Login

Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.online is one of the many independent Mastodon servers you can use to participate in the fediverse.
A newer server operated by the Mastodon gGmbH non-profit

Administered by:

Server stats:

10K
active users

mastodon.online: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.0-nightly.2025-04-01

#att

6 posts2 participants0 posts today
Public *
wifi_freak

Hmmmm.

Ist das jetzt #ATT die da irgendwie im #Cloudflare 1.1.1.1 DNS-Traffic drin rumfummeln oder ist die Performance vom Cloudflare-Resolver generell so grottig? 🧐 🤔

Einfach mal nen
while true; do dig @1.1.1.1 $Domain
laufen gelassen.

Die Domain selbst hat nen TTL von 86400.

Der Authoritative NS steht drüben in Europa; d.h. bei ner Query Time von um die 300msec hat er drüben anfragen müssen. - Was mich aber nen bisschen wundert sind die höheren dreistelligen und vierstelligen Werte

;; Query time: 8 msec
;; Query time: 480 msec
;; Query time: 684 msec
;; Query time: 648 msec
;; Query time: 8 msec
;; Query time: 4 msec
;; Query time: 152 msec
;; Query time: 160 msec
;; Query time: 320 msec
;; Query time: 12 msec
;; Query time: 152 msec
;; Query time: 308 msec
;; Query time: 624 msec
;; Query time: 156 msec
;; Query time: 8 msec
;; Query time: 4198 msec
;; Query time: 8 msec
;; Query time: 1340 msec
;; Query time: 24 msec
;; Query time: 8 msec
;; Query time: 12 msec
;; Query time: 8 msec
;; Query time: 8 msec
;; Query time: 12 msec
;; Query time: 356 msec
;; Query time: 632 msec
;; Query time: 8 msec
;; Query time: 8 msec
;; Query time: 148 msec
;; Query time: 268 msec
;; Query time: 444 msec
;; Query time: 160 msec
;; Query time: 472 msec
;; Query time: 8 msec
;; Query time: 772 msec
;; Query time: 160 msec
;; Query time: 308 msec
;; Query time: 8 msec
;; Query time: 32 msec
;; Query time: 24 msec
;; Query time: 12 msec
;; Query time: 8 msec
;; Query time: 8 msec
;; Query time: 8 msec
;; Query time: 320 msec
;; Query time: 36 msec
;; Query time: 640 msec
;; Query time: 8 msec
;; Query time: 8 msec
;; Query time: 156 msec
;; Query time: 208 msec
;; Query time: 316 msec
;; Query time: 160 msec
;; Query time: 2746 msec
;; Query time: 160 msec
;; Query time: 652 msec
;; Query time: 476 msec
;; Query time: 312 msec
;; Query time: 468 msec
;; Query time: 8 msec
;; Query time: 8 msec
;; Query time: 12 msec
;; Query time: 8 msec
;; Query time: 1863 msec
;; Query time: 8 msec
;; Query time: 44 msec
;; Query time: 8 msec
;; Query time: 468 msec
;; Query time: 12 msec
;; Query time: 628 msec
;; Query time: 8 msec
;; Query time: 8 msec
;; Query time: 4754 msec

Wenn ich die authoritative NS direkt anfrage gibt's keine wirklichen Schwankungen.

#Quad9 liefert mir das in mehr oder weniger konstanten 8-15ms (~200-300ms wenn sie die Domain noch nicht im Cache haben).

Public *
Tim (Wadhwa-)Brown :donor:
Someone asked me to compare and contrast ATT&CK and FiGHT matrices...
It's probably wise to consider their respective scopes. ATT&CK describes threats that affect typical enterprise networks whereas FiGHT is dedicated to the equipment that can be found in a typical mobile carrier. This results in a disparity in the relative availability and quality of data from which each is sourced. There is a significant amount of knowledge that exists publicly about enterprises being breached whereas, not only are there less organisations in the mobile carrier bracket but there is also less public disclosure when their assets are affected. The result is that whilst ATT&CK demands evidence in the form of public TI, FiGHT necessarily takes a more speculative approach and new threats can be introduced without need for citable examples in the wild.
We tend to start with ATT&CK even when we're mapping SP networks since the reality is that most mobile carriers are also enterprises and most SPs still need to protect their Windows, Linux and Networking assets against known threats (witness the Salt Typhoon reporting etc) even before they worry about the speculative threats in FiGHT. That's not to say we don't consider mobile specific threats but in many cases, ATT&CK does a sufficient job of describing them such that a specialist such as myself can make the link between the generalised case in ATT&CK and what a more specific version of a threat targetting an SP might look like. As an example, the threat models we produced for stc and others are based on ATT&CK but included consideration for threats targetting assets providing/using SS7, GTP, HLR, VLR etc. The fact is that a breach of the packet core of a mobile carrier is likely to stem from things like weak passwords, missing patches or poor configuration etc, threats that ATT&CK is more than capable of describing.
As far as customer adoption, I'd say start with ATT&CK and worry about FiGHT later. If you're building a SOC, you will get high quality signals from things like firewalls/EDR/OS logs etc if you hunt for things in ATT&CK whereas try the same with FiGHT and it may be a time consuming and ultimately unsuccessful endeavour.
#att&ck, #fight, #threatmodelling
Public
Research Network Digi-Oek.ch

[fr] L’Autorité de la #concurrence (#antitrust) sanctionne #Apple d’une amende de 150 M euros, pour avoir ... abusé de sa position dominante ...

... l’objectif poursuivi par ... #ATT [App Tracking Transparency] n’est pas critiquable ... modalités ... ne sont ni nécessaires ni proportionnées ...

... une multiplication des fenêtres de recueil de #consentement compliquant excessivement ...

autoritedelaconcurrence.fr/fr/

Autorité de la concurrence · Ciblage publicitaire : l’Autorité de la concurrence prononce une sanction de 150 000 000 euros à l’encontre d’Apple en raison de la mise en œuvre du dispositif App Tracking Transparency (« ATT »)
#idfa#dominant#traçage
Public
AppleX4

📱💰 Apple multada con 162 millones por cómo implementó App Tracking Transparency. Según Francia, complicó el proceso para terceros… pero sus propios anuncios iban “libres”. ¿Privacidad o ventaja competitiva? 🧐 #Apple #ATT

ExploreLive feeds
About