Thomas Strömberg
Thomas Strömberg
See the currently ported queries as a template to use: * https://github.com/chainguard-dev/osquery-defense-kit/blob/main/detection/c2/unexpected-icmp-socket-events.sql * https://github.com/chainguard-dev/osquery-defense-kit/blob/main/detection/c2/unexpected-dns-traffic-events.sql
See the currently ported queries as a template to use: * https://github.com/chainguard-dev/osquery-defense-kit/blob/main/detection/c2/unexpected-icmp-socket-events.sql * https://github.com/chainguard-dev/osquery-defense-kit/blob/main/detection/c2/unexpected-dns-traffic-events.sql
Eek! This bug is an accidental DoS attack in the making.
Brought up in the Triage meeting. Folks seem open to the idea, as `boots` as a name does becoming confusing in conversation. If anyone is interested in taking this on,...
I noticed that https://github.com/ipxe/ipxe/pull/116 was merged. I believe this should be fixable by simply upgrading which version of ipxe we use.
Can someone identify which line in boots is responsible for the fetching that is missing retry? It would help the person who might want to take this issue on.
If it helps, I've had good luck with using this library for exponential backoff+jitter, and have seen it used elsewhere in Tinkerbell (tink?): https://pkg.go.dev/github.com/cenkalti/backoff/v4
Just an update to say that I personally like this idea and feel like it will make Tinkerbell much more user-friendly.
PR overall looks good - is it just stuck on there being a failing test?
Can we merge this?