More

sucuri2 · on Oct 3, 2024

What do you mean by WordPress logs? I would love support to internal wordpress logs, like the ones by the trunc plugin:

https://wordpress.com/plugins/trunc-logging

that would be interesting.

braunshizzle · on Oct 3, 2024

WordPress debug logs is what is supported. I've never used the Trunc plugin but will take a look at adding support for it. I need an example log first

sucuri2 · on July 2, 2022

Quite a few:

- AWS route53

- Google DNS

- Sucuri DNS

- https://noc.org DNS

- https://nsa1.com DNS

And probably many more.

sucuri2 · on Aug 24, 2016

50% of all traffic to the dual stack hosts are going via IPv6. That's expected as most dual stack clients favour IPv6 over IPv4.

sucuri2 · on May 4, 2016

We posted some more details here:

https://blog.sucuri.net/2016/05/imagemagick-remote-command-e...

sucuri2 · on July 15, 2013

You would be surprised. But to say the truth, I trust the OpenSSH code a lot more than any VPN software that you can install to prevent direct access to it.

achillean · on July 15, 2013

It's fairly common actually, at least around 12,860,698 devices have their SSH open to the public (http://www.shodanhq.com/?q=port:22).

pbsdp · on July 15, 2013

The difference is that exposing OpenVPN code allows you to separate remote access from your production services, both reducing the total attack surface and providing defense-in-depth.

On top of which, OpenVPN has actually had fewer security vulnerabilities released than OpenSSH, and HMAC validation enormously restricts the surface area of exposed code as compared to OpenSSH.