top | item 46896291

(no title)

notsylver | 25 days ago

I think people are misunderstanding. This isn't CT logs, its a wildcard certificate so it wouldn't leak the "nas" part. It's sentry catching client-side traces and calling home with them, and then picking out the hostname from the request that sent them (ie, "nas.nothing-special.whatever.example.com") and trying to poll it for whatever reason, which is going to a separate server that is catching the wildcard domain and being rejected.

discuss

hsbauauvhabzb|25 days ago

Sounds like a great way to get sentry to fire off arbitrary requests to IPs you don’t own.

sure hope nobody does that targeting ips (like that blacklist in masscan) that will auto report you to your isp/ans/whatever for your abusive traffic. Repeatedly.

leoc|25 days ago

Obligatory Bruce Scneier: https://www.schneier.com/blog/archives/2008/03/the_security_...

spondyl|25 days ago

My first thought was perhaps they're trying to fetch a favicon for rendering against the traces in the UI?

n0w|25 days ago

They're likely trying to retrieve source maps

unknown|25 days ago

[deleted]

doctorpangloss|24 days ago

people are misunderstanding because the blog post is really confusing and poorly written haha