Over the weekend I enabled DNSSec on this site and blogged about it [1]. Today Lets Encrypt renewed the certificate on the Origin Server via DNS-01 – its setup uses CNAMEs to allow internal devices to get public certs, described in an earlier blog post [2]. The certificate renewal failed. Considering it has worked since […]
Lets Encrypt Failure – It was DNS(ish) – a conspiracy of coincidences Read More »
DNSSec is a technology that adds a layer of protection so that domain names and websites like this one are more resistant to being hijacked by a spoofed domain. In this case it provides an additional layer of authentication to allow a DNS resolver to prove that the answers it got are valid and not
DNSSec All The Things – An Easy (and free) Way Read More »
During a recent red team engagement, we came across several useful artefacts after compromising an IT helpdesk user account. One of particular interest contained a list of useful sites, including a well-known password generator site. This is one of a class of sites that generate a password by selecting a number, say 4, random words
Three Random Words – An adventure in passphrase cracking Read More »