fsebugoutzone.org:9999

       Post AWchjraN0cjsaKwhYe by shaun@mastodon.xyz
 (DIR) More posts by shaun@mastodon.xyz
 (DIR) Post #AWchjraN0cjsaKwhYe by shaun@mastodon.xyz
       2023-06-12T18:19:06Z
       
       0 likes, 0 repeats
       
       I really don&#39;t like shopping at #HomeDepot, mostly due to the politics of its co-founder Bernie Marcus. I always prefer #Lowes. But at least Home Depot&#39;s website lets me visit and see what&#39;s in stock at my local stores.Both websites live at #Akamai, but Lowe&#39;s has turned on some nebulous Akamai-maintained internal &quot;WAF&quot; shitlist, which I imagine is intended to block bots and DDoS attacks, but routinely ends up blocking _me_, too.So this afternoon I&#39;ll be going to Home Depot.
       
 (DIR) Post #AWciQ3ZmooeZw4nAq8 by shaun@mastodon.xyz
       2023-06-12T18:26:44Z
       
       0 likes, 0 repeats
       
       Speaking of the #Akamai shitlist, here it is blocking me from logging into #Walgreens pharmacy. If I retry a couple dozen times over the course of half an hour or so, eventually it&#39;ll let me in. Unlike Lowe&#39;s, I can browse the Walgreens site all I want; it&#39;s just POST requests that return a 403.I had the same problem with #Kroger for several years, but I think they finally wised up and quit using Akamai&#39;s WAF. I haven&#39;t encountered any trouble with their site in months.
       
 (DIR) Post #AWckjk15RzT8yM4l8K by shaun@mastodon.xyz
       2023-06-12T18:52:42Z
       
       0 likes, 0 repeats
       
       #Akamai has a handy tool where you can look up the reputation they&#39;ve associated with your IP address. I do this every time I wind up on their shitlist, but it always tells me I&#39;m good to go.If some behavior or activity coming out of my network is tripping alarms at Akamai (they give some obvious examples of suspicious and/or undesirable traffic), that&#39;s not evinced here. Or anywhere.
       
 (DIR) Post #AWclUmIyl8PvgGsDrc by shaun@mastodon.xyz
       2023-06-12T19:01:11Z
       
       0 likes, 0 repeats
       
       Of course, the most frustrating thing about all of this is that Akamai says &quot;we aren&#39;t blocking you, our client is blocking you; talk to them.&quot; With which there are two problems.One, this only occurs on Akamai-hosted sites. Akamai may not be doing the blocking, but clearly there&#39;s some list of IPs, heuristics, or whatever, that&#39;s being *maintained* by Akamai, and is being enabled by Akamai&#39;s clients.Two, good luck trying to reach someone at Walgreens or Lowe&#39;s to explain any of this.
       
 (DIR) Post #AWclsFFlITNa7dYhM0 by shaun@mastodon.xyz
       2023-06-12T19:05:26Z
       
       0 likes, 0 repeats
       
       Here&#39;s a post from Mozilla&#39;s bugzilla showing how that goes (not my bug, nor my comment). Walgreens support told this person that their website was working just fine, and the &quot;server&quot; generating the Akamai 403 errors was in fact the user&#39;s own computer. Heh.Anyway, off to Home Depot.
       
 (DIR) Post #AWdVbzDfjoUxeWlaTY by hdm@infosec.exchange
       2023-06-13T03:37:54Z
       
       0 likes, 0 repeats
       
       @shaun  this drove me nuts when I was doing external pentests; even manual testing of a customer site led to my NAT IP being put into a semi-permanent ban across dozens of large companies. It was easier to use a VPN then find a way to rotate home IPs after every test.Akamai blaming the customer for opting into a reputation filter seemed like dirty pool (since they manage that filter list). What’s the tag for “families of pen testers hate this one weird issue”
       
 (DIR) Post #AWdVqu6D3d9E7FOBlY by 0x00string@infosec.exchange
       2023-06-13T03:40:37Z
       
       0 likes, 0 repeats
       
       @shaun i get that fucking bullshit from every akamai and cloudflare fronted website when im using an adblocker.