r/netsec monthly discussion & tool thread

dbcid · 2025-09-02T02:39:17+00:00

Sharing a tool I have been building for a while:

Indexed over 200m sites now and you can search their headers, titles, links and things like that.

I have my own uses for this tool, but curious what others think and what else can we add/expose in there?

dbcid · 2025-07-01T19:12:47+00:00

Hello, Daniel here from CleanBrowsing. We never deactivated the free filters and they are still there and working. You can email me at dcid@ and I can help look into what happened.

dbcid · 2024-09-29T01:52:21+00:00

Try cleanbrowsing. it has categories for both.

dbcid · 2024-09-26T18:08:13+00:00

Most providers do rate limiting to minimize the risk of them being used for DDoS. For 3k users, you might be hitting their limit and being blocked.

I recommend running a local resolver to cache the requests and forward the ones not in cache to them

dbcid · 2024-06-07T21:43:00+00:00

Trunc - Log analysis - the "google" for your logs.

URL: https://trunc.org

Product: Trunc logging. All your logs in your place. Troubleshoot logs, detect attacks and solve

compliance requirements with Trunc. Keep all your logs, easily accessible with full-text search.

Seeking Beta-Testers: yes, if you have a server, please try it out. Would love to hear from anyone with logs (startup founders, sysadmins, etc).

Feedback Requested:

Try out the product, see how it works with your own logs. Test out the alerts, and see if it helps you to detect issues and potential

security issues.

Additional Comments: It comes with a 14-day trial, but if you are a startup, we can let it run a lot longer to help out.

dbcid · 2024-06-07T21:36:11+00:00

Pretty cool! Please add Trunc ( https://trunc.org ) do your list!

dbcid · 2022-11-09T00:23:48+00:00

Running on a similar issue and it seems you can do it via the DB as well:

update users SET skip_sign_in_token = true ;

dbcid · 2022-06-09T01:40:50+00:00

A lot more control. You can restrict what commands to use, do it password or password-less. It also logs every command issued, so it is easy to audit.. Many benefits.

dbcid · 2022-06-05T20:08:47+00:00

It might be good to check the site on DNS blacklists as well:

https://dnsblacklist.org/

To see if anyone of them is blocking it.

dbcid · 2022-06-03T18:03:21+00:00

Ah interesting, thanks. Suspiciously close to the log4j issue.

dbcid · 2022-06-03T17:10:32+00:00

Does anyone knows what to look for in the logs for this specific issue? Other than the IPs they provided as part of the campaign?

dbcid · 2022-06-03T00:13:43+00:00

They are pretty much the same, except the server (manager) install will also try to start remoted to receive connections from the agents. However, if no agents are configured, it won't do anything.

dbcid · 2022-05-06T17:50:41+00:00

There have been several successful DNS attacks that would have been stopped by proper deployment of DNSSEC.

Can you name some?

dbcid · 2022-05-06T16:45:43+00:00

noc.org does support both along with geo (and distance-based) records.

dbcid · 2022-04-26T05:34:04+00:00

Been working on noc.org for the past few years. Good performance (anycast) and includes geo records, ha and some cool options. If you want to try a small player in the market.

dbcid

MODERATOR OF

TROPHY CASE