Why is my website talking to Google and Facebook servers? [closed]

When I visit my website and look at the trackers using the uBlock Origin’s report, I can see that some of the Java Scripts on my website are trying to connect to Google and Facebook servers.

enter image description here

When I inspected the network tab, I figured that the scripts is trying to connect to graph.facebook.com in particular (Couldn’t find any request to a sub domain for google.com). I thought these requests were the result of a plugin I installed to get the share buttons on different social media platforms but I removed the plugins and it didn’t change anything. I was wondering if and how can I stop these requests.

Was this spam email routed through Ukraine goverment’s mail servers? [closed]

I have recently received a typical spam email, but seeing it’s from domain gov.ua I have decided to examine it’s headers knowing that From field is not clear indicator of the sender.

To my surprise, the email originating from a mail client in South Africa had been routed through mail.mk.npu.gov.ua before reaching mx.gmail.com, Google’s mail exchange servers.

  1. Am I correct in assessing this?
  2. mk.npu.gov.ua belongs to Ukraine’s national police, so why would spam be routed through servers belonging to Ukrainian police?

Here is the relevant header excerpt:

Received: from mail.mk.npu.gov.ua (mail.mk.npu.gov.ua. [212.1.64.157])         by mx.google.com with ESMTPS id 127si3307596ljf.47.2020.09.03.22.16.27         (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);         Thu, 03 Sep 2020 22:16:27 -0700 (PDT) Received-SPF: pass (google.com: domain of ubnon01@mk.npu.gov.ua designates 212.1.64.157 as permitted sender) client-ip=212.1.64.157; Authentication-Results: mx.google.com;        spf=pass (google.com: domain of ubnon01@mk.npu.gov.ua designates 212.1.64.157 as permitted sender) smtp.mailfrom=ubnon01@mk.npu.gov.ua Received: from localhost (localhost [127.0.0.1])     by mail.mk.npu.gov.ua (Postfix) with ESMTP id A584F4EA7B6;     Fri,  4 Sep 2020 05:53:44 +0300 (EEST) Received: from mail.mk.npu.gov.ua ([127.0.0.1])     by localhost (mail.mk.npu.gov.ua [127.0.0.1]) (amavisd-new, port 10032)     with ESMTP id rGonvgTsqLKI; Fri,  4 Sep 2020 05:53:44 +0300 (EEST) Received: from localhost (localhost [127.0.0.1])     by mail.mk.npu.gov.ua (Postfix) with ESMTP id 8015750574B;     Fri,  4 Sep 2020 05:35:58 +0300 (EEST) X-Virus-Scanned: amavisd-new at mk.npu.gov.ua Received: from mail.mk.npu.gov.ua ([127.0.0.1])     by localhost (mail.mk.npu.gov.ua [127.0.0.1]) (amavisd-new, port 10026)     with ESMTP id QwWi9Xuk_Cn7; Fri,  4 Sep 2020 05:35:58 +0300 (EEST) Received: from [172.20.10.2] (unknown [105.12.7.241])     by mail.mk.npu.gov.ua (Postfix) with ESMTPSA id 7106E4EA8D6;     Fri,  4 Sep 2020 05:29:50 +0300 (EEST) 

What prevents me from using a some server’s public key and impersonate another server [duplicate]

I read alot regarding RSA encryption/DH key exchange/digital signatures and the whole TLS protocol.

There’s something i am missing regarding the public key signatue validation.

Let say some website has a certificate signed with its private key, as a client I have access to the public key.

But if the server only sends the public key to the client, what is preventing me as an attacker from taking this public key, and returning it to who ever wants to communicate with me.

I mean, where is the private-key authentiction comes to place?

I created this small C# code to demostrate:

private const int _port = 4455; static void Main(string[] args) {     Task.Run(async () =>     {         await TcpServerInit();     });      Task.Run(async () =>     {         await TcpClientInit();     });      Console.ReadLine(); }  private static async Task TcpServerInit() {     var server = new TcpListener(IPAddress.Any, _port);     server.Start();      while (true)     {         TcpClient client = await server.AcceptTcpClientAsync();         using (var netStream = client.GetStream())         {             ServicePointManager.ServerCertificateValidationCallback = ValidateCertificate;             ServicePointManager.Expect100Continue = true;              using (var ssl = new SslStream(netStream, false))             {                 using (var cert = new X509Certificate2(@"MyPublicCert.cer"))                 {                     await ssl.AuthenticateAsServerAsync(cert, false, SslProtocols.Tls12, true);                 }             }         }     } }  private static async Task TcpClientInit() {     using (TcpClient client = new TcpClient("localhost", _port))     {         using (SslStream sslStream = new SslStream(client.GetStream(), false, new RemoteCertificateValidationCallback(ValidateCertificate), null))         {             var servername = "CN=localhost";             await sslStream.AuthenticateAsClientAsync(servername);             byte[] messsage = Encoding.UTF8.GetBytes("Hello");             sslStream.Write(messsage);             sslStream.Flush();          }     } }    private static bool ValidateCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) {     //cert validation     return true; } 

Can Chrome Extensions Send Data to Remote Servers?

Suppose an extension has a scary list of permissions like that below ("Site access: On all sites"):

enter image description here

Does this also give the extension permission to send my data to the author’s servers via XHR?

I’ve read the documentation here but lack some background knowledge, so I am not sure in my interpretation:

Cross-Origin XMLHttpRequest

After reading this, it seemed like the extension isn’t allowed to send my data somewhere unless it has lines like the below in the manifest – is this correct?

"permissions": [     "https://www.google.com/"   ] 

What to include in generated emails to make them acceptable to email servers?

I need to send some automated emails from a program I’m working on. This is a new feature. I’m generating the emails now, but they get filtered by most of the email servers that I send tests to. Only one server I am using accepts the emails and it allows a lot of spam through. I need to find what headers or authentication or whatever I need to add to make the emails acceptable to major servers.

I’ve tried searching the internet for questions about sending automated emails, but the lead responses are all from companies that are willing to send the emails for me, or that are recommending what the body should look like.

How do I authenticate the email so that it doesn’t get flagged or filtered as spam?

Also, does length play any part in typical spams filters (i.e. are short emails more likely to be filtered)?

Does Nmap use only one of the DNS servers specified in the –dns-server flag per host?

When I’m scanning with Nmap, I make an effort to get proper hostnames associated with the target IPs. To do this, I scan UDP 53 on the targets to identify DNS servers and then run something like the following for each identified DNS server:

nmap -sL -v4 --dns-servers DNSSERVER TARGETS 

I have to review the results for each tested DNS server to see how many of the targets it can resolve, and also determine if the resolved targets differ.

The docs seem to imply that if you specify multiple servers in the --dns-servers flag, that it will choose one at random (or round robin). This interpretation comes from the "is often faster" part.

The problem I have is that my scan targets may not all be supported by the same DNS server. In my case, I’d rather specify all identified DNS servers in --dns-servers and have it fail over until it finds one that returns a response. If only one of the specified servers is used, to get accurate results I would need to perform multiple scans, each with a single DNS server specified.

My question is, is it true that the --dns-server flag will use only one of the specified DNS servers, and not try them all?

How to add a server list into Registered Servers on Microsoft SQL Server Management Studio (SSMS)

I have a list of sqlserver on on table on tbl_servers which have 500 server. example:

Select IP_instance, DBname, username, password from tbl_servers which will return the all sql server and their sa credential.

–> 10.10.1.30, myDatabase, sa, password

I would like to add all of this into the Registered server, can this done by SQL scripting? or any faster way to add?

Do we need to guard against federated identity servers lying about who signed in?

Having successfully integrated my old web forms app with an ADFS server I got to thinking about how the process works as a whole. The old app passes the user to the remote ADFS, then eventually the user arrives back in our server having a signed-in identity of joe.schmoe@somedomain.com but I’m not entirely clear on whether I’m supposed to trust that’s right, or whether I’m supposed to try and ensure it’s right.

Supposing that a rogue actor at somedomain.com replaces the sign on at the remote end or manipulates it in some way such that my local server ends up being told that bigboss@somedomain.com signed in (when it was actually tom.hacker@somedomain,com), or worse that bigboss@otherdomain.net signed in, what do we do with such situations?

Is this handled already by the auth process such that we can be sure there are some local rules that enforce the federated server may only return users with some characteristic such as "must really be a user of somedomain.com, for which you know this identity server is responsible" ?

When we hand off authentication to a third party, and get the "user X auth’d successfully", do we need to be wary about whether it’s truly user X and whether the server confirming the identity truly has authority to do so for the user given?

At the moment I’m thinking I should also implement my own local check that the announced user matches a pattern to ensure the federated server isn’t used to break into other domains’ accounts and also implement 2FA to give some extra check that the user announced truly is that person