Conversation

Notices

1. Embed this notice
   PunishedD (punishedd@clubcyberia.co)'s status on Wednesday, 21-Aug-2024 11:24:23 JST PunishedD
   "Nothing ever happens. I wish something would hap-- OH GOD NO NOT LIKE THIS"
   •  and Pleroma-tan like this.
   • Embed this notice
     djsumdog (djsumdog@djsumdog.com)'s status on Wednesday, 21-Aug-2024 11:45:09 JST djsumdog

     in reply to

     • Hoss Delgado
     I wonder how many furries lolcows will discover they have their own threads
   • Embed this notice
     Hoss Delgado (hoss@shitpost.cloud)'s status on Wednesday, 21-Aug-2024 11:45:10 JST Hoss Delgado

     in reply to
     Gotta hand it to the hackers, they did the funniest thing possible.
   • Embed this notice
     PunishedD (punishedd@clubcyberia.co)'s status on Wednesday, 21-Aug-2024 11:45:11 JST PunishedD

     in reply to
     The madlad linked the feature to the furry thread. Everything is crashing. Madness reigns.
   • Embed this notice
     Lina Inver?e (lina@eientei.org)'s status on Wednesday, 21-Aug-2024 12:17:51 JST Lina Inver?e

     in reply to
     @PunishedD >furaffinity owner is dead
     pwnt.
   • Embed this notice
      (mint@ryona.agency)'s status on Wednesday, 21-Aug-2024 18:42:23 JST 

     in reply to
     @PunishedD Hilarious!
     1724204084608.png
   • Embed this notice
     EyeONI (eyeoni@ryona.agency)'s status on Wednesday, 21-Aug-2024 19:17:14 JST EyeONI

     in reply to

     • 
     @mint @PunishedD None of this is untrue
      likes this.
   • Embed this notice
      (mint@ryona.agency)'s status on Wednesday, 21-Aug-2024 20:20:22 JST 

     in reply to

     • 
     @PunishedD And it looks like it wasn't anything more than some zoomer obtaining access to the domain and changing the nameservers to deface the site immediately. If he didn't have an ipad baby brain, he would've MitMed it for admin/mod passwords or something in order to at least present something of value.
     image.png
     Pleroma-tan likes this.
   • Embed this notice
     Phantasm (phnt@fluffytail.org)'s status on Wednesday, 21-Aug-2024 20:35:43 JST Phantasm

     in reply to

     • 
     @mint @PunishedD
     >stop calling me a zoomer
     >uses zoomer gibberish at the end of his post
      likes this.
   • Embed this notice
      (mint@ryona.agency)'s status on Wednesday, 21-Aug-2024 20:38:23 JST 

     in reply to

     • laurel
     @laurel @PunishedD Not exactly, those were g*rman authorities making Hetzner add another hop in the route and issuing letsencrypt cert. With access to domain and Cloudflare's dashboard you don't even need that since it issues valid certs automatically and the IP is going to be somewhere in https://www.cloudflare.com/ips-v4/ regardless.
   • Embed this notice
     laurel (laurel@fsebugoutzone.org)'s status on Wednesday, 21-Aug-2024 20:38:24 JST laurel

     in reply to

     • 
     @mint @PunishedD
     
     >If he didn't have an ipad baby brain, he would've MitMed it for admin/mod passwords or something in order to at least present something of value.
     Isn't this what recently happened with those Russian xmpp servers? Attackers got domain access for just a few hours, used it to issue certificates and then arp poisoned the hosting network to serve as a proxy.
   • Embed this notice
      (mint@ryona.agency)'s status on Wednesday, 21-Aug-2024 20:39:40 JST 

     in reply to

     • 
     • laurel
     @laurel @PunishedD Also that list isn't full, since 1.0.0.0/24 is also owned by the 'flare. I guess it includes the ranges that are being assigned by customers only.
   • Embed this notice
     翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 21-Aug-2024 20:45:00 JST 翠星石

     in reply to

     • 
     @mint >also owned by the 'flare
     You cannot own IPs.
     
     You can get IPs assigned to a business, but there is no ownership.
     
     You can assign whatever IP you want in a router and announce that via BGP, although in the past there was an agreement to only use assigned IPs.
     
     Due to the amount of bad actors, there is RPKI now, which is typically configured to only assign the required keys to those who have the IPs assigned to them and therefore hijacking routes are rejected.
   • Embed this notice
     翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 21-Aug-2024 22:15:21 JST 翠星石

     in reply to

     • Phantasm
     @phnt Wrong brown tbh.
   • Embed this notice
     Phantasm (phnt@fluffytail.org)'s status on Wednesday, 21-Aug-2024 22:15:22 JST Phantasm

     in reply to

     • 翠星石
     • 
     @Suiseiseki @mint :gnujak:
      likes this.
   • Embed this notice
     laurel (laurel@fsebugoutzone.org)'s status on Wednesday, 21-Aug-2024 22:17:35 JST laurel

     in reply to

     • 
     @mint @PunishedD
     
     Damn, that could only be prevented by having disable the http-01 certificate challenge type with a dns record. And having configured acme to use the registrars api to update the certs.
      likes this.
   • Embed this notice
      (mint@ryona.agency)'s status on Wednesday, 21-Aug-2024 22:18:23 JST 

     in reply to

     • laurel
     @laurel @PunishedD There's a bunch of other measures suggested in the original post.
     https://notes.valdikss.org.ru/jabber.ru-mitm/