In our latest post, we talk to the things we've learned about how the vulnerability works and what we can be doing to help secure our environments. It also serves as a precursor for the webinar I'll be on Wednesday with our friends at Invicti security.

noc.org/2022/01/17/log4shell-l

No, the does not effect the @cleanbrowsing platform. We have built, and maintain, our own anycast network of 60+ datacenters around the world. If your DNS is down, and you need a backup service, let us know. We're here to help.

@dcid @val @cleanbrowsing

Something really cool about this session is you can actually interact by sending in your questions ...

You can send them to:

livestudio@cloudflare.tv or calling (380) 333 - 5273

Had no idea that was a thing.. haha! Oh boy..

Show thread

If you need some noise to help you fall asleep better..

Will be doing a session with @dcid and @val today at 11 PDT to talk about our work @cleanbrowsing and a bit of our backgrounds...

They aren't the end all, be all, but they can be an extremely effective security controls for when things like this rear their ugly head..

Here are a few things we're seeing as it pertains to the recent vulnerability..

noc.org/2021/12/14/cloud-based

Do I know anyone that has worked with the lua-resty-auto-ssl for OpenResty/NGINX?

Is it always really DNS? Does DNSSEC problems really make it a DNS problem? It's technically not DNS causing the issue.. or is it?

Either way, another great example of the pains we still see with DNSSEC after 24+ years and why it's worth asking..

is DNSSEC still a thing we should be doing?

ruben.is.verweg.com/blog/2021/

As if you needed any more reason not to trust big corporations..

Here are pieces of the latest unredacted complaint against Google.

My favorite section:

"Project NERA was Google’s original plan to create a closed ecosystem out of the open internet. Google documents reveal that Google’s motive was to “successfully mimic a walled garden across the open web [so] we can protect our margins.”

wptavern.com/unredacted-antitr

tony boosted

Working on this IP reputation API:

reputation.noc.org/

Test it out and let me know if you find it useful somehow.

Gives basic information about an IP + details if we detected it involved on web spam, web attacks, sshd bruteforce, etc...

*in beta

Guide guide on how you can use Dynamic DNS record with the NOC platform: noc.org/knowledge-base/add-dyn

How WhatsApp scaled to 1B users with 50 engineers:

1. Keep Things Small

2. Keep Things Simple

3. Have a Single Minded Focus on the Mission

Nice read: quastor.org/p/how-whatsapp-sca

tony boosted

Howdy.. we're looking to do some testing of our network but need help..

If you have a NIX based machine, and open to running a quick terminal command.. it'd go a long way to better understanding how performant things are..

Would you be open to helping out?

tony boosted

CleanBrowsing Anycast Network is growing.

4 new additional cities added:

-New Orleans (USA)
-Phoenix (USA)
-Mexico City (MX)
-Stockholm (SE)

Making CleanBrowsing faster and more resilient to everyone (69 PoPs).

hey @dcid look at what I built.. want to create an account?

<silence>

Danny: Created an account...

<woohooo.. I go to check>

select count(*) from table;
+----------+
| count(*) |
+----------+
| 12687 |
+----------+

Sigh...

So @dcid and I are having a debate at the moment.. a very heated one..

Context:

We pushed out the documentation for API's recently and on the page I wrote: "Application Programming Interface (API)"

This led to a multi-day debate and argument on who spells out API... thoughts? It's ok to tell Daniel he is wrong, he is strong..

tony boosted

T-Mobile: Breach Exposed SSN/DOB of 40M+ People.

T-Mobile warned Monday that a data breach has exposed the names, date of birth, Social Security number and driver's license/ID information of more than 40 million current, former or prospective customers. The acknowledgment came less than 48 hours after millions of the stolen T-Mobile customer re...
krebsonsecurity.com/?p=56638

Show more
Noc.Social

Open Source Social Network. Focused on technology, networking, linux, privacy and security, but open to anyone. Civil discourse, polite and open. Managed by the noc.org team.