Moved all my domains away from Transip, sadly I now have some DNS issues with some domain names...not all. I assume these have to do with either 1) Me doing something wrong in the not so clear DNS panel of OXXA 2) My failing Pi-Hole 3) DNS propagation not being done yet. Disabled the Pi-hole & waiting for tomorrow might fix nr 2 & 3.
Not a fan of mucking around with DNS. 😑
Tips for debugging welcome.
Highest German court temporarily stops lower court orders requiring Vodafone to monitor #DNS queries for use in criminal cases.
Court notes a targeted surveillance is technically too complicated/costly and is against the right to "telecommunication secrecy".
cc @campuscodi
#TLDR: Quad9 will be discontinuing support within DNS-over-HTTPS (DOH) using HTTP/1.1 on December 15, 2025.
Mark your calendar 🗓️ and please share, especially if you know someone who will be affected!
Full story here 👉 https://quad9.net/news/blog/doh-http-1-1-retirement/
RE: https://mastodon.social/@quad9dns/115372609491714477
Today is the day.
We are discontinuing support within DNS-over-HTTPS (DOH) using HTTP/1.1.
Thank you for continuing to share!
Le script Perl de l'IANA qui crée les pages Web sur les domaines de premier niveau, à partir de la liste ISO, inclut les domaines non délégués : https://www.iana.org/domains/root/db/bl.html
🔎 When searching for information about a domain name, the term “ClientHold” may sometimes appear.
📝 In this new article by Stéphane Bortzmeyer, discover:
🔵 What this status means
🔵 The practical consequences of this domain name status and others via domain name search services (RDAP, Whois, etc.).
🔗 For more information: https://www.afnic.fr/en/observatory-and-resources/expert-papers/domain-names-and-status/
@tante
hmm, @sovtechfund (who I also had as a guest) is a close approximation- as is @nlnetlabs . Neither has the pockets for this though (yet)
@steely_glint @tante @sovtechfund Please don’t confuse us with the @nlnet foundation, who fund #OpenSource projects.
NLnet Labs is a software development and research foundation, who offer software for core Internet infrastructure, like #DNS and #BGP.
While we maintain seven major open source projects with 17 people, developing and maintaining a web browser would be a whole different (albeit exciting) ballgame.
Le mauvais hébergement #DNS du jour est dû à cartes.gouv.fr : trois serveurs mais aux adresses IP très proches, donc probablement susceptibles de tomber en carafe en même temps. Et pas d'IPv6.
#TLDR: Quad9 will be discontinuing support within DNS-over-HTTPS (DOH) using HTTP/1.1 on December 15, 2025.
Mark your calendar 🗓️ and please share, especially if you know someone who will be affected!
Full story here 👉 https://quad9.net/news/blog/doh-http-1-1-retirement/
RE: https://mastodon.social/@quad9dns/115372609491714477
Today is the day.
We are discontinuing support within DNS-over-HTTPS (DOH) using HTTP/1.1.
Thank you for continuing to share!
Take the time to read {again} how Stephan has built a self hosted CDN using OpenSource programming and tools.
He literally shares the code. From what I processed, this method can scale up quite easily. You can build a super large CDN yourself using similar modus operandi.
No corporate CDN, but the insight, resilience and technical expertise of a great programmer, with the Passion and Curiosity of someone visionary.
All powered by OpenSource BSD IPv6 jails DNS caching and enthusiasm
Thank you Stephan
#CDN #networking #cache #IPv6 #IPv4 #programming #technology #BSD #freeBSD #jails #DNS #Wireshark
https://it-notes.dragas.net/2024/08/26/building-a-self-hosted-cdn-for-bsd-cafe-media/
Take the time to read {again} how Stephan has built a self hosted CDN using OpenSource programming and tools.
He literally shares the code. From what I processed, this method can scale up quite easily. You can build a super large CDN yourself using similar modus operandi.
No corporate CDN, but the insight, resilience and technical expertise of a great programmer, with the Passion and Curiosity of someone visionary.
All powered by OpenSource BSD IPv6 jails DNS caching and enthusiasm
Thank you Stephan
#CDN #networking #cache #IPv6 #IPv4 #programming #technology #BSD #freeBSD #jails #DNS #Wireshark
https://it-notes.dragas.net/2024/08/26/building-a-self-hosted-cdn-for-bsd-cafe-media/
Highest German court temporarily stops lower court orders requiring Vodafone to monitor #DNS queries for use in criminal cases.
Court notes a targeted surveillance is technically too complicated/costly and is against the right to "telecommunication secrecy".
cc @campuscodi
Anyway, let's hope that RFC 10034 and 10035 are reserved for 2 big straws for the #DNS camel 😇
Beschwerde: Karlsruhe stoppt umstrittene DNS-Überwachung einstweilig
Das Verfassungsgericht hat die Anordnung eines Amtsgerichts zur Überwachung von DNS-Anfragen auf eine bestimmte Domain nach Beschwerde des Providers ausgesetzt.
#Bundesverfassungsgericht #DNS #Grundrechte #Internet #Netzpolitik #Recht #Überwachung #news
@gregr @shaft Les sondes Atlas en France ont des résolveurs qui y arrivent :
% blaeu-resolve --requested 200 --country FR --type SOA 1.225.91.in-addr.arpa
[ns1.as210165.net. admin.as210165.net. 5 3600 1800 604800 86400] : 192 occurrences
[ERROR: SERVFAIL] : 6 occurrences
Test #142909942 done at 2025-12-09T11:50:34Z
Since launching Cascade early October, we’ve been pumping out alpha releases of our #DNSSEC signer at a fairly high velocity.
We're now at alpha5 and decided to slow down releases for the time being, while we're working on a lot of parallel tasks that a dependent on one another.
We'll resurface in a few weeks with some big steps forward! You can stay up to date with our progress here:
Every day, Quad9 helps protect more than 100M users globally from malware, phishing, and online threats — completely free of charge and without collecting personal data.
This #GivingTuesday, please consider making a donation to continue our work. Your support helps sustain a public-benefit cybersecurity service that puts users first, not profit.
Together, we can keep building a more secure and privacy-respecting internet. 🫶
Good morning, Paris! First day of #SplinterCon https://splintercon.net/ but don't expect too many details online, this is under Chatham House rule.
(And, yes, I talk #DNS here.)
Don’t let MFA lull you into complacency. Advanced phishing kits can still slip through.
Before the Thanksgiving holiday, one of our customers alerted us to an Evilginx MITM phishing campaign targeting university students and SSO portals. At least 18 American institutions were targeted.
We tested several approaches for large-scale detection, including analyzing web server fingerprints and HTTP artifacts. However, this proved challenging because Evilginx operates as a proxy between the victim’s browser and the legitimate login page, making its behavior and content nearly indistinguishable from the real site. In the end, we mostly relied on DNS for confirmation and classification.
Here is a short blog about the campaign and actor, including involved domains and IPs.
https://blogs.infoblox.com/threat-intelligence/dns-uncovers-infrastructure-used-in-sso-attacks/
#InfobloxThreatIntel #dns #evilginx #threatintel #threatintelligence #infosec #cybersecurity #cybercrime #infoblox #phishing #mitm #aitm #sso #mfa #university #students #proxy #login
Demain, à #SplinterCon, je parle du #DNS (surprise) en relation avec le risque de fragmentation de l'Internet (et aussi de décentralisation).
Si vous avez des opinions ou des faits à ce sujet, n'hésitez pas. (Dire « Web3 » vous vaudra un bannissement à vie de toutes les instances fédivers.)
