ADA compliance clarification

Articles/Grow_Your_Homelab.md

@@ -8,6 +8,8 @@ The first things to buy are a surge protector, a flash drive, Raspberry Pi, and
 
 Easy services to install to this initial server are [web-based revision control](/AniNIX/Ubiqtorate/src/branch/main/roles/Foundation), [ssh protections](/AniNIX/Ubiqtorate/src/branch/main/roles/Sharingan), and [a DNS sinkhole](/AniNIX/Ubiqtorate/src/branch/main/roles/Nazara). Adding these two improves your security posture and gives you a good revision-controlled web frontend for your content with MFA authentication supported.
 
+A good addition would also be a pair of backup drives to use for backups. More details on how we do offsite backups are with [AniNIX/Aether](/AniNIX/Aether#relevant-files-and-software).
+
 # Initial Growth
 
 Some easy wins to grow your ecosystem after this are a privacy server for OSINT research and a home IOT management system. We document [AniNIX/DarkNet](/AniNIX/Ubiqtorate/src/branch/main/roles/DarkNet) and [AniNIX/Geth](/AniNIX/Ubiqtorate/src/branch/main/roles/Geth) for these two functions respectively. These can easily be addded onto new Raspberry Pi's or onto a server as virtual machines.
@@ -20,8 +22,6 @@ An alternative to this is a large scale of Raspberry Pi's as a Kubernetes cluste
 
 It's at this stage that one would start looking at adding convenience services like [AniNIX/Singularity](/AniNIX/Ubiqtorate/src/branch/main/roles/Singularity), IDS/IPS/SIEM solutions, and development CI/CD orchestration into the ecosystem.
 
-A good addition would also be a hot-swap cage attached to some server to use for backups. More details on how we do offsite backups are with [AniNIX/Aether](/AniNIX/Ubiqtorate/src/branch/main/roles/Aether). 
-
 # Multi-site Enterprise
 
 This is our future state, and one we're still exploring. The idea is that one would scale out the number of replicas at various different physical sites and anycast their network front-end with BGP or similar technologies. The anycasted services would need to be replicated -- PostGreSQL, InspIRCd, Graylog, and a number of other tools we're using have clustering configuration to make this possible. For larger organizations serving a large customer base, having at least two physical offices with their cluster racks would be best. ISP's will offer dark-fiber backend connections between these sites to secure the replication with point-to-point VPNs. The goal here is improved availability and throughput for the additional customers. Network edge throughput will probably require business-grade connections.

Articles/Lunch-And-Learns.md

@@ -1,7 +1,14 @@
 I've had a request to do some lunch-and-learns about the AniNIX, how we self-host, and how we manage some of our tools. We'll burn roughly the first 30-45 minutes talking through some concepts of how the AniNIX does what it does -- the rest of the time will be an open floor to ask anything you'd like.
 
-We are going to use [Discord](https://discord.gg/2bmggfR), just for bandwidth reasons and ease of setup, to host the call. If you don't have a Discord account, it's pretty easy to sign up. We may look at livestreaming out to YouTube and taking questions by IRC for those folks looking for a little more anonymity. Just swing by our Discord link and ask for the Lunch&Learn role.
+We are going to use [Discord](https://discord.gg/2bmggfR), just for bandwidth reasons and ease of setup, to host the call.
+* If you don't have a Discord account, it's pretty easy to sign up. Just swing by our Discord link and ask for the Lunch&Learn role after creating your account.
+* We are taking questions by IRC for those folks looking for a little more anonymity.
 
-We hope to see you there! [Click this Google Calendar link](https://calendar.google.com/event?action=TEMPLATE&tmeid=MjcwcHUxYmE5Y2lsOHNjMDRnaW81ZDZwb2ZfMjAyMjA0MTlUMTcwMDAwWiBjeGZvcmRAbQ&tmsrc=cxford%40gmail.com&scp=ALL) to add it to your calendar -- we'll be meeting in the 1200-1300 [US Central](https://time.is/CT) block.
+Due to real-life obligations, the livestream portions are paused but we will be opening the floor for discussions each week with a commit and some discussion on its relevance. Hope to see you in the channel!
+<!--
+We are testing live-streaming to [Twitch](https://www.twitch.tv/darkfeather0664) and [YouTube](https://www.youtube.com/channel/UCe-WNM2mbI51xoVZp3K_wFQ). If you're interested but not ready to join the Discord community, those options are open to you.
+-->
 
-There's no listed schedule right now.
+<!-- We hope to see you there! [Click this Google Calendar link](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=bzk4YmplZWpvdW52NWNoZjZna2dtZTNlNWJfMjAyMzExMjNUMTgwMDAwWiBjeGZvcmRAbQ&tmsrc=cxford%40gmail.com&scp=ALL) to add it to your calendar -- we'll be meeting in the 1200-1300 [US Central](https://time.is/CT) block on Thursdays.
+
+There's no listed schedule of topics right now -- request some on IRC or Discord!-->

Articles/The_Complicated_Cloud.md

@@ -47,9 +47,9 @@ We use Google for a few things.
 
 Effectively, Google services here are handling all the legacy cruft for us in dealing with the external world. These services are typically more difficult to secure, though they are more familiar to average users.
 
-## Stripe: Payment and PCI compliance
+## Venmo: Payment and PCI compliance
 
-[PCI compliance](https://www.pcisecuritystandards.org/pci_security/completing_self_assessment) is a necessary part of doing business within the US. This is presently more impactful for our [martial arts](/martialarts) division than the tech one, but it's still necessary to support. We host links to PCI sites, so we have to annually review a self-assessment, but our obligations are limited. It would be possible for us to develop a complete payment portal against a banking institution ourselves, but because we are not a bank, we'd still be dependent on that bank's cloud services and API's. Such development would also make us liable for more expenses in needing to hire a PCI auditor and other overhead we simply cannot afford. As such, we offload our payment system by linking out to [Stripe][stripe] which directs payment into our bank.
+[PCI compliance](https://www.pcisecuritystandards.org/pci_security/completing_self_assessment) is a necessary part of doing business within the US. This is presently more impactful for our [martial arts](/martialarts) division than the tech one, but it's still necessary to support. We host links to PCI sites, so we have to annually review a self-assessment, but our obligations are limited. It would be possible for us to develop a complete payment portal against a banking institution ourselves, but because we are not a bank, we'd still be dependent on that bank's cloud services and API's. Such development would also make us liable for more expenses in needing to hire a PCI auditor and other overhead we simply cannot afford. As such, we offload our payment system by linking out to [Venmo][venmo] which directs payment into our bank.
 
 We are investigating using a USDCoin wallet to offer operating on the blockchain, but that is still a weird middle ground of self-hosting and cloud all at the same time, being a peer-to-peer protocol. One could argue that running a miner for that protocol would make it somewhat self-hosted and that we are simply participating in the protocol with a much wider audience in the same way that providing an RSS feed puts us in the conglomeration of information provided by RSS. However, adoption for this is still low and more traditional banking will likely dominate any business ventures in the near future.
 
@@ -132,7 +132,7 @@ Self-hosting is still the best route, we believe, for your organization to contr
 [analytics]: https://analytics.google.com
 [domain]: https://domains.google.com
 [voice]: https://voice.google.com
-[stripe]: https://stripe.com
+[stripe]: https://venmo.com
 [freshping]: https://aninix.freshping.io/
 [zapier]: https://zapier.com
 [discord]: https://discord.gg/2bmggfR

Operation/Continuity.md

@@ -0,0 +1,27 @@
+Operational concerns are as important as development or security ones. Having a good layering of operational continuity will allow services to continue while the network operators follow the [incident response guidelines](./Incident_Response.md). Users should understand the posture outlined here to know how an incident will affect them.
+
+# Self-recovering Services
+
+Ideally, services should be designed & developed to recover themselves. This is the second-best option to not having problems in the first place. Tools like systemd can restart services, or monitoring can identify & remediate issues. This kind of automation can sort out issues before users or admins know about them.
+
+# High Availability & Geodiversity
+
+High availability can allow inconsistently failing nodes to not take the service down with them. If one node fails, the traffic will get routed to the next one so that users don't see issues. Admins can get the notification and sort the problem out before users even see the issue. Tools for this can be in webservers or appliances like F5 load balancers.
+
+Geodiversity allows some kind of resilience against environmental issues. One needs tools like round-robin DNS or eBGP to broadcast the fallback sites, but if an ISP suffers a line cut or the site endures a natural disaster (or planned maintenance), traffic will fall over to the next site. This can be a cost issue, since the deployment needs to decide the cost model. If any site can handle peak load, then the organization is wasting compute & power that's not doing work during normal operation. If any site can handle median load, peak will get handled by both nodes but it saves some cost during normal operation. If both sites are needed to handle peak activity, then you will see a service degradation during an event but this will be the most fiscally conservative option. Don't design services to only handle median load.
+
+This option is not currently available to us, as we don't have a second site for peering.
+
+# Disaster Recovery
+
+Disaster recovery is responding to terrible issues that can't be caught by the prior two solutions. This includes options like Infrastructure-as-Code, backups, and AniNIX/Aether, that provide various options for rebuilding services during an event. DR procedures are critical for resolving ransomware.
+
+# Business Continuity
+
+Business continuity operation is perhaps the most critical to AniNIX operations, since it allows the best options when issues take long enough to resolve that a user will notice. AniNIX/Yggdrasil, AniNIX/Foundation, and AniNIX/Singularity allow offline options for when the services aren't available but still allow users to use the content. Other services, like AniNIX/WolfPack or AniNIX/Maat, are convenience and if they aren't available users have the option to wait before using them. Discord is currently providing our fallback for IRC.
+
+Core business continuity procedures:
+
+* Maintain local clones of any AniNIX/Foundation projects you're working on.
+* Use the "Download Media" option in the Emby web interface for AniNIX/Yggdrasil
+* AniNIX/Singularity's TT-RSS mobile app has a "work offline" feature -- this will let the user look through the last set of articles the app downloaded.

Operation/Incident_Response.md

@@ -17,6 +17,10 @@ An [incident][2] is an unplanned event affecting a service or agency, where a di
 # Required Follow-ups
 See TOGAF, COBIT, and ITIL standards for design methods for incident response. Also available is documentation from [NIST](https://duckduckgo.com/?q=NIST+Creating+security+plans+for+federal+information+systems&ia=web) on how to formulate security plans.
 
+## Monitoring and Alerting
+
+Network operators should follow the `#sharingan` IRC & Discord channels for a redundant method of being alerted when there are issues. While we have no mean-time-to-acknowledge (MTTA) or mean-time-to-recover (MTTR) service-level agreements (SLA), on-call operators should attempt to respond with all available expediency to issues.
+
 ## OSINT feed
 
 Significant non-disruptive incidents detected by [AniNIX/Sharingan](https://sharingan.aninix.net) will be recorded as part of our [OSINT feed](https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml). This feed is intended to be a public service to help improve the general community. Those watching this feed are encouraged to examine their own incoming traffic for the adversaries listed and take appropriate protective action.

PKGBUILD

@@ -16,7 +16,7 @@ license=('custom')
 groups=()
 provides=("${pkgname}")
 conflicts=()
-replaces=("${pkgname,,}", "aninix-${pkgname,,}")
+replaces=("${pkgname,,}" "aninix-${pkgname,,}")
 backup=()
 options=()
 install=

Policies/Design_Principles.md

@@ -1,6 +1,6 @@
 The AniNIX is not a collection of one-offs. The following considerations should be evaluated before testing or releasing a new project, and quality assurance should report if any of these design principles aren't met.
 
-#  Meeting the need 
+#  Meeting the need
 
 Any design should be evaluated against the need it is intended to meet. Ask the following questions:
 * Does an existing package fulfill the need better than custom development by the AniNIX? [TheRaven](/AniNIX/TheRaven) is a fairly specialized package, but [Yggdrasil](../Services/Yggdrasil.md) was superior to our self-written Siren and an externally-maintained package, which saves the network human hours.
@@ -8,49 +8,49 @@ Any design should be evaluated against the need it is intended to meet. Ask the
 * Will filling this need justify the resource expenditure?
 * Will end users adopt this solution and fill their need that way, or will the effort be wasted when a more professional solution will be released and adopted later?
 
-#  Security-First Design 
+#  Security-First Design
 
-##  Remote Access vs. Local Only 
+##  Remote Access vs. Local Only
 Remote access isn't needed in all cases and opens the network to vulnerabilities. The CryptoWorkbench in the Foundation doesn't need to be remotely accessible when users can deploy their own with git; the Foundation itself doesn't need to allow the world to write to it to allow cooperation. These kinds of projects, that are either read-only or non-deliverable, can be safely monitored with [filesystem intrusion detection](../Services/Cerberus.md), virus scanning, and existing controls over remote access to the host.
 
 [SSH](../Services/SSH.md) and [IRC](../Services/IRC.md) do allow remote access, and require additional safeguards to those above. Network intrusion detection becomes a need, since this is a means by which attackers can exploit a service. Firewall rules will need to be opened and monitored.
 
-##  Penetration Testing Planning Before Release 
+##  Penetration Testing Planning Before Release
 Identify a plan and set aside resources to test the project before release. Failed attempts at open chroot accounts on [Core](../Entities/Core.md) have been identified and shut down before being generally released; these kinds of attempts allow the AniNIX to have confidence in the released projects while not stifling the developer's ideas. Failed ideas that are insufficiently secured are a good exercise in development, and they can be tabled for later when better controls or designs are available.
 
-##  Appropriate User Rights 
+##  Appropriate User Rights
 Running services as root is generally a bad idea for non-security services. Make sure to have a unprivileged account for any other service, particularly if they allow remote access.
 
-##  Physical Access 
+##  Physical Access
 The AniNIX does not believe in the cloud (or, as it is affectionately known, Computers Living On Unknown Datacenters). Cloud computing centralizes storage in a place that is difficult if not impossible for end users to secure and protect; particularly for sensitive information like social security numbers, this is not acceptable. Redundancy of the cloud is also very expensive and hard for small groups to achieve.
 
 In contrast, if any given user can replicate shared data from the AniNIX and each other on storage that they monitor and secure, the network becomes harder to destroy, impede, or rob. This decentralized model ensures that users know where their data lives, and any given user can stand up the network.
 
 For services that are hosting information like passwords, the device should be physically secured and the storage encrypted. While they can be made useless by destruction, this should prevent physical access resulting in an immediate compromise.
 
-##  Privacy 
+##  Privacy
 Guarantees of privacy are a major concern in designs. The AniNIX needs to be able to protect itself while doing its best to provide the same right to others. This ties in with concerns of Remote Access -- remote access that isn't by read-only transport requires an account which can be paired with an individual. This should be used for collaboration with the network and for maintaining user preferences.
 
-However, tools like documentation and source code should be available from behind privacy tools and without identifying a user. When governments can outlaw information, as many repressive regimes in the Middle East and elsewhere have done, the AniNIX seeks to make sure that the peopke still have power by information.
+However, tools like documentation and source code should be available from behind privacy tools and without identifying a user. When governments can outlaw information, as many repressive regimes in the Middle East and elsewhere have done, the AniNIX seeks to make sure that the people still have power by information.
 
-Furthermore, any communication across a wwider network should be encrypted. [WebServer](../Services/WebServer.md) controls most of this via the Let's Encrypt SSL certificate for the web apps, but SSH also encrypts its communication. Unencrypted communication is insecure and not private by default and should be prohibited as much as possible.
+Furthermore, any communication across a wider network should be encrypted. [WebServer](../Services/WebServer.md) controls most of this via the Let's Encrypt SSL certificate for the web apps, but SSH also encrypts its communication. Unencrypted communication is insecure and not private by default and should be prohibited as much as possible.
 
-#  End User Experience 
+#  End User Experience
 
 Services developed in isolation are interesting exercises, but in the end it is the user's comfort and trust in the service that will keep it being used.
 
-##  Reliability and Stability 
+##  Reliability and Stability
 Physical devices should have redundant components and power sources as much as possible. Protections against failures in services, such as frequently saving state and quickly restarting after a failure, are highly encouraged.
 
 Projects should crash rarely if ever -- any crash should be investigated immediately and the relevant code revisited. Frequent crashes are perhaps the highest cause of end-user dissatisfaction.
 
-##  Performance 
+##  Performance
 
 Performance is second only to stability in terms of the end-user experience. Services should be fast and light to meet the needs of users -- the state of development today doesn't tolerate slow and/or intensive processes for all but the most critical projects.
 
 Ensure that memory is allocated only when needed and deallocated as soon as possible. Processing should use efficient algorithms to meet the goal and should be open to re-evaluation. Network should minimize the use of images in transport -- X11 forwarding and video streaming should only be used in services that the user expects to be noncritical and potentially slow.
 
-##  Graphical Design 
+##  Graphical Design
 
 [Minimalism](https://en.wikipedia.org/wiki/Minimalism) is a key principle in the AniNIX design. An uncluttered interface with simple, intuitive options reduce the barrier to entry and improve adoption.
 
@@ -58,18 +58,32 @@ The AniNIX, as you can see by this page, follows a white-on-black color scheme w
 
 GUI elements will generally be deployed by a Web page, as this is a cross-platform means of providing access and easy to code. Should packages choose to include a local GUI, they are responsible for meeting these principles with a best-effort approach.
 
-##  Mobile Access Design 
+##  Mobile Access Design
 With the rise of the smartphone, remotely accessible services should offer a simple means via some app to reduce network traffic. The app interface should be intuitive and quick to use.
 
-##  Etymology 
+## Accessibility
 
-The AniNIX attaches a unique name, such as Sora for OpenLDAP or Yggdrasil for Emby, to packages and services it instantiates. The reason for this is that the name defines a scope of functionality the AniNIX expects to rely on -- should the underlying package change, such as replacing Plex Media Server with Emby, documenation and AniNIX packages will use the same name.
+AniNIX will, within reason, attempt to make its pages as accessible as possible to those with disabilities. To this end, internally-written UI elements should attempt to [maintain ADA / WCAG compliance](https://www.ada.gov/resources/web-guidance/) -- audit tools [such as this one](https://www.accessibilitychecker.org/) can assist.
 
-Names given should be chosen for relevance to the function being provided (Singularity being a pull service, Foundation being the basis on which we're built, etc.) and for ease of memory. Only the most basic services, such as IRC, WebServer, and SSH, will be left unnamed.
+Additionally, our protocols-over-apps implementation preference with RSS, IRC, and Git should hopefully make the majority of our content accessible for anyone. This preference should allow designers to create tools to consume content irrespective of the method of perception or interaction for the user.
 
-These names are not intended to supercede the licensing or attribution of other packages -- applications, once installed, should only update the minimal allowable elements to be usable under AniNIX principles. Whereever possible, this should be done via the application's provided interface, such as enabling dark modes. We also should not remove any links that the application provides to its own documentation, licensing, or websites. This means that AniNIX etymology only applies to administrators and is otherwise invisible to end users. 
+##  Etymology
 
-#  Maintainability 
+The AniNIX attaches a unique name, such as Sora for OpenLDAP or Yggdrasil for Emby, to packages and services it instantiates. The reason for this is that the name defines a scope of functionality the AniNIX expects to rely on -- should the underlying package change, such as replacing Plex Media Server with Emby, documentation and AniNIX packages will use the same name. We also need a naming convention for unique code we are writing, like Uniglot & TheRaven
+
+These names are not intended to supersede the licensing or attribution of other packages -- applications, once installed, should only update the minimal allowable elements to be usable under AniNIX principles. Wherever possible, this should be done via the application's provided interface, such as enabling dark modes. We also should not remove any links that the application provides to its own documentation, licensing, or websites. This means that AniNIX etymology only applies to administrators and is otherwise invisible to end users. Where the AniNIX is deploying services created by others, we should only use the names in two places: DNS and Kapisi roles. This makes it possible for others to look up the service as we swap out tools without overriding the attribution once the service is accessed.
+
+Names given should be chosen for relevance to the function being provided (Singularity being a pull service, Foundation being the basis on which we're built, etc.) and for ease of memory. Only the most basic services, such as IRC, WebServer, and SSH, will be left unnamed. Additionally, these names should be selected from one of the following categories:
+
+1. A natural phenomenon that describes the function, such as Singularity or Aether
+1. Mythological figures that provide wisdom (such as Odin for Yggdrasil, Raven, and Wolfpack), truth (like Wiccan Grimoire), and morality (such as Maat)
+1. The technological function being served, such as Password or DarkNet
+1. Cyber-themed science fiction with moral human protagonists
+    1. This last is the most complicated but most fun category.
+    1. Arguments must be clearly made in the etymology how the organization being selected is a commonly-accepted protagonist.
+    1. The human-centric focus is to maintain alignment with the people using the systems.
+
+#  Maintainability
 Make sure that a project can be easily maintained. This means following the Development Best Practices and submitting Markdown documentation for the project.
 
 Ensure that projects are configurable for key elements, particularly for things like passwords that change often, and they should use well-known and understood languages per the Development Best Practices.

rss/aninix.xml

@@ -11,6 +11,26 @@
 
     <id>https://aninix.net/</id>
 
+    <entry>
+        <title>Lunch-and-Learns Paused 20240502 through 20240627</title>
+        <link href="https://aninix.net/aninix.xml#lnl-pause-20240502"></link>
+        <updated>2024-04-25T17:21:00Z</updated>
+        <id>https://aninix.net/aninix.xml#lnl-pause-20240502</id>
+        <summary>
+            AniNIX will be pausing Lunch-and-Learns effective 20240502 through 20240627 for real-life training. We will merge AniNIX/Wiki#24 on our return.
+        </summary>
+    </entry>
+
+     <entry>
+        <title>CVE-2024-3094 Follow-up</title>
+        <link href="https://aninix.net/aninix.xml#CVE-2024-3094"></link>
+        <updated>2024-04-17T20:15:00Z</updated>
+        <id>https://aninix.net/aninix.xml#CVE-2024-3094</id>
+        <summary>
+            AniNIX was informed of CVE-2024-3094 via our OSINT community on 2024-03-28 -- patching was completed in AniNIX/Maat on 2024-03-29 and in all systems the day after. Security review of our access logs in AniNIX/Sharingan do not indicate a compromise, using dork `"accepted" AND application_name:"sshd" AND NOT "Accepted publickey"` and others. We apologize for the delay in follow-up and transparency, but other considerations have required attention prior to this post.
+        </summary>
+    </entry>
+
     <entry>
         <title>OSINT Feed</title>
         <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml"></link>
@@ -21,36 +41,6 @@
         </summary>
     </entry>
 
-    <entry>
-        <title>How to Grow Your HomeLab</title>
-        <link href="https://foundation.aninix.net/AniNIX/Wiki/src/branch/main/Articles/Grow_Your_Homelab.md"></link>
-        <updated>2022-04-22T20:30:20Z</updated>
-        <id>https://foundation.aninix.net/AniNIX/Wiki/src/branch/main/Articles/Grow_Your_Homelab.md</id>
-        <summary>
-            For some folks who are just starting out, the initial cost of a complete HomeLab stack and the administration required is a bit much. This article is a growth plan for how to get started, what technologies and tools to buy/deploy first, etc.
-        </summary>
-    </entry>
-
-    <entry>
-        <title>Lunch And Learns</title>
-        <link href="https://foundation.aninix.net/AniNIX/Wiki/src/branch/main/Articles/Lunch-And-Learns.md"></link>
-        <updated>2022-04-14T20:30:20Z</updated>
-        <id>https://foundation.aninix.net/AniNIX/Wiki/src/branch/main/Articles/Lunch-And-Learns.md</id>
-        <summary>
-            I've had a request to do some lunch-and-learns about the AniNIX, how we self-host, and how we manage some of our tools. We'll burn roughly the first 30-45 minutes talking through some concepts of how the AniNIX does what it does -- the rest of the time will be an open floor to ask anything you'd like. If you're interested, swing by! Google Calendar link is on the article page.
-        </summary>
-    </entry>
-
-    <entry>
-        <title>The Complicated Cloud</title>
-        <link href="https://foundation.aninix.net/AniNIX/Wiki/src/branch/main/Articles/The_Complicated_Cloud.md"></link>
-        <updated>2022-02-17T16:30:20Z</updated>
-        <id>https://foundation.aninix.net/AniNIX/Wiki/src/branch/cloud/Articles/The_Complicated_Cloud.md</id>
-        <summary>
-            The AniNIX is a self-hosted system, as much as we can make it. However, because we don't operate in isolation, it's worth documenting how we use the cloud for what declassified information we replicate onto cloud stores and why we need some cloud services.
-        </summary>
-    </entry>
-
     <entry>
         <title>GPG Key Distribution</title>
         <link href="https://foundation.aninix.net/AniNIX/ShadowArch/src/branch/main/EtcFiles/aninix.gpg"></link>

rss/osint.xml

@@ -11,6 +11,28 @@
 
     <id>https://aninix.net/</id>
 
+    <entry>
+        <title>2024MAR11 ACEVILLE PTELTD, Singapore</title>
+        <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#ACEVILLEPTELTD"></link>
+        <updated>2024-03-11T07:52:00Z</updated>
+        <id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#ACEVILLEPTELTD</id>
+        <author>DarkFeather</author>
+        <summary>
+            Provider "ACEVILLE PTELTD" from blocks 43.156.0.0/16, 43.134.0.0/15, 43.134.0.0/17 was detected trying to bruteforce our network with a distributed attack network. We are blocking these networks for malicious attempts in the hundreds.
+        </summary>
+    </entry>
+
+    <entry>
+        <title>24.144.93.118/32</title>
+        <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#24.144.93.118"></link>
+        <updated>2023-11-17T03:30:00Z</updated>
+        <id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#24.144.93.118</id>
+        <author>DarkFeather</author>
+        <summary>
+            24.144.93.118/32 was detected using a network scanner against our external address. Total volume was 55 -- this action repeated on 2023-11-18 at 08:40Z.
+        </summary>
+    </entry>
+
     <entry>
         <title>46.101.38.229/32</title>
         <link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#46.101.38.229"></link>