aelius

ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes, approaching the theoretical limit of gigabit Ethernet. ZMap can be used to study protocol adoption over time, monitor service availability, and help us better understand large systems distributed across the Internet. Documentation: https://zmap.io/documentation.html Download: https://zmap.io/download.html - Am citit asta si mi-a parut interesant. Asa l-am gasit.

Foarte interesant. De asemenea, si asta: ---- By scanning the public IPv4 address space, we collected 5.8 million unique TLS certi?cates from 12.8 million hosts and 6.2 million unique SSH host keys from 10.2 million hosts. This is 67% more TLS hosts than the latest released EFF SSL Observatory dataset [20]. Our techniques take less than 24 hours to scan the entire address space for listening hosts and less than 96 hours to retrieve keys from them. ---- Au si un TOOL Online aici: https://factorable.net/keycheck.html

Stai ca le incurci de le faci varza. Curent = Intensitatea curentului electric reprezinta numarul de electroni ce trec printr-o sectiune a unui conductor in unitatea de timp. Tensiune = Reprezinta diferenta de potential sau de stare intre capetele unui circuit. Nu ai treaba cu niciun tranzistor. Cand consumul creste, rezistenta ohmica a consumatorului scade. Poti vedea asta ca pe un scurt-circuit pe sursa (overload) Tu ai acolo: 1. O sursa de tensiune care asigura alimentarea PC-ului (respectiv, transformarea, redresarea si stabilizarea tensiunii la 5v si 12v) 2. Un consumator (placa de baza cu toate componentele, incluzand discuri, etc) Pana aici cred ca ai inteles. In momentul in care procesorul cat si placa grafica incep sa fie utilizate, consumul acestora creste (in idle consumul este foarte mic). Daca sursa ta de alimentare poate asigura o putere de maxim 350 W iar calculatorul cu ce are in el necesita un minim de 500 W, este clar ca sursa va ceda. Sursele de alimentare se calculeaza dupa consumatori. Asa este peste tot. Si la proiectarea instalatiilor electrice este la fel. Ex: - Ai o priza care permite conectarea unui consumator de maxim 2000 W (2 Kw/h). Asta inseamna ca siguranta de pe conductoare va trebui sa fie de minim 10 Amperi iar conductoarele sa fie bine dimensionate pentru acel consum. (2000w / 220 = 9.09 Amperi). Daca nu sunt intrunite cele doua conditii, ceva se va arde (ori conductoarele se vor incalzi, ori va sari sau se va arde siguranta) Siguranta + Conductoare = Sursa ta de alimentare Consumatorul = PC-ul

"laptop computer not included" si "up to four pieces of toast in 30 minutes" fac toti marafetii. Ce ratati astia, cum frate sa faci toaster cu REZISTENTE alimentat la 5 v si 100 mA ....

Ia asta: Sursa Thermaltake Litepower 600W - eMAG.ro

- C - C++ - Python - PHP - Cunnilingus

Nu prea vad cine il incarca: root@pluto:~# strings /bin/bash |grep "~/.bash" ~/.bashrc ~/.bash_profile ~/.bash_login ~/.bash_history if $HISTFILE has a value, that is used, else ~/.bash_history. ~/.bash_logout root@pluto:~# Probabil ai deja in profil ceva de genul: if [ -f ~/.bash_aliases ]; then . ~/.bash_aliases fi // edit: Da, cred ca ai deja in .bashrc ce este mai sus (pentru a face load la .bash_aliases) Merci

Daca aveti nevoie sa faceti un blacklist sau va sunt utile toate adresele ip routate pe un anumit numar as, puteti utiliza clientul clasic de whois din linux in felul urmator: root@pluto:~# whois AS8708 -i origin -T route |grep 'route:' route: 141.136.25.0/24 route: 176.223.191.0/24 route: 188.24.0.0/14 route: 188.241.106.0/23 route: 188.241.246.0/24 route: 193.105.58.0/24 route: 193.111.161.0/24 route: 193.111.232.0/24 route: 193.138.85.0/24 route: 193.16.213.0/24 In cazul in care nu tineti minte comanda, puteti face o functie in '~/.bashrc' de genul: function routes() { whois $1 -i origin -T route|grep 'route:' } Demo: root@pluto:~# routes AS8708 route: 141.136.25.0/24 route: 176.223.191.0/24 route: 188.24.0.0/14 route: 188.241.106.0/23 route: 188.241.246.0/24 route: 193.105.58.0/24 route: 193.111.161.0/24 route: 193.111.232.0/24 Dupa ce puneti functia in fisierul '~/.bashrc' este necesar sa dati comanda 'source ~/.bashrc' sau sa va reautentificati. La ce puteti utiliza adresele ip routate de catre un numar AS: - Limitari de banda, prioridizare de pachete - Blocare http flood dintr-o anumita retea, blacklisted, etc ... Nota: Daca nu va functioneaza, adaugati '-h whois.ripe.net' la comanda. Daca va sunt necesare doar adresele ip (sa nu mai afiseze 'route:'), folositi "|awk '{print $2}'" dupa comanda ca in exemplul de mai jos: whois -h whois.ripe.net NUMAR_AS -i origin -T route |grep 'route:' |awk '{print $2}'

Nu este singurul. Poate asa se lauda ei. Lista parteneri RoTLD Ce vocabular de lemn: 'factura proforma a expirat'. Da ce domne, e de haleala ?

Merry Christmas! And permanent ban.

Nu eu frate. El. Stai calm, nu sunt asa retarzi oricum. Nu se specifica o latime minima de banda garantata si au grija sa puna niste subnote la contract cu font de 6px in care se specifica faptul ca nu sunt raspunzatori de nimic si ca tu trebuie sa le oferi defapt banii aia cu titlu gratuit (glumesc, dar cred ca nu mai au mult sa faca asa)

Banned - e tot usertitle

Da. Trebuie sa maresti tcp window si memoria alocata (tcp tuning). Depinde in mod proportional de RTT. Referinte: - TCP Tune - TCP tuning - Wikipedia, the free encyclopedia In cazul tau, switch-ul dgs-1005d este destinat 'home use' iar tcp windows este undeva la 16k. Am facut multe teste (benchmarks) insa switch-urile erau de la force 10. Apropo, ai folosit jumbo frame ? (mtu 9000) Pentru optimizari legate de tcp, cred ca ar fi bun un thread nou, daca va intereseaza o discutie pe tema asta. Hahaha, sa nu spui ca iti da LACP si iti vine pe 3 porturi gigabit. Sau poate iti cumperi device de 10Gbps ? Hai bre, sa fim seriosi.

Nu. In toate routerele de la RDS sunt configurate triggere. In momentul in care ti-ai luat dos/ddos peste flajneta, se anunta adresa_ip/32 in comunitatile BGP de pe extern ca blackhole. (asta se intampla in cateva secunde doar) Daca atacul inceteaza imediat, filtrul este scos in aproximativ 10-15 minute. Daca atacul persista mai mult de 30 de minute, filtrul se scoate doar manual de catre inginerii de la NOC 100 mbps == 12.5 MB/s la download este teoretic. Sa atingi 12 - 12.5 iti trebuie prioridizare pe pachetele ce nu contin payload. Din experienta, 11.4 MB/s este cam maximum ce se poate obtine per flow Ceva referinte: - http://www.benzedrine.cx/ackpri.html - http://phix.me/dm/ - http://lartc.org/howto/lartc.cookbook.fullnat.intro.html // ... se mai pot cauta // sidenote: Stfean_Iordache: Este best-effort. Ala e cel mai scurt raspuns

Pai hai ca-ti explic eu. 1. Latimea de banda nu este garantata. 2. Latimea de banda oferita este peering based. Se bazeaza pe faptul ca 80-90% din banda utilizata este catre hosturi cu care au peering. Daca le tragi tu cu 200mbps din SUA sau o sursa/destinatie fara peering, nu le convine pentru ca sunt costuri MARI. 1Gbps garantat costa in jur de 600-700 euro lunar (asta pret de ISP), la end-user ajunge mult mai mult. Majoritatea celor care vor banda de genul, sunt cei care ia de pe torente ... si alea locale. Deci costuri aproape de 0. Practic nu ai acolo decat un LAN/MAN si ceva extern ...

Nytro are coaili ala frate ... da cica trebuie mangaiate Eu stiu ca le da decat la femei care lucreaza in IT //edit: sa nu va luati ban de la admini/moderatori cu coailii voastre frate. Pe mine nu ma deranjaza dar poate ca altii considera prea agresiva si prea des facuta gluma.

it works, thanks! ;-)

Data breaches and security incidents are a constant in the headlines these days. Hackers and cyber criminals are motivated by status or money and finding new innovative and more creative attacks to achieve this. One of them are, Digital Bank robbery - where the thieves didn't need masks and guns to pull off the job, all they need are - Hacking Skills, a computer and the Internet. Another way is Cyber extortion - threat of attack against an enterprise or a bank, coupled with a demand for money to avert or stop the attack. According to Haaretz news, A Hacker - who is the operator of a biggest botnet malware network in the Israel, has threatens 3 major Israeli banks, i.e. Israel Discount Bank, Bank Yahav and the First International Bank of Israel. Banks database, network and websites were not breached in this case, rather the hacker claimed that he holds a huge financial trojan botnet network in Israel that have already infected millions of systems across the nation and collected a massive dump of stolen personal information, passwords, banking information and credit card numbers of 3.7 Million users. The hacker has demanded the payoff in Bitcoin, a untraceable virtual currency, perfect for blackmailers and cyber criminals. Bitcoin is not backed by any central bank or government and can be transferred "peer to peer" between any two people anywhere. Banks declined to comment on the report and immediately reported the threat to the Israel Police. According to the source, some of them do not see the threat as serious. Bank of Israel held a meeting on Tuesday on the issue, we will update you soon about their next step with a new article. Cyber attacks are becoming more and more advanced and sophisticated, more or less any company in the world is on the list of targets to rob. You should keep updating your knowledge about the cyber world to Stay Safe from all threats. Source: Hacker threatens to sell data of 3.7 Million Israeli Bank Customers, demands extortion money in Bitcoin Nota personala: Sa nu fiti pacaliti ca si ziaristii sa folositi termenul hacker pentru orice Escroc care fura bani.

Probabil s-au jucat cei de la xServers prin BGP. Aparea /32 ca neanuntat pe extern si cateva route locale. (cel putin asa se vedea din exterior, nu am idee) Ne cerem scuze daca ai pierdut vreo intalnire importanta la drum de seara pe RST sau vreun deal care sa-ti aduca zambetul pe buze si fericire la portofel // edit: Da, e posibil. Mircea Frijan (rechinul/bunicu) ne da flood cu winampul

Este legal. Se inscriptioneaza si se citesc cardurile de access control si mai multe. Ca poate fi folosit si in scopuri ilegale, asta e altceva. Daca nu aveti si stiti electronica, va descurcati cu un cap de redare de magnetofon si un preamplificator audio. ps: sa nu intrati naiba la inchisoare pentru cartele de metrou

View image: Screen Shot 2013 12 21 at 6 34 15 PM Byte-ul ; Ban 24 de ore (maine la ora 18.40 expira) Motiv: Tutorialele trebuie incurajate. Trebuie evitate discutiile de genul. De asemenea, mesajul de la '-1 rep' este de prost gust.

Daca tot este data o metoda de atac DNS Amplification, ar fi interesant sa fie si o solutie pentru asta. O solutie de a mitiga aceasta forma de atac 'low end' este sa configurati bind (named) sa permita 'recursive queries' DOAR de la surse bine stabilite. De exemplu: Fisier: 'named.conf' // lista prefixe, acl acl recurseallow { 216.156.100.0/24; 210.134.32.0/23; 188.243.11.0/24; }; options { // alte optiuni ... recursion no; allow-recursion { recurseallow; }; } Desigur, sunt si alte optiuni, mult mai bune si mai eficiente. Multumim pentru post silvian0 // edit @Byte-ul: Nu e frumos sa faci asa si nici nu cred ca trebuie traducere in lb. Romana. IT-ul se invata in Engleza.

The NSA and the GCHQ have compromised much encryption used on the internet through a potent mix of technological theft, spycraft, and collaboration with major technology companies, according to new reports. In a series of news articles that highlight how the code-breaking crypto-fiddling agencies NSA and GCHQ are doing their job, ProPublica, The New York Times, and The Guardian, disclosed on Thursday a wide-ranging campaign by the spies to smash internet crypto methods so to better slurp data from the world+dog. The NSA "has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show," the NYT reports. Though thin on specifics, the stories clearly outline that the agencies have developed a variety of methods to attack and gain access to data secured by either SSL, or inside a virtual private network (VPN). They also imply that they have put backdoors into crypto-systems and potentially widely used digital components, as well. The spies have also worked with technology companies to gain a direct line to data stored in their servers, though the documents do not specify which companies in particular. Analysts can slurp away at the decrypted data through a highly classified program named "Bullrun". "For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies. ... Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable," one memo from 2010 given to the spies at GCHQ, says. New "groundbreaking capabilities" have also let the agencies inspect data that is intercepted from submarine cables, the reports state. The gist of the reports is that the agencies have probably compromised SSL via gaining certificates and encryption keys to the point where they can perform man-in-the-middle attacks on widely used applications. GCHQ is alleged to have broken the security on some 30 VPN systems, and has plans to get into 300 by 2015. Though mega-leaker Edward Snowden has previously claimed end-to-end encryption can protect users, the thorough ways in which the agencies have worked to compromise endpoints makes it unlikely that users on either end of a communication have access to clean hardware. Source: Reports: NSA has compromised most internet encryption • The Register

The US National Institute of Standards and Technology (NIST) has vehemently denied accusations that it deliberately weakened encryption standards to help the NSA's monitoring activities. "We want to assure the IT cybersecurity community that the transparent, public process used to rigorously vet our standards is still in place," said NIST in a statement. "NIST would not deliberately weaken a cryptographic standard. We will continue in our mission to work with the cryptographic community to create the strongest possible encryption standards for the U.S. government and industry at large." According to a memo released by NSA whistleblower Edward Snowden, the intelligence agency's budget included efforts to "influence policies, standards and specifications for commercial public key technologies". In particular, NIST Special Publication 800-90 was referenced, a 2006 encryption standard adopted by NIST which uses four deterministic random bit generators. One of these generators, Dual_EC_DRBG, is based on finding the discrete logarithms of elliptic curves and attracted attention almost immediately, not least because it was considerably slower than the other three methods and was specifically championed by the NSA. A year after its publication, two Microsoft researchers – Dan Shumow and Niels Ferguson – gave a presentation at the CRYPTO 2007 conference which suggested that Dual_EC_DRBG was crackable. They were careful not to accuse the NSA of deliberately inserting a backdoor into the system, but noted that it was potentially unsafe. In Tuesday's statement, NIST said that working with the NSA was standard operating procedure; indeed it was required by law to consult with the NSA on security matters. To reassure users, NIST has reopened the standard to public comment so that it can be checked, but cryptography expert Bruce Schneier, who has examined some of Snowden's material on the matter, warned that this won’t be good enough. "NIST took a big credibility hit unfortunately," he said in a podcast. "There are good people there doing good work but we don't know which of their standards are tainted, we don't know how much collaboration there is with the NSA. "And unfortunately because trust is lost when they get up and say the NSA doesn't affect our standards we don't believe them. We need a way to get back trust." Schneier likened the situation to betraying a spouse, saying that in that kind of situation the only way to get trust back is by full disclosure. "You can't say 'here's most of the things I did and you may find out some more in a few months' – those sort of strategies never work." Source: http://www.theregister.co.uk/2013/09/05/nsa_gchq_ssl_reports/

If you own a world-renowned Security Product or a Service, National Security Agency (NSA) is ready to pay you 10 Million or more bribe for keeping intentional backdoor for them. According to an exclusive report published by Reuters, there is a secret deal between the NSA and respected encryption company RSA to implement a flawed security standard as the default protocol in its products. Earlier Edward Snowden leaks had revealed that the NSA created a flawed random number generation system (Dual_EC_DRBG), Dual Elliptic Curve, which RSA used in its Bsafe security tool and now Snowden has revealed that RSA received $10 million from NSA for keeping Encryption Weak. So, anyone who knows the right numbers used in Random number generator program, can decipher the resulting cryptotext easily. Recommending bad cryptographic standard is one thing, but accepting 10 million to deliberately implement is something very shameful for a respected Security company. The new revelation is important, cryptographer and Security expert Bruce Schneier said, because it confirms more suspected tactics that the NSA employs. "You think they only bribed one company in the history of their operations? What's at play here is that we don't know who's involved," he said. RSA, now owned by computer storage firm EMC Corp, and has maintained its stand of not colluding with NSA to compromise the security of its products, "RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products," Both the NSA and RSA haven't directly acknowledged the deal. But after Snowden revelations, What is the RSA's credibility or of other American software and networking companies? Source: NSA paid $10 Million bribe to RSA Security for Keeping Encryption Weak Also, published on: - Reuters - The Register