Production has a very specific kind of silence. It’s not the calm silence of a system that’s healthy. It’s the suspicious silence of a system that hasn’t complained yet. Nginx still serves pages. Your API still returns 200. The business dashboard looks green enough to lull everyone into optimism. But you can feel it, response… Continue reading
Ketika demokrasi diparkir rapi, dan “magis”, dan akhirnya tidak pernah sampai ke meja pemilihan. Saya kebetulan alumni Kolese Gonzaga angkatan delapan (8), yang lulus tahun 1997. Kalau kalimat itu saya tulis di awal, itu bukan sekadar penanda umur dan generasi, lebih seperti “alamat batin”, karena Gonzaga (dan tradisi Jesuit yang jadi fondasinya) meninggalkan semacam sidik… Continue reading
Overview At 02:04:43 UTC, 7 November 2025, our Wazuh SIEM raised a critical level-15 alert, Rule 31168, “Shellshock attack detected” This alert originated from an Nginx access log on agent, proxy-sg2-deb-12-pro-proxy-xxxx (IP 1xx.xxx.xxx.xxx). The source of the request was 193.26.115.195 (Netherlands). Wazuh immediately identified the payload as an active Shellshock exploit attempt (CVE-2014-6271). But here’s… Continue reading