More

m3047 · 2026-03-21T20:57:02 1774126622

If you're selling ammonium nitrate and diesel, it's a reasonable presumption that you're in the agricultural supply business. It's also reasonable to expect you not to sell a truckload of both to someone who you don't know to be a farmer.

m3047 · 2026-03-21T20:07:36 1774123656

I'll tell you what I expect to see from crawlers, agents and which I'm enforcing on everybody who doesn't look distinctly human:

* Reverse DNS which points to a web site which has a discoverable / well-known page which clearly describes their behavior.

* Some sort of reverse IP based, RBL and SPF -inspired TXT records which describe who, what, when, why, how, how often

so that I can make automated decisions based on it.

Yah, I don't have a lot of crawlers that I welcome... but I'm building a pretty good database of the worst offenders. At scale... there are advantages to scale which work in my favor, actually.

I documented this at the end of a blog post when I made blocking Amazon incoming requests a default policy several years ago.

m3047 · 2026-03-11T18:37:27 1773254247

Seems like it was just hours ago they started reaching out to my edge servers from their address space (Me: why is a reverse proxy service banging my servers when I'm not a customer? did some miscreant sign me up somehow?) and it was for Apple, privacy, mom and pie (a VPN service, dressed in noble aspirations). It never quite smelled like pie to me.

If you're doing threat hunting / risk enumeration: Cloudflare is no longer a passive service that miscreants hide behind, they now actively reach out and grab your privates. Make a note of it.

m3047 · 2026-03-11T18:30:01 1773253801

   Updated Date: 2026-03-11T07:13:31Z
   Creation Date: 2001-03-09T23:23:30Z
   Registry Expiry Date: 2027-03-09T23:23:30Z

There is also this:

https://www.infoblox.com/blog/threat-intelligence/abusing-ar...

m3047 · 2026-03-10T18:58:33 1773169113

Sometimes you squeeze clay and it comes out the oddest places. There were other stressors last week.https://www.pcmag.com/news/amazon-cloud-services-disrupted-i...

m3047 · 2026-03-10T18:21:39 1773166899

Goes to a lot of trouble to build a mental model / map / landscape of how agentic ops work. Worth the read if you're looking for one, reasonable people know the map is never the terrain.

edgwatson1 · 2026-03-10T19:21:36 1773170496

FYI I believe the idiom is, 'the map is never the territory'.

m3047 · 2026-03-10T17:45:42 1773164742

https://interestingengineering.com/innovation/omar-yaghi-wat...

m3047 · 2026-03-06T19:25:51 1772825151

Stucke's talk about DNS being hazardous to your health is one of my all time favorites: https://www.youtube.com/watch?v=4PSc9BJDWhM

m3047 · 2026-03-01T19:32:22 1772393542

"The key here is that the radio frequencies used in handheld radios are far from the natural resonances of the atom, so while the atoms can sense the radiation, they don't respond to the frequency modulation on which the audio is encoded,"

m3047 · 2026-02-26T20:32:28 1772137948

The thing which blows my mind is that the NIC handle database is simply gone. This was the database of everyone who was responsible for some internet asset (typically a domain name) in some fashion such that it was recorded for operators' use. You could look it up, it was public. Now it's simply gone. (I'm FWM6)