GNU/Linux host name resolution

computer network dns system linux

This post describes different software components involved in host name resolutions and DNS configuration on GNU/Linux systems. It consists of a diagram and some accompanying explanations. The goal is to give some pointers and references to understand how to troubleshoot host name/DNS resolution problems and configuration problems on GNU/Linux systems.

Read more…

Systemd-resolved DNS configuration for VPN

computer vpn dns systemd covid-19

Some guidance about configuring/fixing domain name resolution with a corporate VPN (especially OpenVPN) with systemd-based Linux systems. This configuration uses the internal/private corporate resolvers for resolving internal/private domain names while using the ISP resolver for general domain names. This might help if your VPN is struggling these days because of the COVID-19 threat 😷.

Read more…

Using dig as a LLMNR or mDNS CLI Lookup utility

computer network dns

I was looking for a LLMNR commandline lookup utility. Actually, dig can do the job quite fine.

Read more…

Surprising shell pathname expansion

computer unix shell

I thought I was understanding pretty well how bash argument processing and various expansions is supposed to behave. Apparently, there are still subtleties which tricks me, sometimes.

Read more…

Remote Code Execution via Cross Site Request Forgery in InternetCube and YunoHost

computer web security yunohost csrf

How I found remote code execution vulnerabilities via Cross Site Request Forgery (CSRF) on the administration interfaces of InternetCube applications and of the YunoHost administration interface which would have been used to execute arbitrary code as root. These vulnerabilities were fixed in YunoHost 3.3, OpenVPN Client app 1.3.0. and YunoHost 3.4.

Read more…

My document generation workflow with Markdown, YAML, Jinja2 and WeasyPrint

computer python

Here's the workflow I'm using to generate simple text documents (resume, cover letters, etc.) from Markdown, YAML and Jinja2 templates.

Read more…

IP address spoofing in order to watch South Park

computer web hack firefox

Trying to bring back some old IP spoofing Firefox extension for watching South Park episodes.

Read more…

More example of argument and shell command injections in browser invocation

computer unix debian security shell

In the previous episode, I talked about some argument and shell command injections vulnerabilities through URIs passed to browsers. Here I'm checkig some other CVEs which were registered at the same time.

Read more…

Page 1 of 6 | | Next page | JSON Feed | Atom Feed