amazon web services – Is Domain A Record pointing to Elastic IP prone to Attackers?

There is no additional risk putting your instance A record into DNS. If you have a load balancer then you should use that CNAME / Alias record instead, but if you don’t already have or need a load balancer then you don’t need to create a load balancer just for the sake of hiding your A record.

Personally I use CloudFlare’s free plan, so my DNS records point at CloudFlare, which passes traffic on. I whitelist only CloudFlare’s IP addresses in my AWS security groups, plus my static home IP.

Everything on the internet is probed by attackers regularly, and IP addresses are public. You need to secure your server appropriately.

Why isn't it important for attackers to mask the IP of the infected botnet device?

I get a sentence:

If an attack is created using a botnet, there is little chance that the attack will be traced back to its source. For an additional level of obfuscation, an attacker could also have each distributed device falsify the IP addresses from which it sends packets. When the attacker uses a botnet like the Mirai botnet, they generally don't care whether they mask the IP of the infected device.

Why isn't it important for attackers to mask the IP of the infected botnet device?

Why are there invalid host header errors? What are attackers trying to do?

I recently launched a new Django-based API and pretty quickly got INVALID_HOST_HEADER SOME RANDOM URL errors. As far as I know, this is caused by someone changing the HOST header manually or by pushing my API through another domain.

This is probably a basic question, but what is it about? What are you trying to achieve? Presumably it is not a regular MITM attack as it would be easy enough to fix the HOST header on the way from the middle server and they don't.

Transactions – how do attackers fake bitcoin blocks and how do you identify fake bitcoin blocks?

I've read that a block contains multiple Bitcoin transactions and an attacker could fake fake blocks.

Does this fake fake Bitcoin block cost the attacker money to mine or was it generated by the attacker node for free?

The blockchain is protected from attack, as the blockchain was programmed by Satoshi to validate and maintain the longest chain.

The forge block is disappearing from the blockchain network. This is wonderful, but what happens when an attacker fakes bitcoin blocks?

I even read that some of these forging blocks can have 2 to 3 confirmations. Is that true?

How can you identify these fake Bitcoin blocks instantly?

amazon web services – attackers circumvent aws waf and access ec2 instances directly

My setup

I have an Elastic Beanstalk application with a public LoadBalancer and public IPs on EC2.
The application is behind CloudFront, which is protected with AWS WAF from various attacks that I am currently experiencing.
Route 53 forwards DNS requests to the cloud.

My problem

WAF is only in the cloud. There is still the public DNS name of Elastic Beanstalk, the public DNS name of Elastic Load Balancer and the public IP address of the ec2 instance. Attackers hit them and bypass the WAF.

My request

All I need is CloudFront to connect to the Internet. How do I remove all public dns and IPs from all or at least some of these resources and still make it work. Ideally, Cloudfront would forward requests through the inner Amazon domain.

What I tried

I tried to set ELB to private on the BeanStalk Network Configuration tab, but it failed. If you set the public IP address to false, it no longer works with error 502

DNS – How do attackers hijack JS / CSS content?

I have just encountered a problem, the cached js files showed porn sites

Network Diagram

Here is the simple network diagram.

https://cdn.mysite.com/js/app.js shows porn site, but when I add in query string

https://cdn.mysite.com/js/app.js?t=20180928130702. Then display the correct content

AWS S3 displays the correct file

The content in AWS S3 is correct.

How does the attacker change the content in the middle? How can we prevent this?

P / S: temporary solution is to deactivate the middle CDN for the time being

Blockchain – Can we divide Bitcoin attackers into "adaptive" and "non-adaptive"?

For the first time, I've written an article about the terms "adaptive" and "non-adaptive" corruption that address the blockchain's vulnerabilities.

Then I found the same term on this ethereum github page (link to page: https://github.com/ethereum/wiki/wiki/Sharding-FAQ#what-are-the-security-models-that-we- are -operating-under) there is a very short definition of adaptable against not adaptive Opponent as follows:

an opponent is adaptable if you can fast choose which part of the validator is set to "corrupt" and not adaptive if only they can make that choice far ahead of the times,

But this definition is not clear to me. And only the Ethereum platform is considered.

For example, What Does that mean that an opponent chooses? fast Part of the validator should damage them? How to say, her choice was fast or not ?

I searched for this term in another platform and found many in several computer security articles. The main question is whether this "adaptive corruption" or this "adaptive adversary" is applicable to Bitcoin or not.

Note 1): To the best of my knowledge, the term "adaptive adversary" has been used in many scientific publications on computer security, but I have not yet been able to find a clear and precise definition for that term.

As an example, here's another quote from another paper like this: (There are many other similar examples.)

We note that some of the earlier works, such as Algorand and Ouroboros, are taken into account
a stronger one fully adaptive opponent you can choose that freely
controlled participants for each time slot. Our opinion is that such a
A fully adaptive opponent is interesting and worth the study, but often
not realistic. In practice, a platform compromise is difficult to detect and correct
Repair. In addition, a compromise of a computer platform is not possible
mean that someone is no longer in control of the opponent. For this
Reasons to focus on non-adaptive opponents in this work.

Shortcut: https://arxiv.org/pdf/1804.07391.pdf

Note 2): I took up this question security.stackexchange and I received this answer:

"An adaptive opponent can adapt to the environment and the reactions of the environment as part of the attack – a non-adaptive opponent
can not."

(Https://security.stackexchange.com/a/213278/187204)

that could mean that this term is a general term in safety. I have also found this term in many papers on computer security, and it is even used Non-block-based chain Fields. As a result, "adaptive opponent" seems to be one General Term and is not only used for the validator set,

Application at Bitcoin:

In my view, the last quote is a more precise definition base on which we can look at it for the bitcoin application. That is, a pre-written code (as a robot) for a given attack (such as egoistic mining) is a non-adaptive adversary, as it can not adapt to the new strategies of the honest miners in the area. But if this were an adversary flexible on environmental changes and new strategies, then we could consider it as one adaptive opponent,

So, according to the above statement in Bitcoin, can we say that an attacker who intends to damage the network can be either "adaptive" or "non-adaptive," based on his flexibility to adapt to environmental changes, such as: For example, the network, updates to be updated, changes in network hashing performance, changes in the strategy of honest miners, etc.?

To update:

I also found a definition in the following article that I think could be a general definition for any distributed and peer-to-peer network.

In this article we read:

Adaptive falsifications. The opponent influences the execution of the protocol to interact with the available functionalities, and from
corrupt parties, To corrupt a party, the opponent must first ask
the environment Z for a permit. If the corruption is approved by Z
(over a special message from Z to A), the opponent spoils Pi
immediately.

Shortcut: https://pdfs.semanticscholar.org/6116/a7c1c0820e357204e9277901c82bd38c35a5.pdf

amazon web services – How do I defend myself against attackers looking for bad code?

I have a production IIS running on WS2012R2 under AWS. I looked at the C: Windows System32 LogFiles HTTPERR when I noticed some unusual requests in the logs. You can see some of the requests here. They even checked to see if I ran thinkphp. Now my question is:

What is the best way to prevent this type of request than to write a custom solution? I've noticed that they would change their IP every day, but requests on that day are from the same IP.

I suppose I can track all requests sent to my server and block those with behaviors that I do not like, but I hope there is something simpler.

I looked at a few third-party solutions that seemed to do what I need, but they just do not go well with me.

dnd 5e – How do wild attackers interact with opportunity attacks?

Yes, you can use it again when someone else's turn

As you know, the wild attacker can be used "once per turn". In a given turn, each creature gets another turn (PHB p.189, Order of Combat):

The game organizes the chaos of the fight in rounds and moves. ON
Round represents about 6 seconds in the game world. During a round, each participant in a battle takes one round.

Assuming that the creature moves in its own turn (not on your turn), you can use that feature again even if you used it during your turn.

This is a very similar reason for the rogue's sneak attack outside his turn using a similar wording