This is very cool but it would be nice to have more features on the MCP server, such as arbitrary read and write of programs. For example, I was working on a self-unpacking CTF challenge which XORed instructions. It would be nice to have it be able to read the values at the addresses it xored.

Hey HN! I've done a lot of work with querying large amounts of DNS scanning recently for my own projects, and I've found that the current available tools (massdns, dnsx, zdns) were lackluster in the performance and accuracy aspect.

Recently, I've learned about XDP and AF_XDP, which allows user-space programs to have a fast-path through the kernel and skip a large chunk of networking done by the kernel. This allows us to directly interact with the network interface TX queues, and send a lot of traffic very fast.

I initially started to do this because I was curious if it would work or not, but eventually I saw that it worked too well, so I polished it a little bit and released it as open-source.

Happy to answer any questions.

Does this have logic to set packet rate-limits per-nameserver? Many name servers have per-IP rate limits. Most defaults are fairly high but I am curious if you mitigate this by ensuring no single name server gets more than user-definable packets per second.

This reminds me on how Spotify's bug bounty program keeps receiving vulnerability reports about Shopify, and how Shopify keeps receiving vulnerability reports from Spotify. This went so far that they had to explicitly put the other company's domain as out of scope on their bug bounty policy.

I think the documentary about "pixo" is pertinent here, "pixo" is a political manifestation. It is meant to be ugly. https://www.youtube.com/watch?v=skGyFowTzew

I guess you do kinda shake and move around the muscle of your hands when you're running.

I mean, your IP is being crawled by random bots dozens of time per day, what's the difference between that website and the traffic your IP gets already?

Seriously, this is a laughable concern – if you have a "public facing server" you're already listed in Google, Shodan, being probed by dozens of IPs across the world...

I found this showing up in my logs recently.

     [21/Jun/2021:19:07:19 +0000] "GET / HTTP/1.1" 301 169 "-" "Expanse, a Palo Alto Networks company, searches across
 the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com"

I remember thinking that ads in server logs was a new one to me.

Let me explain, I am not running any services on standard ports. You'd have to do a port scan and find one of the ports running a web service. But they're HTTPs (with unsigned personal certificate keys, mind you) and are password protected.

I still get so. many. random people entering passwords and trying to break in. They don't look like a wordlist or automated bots, they're literally people guessing.

Just because you see a username and password screen after you nmap this public IP, doesn't give you the right to start trying to hack it.

You're making a normative argument; I'm making a positive one.

You ought not try random usernames/passwords on someone's public server, I agree. But if you expose a public server that lets someone type a username/password, you had best be ready for someone to guess values.