Skip to main content


Showing posts from May, 2022

No Scrubs: The Architecture That Made Unmetered Mitigation Possible

When building a DDoS mitigation service it’s incredibly tempting to think that the solution is scrubbing centers or scrubbing servers. I, too, thought that was a good idea in the beginning, but experience has shown that there are serious pitfalls to this approach. Read the post of at Cloudflare's blog: N o Scrubs: The Architecture That Made Unmetered Mitigation Possible

The things that go wrong with your Internet connection

  There are multiple things that can and do go wrong with your Internet connection. Lets have a look: Power The first major issue is power. Power failures are common and and occur along any part of the Internet path and also at the end point. Data centres have sophisticated power backup systems that include generators and online uninterruptible power systems. These are pretty solid while on the home or business side that may not be the case. Along the path a service provide will have points of presence with varying degrees of power protection. Often there might be power backup but its poorly managed. As an example in our area, the ISP realizes the tank on his diesel generator is empty when the customers phone to complain about their links failing. They do not use any type of Internet of Things sensor to pro-actively manage the failures. Ironically, you'll find the significant majority of ISPs do not!

Release 0.7 of rport

 Reference: 🚀 New features: Copy files from the server to clients with full control over the writable folders on the client. Read more Scheduling of scripts with a central server-side scheduler for individual clients and groups. Read more Client-side tunnel allow-deny rules. On the client configuration, you can define exactly where a tunnel is allowed to connect. See new options . Tunnels can now be accessed on a different hostname than the API or UI achieving more flexibility when running behind a reverse proxy or Cloudflare. See new options . Purging disconnected clients can be turned off now. You can keep them in your inventory forever. See new options . You can specify which interface to use for tunnel connections on the RPort client. Useful if the remote machine has multiple network cards. See new options . 🔩 Improvements: API listener accepts now TLS 1.3 only. The support for weak encryption has been discon

Brute shark

BruteShark is a Network Forensic Analysis Tool (NFAT) that performs deep processing and inspection of network traffic (mainly PCAP files, but it also capable of directly live capturing from a network interface). It includes: password extracting, building a network map, reconstruct TCP sessions, extract hashes of encrypted passwords and even convert them to a Hashcat format in order to perform an offline Brute Force attack. Head over to github: Brute Shark

WiFi has changed: Is UniFi better than Cisco?


VPN slow? Network nightmares? How TCP really works: MTU vs MSS


Top Threats your Business Can Prevent on the DNS Level

The Domain Name System (DNS) is the underlying fabric that connects almost every gadget, service and endpoint in a company. And depending on how you manage your DNS landscape, it might be your IT security team’s guardian angel or when poorly managed your worst nightmare. Read the full article over at Threatpost:  Top Threats your Business Can Prevent on the DNS Level