176 private links
Constatant que le TLD .mobi (TLD qui est par ailleurs une mauvaise idée, mais c'est une autre histoire) avait changé son serveur whois, de whois.dotmobiregistry.net à whois.nic.mobi, et que le nom de domaine dotmobiregistry.net, non renouvelé, avait expiré et était donc libre, les chercheurs ont enregistré le nom dotmobiregistry.net, mis en place un serveur whois (je rappelle que le protocole est très simple et que n'importe quel·le étudiant·e peut programmer un serveur whois en un quart d'heure) et récolté d'innombrables requêtes provenant de clients whois qui n'avaient pas mis leur base à jour.
Les chercheurs ont ensuite analysé ces requêtes.
Afin d'éviter cette faille et "si on veut faire les choses proprement, on ne doit plus utiliser whois mais son successeur RDAP"
Un article détaillé de ArsTechnica est disponible à https://arstechnica.com/security/2024/09/rogue-whois-server-gives-researcher-superpowers-no-one-should-ever-have/
Trouvé via https://www.bortzmeyer.org/whois-mobi.html
Cela peut être un bon entraînement de le réécrire en #rust #RIIR.
Oh wait https://gitlab.rd.nic.fr/afnic/code-samples/-/tree/main/API/Rust/src?ref_type=heads
An alternative to nginx. Is it needed though? Maybe I don't know much and my use cases of nginx are pretty limited. Let's see!
Generate QR code for Wifi :)
Ok ok. How? AI can predict the next IP packet, so it's faster than the speed of light.
The recent advances in artificial intelligence (AI) such as large language models enable the design of the Faster than LIght speed Protocol (FLIP) for Internet. FLIP provides a way to avoid congestion, enhance security, and deliver faster packets on the Internet by using AI to predict future packets at the receiving peer before they arrive.
It can be useful someday
In the hypertext architecture, when making a reference, such as a hypertext link, we don't just refer to an information resource. Well, we can, but we can also refer to a particular part of or view of a resource. The string which, within the document, defines the other end of the link has two parts. It has the identifier of the document as a whole, and then optionally it has a hash sign "#" and a string representing the view of the object required.
Pingora is a Rust framework to build fast, reliable and programmable networked systems. Pingora is battle tested as it has been serving more than 40 million Internet requests per second for more than a few years.
La publication est disponible sur HAL https://hal.science/hal-03969060
How to launch a program without network access?
firejail --noprofile --net=none <program-name>
Le résultat d'un traceroute entre deux points de Madagascar par les sondes ripe-atlas montre que les paquets transitent par ma France o_O
Cela fait suite à une conférence à #PSES.
A series of distributed systems challenges brought to you by Fly.io.
La prouesse technique d'avoir du Wifi à bord des TGV, et pourquoi c'est si compliqué !
- Dehashed—View leaked credentials.
- SecurityTrails—Extensive DNS data.
- DorkSearch—Really fast Google dorking.
- ExploitDB—Archive of various exploits.
- ZoomEye—Gather information about targets.
- Pulsedive—Search for threat intelligence.
- GrayHatWarfare—Search public S3 buckets.
- PolySwarm—Scan files and URLs for threats.
- Fofa—Search for various threat intelligence.
- LeakIX—Search publicly indexed information.
- DNSDumpster—Search for DNS records quickly.
- FullHunt—Search and discovery attack surfaces.
- AlienVault—Extensive threat intelligence feed.
- ONYPHE—Collects cyber-threat intelligence data.
- Grep App—Search across a half million git repos.
- URL Scan—Free service to scan and analyse websites.
- Vulners—Search vulnerabilities in a large database.
- WayBackMachine—View content from deleted websites.
- Shodan—Search for devices connected to the internet.
- Netlas—Search and monitor internet connected assets.
- CRT sh—Search for certs that have been logged by CT.
- Wigle—Database of wireless networks, with statistics.
- PublicWWW—Marketing and affiliate marketing research.
- Binary Edge—Scans the internet for threat intelligence.
- GreyNoise—Search for devices connected to the internet.
- Hunter—Search for email addresses belonging to a website.
- Censys—Assessing attack surface for internet connected devices.
- IntelligenceX—Search Tor, I2P, data leaks, domains, and emails.
- Packet Storm Security—Browse latest vulnerabilities and exploits.
- SearchCode—Search 75 billion lines of code from 40 million projects.
LOL. Wrap a IP protocol into HTTP 🤯
1,02 pétabit par seconde: le record de transfert de données par fibre optique a été explosé | korii.
1,01 Pb/s avait déjà été atteint en décembre 2020. Le record ici provient "des méthodes qui semblent beaucoup plus simples à adapter aux réseaux existants".