Os artigos mais lidos de 2024

segurança

segurança

  • Ataques de força bruta no login do linux-br.org

    Eu segui uma dica do @This email address is being protected from spambots. You need JavaScript enabled to view it. sobre usar o Wordfence no WordPress.  E realmente funciona legal barrando várias tentativas de ataques.

    Eu dei uma olhada nos de força bruta e aqui estão os logins mais usados:

    
MariaDB [(none)]> select username, fail, inet6_ntoa(ip), UA from wp_wflogins into outfile 'ataques.csv';

    
> awk '{print $1}' ataques.csv | sort -n | uniq -c | sort -n
      1 -
      1 123123
      1 1234
      1 123456
      1 123456789
      1 443/wp-login.php
      1 aaa
      1 abcd1234
      1 admaster
      1 admin.
      1 AdMiN
      1 admin123
      1 admina
      1 admini
      1 administrators
      1 adminPeach
      1 adminwp
      1 admon
      1 Adsystem
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 ahmed
      1 alfons
      1 alireza
      1 anna
      1 arrow
      1 artsadd
      1 ask6776
      1 atarihost
      1 autonewsbot
      1 awen
      1 azaret
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 Beast3x
      1 beescleaning
      1 carpetsdubai
      1 Casper_Security
      1 catmeow
      1 chris
      1 christiane
      1 Christophe
      1 control
      1 cpolo
      1 dagon
      1 darcy56
      1 Darcy56
      1 dedi
      1 demilation
      1 DemoDemo
      1 demo_w1p
      1 devadmin
      1 dexter
      1 digilabs
      1 donaljkt9
      1 dummy_store_5
      1 editor
      1 ednabanaag
      1 eliasaf
      1 enamad
      1 eosuperadmin
      1 Fabien
      1 Farribeiro
      1 gestinet
      1 globalint
      1 goog
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 GP_Admin
      1 grupovhn
      1 gtfobiash
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 hopefox34
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 info
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 Ivan
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 jbalazs8178
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 john
      1 justin
      1 kinga
      1 kobieta
      1 kulturecom
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 lluis
      1 loafa
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 mainstream
      1 marina
      1 martinharvey
      1 Megusta
      1 microadmin
      1 miruku
      1 mohit
      1 monica
      1 mungmee
      1 MUWY
      1 ndvtzaifnz
      1 Nwildner
      1 oktay-dogangun
      1 options
      1 ovauser-admin
      1 PiSh3r
      1 protan
      1 qiang521
      1 quantri
      1 raeesa
      1 Rahul
      1 redtor
      1 richard
      1 Richard
      1 ridiz
      1 rikimoh39
      1 root
      1 rootadmin
      1 roottn
      1 rzu4bd
      1 sadminusez
      1 santi2
      1 senterprisys_admin
      1 SEOExpert
      1 seojiwo
      1 seomaster009
      1 shelby96
      1 Sion
      1 siteadmin
      1 smngrs952
      1 Support
      1 temp3
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 test3
      1 tester
      1 testionos
      1 tuanduongthe
      1 tuanpham
      1 upastra007
      1 Username
      1 Vikash
      1 voquanghuy
      1 wadmiine
      1 wdmgpvt
      1 webstone24
      1 webuser
      1 wpadmin
      1 WPADMIN
      1 w-padmine
      1 wp-admine
      1 wp-blog
      1 wp_developer
      1 wpengine
      1 wp_rest_api
      1 wpsystem
      1 wpupdate
      1 wuser
      1 wwwadm
      1 xcom
      1 xtw183870bbe
      1 xtw18387106f
      1 xtw1838711ab
      1 xtw183871206
      1 xtw183871550
      1 xtw183872fc0
      1 xtw18387331a
      1 xtw1838738ca
      1 xtw183873c09
      1 xtw183874283
      1 xtw183875328
      1 xtw1838754ba
      1 xtw18387596a
      1 xtw183875977
      1 xtw1838761a5
      1 xtw183876e88
      1 xtw18387757d
      1 xtw183877c79
      1 xtw183878b0d
      1 xtw18387958b
      1 xtw183879670
      1 This email address is being protected from spambots. You need JavaScript enabled to view it.
      1 xtw18387a0c5
      1 xtw18387a9de
      1 xtw18387aa3b
      1 xtw18387adf8
      1 xtw18387c077
      1 xtw18387c339
      1 xtw18387d0aa
      1 xtw18387daad
      1 xtw18387e84d
      1 xtw18387e943
      1 xtw18387f29e
      1 xuanphong
      1 yanz
      1 zestful
      1 Zestful
      1 zokaroll
      2 12345678
      2 ac
      2 adminlin
      2 adminsup
      2 adminusez
      2 Auto
      2 bapaksaya
      2 burnolurko
      2 Clare
      2 francisunderwood
      2 greeceman
      2 happy
      2 hex
      2 hxq1879
      2 ismm
      2 jacquespermisdeconduire
      2 jatin
      2 jisuo
      2 lashkari
      2 maximixer789
      2 Nacht
      2 pajero_sports
      2 smngrs953
      2 smngrs955
      2 susan
      2 swilliams
      2 testuser
      2 thuylt
      2 wadmines
      2 This email address is being protected from spambots. You need JavaScript enabled to view it.
      2 wiktorB
      2 woopayplug
      2 wordpress_admin_bak
      2 wordpress_administratora
      2 wordpressauto
      2 wp
      2 wpenginesupport
      2 wpmanager
      2 wp_postadmin
      2 wpuser
      2 x
      2 xrumertest
      2 xtw1838729c0
      2 xtw18387754d
      2 yanz@123457
      2 yeuthuongmongmanh
      2 zadminz
      2 zutodoko
      2 This email address is being protected from spambots. You need JavaScript enabled to view it.
      3 admim
      3 admin1
      3 admin6
      3 admingusar
      3 bimak73555
      3 Chris
      3 demo
      3 This email address is being protected from spambots. You need JavaScript enabled to view it.
      3 mevivu
      3 qwee123123
      3 Reseller-webmaster
      3 talhas
      3 test1
      3 wadmine
      4 1001010
      4 andremachado
      4 crander
      4 hostingadmin
      4 matakucing3
      4 patola
      4 server
      4 stender
      4 username
      4 wordcamp
      4 wordpress_administrator
      5 administratoir
      5 administrator
      5 This email address is being protected from spambots. You need JavaScript enabled to view it.
      5 excontrol
      5 itsme
      5 support
      5 user
      5 wpadmins
      5 wpcore
      6 smngrs951
      7 nwildner
      7 paulomartins
     11 test
     12 farribeiro
     18 Admin
     19 wadminw
     28 wwwadmin
     54 linux-br
    151 df7c8c98dfd88d9dfad
   1270 admin

    Realmente alguns logins existem e devem estar assinados nas páginas.  Mas o restante é estilo Forrest Gump correndo de um lado pro outro atravessando os Estados Unidos sem saber o porquê.

  • Parâmetros de compilação pra Go!

    Estou assistindo agora algumas apresentações que não pude ver ao vivo durante o FOSDEM 2025. E uma dessas foi sobre como compilar Go! corretamente feita pelo Dimitri John Ledkov.

    O palestrante não é programador Go! mas enpacotador pra várias distros. E conhece bem sobre quais parâmetros usar.

    Eu alterei meu Makefile do programa negofetch, uma re-escrita em Go! do neofetch que estou fazendo, pra usar as dicas dele.

      
BINARY = negofetch

BUILD_OPTIONS = -modcacherw
#BUILD_OPTIONS += -race
BUILD_OPTIONS += -ldflags="-w -X 'main.Version=$$(git tag -l --sort taggerdate | tail -1)'"
BUILD_OPTIONS += -buildmode=pie
BUILD_OPTIONS += -tags netgo,osusergo
BUILD_OPTIONS += -trimpath

all: $(SOURCES) dependencies $(BINARY)

dependencies:
        go mod tidy

$(BINARY): $(SOURCES)
        env GOAMD64=v2 \
                CGO_ENABLED=1 \
        go build $(BUILD_OPTIONS) .

    Olhando pelo govulncheck, que ele também recomenda usar, parece bom.

      
❯ govulncheck -mode=binary negofetch
Scanning your binary for known vulnerabilities...

No vulnerabilities found.

Share feedback at https://go.dev/s/govulncheck-feedback.

    Pra quem estiver interessado, esse é o vídeo:



    https://fosdem.org/2025/schedule/event/fosdem-2025-4406-build-better-go-release-binaries/

Estatísticas

  • Users 2
  • Articles 445
  • Articles View Hits 3117875

Imagem aleatória

We use cookies

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.

Ok Decline