OPSEC tool lineup
I find myself recommending a lot of these tools & practices to friends and colleagues so I thought I would share some of my insight on the best tools and practices to use for good OPSEC. I’ll go over some of the tools that I personally use, then briefly describe how some of them can […]
What Agarp.co has taught me
For those of you who don’t know, Agarp.co is a project started by my friend TheEptic. Since it’s conception I have helped out by donating server resources, moderating the forums & skins requests, and development of the projects software. Being a part of this project has taught me some things that I will never forget. […]
C# Threading Tutorial
In C# there are various reasons that you may have for needing to thread your applications out. I’m won’t go into detail what reasons you would have for doing so, I am only going to explain how that is done. This article goes over a complete example of C# threading, and then explains each piece […]
PERL IRC Bot Skeleton
More recently than ever people have been approaching me for help with learning a programming language. More often than not I will refer them to PERL or PHP depending on their program requirements. Surprisingly the best technique, that I have found, to help someone learn a new language is through writing an IRC bot. This […]
PERL Threading – Boss/Worker Design Pattern
When threading in PERL it is often useful to have a master process checking up on threaded processes to make sure they are doing their job correctly, or to gather data from the threaded process. At any rate the design pattern that I often find useful is called Boss & Worker. In this pattern we […]
WordPress Theme Tutorial
In this tutorial I will show you the basics of how to write your own WordPress themes. This guide assumes that you already have a fair amount of experience with HTML, CSS, and PHP. In case you do not, this guide won’t help you much, you should brush up on those things before moving on […]
I feel bad for everyone who seen this
This video displays the most blatantly obvious case of a reporter NOT DOING THEIR JOB and finding out all of the details of their story before actually going on air with it. These CNN reporters actually ask questions, of which the answers could be discovered via a quick Google search. I, unfortunately, can’t even give […]
67.06% of Reported NTP Servers Patched After Waves of DRDoS Attacks
Earlier this month I wrote about how I took offensive security measures in order to shutdown the emerging NTP DRDoS threat. Today I am happy to announce that of the 2,917 reported NTP servers which were observed as being used in NTP amplification attacks, 1,956 (67.06%) of them have been either shutdown or patched to disallow […]
CloudFlare Hit with 400Gbps NTP Amplification Attack
CloudFlare & Arbor Networks have both reported the attack against a CloudFlare hosted website reached a peak of between 325Gbps & 400Gbps. Previously the largest ever recorded DDoS attack has been against SpamHaus with 300Gbps.
Dismantling DRDoS Attacks, the Offensive way
Late 2013/Early 2014 we started noticing a new reflected denial of service attack being used in the wild. This has been none other than the NTP amplification attack, which utilizes UDP spoofing to request monlist, which causes the NTPd to send the reply data back to the target host.
Realm of the Mad God Domain Name Stolen
Yesterday at around 6:24PM central time, realmofthemadgod.com was hijacked by a group of script kiddies calling themselves swatsec. A mibbit chat was embedded to direct visitors to AfraidIRC (and later on Freenode). Our staff members at AfraidIRC had to constantly let people visiting know that we are not affiliated with the game or the company […]
Man Extorted out of his Twitter Username
On January 20th Naoki Hiroshima discovered that his PayPal & GoDaddy accounts had been breached, and domains stolen. The hacker had control over his email, websites, and online finances, while Naoki was powerless to protect himself. He was at the mercy of the attacker who stole his accounts.
Will NTP Amplification Become More Popular than DNS Amplification?
In this first month of 2014 there has been a new threat in the world of DrDoS. Reflected NTP attacks appear to be increasing in popularity over DNS reflection (2013’s favorite reflected attack method), but will NTP amplification rise above DNS amplification in popularity?