Thereβs plenty of material online on the IPv6 vs. IPv4 topic. Suffice it to say that IPv6 provides a gazillion times more addresses than IPv4, making the address space exhaustion a non-issue and obsoleting workarounds such as NAT thatβs been used for many years to extend IPv4βs life. Thatβs the good news. With IPv6, you — Continue reading Β»
Cloudflare DDoS Mitigation
π September 13, 2023
A part of my day job involves managing various servers and web services. There was a time that dealing with DDoS attacks was a mega stressful event that could last from hours to days. It generally involved waking up to the boss or team members or automated alarms messaging me about dead services, followed by — Continue reading Β»
Cloudflare One-Step Under Attack Mode For Multiple/All Zones
π September 2, 2022
The explosive surge in online hacks and attacks has forced may sites to seek out ways to mitigate such threats. Cloudflareβs Firewall is an indispensable tool to protect sites or specific assets within sites from online threats, specifically the automated threats known as bots that relentlessly scan sites for vulnerabilities and exploits. The JS Challenge — Continue reading Β»
The Great SYN Flood of China
π April 29, 2016
I wake up yesterday morning and while still in bed I get the dreaded site-down alert from Pingdom on my smartphone. When a Web site goes down there are a number of simple preliminary steps one takes to pinpoint and fix the problem. Is the ISP having an outage? Are the modem and router up? — Continue reading Β»
The Dawn of AWS Zombies
π July 22, 2015
One of the less enviable tasks in a techie's life is identifying bogus robot traffic on their networks. Robots suck up bandwidth without giving anything in return and in most cases try to brute-force their way into systems and steal information and then assimilate their target hosts into new recruits in their army of zombie — Continue reading Β»
The SSL Safety Myth
π February 26, 2015
The past week the security universe has been pounded by a whirlwind of bad press and bad actors. It all started with the news of Lenovo pre-installing adware (better yet, crapware) on new machines that would allow ads from a company with the ironic and unfortunate name, Superfish, to display context ads even when users — Continue reading Β»
What The Linux Ghost Bug Teaches
π February 17, 2015
A couple of weeks ago it was revealed that a known Linux bug, Ghost (short-ish for the gethostbyname() function in the older glibc library versions) is riskier than previously thought. So the internet became abuzz with warnings to those who might not have updated their Linux distros. I have several versions of Fedora running on — Continue reading Β»
Linux Shellshock Bash Bug Workaround
π September 26, 2014
The warnings about the shellshock bash bug are ominous and not unfounded. This is perhaps a greater risk than Heartbleed. Here are the gory details of this bug. To test your system for this bug run the following command from the shell: $ env x='() { :;}; echo vulnerable' bash -c "echo this is a — Continue reading Β»
Give a few Sats