Author Archives: ryan niemes

I’m a dedicated father and friend. I enjoy technology immensely and feel extremely lucky to have been born at the right place & during the right time. I started out working for the University of Dayton as a co-op student in computer science. I fell in love with the concept of networking – this wasContinue reading “About:me”

I’m experimenting with thehive and associated projects (misp in particular) and will be describing some issues I run into & how I’ve fixed them (fingers crossed). One of the first things I tried was to import events from wildfire to misp. I found a package called pan-stix and installed it on my osx box. RunningContinue reading “importing wildfire reports into misp and thehive”

Unfortunately, as of 16 April 2019, I’m still seeing traffic on this domain. Here are some others I’m seeing: dfbfb63dcaff96fbe9616fb806e4799f.com8d46980d994cc618aeed127df1b5c86d8acd86ce.info07bf396c25d9a624281c97752aee0247e4229b84.xyz07bf396c25d9a624281c97752aee0247e4229b84.com07bf396c25d9a624281c97752aee0247e4229b84.infod234304f57772cf6be78ab6c24a65c91ce896fff.xyzd234304f57772cf6be78ab6c24a65c91ce896fff.comd234304f57772cf6be78ab6c24a65c91ce896fff.info8d46980d994cc618aeed127df1b5c86d8acd86ce.xyzcbb0c7dae8061aca012b8a910062c33f3642e383.comcbb0c7dae8061aca012b8a910062c33f3642e383.xyzcbb0c7dae8061aca012b8a910062c33f3642e383.info

I contacted security@nordvpn and they said it will be fixed in the most recent release of NordVPN. As a bonus they gave me 3 years free for reporting the issue 🙂

I’m now the proud owner of these domains: f5d599a39d02caef1984e95fdc606f838893ffc5.com 8d46980d994cc618aeed127df1b5c86d8acd86ce.xyz 10bdc75ab2f0486f008dbdd8f1b0a38d7399598e.xyz Why would I purchase such strange looking domains you ask? It all started long ago, while working for my enterprise. I saw some activity flagged by OpenDNS / Umbrella for some CnC traffic bound for these domains. It was being blocked but as IContinue reading “f5d599a39d02caef1984e95fdc606f838893ffc5.xyz”