Blog

  • Freshping.io Service Undergoing Renovation

    Freshping.io Service Undergoing Renovation

    Freshping offered an excellent free service for monitoring websites with a 1-minute interval. In comparison, Statuscake’s free plan is limited to a check every 5 minutes. In November 2023, a notice was published stating that all support for free plans would be discontinued for new development. I’m curious about what’s to come, and I hope…

  • Azure Incident on January 21, 2024

    Azure Incident on January 21, 2024

    Azure was reporting an issue on their status page. I have found it to be impacting services. https://azure.status.microsoft/en-us/status The case was resolved. In 14 days (February 5th, 2024), we can expect a final report. The final report was posted.

  • NoName057(16) DDoS January 2024

    NoName057(16) DDoS January 2024

    Before the World Economic Forum in January 2024 in Davos Switzerland, Chinese Premier Li Qiang arrived in Switzerland on Sunday and was officially received with military honors. On the same day, Ukrainian President Volodymyr Zelensky visited the Swiss Parliament Building in Bern. The World Economic Forum began in Davos on Monday. By Wednesday January 17th…

  • App Service: Unable to contact IP driver

    App Service: Unable to contact IP driver

    I had to debug an Azure App Service and was running a ping command on the Kudu PowerShell Console. When running a ping command, it returns ‘Unable to contact IP driver. General failure.’, which could lead you to believe there is a problem in the app service networking in general. However, this is not the…

  • Stay on top of Cyber Security Alerts

    Stay on top of Cyber Security Alerts

    It’s important to stay on top of new discoveries and vulnerabilities, following up on products. Knowing is the first step, evaluation and taking action is the second step. Cyber Security Alerts Vendors Another crucial step is to sign up for security advisories with all your key vendors to significantly reduce the response time to newly…

  • AzureDiagnostics have been trimmed

    AzureDiagnostics have been trimmed

    I encountered the following issue with a recently deployed Azure AKS Cluster connected to a Log Analytics Workspace in Azure. I encountered this error in my Log Analytics Workspace. I found that this is a known problem on AKS and has already been added as a bug in the following ticket. Entire CRD in kube-audit-admin…

  • Terrapin Attack, SSH protocol vulnerability

    Terrapin Attack, SSH protocol vulnerability

    I had to evaluate the risk of a potential Terrapin attack. The Terrapin attack can target connections secured with ChaCha20-Poly1305 or CBC-mode ciphers with Encrypt-then-MAC. There is a theoretical vulnerability in CTR-mode ciphers combined with Encrypt-then-MAC, but it is not currently exploitable in real-world scenarios. The attack requires an active Man-in-the-Middle. OpenSSH and other vendors…

  • This Week: Inspiration and Knowledge at 37C3

    This Week: Inspiration and Knowledge at 37C3

    Every year (when its possible) the Chaos Communication Congress is part of my last week of the year. I never had the chance to attend in person but some presentation are truly great. This year the 37 edition under the name 37C3 with the claim “unlocked” will take place over the course of 4 days.…

  • What is google-proxy-00-000-00-00.google.com?

    What is google-proxy-00-000-00-00.google.com?

    Recently, I noticed a significant increase in requests from the hostnames like this google-proxy-00-000-00-000.google.com in my log files. Upon investigation, I discovered that this hostname is commonly used for previews in Google Search. However, this explanation did not seem to apply to my situation. Additionally, the source of this information is 10 years old. The…

  • radar.cloudflare.com – Verified Bots

    radar.cloudflare.com – Verified Bots

    The Verified Bots service offered by radar.cloudflare.com is a feature that allows website owners to have a good starting point for determining whether a bot might be legitimate.