HN Reader

Why Women in Tech isn't enough (whitep4nth3r.com)

1 points by synesthetic 47s ago 0 comments

Employers Pay Problem-Solvers, Not Encyclopedias (michaelbastos.com)

1 points by mbastos 1m ago 1 comments

Hyprland 0.50.0 Released (hypr.land)

1 points by clemensnk 2m ago 0 comments

Gitplay: Learn how a software project (using Git) evolved over time (github.com)

1 points by indigodaddy 5m ago 0 comments

Google will enable Gemini to harass and annoy businesses with its questions (theverge.com)

2 points by bbarnett 7m ago 0 comments

I analyzed 50k+ negative app reviews (from 5k+ mobile apps) to get app ideas (bigideasdb.com)

1 points by OmPatel5 9m ago 1 comments

Show HN: Mocksmith.dev – Instantly Generate Relational Test Data (mocksmith.dev)

1 points by mllev 10m ago 1 comments

Poker Bot (pokerbotai.com)

1 points by energy_floww 13m ago 0 comments

Double Pendulums are Chaoticn't [video] (youtube.com)

1 points by shiryel 13m ago 0 comments

Nihon Hidankyo (en.wikipedia.org)

1 points by simonebrunozzi 14m ago 0 comments

Enhancing COBOL Code Explanations: A Multi-Agents Approach Using LLMs (arxiv.org)

1 points by PaulHoule 15m ago 0 comments

Reactive Java Operator-fusion (2016) (akarnokd.blogspot.com)

1 points by mfiguiere 16m ago 0 comments

The Rules for Rulers [video] (youtube.com)

1 points by _feynon 17m ago 0 comments

Deriving Accurate Nocturnal HR, RMSSD and Frequency HRV from Oura Ring (2024) (pmc.ncbi.nlm.nih.gov)

1 points by wslh 17m ago 0 comments

The next 700 programming languages (dl.acm.org)

1 points by gnufx 18m ago 1 comments

Man has shoes tattooed onto his feet because he's 'tired of paying' for new ones (mirror.co.uk)

2 points by austinallegro 19m ago 0 comments

Typogram Studio: A New Tool for Beautiful Typography Design (typogram.co)

2 points by wentin 20m ago 0 comments

Intel's retreat is unlike anything it's done before in Oregon (oregonlive.com)

3 points by cbzbc 23m ago 0 comments

Mapping the AI economy: Which regions are ready for the next technology leap (brookings.edu)

1 points by hunglee2 23m ago 0 comments

High-Speed Rail Route Proposed Between Los Angeles and New York (newsweek.com)

1 points by geox 23m ago 0 comments

Op against Russian hackers Noname, 5 arrest warrants (ansa.it)

1 points by N19PEDL2 23m ago 0 comments

I Got into Deep Learning (vikas.sh)

2 points by skadamat 28m ago 0 comments

Steam bans games that violate the 'rules and standards' of payment processors (engadget.com)

4 points by akyuu 29m ago 1 comments

We Have Made the Decision to Not Continue Paying for BBB Accreditation (mycherrytree.com)

2 points by LorenDB 30m ago 0 comments

Biphasic liquids with shape-shifting and bistable microdomains (nature.com)

1 points by Bluestein 30m ago 0 comments

ReDB – platform for moving data between database technologies (github.com)

1 points by tommihip 31m ago 0 comments

Techniques for Limiting Manipulation of URLs (PDF, Patent) (image-ppubs.uspto.gov)

2 points by absurdistan 34m ago 1 comments

Grappling with the Existential Panic over AI (easydns.com)

1 points by StuntPope 34m ago 0 comments

Tim O'Reilly -Where Is AI on the Enshittification Curve? (oreilly.com)

3 points by rmason 35m ago 0 comments

How I got hired by AWS (2008) (simon.medium.com)

1 points by simonebrunozzi 35m ago 0 comments

Ex-OpenAI engineer pulls the curtain back on a chaotic hot mess (theregister.com)

2 points by rntn 36m ago 0 comments

React JavaScript: From Zero to Hero (reactz2h.com)

2 points by dralexturner 38m ago 2 comments

My friends made plans without me – is it weird to invite myself? (theguardian.com)

1 points by ljf 39m ago 1 comments

8.8 Zero Day CVE in Chrome Patched (bleepingcomputer.com)

2 points by RobSpectre 42m ago 0 comments

Benefits of weight loss on fat tissue (imperial.ac.uk)

2 points by gmays 43m ago 0 comments

How (and why) to do pop-up communes (supernuclear.substack.com)

1 points by simonebrunozzi 44m ago 0 comments

Space Force Accepts New GPS Control System After Years of Delays (airandspaceforces.com)

2 points by mikece 44m ago 0 comments

Trump sues Corporation for Public Broadcasting directors who refused to be fired (arstechnica.com)

5 points by duxup 44m ago 2 comments

Hit (raw.githubusercontent.com)

1 points by zayr 45m ago 1 comments

Brazilian Payment System Pix Under Investigation (ustr.gov)

3 points by owebmaster 47m ago 2 comments

Abraham Lincoln Drew Poetry and Power from His Suicidal Depression (themarginalian.org)

4 points by Bluestein 48m ago 0 comments

Signs of Autism Could Be Encoded in the Way You Walk (sciencealert.com)

20 points by amichail 48m ago 8 comments

Agricultural liming in the US is a large CO₂ sink, say researchers (phys.org)

1 points by PaulHoule 49m ago 0 comments

Attorney General Bailey Fights to Expose Big Tech Censorship of President Trump (ago.mo.gov)

1 points by croes 49m ago 0 comments

HopFront: Generate API-based dashboards instantly (hopfront.com)

1 points by sea-gold 51m ago 0 comments

Font-size-adjust Is Useful (matklad.github.io)

2 points by ibobev 51m ago 0 comments

Innovation starts with consumers, not academia (lemire.me)

1 points by ibobev 52m ago 0 comments

Crims hijacking patched SonicWall VPNs to deploy stealthy backdoor and rootkit (theregister.com)

2 points by chrisjj 52m ago 0 comments

Anyone else tired of AI being forced on you?

18 points by lucideng 52m ago 7 comments

PyPI Prohibits inbox.ru email domain registrations (blog.pypi.org)

32 points by miketheman 53m ago 1 comments

Malware in DNS

4 alexrustic 1 7/16/2025, 1:51:25 PM dti.domaintools.com ↗

Comments (1)

Bender · 5h ago
DNS has been used for exfiltration of data, command and control and malware distribution for some time. It's popular because DNS is rarely blocked even when a network is locked down and forces everyone through a corporate monster-in-the-middle proxy.

DNS would also have to be forced through recursive servers that put size and rate limits breaking RFC's in place or at least alert on suspicious behavior which some over-priced corporate firewalls do. The alerts then have to be aggregated where a SOC will detect them and send someone to inspect that persons laptop.

Home users are at the mercy of their DNS provider or setting up their own recursive DNS and putting rate limits in place and their own monitoring. If a home user had no need to fetch TXT records they could censor some or possibly all of them using Unbound.

Example from one of my formerly public recursive DNS servers for their pro-DDOS massive TXT records. I believe this could be done for all domains but have not tested it. The examples below are commonly used in DDoS-Amplification attacks among many other domains with large TXT replies.

    local-zone: ebay.com typetransparent                        
    local-data: 'ebay.com. TXT "[ddos redacted]"'                 
    local-zone: tmz.com typetransparent                               
    local-data: 'tmz.com. TXT "[ddos redacted]"'                       
    local-zone: google.com typetransparent
    local-data: 'google.com. TXT "[ddos redacted]"'