

I managed to "rm * .exe" and delete a week of work while trying to port some C code to work on Windows.

Put the steps I took to recover them using PhotoRec here:

If anyone is ever stuck trying to recover rm'ed files, that may help.

*will migrate that article elsewhere later, but for now, it is ^^

We are sharing jndi (log4j) attack logs here:

Might be useful to find variation of attacks and IPs abusing it.

They're called "Meta" because their business is selling your metadata.

You may have noticed some sites that immediately redirect you to another page or site if you have JS disabled, prompting you to enable it

This is done with a <meta> refresh inside <noscript>

This #DarkPattern can be circumvented in uMatrix by turning off "Spoof <noscript> tags"

Do you know the difference between a Registrar, a Registry, a Recursive DNS and an authoritative DNS?

After you are done reading, you will know. 😂

Good article by @tony

Trying to do my part:

$ curl -sD - | grep 'permissions-policy'
permissions-policy: interest-cohort=()

Have you blocked FLoC yet? If you are using NOC, you can disable it with 1-click here:

More details on how to do it yourself:

Create an empty 8G file to save you in case your disk gets full:

Not sure I like this technique, but I have to agree that is pretty difficult to troubleshoot a server when the disks gets full.

That little file can save you a lot of hours.

One thing I love about the DNS is the visibility it provides - including regions and resolvers.

If you want to move away from big tech and give a small provider a chance, you may like it :)

The Mastodon account search is back online (and running a lot faster):

Sorry for the downtime and sluggish performance it was having.

Quoting Chris Krebs:

"This is the real deal. If your organization runs an OWA server exposed to the internet, assume compromise between 02/26-03/03. Check for 8 character aspx files in C:\\inetpub\wwwroot\aspnet_client\system_web\. If you get a hit on that search, you’re now in incident response mode."

"The only way to force companies to provide safety and security features for customers and users is with government intervention.

They routinely legislate safety — pollution standards, automobile seat belts, lead-free gasoline, food service regulations.

We need to do the same with cybersecurity: the federal government should set minimum security standards for software and software development."


Before buying a NYT subscription, here's what it will take you to cancel it.

I was expecting them to require a snail mail or a fax, but still a pain to have it cancelled.

Until they fix it, might be better not to subscribe to the NYT.

One of the many reasons why I am looking for Google alternatives:

"The YouTube account of Spinks' game dev company, Re-Logic, was hit with some kind of terms-of-service violation, resulting in Google banning Spinks' *entire Google account*, greatly disrupting his company's ability to do business. ". Including his 15 yo gmail account.

Something I love about #mathematics is it has problems simple enough for a child to understand, but to which nobody knows the solution. I recall having fun setting this problem to students : given four houses at vertices of a square, what is the shortest length of road needed to connect them all? Before spoiling the answer, look at this very simple related problem - no one has been able to identify and prove the optimal answer:

Barcode Scanner app on Google Play infects 10 million users with one update

Do you have this Barcode scanner app on your Android?

Show older

Open Source Social Network. Focused on technology, networking, linux, privacy and security, but open to anyone. Civil discourse, polite and open. Managed by the team.