Returning from My Hiatus (hopefully 😅) & Introducing Hugo

It’s been a while (yes I said it many times). There is no denying that the activity on the blog has dwindled since 2019 (in fact, the last post with anything of essence was posted in Feb 16, 2019), and the 3 blog posts that follows are entirely “service updates” where I changed stuff around the blog. This blog post is in fact not that much different - except I would like to pick up blogging again.

How to Setup MulVAL in 2023

The year is 2023. There’s no denying that the technology has advanced a lot since, say 2015, but unfortunately as a researcher in the academia, I sometimes run into messy stuff. Such is the topic of today’s blog post. (As of writing) MulVAL is still the gold standard in terms of attack tree generation and analysis, and it is frequently cited by security-inclined papers. Unfortunately the code was written in 2015, and after years of upstream system and software changes, the current version won’t compile on a modern Linux system (and no prebuilt binary is provided).

Transitioning to Amazon S3 + CloudFront Media Delivery

Update on April 25, 2023: After the transitioning to the Hugo platform, it is no longer convenient to upload pictures to S3. I will keep exploring options to host images on S3, but for time being images will be served locally. Look at the above image. This might appear to be an ordinary GUNPLA picture, but notice the URL it’s coming from (media.kazumi.blog)… Yup, after a (whole night’s) preparation and work, the blog is finally using the Amazon S3 for media storage.

Blog visual and usability updates

I am excited to announce that after an afternoon’s hard work, the blog sees significant improvement in terms of speed – after clearing cache, the DOMContentLoaded time went from 8.45 secs to 1.06 secs (an 87.4% decrease). In other words, the blog should now be much snappier and everything should show up within a second. Also, I will be using Kratos this time forward, which should remove distractions. Hope you can like it!

WordPress Database Constantly Crashing? XML-RPC Attacks Likely to Blame

If your WordPress installation has been running fine for a long time and suddenly seeing DB errors such as “Error connecting to database”, your website might be a victim of XML-RPC attacks. Usually assailants can just utilize brute force attacks and bring down the website. You can simply disable XML-RPC features to stop such attacks.