writes "Sysadmin blog I contributed to the massive DDoS attack against Spamhaus. What flowed through my network wasn't huge — it averaged 500Kbit/sec – but it contributed. This occurred because I made a simple configuration error when setting up a DNS server; it's fixed now, so let's do an autopsy.
I should start off by apologizing to CloudFlare and Spamhaus; my lapse contributed to a DDoS against their infrastructure. More damning than merely having been an unwitting participant is that I knew enough about this sort of attack to have set up rudimentary protections against it and yet I still forgot the critical component: actually disabling recursive lookups.
The way a DNS amplification attack works is simple. DNS servers can be configured in one of two basic ways. In one possible configuration a DNS server serves only domains for which it is responsible (authoritative). In the other configuration the DNS server serve those domains and goes looking on the wider internet for any domains it isn't personally set up to manage (recursive)."Link to Original Source
writes "The suspected cyberattack that struck South Korean banks and media companies this week didn't originate from a Chinese IP address, South Korean officials said Friday, contradicting their previous claim. The Korea Communications Commission said that after "detailed analysis," the IP address used in the attack is the bank's internal IP address which is coincidentally identical a Chinese ISP's address, among the 2^32 address space available."Link to Original Source
writes "UEFI guru Matthew Garrett who cleared the Linux kernel in Samsung laptop bricking issues has come to rescue beleaguered users by offering a survival guide enabling them to avoid similar issues in the future. According to Garrett, storage space constraints in UEFI storage variables is the reason Samsung laptops end up bricking themselves. Garrett said that if the storage space utilized by the UEFI firmware is more than 50 per cent full the laptop will refuse to start and end up being bricked. To prevent this from happening he has provided a Kernel patch that would ensure that Linux does not fill up more than 50 per cent of UEFI firmware's storage space."Link to Original Source