New Blog, take 4096

 I think I've started more blogs than I've had posts, but hopefully, I'll like this one enough to keep it up!

Location: New York, NY, USA

Comments

Post a Comment

Popular posts from this blog

Fail2ban with VYOS API

Introduction I, like many people, found that I was getting a few failed ssh attempts per day. I looked at a root account facing the internet and found a little over 32000 failed attempts per day. Rest assured, these are low-skill attacks with a pretty low risk of compromise, but still, there are a few things that still makes me want to respond to it. Firstly, it's a lot of noise in the logs. It fills disks and makes it hard to see more dangerous attacks. Second, this confirms malicious intent. Maybe it's just a compromised box that is now part of a botnet, but you never know if it's going to be a platform for another attack. Finally, even though it's a low probability of compromise, there is still a chance. I know most of these attacks are checking for things like 10-year-old linksys WAPs with default passwords, but there is also the worst case out there, distributed brute force attacks and password spraying. My decision was to block this traffic, but then the next ques...
Read more

DNS Amplification Attack

Introduction  A few years ago, perhaps 2012 or 2013, my normally OK internet began to slow down.  Pretty soon, everything was skipping, downloads took forever.  Watching YouTube was painful (and not because of the ads this time).  There's always a bit of variation, and this is home-internet, so it was a few days till I investigated.    The source of the problems was quite a surprise to me, I was the unwitting co-conspirator, and co-victim, in a 65GB DDoS attack! How did this work? Was I infected by some malware and now part of a bot net that some evil attacker was using?  No, but there was a botnet, and it was using me - without even buying me dinner first! The attack was using a method called "DNS Amplification Attack,", making use of my open DNS server.  I host my own domain, so I ran a DNS server that was open so that any system on the internet to look up the IP addresses for my websites and other services.   We- collectively the whol...
Read more

Minecraft-FTB-Endeavour-Linux

  Minecraft-FTB-Endeavour-Linux #quicknote   #minecraft Quick note I was setting up FTB Endeavour, and the latest version gave me an error forge-1.16.5-36.2.2 could not be downloaded The solution was to download and run forge-1.16.5-36.2.2-installer.jar, and install it at ~/.ftba/bin or whatver your  *profile*json  file is located. meta © 2021 All Rights Reserved First published: October 31, 2021
Read more