lix.net.pl
LIX - Narzędzia
http://www.lix.net.pl/narzedzia
LIX - poniżej udostępniamy przydatne narzędzia:. Http:/ redirector.c.youtube.com/report mapping. Http:/ nmap.org/nsedoc/scripts/ntp-monlist.html. Http:/ www.lix.net.pl/lg. Szybki kontakt w sprawach technicznych: 42 2351111 ( 08:00-00:00 ) lub noc@metroport.pl ( 24h ). Szybki kontakt w sprawach formalnych: 42 2351111 ( 08:00-16:00 ) lub biuro@metroport.pl.
blog.snowtec.org
網際網路 | 北極基地
http://blog.snowtec.org/category/computer/internet
Just another blog on the world wide web. Archive of ‘網際網路’ category. 2014 年 03 月 03 日. 設定 ntpd,避免成為 DDoS 肉雞. 大部分系統 ntpd 預設配置檔案都有一個問題,當啟用之後,容易被利用參與 DDoS 放大攻擊。 其中的 MONLIST 指令可以回傳該 ntp server 最近聯繫之 ntp server (通常為對時用),若是搭配偽造的 IP address,攻擊者可以創造出類似 DNS 放大攻擊. CloudFlare 前陣子被 DDoS 攻擊,經查之後發現接近 400 Gbps 的流量是來自於接近 4,500 台的 NTP server 導致的。 於此網站可以查詢有啟動 ntp,可能遭到利用的主機 http:/ openntpproject.org/. 輸入 IP address range (例 140.115.189.0/24) 可查詢整個網段。 建議各位停用系統中的 ntpd,改用 ntpdate (client only)。 Restrict -6 default ignore.
thoughtsonsecurity.blogspot.com
Thoughts on Security: January 2014
http://thoughtsonsecurity.blogspot.com/2014_01_01_archive.html
Wednesday, January 29, 2014. It turns out that your Internet-enabled baby monitor may not be very secure after all. A recently reported security flaw. May allow an intruder to watch your webcam or its recorded videos simply by clicking through a prompt. Evidently, this bug is active if not all eight user fields are populated. By a configured userid and password. The flaw exists even on fairly recent versions of the webcam firmware. The camera vendor, has released a new firmware version. Links to this post.
blog.cloudflare.com
Technical Details Behind a 400Gbps NTP Amplification DDoS Attack
https://blog.cloudflare.com/technical-details-behind-a-400gbps-ntp-amplification-ddos-attack
Technical Details Behind a 400Gbps NTP Amplification DDoS Attack. Before diving into the particular details of this attack, it's important to understand the basic mechanics of how NTP amplification attacks work. This is a quick overview of how these attacks occur. John Graham-Cumming on our team previously wrote a detailed primer on NTP amplification attacks. These attacks use a similar method but target open DNS resolvers rather than NTP servers. Monday's DDoS proved these attacks aren't just ...While N...
avkashk.wordpress.com
Information Security World | Smile! You’re at the best WordPress.com site ever | Page 2
https://avkashk.wordpress.com/page/2
You’re at the best WordPress.com site ever. Information Security Management System(ISO 27001). June 30, 2014. 8220;Selfmite” Beware Android Users! Here is a Text Messaging Malware. 8220;Selfie” – The most trending word nowadays in this technology led world. But it’s time to jump out of the selfie world and look into the “ Selfmite. According to AdaptiveMobile, a security vendor, the new SMS worm is able to propagate itself to target other Android users through special links embedded within text messages.