aelius

A, deci iti place sa utilizezi juno,vadim,stealth si alte tool-uri si sa dai jos cu site-urile.

Salut, Defineste-ne ce este un "Land attack" si un "TCP RST flood (spoofed)" @KhiZaRix

Din PM: 1. Threadul a fost inchis de omul ce ti-a dat warn pe buna dreptate 2. Vad ca ti-ai pus la profil "Location: In sat la aelius )" 3. Vad ca te-ai autentificat pe forum si de pe IP de aol. Tipic ce spuneam mai sus de Alexandria. Crezi ca ma intereseaza daca pe coloana din mysql este 0 sau 1 la banned in dreptul tau? Deja aud fosnetul lanului de porumb din orasul ala cu 6 blocuri.

Nu toata lumea locuieste intr-un oras in care peste noapte au inceput sa apara masini scumpe, haine de firma si telefoane de sute de dolari la oameni care nu aveau nici dupa ce bea apa. Sa spun numele orasului ? Sunt vreo doua in Romania de genul ala: Rm. Valcea si Alexandria. Habar nu aveam ce e ala CRG

Aia nu-s hackeri, sunt doar niste plozi vai de steaua lor ce se uita doar sa strice lucruri.

Nu e nevoie de 50 de posturi pentru a scrie tutoriale sau chestii care le consideri utile pentru comunitate

Intai ajuti si nu ceri. O sa ti se ofere daca meriti. Da, sunt multi care au primit VIP. Chiar si dupa 4-5 luni de la inregistrare.

// update Am readus servere i5 (cateva deocamdata). Mai am pe stoc ceva servere din alta generatie. Xeon 3430 @ 2.4 GHz 4 Core, 4 Threads, 8 MB Cache 1 x 500 GB SATA Memory: 8 GB Monthly traffic: 20 TB Network Port Speed: 100Mbps Two IP Addresses Monthly cost: 35 euro Setup fee: 0 Memory upgrade: - Upgrade to 16 GB Memory: 8 euro/month - Upgrade to 32 GB Memory: 14 euro/month // edit: mai e un server

pai ce, ciorile ie oameni ? ))

Nene, ai luat-o razna ? Ce saracia e cu topicul asta

Au batut calul. Vad ca-s si ciori, cum adica "doi romani" Bine ca s-au dus, maine fac gratar )

Hahahaha, asta e tare. @Zatarra de aici => https://rstforums.com/forum/showgroups.php Nu sunt neamuri )

Segment 6 - DMARC Information for Domain Owners and Third Parties - Download PDF - Source: http://www.m3aawg.org/

Segment 5 - DMARC Information for Mailbox Providers - Download PDF - Source: http://www.m3aawg.org/

Segment 4 - DMARC Reporting - Download PDF - Source: http://www.m3aawg.org/

Segment 3 - DMARC Policy Records - Download PDF - Source: http://www.m3aawg.org/

Segment 2 - DMARC Identifier Alignment - Download PDF - Source: http://www.m3aawg.org/

Segment 1 - What is DMARC ? - Download PDF - Source: http://www.m3aawg.org/

DMARC - What is it? DMARC, which stands for "Domain-based Message Authentication, Reporting & Conformance", is a technical specification created by a group of organizations that want to help reduce the potential for email-based abuse by solving a couple of long-standing operational, deployment, and reporting issues related to email authentication protocols. DMARC standardizes how email receivers perform email authentication using the well-known SPF and DKIM mechanisms. This means that senders will experience consistent authentication results for their messages at AOL, Gmail, Hotmail, Yahoo! and any other email receiver implementing DMARC. We hope this will encourage senders to more broadly authenticate their outbound email which can make email a more reliable way to communicate. Why is DMARC Important? With the rise of the social internet and the ubiquity of e-commerce, spammers and phishers have a tremendous financial incentive to compromise user accounts, enabling theft of passwords, bank accounts, credit cards, and more. Email is easy to spoof and criminals have found spoofing to be a proven way to exploit user trust of well-known brands. Simply inserting the logo of a well known brand into an email gives it instant legitimacy with many users. Users can't tell a real message from a fake one, and large mailbox providers have to make very difficult (and frequently incorrect) choices about which messages to deliver and which ones might harm users. Senders remain largely unaware of problems with their authentication practices because there's no scalable way for them to indicate they want feedback and where it should be sent. Those attempting new SPF and DKIM deployment proceed very slowly and cautiously because the lack of feedback also means they have no good way to monitor progress and debug problems. DMARC addresses these issues, helping email senders and receivers work together to better secure emails, protecting users and brands from painfully costly abuse. How Does DMARC Work? A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes - such as junk or reject the message. DMARC removes guesswork from the receiver's handling of these failed messages, limiting or eliminating the user's exposure to potentially fraudulent & harmful messages. DMARC also provides a way for the email receiver to report back to the sender about messages that pass and/or fail DMARC evaluation. Who Can Use DMARC? DMARC policies are published in the public Domain Name System (DNS), and available to everyone. Because the specification is available with no licensing or similar restriction, any interested party is free to implement it. Source: DMARC.org - Domain-based Message Authentication, Reporting and Conformance

Uite: https://dl.dropboxusercontent.com/s/f7wdnq5hqnqlwp0/IMG.jpg Ai in partea stanga doua servere, fiecare cu nginx as proxy, iar in dreapta site-ul clientului protejat vizitatori -> nginx (proxy/frontend) -> website (backend) Ere o ironie cu proxy-ul pus peste rst.

Pauza 3 zile. Multumim pentru vizita

Tinand cont de nota pe care ai dat-o, permite-mi sa aduc cateva comentarii constructive. - Serviciul oferit se afla intr-o singura retea, si anume, AS39345 (bts telecom). El este interconectat cu AS30890 si AS8751, adica Mediasat prin care are conectivitate externa si Interlan care este internet exchange in Romania. Practic, pe extern, au un singur upstream provider. - Nu exista redundanta iar Tehnologia CDN nu are nicio legatura cu un sistem web dual strat (frontend+backend) - Nu exista nicio solutie anycast - Datele clientilor pot fi interceptate in frontend (practic, site-ul clientului devine un backend) Daca vrei sa oferi asta ca serviciu, iti trebuie mai mult decat un nginx instalat pe un server la bts telecom: - Numar AS pentru routare dinamica - Cel putin un prefix de adrese ip - Acorduri pentru peering cu cati mai multi furnizori - Anuntarea prefixului de adrese ip prin numarul tau as in mai multe localtii (anycast) - Cat mai multe servere - Latime de banda cat cuprinde. Bts telecom au 2-3gbps toata banda externa. PS: - Scoate pishingul ala de proxy de pe rst, nu avem nicio garantie ca nu faci sniffing la date - Vezi ca serialul tau din DNS zice ca suntem in anul 1402

Baieti, va recomand sa va rezolvati problema pe cale amiabila. Nu are rost sa va certati pe 6 euro si un stealer, serios.

Nu vad cum ar putea merge. GET /example.php"><script>alert('xss');</script> Asta inseamna GET /example.php%22%3E%3Cscript%3Ealert('xss');%3C/script%3E Va returna intotdeauna 404. Cel mai probabil functioneaza doar in conditia asta, desi eu cred ca intotdeuna va returna 404. <form action="<?php echo $_SERVER['PHP_SELF']; ?>">