Your JoeDog is pleased to announce the release of siege-4.0.5. Exciting!
This release includes several bug fixes and minor corrections. It also includes support for IPv6. It allows you to override content-type at the command line and it provides an option for outputting the results in JSON.
You can turn on JSON output with -j/–json-output
$ siege --no-parser -j -c5 -r5 http://www.joedog.org
Your JoeDog is pleased to announce the release of siege-4.0.4. Exciting!
This release includes numerous bug fixes. If you have cooties, then it has the cure. In addition to fixes, it offers three new command line options:
-p URL, –print=URL
This option is similar to -g / –get but it PRINTS the page it received from the server.
This directive instructs siege not to follow 3xx redirects.
This release also includes support for PATCH and PUT.
Your JoeDog was just alerted to this behavior in siege:
[alert] Zip encoding disabled; siege requires zlib support to enable it
Segmentation fault: 11
Certainly the segmentation fault is the result of a bug, but we also have a configuration error. Siege is accepting a content encoding that it doesn’t support.
HTTP protocol allows servers to encode content before they send it. If a page is really large, the server might compress it first. But here’s the thing: If the server uses an encoding the client doesn’t support, then it’s pointless to encode it, right? HTTP provides a mechanism by which you can tell the server the encodings you support.
That brings us to the Accept-encoding request header. In this case, siege is sending something like ‘Accept-encoding: gzip’ although it wasn’t compiled with a compression library. To fix this problem, you can do one of two things: 1.) recompile siege with zlib and zlib-devel installed on your system. 2.) Send an empty Accept-encoding header.
You can configure that in your $HOME/.siege/siege.conf file like this:
But honestly, you should probably recompile siege with zlib and zlib-devel installed on your system…
UPDATE: Your JoeDog is unable to reproduce this segmentation fault. The sieger who reported this issue hasn’t responded with the version he is using. If you’re experiencing this, we recommend updating to version 4.0.3rc5 or higher.
In the natural world, some predators bide their time near a watering hole waiting for thirsty prey to stop by for a drink. In the cyber world, this is aptly known as a watering hole attack. It’s a favorite tactic of Turla, a Russian hacker group.
According to a new report by Eset, an antivirus manufacturer, Turla used Brittany Spears official Instagram page to hide instructions its malware could use to locate the command server. Once it has that address, the malware can upload its stolen details. We Live Security has the sordid details…
[We Live Security]: Turla’s Watering Hole Campaign
This is why our emails and sensitive documents are all over Wikileaks. Stop clicking shit. (Geekish)
Talos recently analyzed an interesting malware sample that made use of DNS TXT record queries and responses to create a bidirectional Command and Control (C2) channel. This allows the attacker to use DNS communications to submit new commands to be run on infected machines and return the results of the command execution to the attacker. This is an extremely uncommon and evasive way of administering a RAT. The use of multiple stages of Powershell with various stages being completely fileless indicates an attacker who has taken significant measures to avoid detection.
Your JoeDog has been following the President-elect on Twitter for quite some time. He’s a Howard Stern fan and Trump was part of the Howard Stern universe. Then something unexpected happened to this frequent Stern Show guest. He won the presidency. Yep, saw that coming….
So while it’s now possible that a tweet from atop a gilded toilet could touch off a nuclear holocaust and get us all killed, there another more awesome possibility. See, Your JoeDog’s greatest disappointment was his exclusion from Richard Nixon’s Enemies List. He was very young when Nixon left office but that guy was assholish enough to put a child on his Enemies List. It could have happened! Sadly, it never happened. Now according to news reports, Trump blocks people from his Twitter feed. That’s the contemporary equivalent to an Enemies List. Could Your JoeDog get himself blocked???
Now anyone can get on the Presidential Twitter feed and throw some F-bombs and get himself blocked. I was determined to play it clean. Full-frontal snark! I wanted blocked for getting under his skin, like Nixon’s enemies got under his. So how’s that effort going? Sadly, not so good….
It probably wasn’t an intern who liked that tweet. This appeared in my notifications while Trump was in the midst of a Tweet storm. He was probably scrolling replies and read the first part of a compound thought. “You won the Electoral College by a landslide…” LIKE “… if by ‘landslide’ you mean ‘one of the all time slimmest margins’.” Attention to detail isn’t a trait Americans look for in a President.
You can follow Your JoeDog’s attempts to get blocked by the 45th President @jeffyguy