Using DIG to Query DNS Data

Using DIG to Query DNS Data Domain Information Groper (DIG) is a command line tool that is widely used when troubleshooting DNS issues. If you’re an administrator working with any part of DNS it’s a critical piece of your toolbox. Example 1: Find the A Record for a domain Let’s assume we want to know…

Read More

Using NSLOOKUP to Query DNS Data

Using NSLookup to Query DNS Data If you’re working with the Domain Name System (DNS) you don’t have a choice, you have to become familiar with NSLOOKUP. NSLOOKUP is a command-line tool that can be run in your command prompt (Windows) or terminal (MacOS / Linux). It’s an amazing tool for troubleshooting DNS issues. It…

Read More

Troubleshooting Random Connection Errors with a WAF/CDN

Troubleshooting Random Connection Errors with a WAF/CDN There are instances where a connection might fail. It could be the NOC network, it could be your server. This is a quick way to troubleshoot the issue and identify where the problem is originating from. Example Issue: While posting an article in WordPress a random error was…

Read More

WordPress Forced Updates vs Auto-Updates and Abusing User Defined Intent

On June 1st, Automattic’s JetPack plugin released an update to patch an exploitable vulnerability. The vulnerability was found in their Carousel feature. The release invites plugin users to update their version. It warns that while it’s not known to be actively exploited it could be now that it’s been released. One thing it fails to…

Read More

Arbitrary File Vulnerabilities And Why They Matter to Your Website

Our last article explored trends we were seeing against WordPress and something became very evident – Arbitrary File Vulnerabilities ranked #1 for vulnerabilities being scanned for. Although the scope of our tests were limited, it does a lot to help better defenders better understand the tactics, techniques and procedures (TTP) being employed by bad actors.…

Read More

The Domain Name System (DNS)

In our previous article, we explored the relationships between Registrars, Registries and DNS. In this article, we will dive deeper into the world of DNS. The art of Routing Web Requests (Hello DNS) DNS stands for Domain Name System (DNS), you might hear it used interchangeably with Domain Name Server (DNS). It is the mechanism…

Read More

The Importance of Asset Monitoring

When we manage multiple assets, we must know what we have and their state. This is especially true when managing complex web ecosystems. Whether they are applications dependent on continuous communication with endpoints, or architectures reliant on multiple origins. At NOC, we don’t specifically talk to inventory management, or discovery, but should be invested in.…

Read More

Auth-DNS: Smart Routing with Enhanced Records

To leverage the smart routing options in the NOC Auth-DNS service a zone file must have more than one A record for the same domain. To create multiple A records for the same domain, do the following: Step 1 – Open Domain Zone File From the Authoritative DNS dashboard, click the name of the domain…

Read More