β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ FRESH PREMIUM PROXIES FROM 1 HOUR
Proxy IP Proxy Port Last Check Proxy Speed Uptime Proxy Country Anonymity YouTube
106.14.173.173 8080 1 hour ago
2737 ms 11% (76) cn China - Hangzhou Elite -
103.216.82.52 6666 1 hour ago
2754 ms 5% (80) in India - Ahmedabad Elite -
118.193.34.56 8080 1 hour ago
2882 ms 5% (86) cn China Elite -
221.2.175.238 8060 1 hour ago
1800 ms 4% (91) cn China - Weihai Elite -
187.177.139.8 8080 1 hour ago
3504 ms 14% (67) mx Mexico - Toluca Elite -
35.222.208.56 3128 1 hour ago
474 ms 28% (73) us United States Elite -
223.68.190.130 8181 1 hour ago
2614 ms 16% (71) cn China - Yangzhou Elite -
202.137.28.92 5050 1 hour ago
3410 ms 16% (69) id Indonesia - Jakarta Elite -
36.92.55.50 80 1 hour ago
4552 ms 6% (88) id Indonesia Elite -
60.251.40.84 1080 1 hour ago
681 ms 18% (75) tw Taiwan - Keelung Elite -
80.187.140.26 80 1 hour ago
779 ms 84% (54) de Germany Elite -
80.241.222.137 80 1 hour ago
632 ms 98% (49) de Germany - Munich Elite -
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ FRESH PREMIUM PROXIES FROM 1 HOUR
Proxy IP Proxy Port Last Check Proxy Speed Uptime Proxy Country Anonymity YouTube
106.14.173.173 8080 1 hour ago
2737 ms 11% (76) cn China - Hangzhou Elite -
103.216.82.52 6666 1 hour ago
2754 ms 5% (80) in India - Ahmedabad Elite -
118.193.34.56 8080 1 hour ago
2882 ms 5% (86) cn China Elite -
221.2.175.238 8060 1 hour ago
1800 ms 4% (91) cn China - Weihai Elite -
187.177.139.8 8080 1 hour ago
3504 ms 14% (67) mx Mexico - Toluca Elite -
35.222.208.56 3128 1 hour ago
474 ms 28% (73) us United States Elite -
223.68.190.130 8181 1 hour ago
2614 ms 16% (71) cn China - Yangzhou Elite -
202.137.28.92 5050 1 hour ago
3410 ms 16% (69) id Indonesia - Jakarta Elite -
36.92.55.50 80 1 hour ago
4552 ms 6% (88) id Indonesia Elite -
60.251.40.84 1080 1 hour ago
681 ms 18% (75) tw Taiwan - Keelung Elite -
80.187.140.26 80 1 hour ago
779 ms 84% (54) de Germany Elite -
80.241.222.137 80 1 hour ago
632 ms 98% (49) de Germany - Munich Elite -
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Bin For Twitter Ads - SEND SCREANSHOAT FOR MORE :
Bin: 5262845xxx262xxx
Country: USA πΊπΈ
Currency: USD$
RAND
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Bin: 5262845xxx262xxx
Country: USA πΊπΈ
Currency: USD$
RAND
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ > SERVER SECURITY > TIPS 2 :
T.me/UndercodeTesting
A useful function of the network where this machine is located 12, BIND domain name server (use with caution !!!):
Control management interface controls section syntax Format:
controls {
[inet ip_addr
port ip_port
allow {;};]
[unix path_name
perm number
owner number
group number;]
}; The control
section provides a management interface. If the first type (inet) is used, it will
listen on the specified IP (interface) and port, but only allow to restrict the list of allowed IP addresses in allow. If the second type
(unix) is used, a FIFO control pipeline is generated, and the authority, owner, and user group are defined by their parameters.
--- [[Authentication and Verification of Area Record Transmission by TSIG]] ---------------------------
First of all, please make sure your BIND domain name server software has been updated to the latest version!
In BIND 8.2+, Transaction Signatures (TSIG!) Can be used
to verify and verify the area record data. It requires that an
encryption key be configured on the primary and secondary domain name servers , and notify the server to use the key to communicate with other domain name servers. (Note that the
use of TSIG requires that the domain name server must be clock synchronized!)
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ > SERVER SECURITY > TIPS 2 :
T.me/UndercodeTesting
A useful function of the network where this machine is located 12, BIND domain name server (use with caution !!!):
Control management interface controls section syntax Format:
controls {
[inet ip_addr
port ip_port
allow {;};]
[unix path_name
perm number
owner number
group number;]
}; The control
section provides a management interface. If the first type (inet) is used, it will
listen on the specified IP (interface) and port, but only allow to restrict the list of allowed IP addresses in allow. If the second type
(unix) is used, a FIFO control pipeline is generated, and the authority, owner, and user group are defined by their parameters.
--- [[Authentication and Verification of Area Record Transmission by TSIG]] ---------------------------
First of all, please make sure your BIND domain name server software has been updated to the latest version!
In BIND 8.2+, Transaction Signatures (TSIG!) Can be used
to verify and verify the area record data. It requires that an
encryption key be configured on the primary and secondary domain name servers , and notify the server to use the key to communicate with other domain name servers. (Note that the
use of TSIG requires that the domain name server must be clock synchronized!)
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ server security by undercode tip 3 :
A. If you need to use TSIG signatures to manually update the secure DNS database, the specific steps are very simple:
1. Use the dnskeygen tool that comes with BIND to generate TSIG keys .
# dnskeygen -H 128 -h -n tsig-key.
Two files will be generated. '' Ktsig-key. + 157 + 00000.key '' reads as follows:
tsig-key. IN KEY 513 3 157 awwLOtRfpGE + rRKF2 + DEiw ==
'' Kvip-key. + 157 + 00000.private '' reads as follows:
Private-key-format: v1.2 Algorithm: 157 (HMAC) Key: awwLOtRfpGE + rRKF2 + DEiw ==
Note that these keys have been BASE64 encoded. Put them in the configuration file of the local domain name server. For example
:
key tsig-key. {Algorithm hmac-md5; secret "" awwLOtRfpGE + rRKF2 + DEiw == "";};
zone "" dns.nsfocus.com "" {
...
...
allow-update {key tsig-key.;};
}
Remember to restart the named daemon.
γγThen copy the two key files to the client system (or secondary domain name server), for example, / var
/ named / tsig directory. Finally, run the following command:
nsupdate -k / var / named / tsig: tsig-key.
2. The content of the main domain name server configuration file (excerpt) is as follows:
// Define the authentication method and shared key
key master-slave {
algorithm hmac-md5;
secret "" mZiMNOUYQPMNwsDzrX2ENw == "";
};
// Define the auxiliary domain name Some features of the
server server 192.168.8.18 {
transfer-format many-answers;
keys {master-slave;};
};
// zone record definition
zone "" nsfocus.com "" {
type master;
file db.nsfocus.com;
allow-transfer {192.168.8.18;};
};
3. The content of the auxiliary domain name server configuration file (excerpt) is as follows:
// Define the authentication method and shared key
key master-slave {
algorithm hmac-md5;
secret "" mZiMNOUYQPMNwsDzrX2ENw == "";
};
// Define some characteristics when communicating with the main domain name server
server 192.168.8.19 {
transfer-format many-answers;
keys {master-slave;};
};
// zone record definition
zone "" nsfocus.com "" {
type slave;
file "" bak.db.nsfocus.com " ";
masters {192.168.8.19;};
allow-transfer {none;};
};
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ server security by undercode tip 3 :
A. If you need to use TSIG signatures to manually update the secure DNS database, the specific steps are very simple:
1. Use the dnskeygen tool that comes with BIND to generate TSIG keys .
# dnskeygen -H 128 -h -n tsig-key.
Two files will be generated. '' Ktsig-key. + 157 + 00000.key '' reads as follows:
tsig-key. IN KEY 513 3 157 awwLOtRfpGE + rRKF2 + DEiw ==
'' Kvip-key. + 157 + 00000.private '' reads as follows:
Private-key-format: v1.2 Algorithm: 157 (HMAC) Key: awwLOtRfpGE + rRKF2 + DEiw ==
Note that these keys have been BASE64 encoded. Put them in the configuration file of the local domain name server. For example
:
key tsig-key. {Algorithm hmac-md5; secret "" awwLOtRfpGE + rRKF2 + DEiw == "";};
zone "" dns.nsfocus.com "" {
...
...
allow-update {key tsig-key.;};
}
Remember to restart the named daemon.
γγThen copy the two key files to the client system (or secondary domain name server), for example, / var
/ named / tsig directory. Finally, run the following command:
nsupdate -k / var / named / tsig: tsig-key.
2. The content of the main domain name server configuration file (excerpt) is as follows:
// Define the authentication method and shared key
key master-slave {
algorithm hmac-md5;
secret "" mZiMNOUYQPMNwsDzrX2ENw == "";
};
// Define the auxiliary domain name Some features of the
server server 192.168.8.18 {
transfer-format many-answers;
keys {master-slave;};
};
// zone record definition
zone "" nsfocus.com "" {
type master;
file db.nsfocus.com;
allow-transfer {192.168.8.18;};
};
3. The content of the auxiliary domain name server configuration file (excerpt) is as follows:
// Define the authentication method and shared key
key master-slave {
algorithm hmac-md5;
secret "" mZiMNOUYQPMNwsDzrX2ENw == "";
};
// Define some characteristics when communicating with the main domain name server
server 192.168.8.19 {
transfer-format many-answers;
keys {master-slave;};
};
// zone record definition
zone "" nsfocus.com "" {
type slave;
file "" bak.db.nsfocus.com " ";
masters {192.168.8.19;};
allow-transfer {none;};
};
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ server security tip 4
--- [[implement DNSSec function]] -------------------- ----------------------------- To be
1) honest, I have been thinking about whether to implement the DNSSec function in the current version. Because although ISC
has added DNSSec implementation after BIND 8.1.x version, the actual application is not common, and
2) the NXT remote security vulnerability announced last year is related to DNSSec (in fact, NXT is one of the functions implemented by DNSSec).
Finally, I decided not to discuss how to implement the DNSSec security function in this article.
3) But it is undeniable that DNSSec is indeed a good security technology, which improves the
security of DNS services by encrypting DNS data . The master encryption key is used to encrypt and sign the encryption key of the first-level domain
name .
4) The first-level domain name (.com,.
For example, the domain name server of exmaple.com is signed by the .com domain key, and the nsfocus.com domain key is used to
encrypt and sign the www.example.com domain name.
stsite.com
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ server security tip 4
--- [[implement DNSSec function]] -------------------- ----------------------------- To be
1) honest, I have been thinking about whether to implement the DNSSec function in the current version. Because although ISC
has added DNSSec implementation after BIND 8.1.x version, the actual application is not common, and
2) the NXT remote security vulnerability announced last year is related to DNSSec (in fact, NXT is one of the functions implemented by DNSSec).
Finally, I decided not to discuss how to implement the DNSSec security function in this article.
3) But it is undeniable that DNSSec is indeed a good security technology, which improves the
security of DNS services by encrypting DNS data . The master encryption key is used to encrypt and sign the encryption key of the first-level domain
name .
4) The first-level domain name (.com,.
For example, the domain name server of exmaple.com is signed by the .com domain key, and the nsfocus.com domain key is used to
encrypt and sign the www.example.com domain name.
stsite.com
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β