DNS-Hijacking durch Forest Blizzard: Wie Heimrouter zur Spionageinfrastruktur werden

Microsoft Threat Intelligence identifizierte dabei über 200 betroffene Organisationen sowie rund 5.000 kompromittierte Endgeräte – und warnt, dass die eigentliche Unternehmensinfrastruktur dabei gar nicht direkt angegriffen werden muss.

https://www.all-about-security.de/dns-hijacking-durch-forest-blizzard-wie-heimrouter-zur-spionageinfrastruktur-werden/

#soho #DNS #dnssecurity #router #DHCP

Joah... was macht man so am Oster-Wochenende???

Na klar: Das eigene lokale Netzwerk komplett umbauen von Flat LAN mit Fritz!Box und Pihole, auf ein ausgewachsenes Business Netzwerk mit:

Fritz!Box nur noch als Modem, OPNsense (als Firewall, Kea DHCP, Unbound DNS), vier TP-Link EAP225 als Access Points mit drei WLANs, ein TP-Link TL-SG1016DE Smart Switch mit nun insgesamt 5 VLANs, Omada Software Controller zur Verwaltung der EAP225.

Alle IoT Geräte die den Homeassistant bedienen in einem eigenen VLAN, Gäste WLAN, IoT WLAN, etc... pp... 😛

Man hat ja sonst nix zu tun.......

#opnsense #netzwerk #network #vlan #homeassistant #iot #pihole #keadhcp #dhcp #omada #tplink

Working on a multi-vendor service management ( #MVSM ) lab at the moment because #DNS and #DHCP do not always run on dedicated appliances. Sometimes they run on #Windows or #Linux. 🤷‍♂️

During my ongoing exploration of the #EfficientIP portfolio, I discovered that #SOLIDserver can also be run as a #docker #container. 📦
https://hub.docker.com/r/efficientip/eip-edge-network-services

That adds another useful option for distributed and lightweight service deployment scenarios. 🤔

Contabo Support & Culture - The technical failure itself is secondary to the organizational failure handling it. Contabo’s support culture demonstrates a fundamental misalignment of incentives.

Optimizing for Metrics Over Solutions: The primary objective of the support tier appears to be closing tickets as quickly as possible, using any available justification, rather than genuinely resolving the customer’s problem.

Blame Shifting: There is a clear tendency to attribute faults to the customer or incorrect settings rather than investigating potential anomalies in the underlying virtualization or infrastructure layer.

Absence of Root Cause Analysis: Because the support team applied a static configuration workaround and immediately closed the ticket, the actual root cause of the disappearing DHCP configuration was never identified.

Perpetual Vulnerability: When root causes are ignored in favor of quick patches, the underlying infrastructure bugs remain. This guarantees that the exact same issue will occur again, leading to an endless cycle of new tickets.

#Contabo #VPS #hosting #support #networking #DHCP