How Google Took on Mirai, KrebsOnSecurity



  • The third week of September 2016 was a dark and stormy one for KrebsOnSecurity. Wave after wave of huge denial-of-service attacks flooded this site, forcing me to pull the plug on it until I could secure protection from further assault. The site resurfaced three days later under the aegis of Google’s Project Shield, an initiative which seeks to protect journalists and news sites from being censored by these crippling digital sieges.

    Damian Menscher, a Google security engineer with whom I worked very closely on the migration to Project Shield, spoke this week about the unique challenges involved in protecting a small site like this one from very large, sustained and constantly morphing attacks.

    Google Security Reliability Engineer Damian Menscher speaking at the Enigma conference this week. Photo: @mrisher

    Google Security Reliability Engineer Damian Menscher speaking at the Enigma conference this week. Photo: @mrisher

    Addressing the Enigma 2017 security conference in Oakland, Calif., Menscher said his team only briefly considered whether it was such a good idea to invite a news site that takes frequent swings at the DDoS-for-hire industry.

    “What happens if this botnet actually takes down google.com and we lose all of our revenue?” Menscher recalled. “But we considered [that] if the botnet can take us down, we’re probably already at risk anyway. There’s nothing stopping them from attacking us at any time. So we really had nothing to lose here.”

    Ars Technica’s Dan Goodin was at the Engima conference and filed this report:

    “It took only about an hour for Menscher’s team to arrive at the decision to help Krebs. A much more lengthy process involved actually admitting KrebsOnSecurity into Project Shield…A key requirement for admittance is that the person requesting service proves they have control over the site. Because KrebsOnSecurity was down at that moment, Krebs was unable to satisfy this requirement.

    Making matters worse, the domain-name system settings KrebsOnSecurity used had been locked to thwart the attempted domain hijacking attacks that regularly targeted the site. That prevented Krebs from showing he had control of the site’s DNS settings.

    Once Project Shield ultimately got KrebsOnSecurity back online, it took just 14 minutes for the attacks to resume.”

    For more, check out Dan Goodin’s excellent piece, How Google Fought Back Against a Crippling IoT-Powered Botnet and Won. And a rolling thanks to Damian (a true mensch) and to Project Shield for deflecting the evil bits.

    For more background on the botnet responsible for knocking this site offline, see Who is Anna-Senpai, the Mirai Worm Author?

    https://krebsonsecurity.com/2017/02/how-google-took-on-mirai-krebsonsecurity/


Log in to reply
 



Tmux Commands

screen and tmux

A comparison of the features (or more-so just a table of notes for accessing some of those features) for GNU screen and BSD-licensed tmux.

The formatting here is simple enough to understand (I would hope). ^ means ctrl+, so ^x is ctrl+x. M- means meta (generally left-alt or escape)+, so M-x is left-alt+x

It should be noted that this is no where near a full feature-set of either group. This - being a cheat-sheet - is just to point out the most very basic features to get you on the road.

Trust the developers and manpage writers more than me. This document is originally from 2009 when tmux was still new - since then both of these programs have had many updates and features added (not all of which have been dutifully noted here).

Action tmux screen
start a new session tmux OR
tmux new OR
tmux new-session
screen
re-attach a detached session tmux attach OR
tmux attach-session
screen-r
re-attach an attached session (detaching it from elsewhere) tmux attach -d OR
tmux attach-session -d
screen -dr
re-attach an attached session (keeping it attached elsewhere) tmux attach OR
tmux attach-session
screen -x
detach from currently attached session ^b d OR
^b :detach
^a ^d OR
^a :detach
rename-window to newname ^b , <newname> OR
^b :rename-window <newn>
^a A <newname>
list windows ^b w ^a w
list windows in chooseable menu ^a "
go to window # ^b # ^a #
go to last-active window ^b l ^a ^a
go to next window ^b n ^a n
go to previous window ^b p ^a p
see keybindings ^b ? ^a ?
list sessions ^b s OR
tmux ls OR
tmux list-sessions
screen -ls
toggle visual bell ^a ^g
create another window ^b c ^a c
exit current shell/window ^d ^d
split window/pane horizontally ^b " ^a S
split window/pane vertically ^b % ^a |
switch to other pane ^b o ^a <tab>
kill the current pane ^b x OR (logout/^D)
collapse the current pane/split (but leave processes running) ^a X
cycle location of panes ^b ^o
swap current pane with previous ^b {
swap current pane with next ^b }
show time ^b t
show numeric values of panes ^b q
toggle zoom-state of current pane (maximize/return current pane) ^b z
break the current pane out of its window (to form new window) ^b !
re-arrange current panels within same window (different layouts) ^b [space]
Kill the current window (and all panes within) ^b killw [target-window]
  • Researchers are warning of a new Netflix phishing scam that leads to sites with valid TLS certificates.

    https://threatpost.com/new-phishing-scam-reels-in-netflix-users-to-tls-certified-sites/132976/

    read more
  • A new botnet from the Dark Web displays a never-before-seen level of complexity in terms of the sheer breadth of its various tools.

    https://threatpost.com/mylobot-botnet-emerges-with-rare-level-of-complexity/132967/

    read more
});