In response to the recent POODLE vulnerability in SSLv3, I have disabled SSLv3 support in anything of mine which speaks SSL/TLS. All connections are running TLSv1.0, TLSv1.1, or TLSv1.2 now.
I run an OpenBSD system as a packet filter in front of my various virtual machines at my colo. I've got a default `block drop in log all` rule which drops and logs all un-handled traffic. I've been rotating the logs around, but not doing anything more than troubleshooting with the logs. I often watch the live pflog scroll by, investigating the occasional IP of interest.
Today various sources announced CVE-2014-6271: 'bash: specially-crafted environment variables can be used to inject shell commands'. This is a serious risk on many Unix-like systems, as bash is a very popular shell, and included by default on many systems. It is used by both interactive users, as well as many wrapper scripts used in daily system operations.
The Internet Storm Center had an interesting diary entry up today which I was able to independently confirm quite easily in under 5 minutes. Watching the traffic for a longer period of time became rather interesting.
While I've been supporting making requests to ipquail.com with useragent curl and responding with only plaintext, I don't have a formal API for the site. Being inspired by the recent Arin on the Road talks on their Whois-RWS and Reg-RWS systems, I sat out to start to write an API for ipquail.com