Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
nerdculture.de is one of the many independent Mastodon servers you can use to participate in the fediverse.
Be excellent to each other, live humanism, no nazis, no hate speech. Not only for nerds, but the domain is somewhat cool. ;) No bots in general. Languages: DE, EN, FR, NL, ES, IT

Administered by:

Server stats:

1.2K
active users

nerdculture.de: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

#dns

44 posts39 participants3 posts today
Public
Infoblox Threat Intel

One of our researchers recently received a text from an unknown number saying they were eligible to receive a full refund for an Amazon order. The message contained a link to a URL on t[.]co, Twitter/X's link shortener. Clicking the link led to the domain 267536[.]cc, which hosted an Amazon phishing page.

From this lead, we were able to find many more domains hosting the same content. The actor registering the domains seems to like .cc, the country code TLD for the Cocos Islands.

Sample of the domains:
236564[.]cc
267536[.]cc
671624[.]cc
687127[.]cc
319632[.]cc

Screenshot of a phishing page impersonating Amazon
#cybercrime#cybersecurity#dns
Public
Jeff Moss

Any #DNS folks know if Authenticated DNS over TLS to Authoritative Servers (ADoT) is going anywhere? Doesn’t look like recent activity on the drafts since 2022

ietf.org/archive/id/draft-dick

datatracker.ietf.org/doc/html/

www.ietf.orgAuthenticated DNS over TLS to Authoritative Servers This Internet Draft proposes a mechanism for DNS resolvers to discover support for TLS transport to authoritative DNS servers, to validate this indication of support, and to authenticate the TLS certificates involved. This requires that the name server names are in a DNSSEC signed zone. This also requires that the delegation of the zone served is protected by , since the NS names are the keys used for discovery of TLS transport support. Additional recommendations relate to use of various techniques for efficiency and scalability, and new EDNS options to minimize round trips and for signaling between clients and resolvers.
Public
Dan Oachs

Anyone else see strange issues trying to lookup download.microsoft.com?

My DNS servers seem to mostly fail when looking that up. Though sometimes 1 of 4 dns servers can resolve it for a few minutes at a time.

Also noticed odd results occasionally when using 1.1.1.1 as the DNS server, but 8.8.8.8 seems to work all the time.

I also see the same issue if using IPv6 DNS servers.

Weird. So far I am blaming either MS or Akami.

#microsoft#dns#akami
Public
SIDN

📣 𝐋𝐚𝐚𝐭𝐬𝐭𝐞 𝐩𝐥𝐚𝐚𝐭𝐬𝐞𝐧 𝐒𝐈𝐃𝐍 𝐓𝐞𝐜𝐡𝐓𝐚𝐥𝐤! Wees er snel bij voor een avond met 2 interessante sprekers: Rejo Zengers (Bits of Freedom) over de controversiële Europese verordening Chat Control en Willem Toorop (NLnet Labs) over het DNS-recordtype DELEG. Uiteraard is er ook ruimte voor vragen en discussie.

Meld je gratis aan en geniet van een gratis maaltijd vooraf en een borrel na afloop. meetup.com/sidn-techtalk/event

MeetupSIDN TechTalk - 15 april 2025, Tue, Apr 15, 2025, 6:00 PM | MeetupOp dinsdag 15 april organiseren we weer een nieuwe TechTalk! Ook dit keer hebben we 2 interessante sprekers én een lekkere maaltijd. Laat je inspireren en kom op 15 april n
#SIDN#techtalk#tech
Public
Stéphane Bortzmeyer

RFC 9726: Operational Considerations for Use of DNS in IoT Devices

Les objets connectés sont une source de risques de sécurité. Pour les limiter, le RFC 8250 normalisait le format #MUD, pour que le fournisseur du machin connecté documente les accès au réseau de l'objet. Dans un fichier MUD, les services avec lesquels l'objet communique sont indiqués par un nom de domaine. Le #DNS a quelques subtilités, décrites dans ce #RFC.

bortzmeyer.org/9726.html

www.bortzmeyer.orgBlog Stéphane Bortzmeyer: RFC 9726: Operational Considerations for Use of DNS in Internet of Things (IoT) Devices
Public
Andreas Klopsch

🔍 Exploring Domain Generation Algorithms (DGAs) in Malware 🔍

Domain Generation Algorithms (DGAs) enable malware to change its domain dynamically. Below is an article I wrote years ago, which explains the difference between seed based and dictionary based algorithms.

malwareandstuff.com/dgas-gener

Malware and Stuff · DGAs – Generating domains dynamicallyA domain generation algorithm is a routine/program that generates a domain dynamically. Think of the following example: An actor registers the domain evil.com. The corresponding backdoor has this d…
#malware#infosec#cybersecurity
Public
securityskeptic :donor: :verified:

Access to domain registration data is neither timely nor uniform. In today's Interisle Insights post, Colin Strutt shares the challenges that law enforcement, first responders, and researchers face in collecting even the “non contact registration data” elements to identify where cybercriminals acquire resources for their attacks.

interisle.substack.com/p/limit

Interisle Insights · Limiting Access to Domain Registration DataBy Interisle Consulting Group
#whois#gdpr#rdap
Replied in thread
Public
Kevin Karhan :verified:

@DoctorBrodsky @woe2you @miah given #Quad9 bowed before the #Contentmafia and censored #DNS requests, I'll continue to recommend using #OpenNIC's Servers instead

94.103.153.176 & 2a02:990:219:1:ba:1337:cafe:3 as well as
144.76.103.143 & 2a01:4f8:192:43a5::2

  • If you only add a single #IPv4 address, no #IPv6 resolution will take place over said provider or worse even no IPv6 connectivity at all...

I merely retain quad9 on said list for archival purposes. I Yeeted #CloudFlare aka. #ClownFlare since they are a #RogueISP!

List of useful things. Contribute to greyhat-academy/lists.d development by creating an account on GitHub.
GitHublists.d/dns.servers.list.tsv at a4a7ccf70d8504ebbffd7e5fbcd5630294860434 · greyhat-academy/lists.dList of useful things. Contribute to greyhat-academy/lists.d development by creating an account on GitHub.
ExploreLive feeds
About