Recent searches
Search options
Kitten (https://codeberg.org/kitten/app) is Linux only but did you know you can easily run Linux containers on Windows and macOS?
• Windows (using WSL2): https://codeberg.org/kitten/app#run-kitten-on-windows-using-windows-subsystem-for-linux-wsl
• macOS (using Lima): https://codeberg.org/kitten/app#run-kitten-on-macos-using-lima
Lima isn’t as seamless as WSL2 yet but it’s also not being developed by Apple (WSL2 is by Microsoft).
(Remember, Kitten is not finished yet but please feel free to play around with it.)
@aral Site appears to be down. Connection refused.
@mforester @aral @Codeberg I am also running a Pi-hole, but it's not showing up in my query lists. Disabling the browser ad blocker still doesn't address it.
But your discovery has prompted me to think I might have something that's catching it, so I'm digging.
@atoponce @aral @Codeberg codeberg.org somehow made it to OSINT's threat list: https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt
@mforester @aral @Codeberg My upstream DNS service provider (not my Pi-hole) is blocking it. Switching DNS servers works. Wild.
Too bad it got caught on the OSINT threat list. I have a feeling this will be a bit of a headache for them.
@mforester @aral @Codeberg It's also identified as a malware domain on Firebog.
@atoponce Is someone going around submitting it or is there something about the site that’s triggering these systems?
@aral @mforester @Codeberg Looks like it was due to a single instance of someone uploading malware to an issue.
@atoponce I know you can't access it, but they are aware of it: https://codeberg.org/Codeberg/Community/issues/841
@mforester Given that issue is closed, I also opened this: https://codeberg.org/Codeberg/Community/issues/850
@mforester @atoponce @Codeberg WTF? Do we know who runs that and how we get it removed from there?
@mforester Answering my own question, it’s apparently @davidonzo – hey David, can we please get @Codeberg off of your blocking list at https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt
@aral @mforester @Codeberg @atoponce
Let me check...
@aral @mforester @Codeberg @atoponce
The reason why the domain has been added is this malware report => https://osint.digitalside.it/report/d667c0f13d5f8473209308352cb69a29.html
VT updated link report => https://www.virustotal.com/gui/file/1fd5c566aa8a625297a5910399f4e3700b5e3698f569a446a42a3e9b022640cf/detection
It seems the file has been removed, since a 404 error is returned, but anyway I have to consider the domain compromised.
The retention policy for a compromised domain is 7 days, so tomorrow the domain will disappear.
In case someone can confirm me the domain has been cleaned and remediated I can remove it in minutes.
@aral @mforester @Codeberg @atoponce
Oh, codeberg.org is a collaboration platform and members are able to store software in Git repositories.
Ok, in this case the policy applied is different. Since I can't consider "compromise" a domain allows external user to upload/download data, the domain will be whitelisted.
This means malicious links will be reported in the urls list, but the domain won't be added to the bad domain list.
I'm updating the lists right now.
Thanks for the report!
@davidonzo Thanks so much, David. Appreciate it :)
@mforester @aral @Codeberg FWIW, I'm on a wired connection via my ISP. But it also refuses to connect over my cellular data connection as well.
So, either they have something misconfigured on their web server config, or their intentionally blocking large swaths of subnets, of which affects me.
@aral I've got Kitten on my holiday tinkering list! Looks like fun!
@meadowhawk Yay! Let me know how you get on (and keep in mind it‘s not finished yet, yada yada) :)
@aral lol totally understand the wip, I'm a back end Dev so always looking at tools that can speed up my UI work and save me the inevitable flailing about! 
@meadowhawk Fair enough :) Also remember it’s very opinionated and tweaked for Small Web use. Phew, I think that’s all the disclaimers out of the way. Enjoy! :)
@aral lol sounds perfect, I'm usually adding uis for my own tools etc that have a small web focus. It can be a real chore rolling out a big react or vue app for an app that has maybe 2 users.
@aral I use a Chromebook (Acer Spin 713) and I love it.