Techly NewsGet the app

Get the latest tech news

How to get the whole planet to send abuse complaints to your best friends


One weird trick to get the whole planet to send abuse complaints to your best friend(s) It all begins with one scary email late at night just before I had to go to sleep: From: abuse@hetzner.com Date: 2024-10-29 01:03:00 CET Subject: AbuseInfo: Potential Security issue: AS24940: 195.201.9.37 We have received an abuse report from abuse@watchdogcyberdefense.com for your IP address 195.201.9.37. We are automatically forwarding this report on to you, for your information.

I thought maybe Matrix or Mastodon could be abused to send commanded requests to arbitrary IP:port destinations, but logging for both indicated nothing of the sort was (visibly) happening. Back in the earlier days of the internet, there used to be a technique called “Idle Scanning”, which relied on 1. servers being way less busy than today; 2. network stacks lacking randomization of some fields and using auto-incrementing predictable counters. With a large enough volume, the spoofed IP quickly becomes widely blacklisted from many internet entities following blocklists, and the hosting provider might take action due to many abuse reports and shut down the server for being compromised / malicious.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of planet

planet

Photo of best friends

best friends

Photo of abuse complaints

abuse complaints

Related news:

News photo

Diamond Dust Could Cool the Planet At a Cost of Mere Trillions

News photo

Restless entrepreneurs pollute the sky to save the planet, animated by the ‘move fast and break things’ credo that permeates Silicon Valley

News photo

How NASA Could Find Evidence of Life on Another Planet Within 25 Years

« Launch HN: Integuru (YC W24) – Reverse-engineer internal APIs using LLMs