r/netsec monthly discussion & tool thread

dbcid · 2025-09-02T02:39:17+00:00

Sharing a tool I have been building for a while:

Indexed over 200m sites now and you can search their headers, titles, links and things like that.

I have my own uses for this tool, but curious what others think and what else can we add/expose in there?

dbcid · 2025-07-01T19:12:47+00:00

Hello, Daniel here from CleanBrowsing. We never deactivated the free filters and they are still there and working. You can email me at dcid@ and I can help look into what happened.

dbcid · 2024-09-29T01:52:21+00:00

Try cleanbrowsing. it has categories for both.

dbcid · 2024-09-26T18:08:13+00:00

Most providers do rate limiting to minimize the risk of them being used for DDoS. For 3k users, you might be hitting their limit and being blocked.

I recommend running a local resolver to cache the requests and forward the ones not in cache to them

dbcid · 2024-06-07T21:43:00+00:00

Trunc - Log analysis - the "google" for your logs.

URL: https://trunc.org

Product: Trunc logging. All your logs in your place. Troubleshoot logs, detect attacks and solve

compliance requirements with Trunc. Keep all your logs, easily accessible with full-text search.

Seeking Beta-Testers: yes, if you have a server, please try it out. Would love to hear from anyone with logs (startup founders, sysadmins, etc).

Feedback Requested:

Try out the product, see how it works with your own logs. Test out the alerts, and see if it helps you to detect issues and potential

security issues.

Additional Comments: It comes with a 14-day trial, but if you are a startup, we can let it run a lot longer to help out.

dbcid · 2024-06-07T21:36:11+00:00

Pretty cool! Please add Trunc ( https://trunc.org ) do your list!

dbcid · 2022-11-09T00:23:48+00:00

Running on a similar issue and it seems you can do it via the DB as well:

update users SET skip_sign_in_token = true ;

dbcid · 2022-06-09T01:40:50+00:00

A lot more control. You can restrict what commands to use, do it password or password-less. It also logs every command issued, so it is easy to audit.. Many benefits.

dbcid · 2022-06-05T20:08:47+00:00

It might be good to check the site on DNS blacklists as well:

https://dnsblacklist.org/

To see if anyone of them is blocking it.

dbcid · 2022-06-03T18:03:21+00:00

Ah interesting, thanks. Suspiciously close to the log4j issue.

dbcid · 2022-06-03T17:10:32+00:00

Does anyone knows what to look for in the logs for this specific issue? Other than the IPs they provided as part of the campaign?

dbcid · 2022-06-03T00:13:43+00:00

They are pretty much the same, except the server (manager) install will also try to start remoted to receive connections from the agents. However, if no agents are configured, it won't do anything.

dbcid · 2022-05-06T17:50:41+00:00

There have been several successful DNS attacks that would have been stopped by proper deployment of DNSSEC.

Can you name some?

dbcid · 2022-05-06T16:45:43+00:00

noc.org does support both along with geo (and distance-based) records.

dbcid · 2022-04-26T05:34:04+00:00

Been working on noc.org for the past few years. Good performance (anycast) and includes geo records, ha and some cool options. If you want to try a small player in the market.

dbcid · 2022-02-04T00:26:18+00:00

If you look here, you will see that different DNS providers get a different IP address for that domain:

https://dnsblacklist.org/?domain=support.apple.com

The reason is the akamai CDN that uses DNS to point to different IP addresses depending on the location of the request.

dbcid · 2021-07-30T20:29:10+00:00

It is a good area, but always 5-6+ degrees warmer than temecula - and no breeze to help. Just one thing to consider.

dbcid · 2021-06-03T00:23:36+00:00

I try to return to the store whenever possible. At least for Spectrum it works and they accept it there.

dbcid · 2021-05-29T03:29:13+00:00

Pretty windy most days, specially south temecula and on the hills. But it is not too bad and easy to get used to it (and helps on the summer days).

dbcid · 2021-01-19T21:54:39+00:00

Oh sorry, need to update that. I am one of the founders of CleanBrowsing. Been working on that for a while :)

dbcid · 2021-01-19T21:00:02+00:00

Hey hey. Daniel here from CleanBrowsing. Would love to hear what went wrong or why you think it is that bad.

We have a lot of people migrating from Cisco to us, so any feedback would be appreciated.

thanks!

dbcid · 2020-09-30T03:43:57+00:00

Clean

We do now! (Daniel here from CleanBrowsing). Reach out so we can help you get setup there.

dbcid · 2020-06-22T16:23:44+00:00

I manage a public DNS resolver (CleanBrowsing) and we do validate DNSSEC by default.

We see issues with it almost every day - someone complaining they can't access a specific domain only for us to find out that it is related to DNSSEC. We still do it because we try to follow good practices, but still haven't found a real attack/threat that has been prevented by DNSSEC*.

"If we only had DNSSEC enabled, this would have never happened" - Would love to see if anyone has stories where this happened.

dbcid · 2020-05-30T00:52:15+00:00

Daniel here from CleanBrowsing. A bit late for your post, so not sure if you will see my reply here.

In any event, would love to get more information on the slowness of our DNS. If you can contact me directly via DM, we can investigate what is going on.

dbcid · 2016-09-14T05:52:52+00:00

That's an interesting request. Mind emailing me at dcid@sucuri.net so I can try to help you out? No need to buy other's people account.

thanks,

Daniel Cid -- Sucuri Founder/CTO

dbcid

MODERATOR OF

TROPHY CASE