A reminder for myself, nicely packaged in the form of a Haiku...
No matter how "experienced" and "senior" you may be, this strikes mercilessly from behind when you least expect it...
It's always the #DNS
#ItsAlwaysDNS #networking #noc
image credits go to reddit, see ALT
Detecting Multi-Stage Infection Chains Madness
This analysis examines a complex multi-stage attack exploiting a resilient network infrastructure known as 'Cloudflare tunnel infrastructure to deliver multiple RATs' since February 2024. The infection chain involves multiple steps, including phishing emails with malicious attachments, execution of various file types (LNK, HTA, BAT, Python scripts), and eventual delivery of AsyncRAT. The attackers employ various evasion techniques and leverage public services like TryCloudflare and DynDNS. The report highlights the importance of combining cyber threat intelligence with detection rules to enhance security capabilities against evolving threats. It also provides detailed information on the attack stages, detection opportunities, and associated indicators of compromise.
Pulse ID: 68076448a507880b9128c2a6
Pulse Link: https://otx.alienvault.com/pulse/68076448a507880b9128c2a6
Pulse Author: AlienVault
Created: 2025-04-22 09:41:28
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
Oha, #Bluesky bietet ein #Verify Badge an, kostenlos und mit der eigenen Domain via #DNS verifizierbar - mal schauen wie lange das möglich ist und vor allem ohne Kosten ^^ https://bsky.social/about/blog/4-28-2023-domain-handle-tutorial
I recently changed to a fritz box router and pinole has decided not to work anymore...
Anyone got any ideas? I can access the web interface but DND doesn't work from at least some of my devices...
I'll probs be changing my pis which host all my services to use k3s soon so will probs reinstall OS then, in case that makes any difference.
The new router did change my gateway btw, I think all the devices use the correct one now though.
It feels really good to break free from Big tech. 
4.13% of Microsoft comes from github. 3.03% of Google comes from Google fonts and gstatics.( they are bing blocked)
This chart is based on DNS queries from nextdns
#bigtech #google #microsoft #nextdns #dns
instead of getting the current ip address for each of my subdomains to put it into an AAAA record, i'm now only doing it once and then using a wildcard CNAME to direct all subdomains to the root domain.
my #octodns service was failing quite a few times per day (ok yeah it runs once per minute) and i believe it might have been some bruteforce protection of the external site that it uses to get the external ip address.
i hope this isn't going to bite me back in the future, but you can never know with #dns ;)
It's 2025... so why are obviously malicious advertising URLs still going strong?
In 2025, a phishing email containing a malicious link redirected through Google Ads was received by the Internet Storm Center. The link led to a credential-stealing page hosted on a dynamic DNS service. Despite being clearly fraudulent and detected by VirusTotal, the ad redirect remained active for over a week. The article questions why major ad providers like Google aren't implementing basic security measures to prevent such obvious threats. It suggests that ad companies should filter out links to domains unsuitable for legitimate ads and regularly check landing pages for malicious content. The author argues that this should be the minimum expected from ad providers in 2025, especially given the availability of AI and tools like VirusTotal for threat detection.
Pulse ID: 680630cf7d432f84fd61b71b
Pulse Link: https://otx.alienvault.com/pulse/680630cf7d432f84fd61b71b
Pulse Author: AlienVault
Created: 2025-04-21 11:49:35
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
Why did I do this?
Because I can, and well i think its funny.
@bortzmeyer après avoir pourri l'apex des zones avec d'innombrables TXT, les voilà dans les MX
> tmbwb437ehblujovan4ywh3mrwz7h2mzdpi7yfu4q6l5yvcylzeq.mx-verification.google.com.
Make #DNS Great Again
Meine Datenschutz und Privatsphäre Übersicht 2025, für Jedermann 
Teilen erbeten 
als PDF:
https://cryptpad.digitalcourage.de/file/#/2/file/iLDoTt03wkGUL3dA39ScX6hV/
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
I also have a third VPS which I use solely as a DNS server with PiHole. Does it make sense to also merge that one and have pihole on the same server that will host my blog and GTS? Opinions?
#pihole #dns #selfhostedapps
As identified by people here, DNS mixup took down Zoom the other day:
Man kommt einfach nicht drauf: 172.16.100.10 vs 172.16.10.100. Zwischendurch ging dann auch mal gar nichts mehr. 
gut versteckt, könnt ihr auch systemweit Werbung und Tracker verschwinden lassen – ganz einfach mit wenigen Handgriffen für 
