Introduction of automatic DNSSEC configuration (CDS scanning) at CentralNIC for .FO centralnic.support/hc/en-gb/ar

Similarly to how SWITCH do it for .CH (I had written about that jpmens.net/2021/10/05/dnssec-c )

After 2.5 years (and a total of 35 game sessions, each one 4-6 hours long), we have finished our "Waterdeep Dragon Heist" campaign.
The doors to the *Fearless Squirrel Tavern* remain open however, so if you find yourself in Waterdeep, be sure to drop by and enjoy a glass of the finest Mirarbar whiskey with our heroes! 🥃

Every now and then we get asked why our .ch name servers refuse queries from dig. Here is why you can't dig Switzerland:
shkspr.mobi/blog/2022/07/dns-e

🇵🇾 py. : Going secure - Added new DS
+ 61306 13 2
+ 61306 13 4

The wait is over! .ch/.li automated DNSSEC provisioning now supports authenticated bootstrapping ( datatracker.ietf.org/doc/draft ). Authenticated CDS records can be activated immediately instead of having to monitor them over several days. ⌛

▓▓▓▓▓▓▓▓▓▓░░░░░░░░░░ [50%]

As of next week, my toothbrush will have more bandwidth than most servers 😬
The ISP just announced an upgrade to 25Gbit/s for no additional monthly cost ( I only had to pay a one time fee for the SFP module ). It will be interesting to see if there's any real-world use-cases where I can see even half of that bandwidth in action...

Was macht der Pirat am Computer? Er drückt die Entertaste. 🙄

Die neue Folge vom Security Awareness insider Podcast zum Thema "Hacker Island" jetzt live auf securityawarenessinsider.ch/e/ und wo man sonst so Podcasts hört.

Get the weather and other things thanks to DNS requests:

dns.toys/

This remembers me a bit "drink" experimental project from @bortzmeyer

Current status: ✂️ next episode for the Podcast. 🦄
It's always a fun challenge to cut down and reorder 60+ minutes of raw material to ~35 minutes in a way that the conversation still makes sense. A little bit like Audio-Tetris .

I work at a ccTLD (.IS), and lately we are seeing a *lot* of new accounts immediately registering multiple domains that all had been registered in the past. I suspect we're not the only ccTLD that sees this.

We know of at least two instances of this being used to take over social media accounts that had e-mails in expired domains set as backup e-mail addresses.

This seems to be organized and well-resourced.

Please double-check you don't use e-mails in any expired domains anywhere.

#InfoSec

Expectation....
zoneinfo_test.go:21: 🇮🇱 ישראל. ( xn--4dbrk0ce. ) : New Delegation

vs reality. -8

future IDN ccTLD changes should display flags as well.
( did I spend most of the time working on this bot on emojis? yep. I regret nothing. )

mstdn.ch/@diffroot/10829153310

Show older
Gryph's friends&family mastodon server

Hey! Welcome to Oli's friends&family mastodon server.