作者： 白翼

Thank you to all the contributors on the CentOS Project. And goodbye Red Hat.

CentOS has been my go-to for the past decades and what got me into the Linux world. Moving on to the next decade with Debian – https://github.com/richardevs/debian12-ansible

With Digicert’s acquisition of DNS Made Easy (DNSME), DNSME has since hiked up their pricing for 25 zones from $75.00 to an astonishing $675 (Annual).

To be fair, existing users (legacy Business plan) only got a small bump from $75.00 to $96.00/yr, but, who knows how long that can last?

Since then I’ve been thinking about where I should migrate my DNS to after my contract with DNSME is due. I thought about building my own DNS clusters but it is just not worth it to spun up VMs around the world myself. Amazon Route 53 has been my first choice but recently I find that ClouDNS is not just a free DNS service as I always thought, they also offer Premium DNS. Duh.

So far, ClouDNS seems to tick all my boxes:

– Anycast DNS, with PoPs in Asia (Hong Kong, Taiwan, Japan)
– Low TTL value (Would love to have as low as 1s, but 60s will do, as most recursive DNS does not respect a value lower than that anyway)
– DNSSEC support (Suck it Digicert DNSME for only providing DNSSEC on their $2100/yr plan)
– Super reasonable pricing (Premium M, 75 zones for only $54.45/yr, that’s a bargain)
– White-label support (Even with an option to upgrade to dedicated IPs and PTRs for only $25/month, damn)

One worry is that I did not find any documents mentioning the DNS propagation speed for ClouDNS’ zone records.

Will definitely be evaluating that and more as soon as I reach my last contracted year with DNSME 🙂

Following the recent surge of .COM renewal price, and the cool rebrand for Dynadot. I’m considering Dynadot to be a new home for my domains. When I was checking the service out, I had a question and found a bug regarding their email form, as following:

1) Dynadot seemed to mask the WHOIS email address into a URL. This can be a concern when transferring the domain out, as the new registrar will send a confirmation email to the domain owner, based on the contact email listed on the WHOIS database.

Question: Do I then have to turn WHOIS protection off when I need to transfer a domain? Does Dynadot provide any WHOIS email forwarding services?

Update: I later found the answer myself.

As per ICANN’s new domain transfer guidelines, effective 25th May 2018, all domain transfers will not require Form of Approval (FoA). The Transfer Authorization process will not require the Registrant Contact’s approval via e-mail.

2) When I tried to contact them via their email form here (https://www.dynadot.com/community/contact), I received a “failure notice” email from the Dynadot email handler and the contact message was never sent to the Dynadot support team (info@dynadot.com).

TL;DR:

The Dynadot support (info@dynadot.com) is not as knowledgeable about the transfer requirements as I wish. And every time I replied to the email thread, a different support engineer came to answer my question. In which, I have to clarify my questions every time since they don’t seem to be reading the communication history, and the context is lost between them.

For more details…

继续阅读“An unpleasant Dynadot customer service experience”

For a while now, my Windows PC will suddenly go OOM after 3-weeks of usage. But whenever I was inspecting the Task Manager, I found no clue as to why the system will go OOM despite plenty of available memory left. Today, I caught my system “red-handed” again, and this time, the data on the Task Manager does not add up.

96% memory usage despite the process memory figures do not add up.

RamMap result – occupied by Nonpaged Pool. After reading some materials from the Internet, this seems to be related to memory leak.

PoolMon diagnostic, lock on the suspect – dxgmms1.sys. (Bytes gradually increasing, and was not being released at all)

Used command: .\poolmon.exe -p -d /g “C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\triage\pooltag.txt”

(Note: You could skip the installation of Visual Studio and only download the WDK if you only need this tool – https://learn.microsoft.com/en-us/windows-hardware/drivers/other-wdk-downloads#step-2-install-the-wdk)

Checked the file, totally legit Microsoft-signed, DirectX related driver file. Unfortunately, I do not have a good way to further locate the possible mitigation. For now, I have updated my graphics card driver and upgraded Windows 10 to the latest 22H2, and see if anything gets improved.

Ref:
https://blog.csdn.net/weixin_40188600/article/details/82853017
https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/finding-a-memory-leak

Google article: Phishing campaign targets YouTube creators with cookie theft malware

With 2-factor authentication becoming more and more main-stream nowadays, attackers turn back to the ancient way – tricking people into downloading malware, thus getting the cookies information stored on their local computer, and being able to log in to their active accounts using those session cookies.

It seems that a qualified security software on a Windows system is still a must, and isn’t leaving any day soon.

https://mp.weixin.qq.com/s/c85tzbUcTCXxQLWQuINUHg