Using dig as a LLMNR or mDNS CLI lookup utility
Published:
I was looking for a LLMNR commandline lookup utility. Actually, dig
can do the job quite fine.
Published:
I was looking for a LLMNR commandline lookup utility. Actually, dig
can do the job quite fine.
Using SSH as a transport for your protocol
Published:
A comparison of the different solutions for using SSH2 as a secured transport for protocols/services/applications.
Published:
While looking at the OpenSSH ssh_config
manpage, I found the ProxyUseFdpass
configuration I did not know about. It is apparently not widely known or used.
Published:
A simple way to create IP over UDP tunnels using socat
.
Published:
In a previous post, I tried different solutions for tunnelling DNS over TLS. One of those solutions was using a dedicated DNS-over-UDP fake service replying to all queries with the truncate flag set: this was causing the stub resolvers to retry the query using a TCP-based virtual-circuit. This solution is interesting because it is dead simple (it fits in a few line of codes) but it is clearly a hack. Here, I am using a dedicated DNS forwarder aggregating all the incoming DNS-over-UDP requests over a single persistent TCP virtual-circuit.
Published:
The Broadband Forum as a lot of technical reports about the xDSL architecture but it is not so easy to find a good description of the global architecture. Those are ASCII-art protocol stack I inferred from those documents. What is in there may be wrong, feel free to correct me.
Published:
You might want to use an open recursive DNS servers if your ISP's DNS server is lying. However, if your network/ISP is intercepting all DNS requests, a standard open recursive DNS server won't help. You might have more luck by using an alternative port or by forcing the usage of TCP (use-vc
option in recent versions of glibc) but it might not work. Alternatively, you could want to talk to a (trusted) remote recursive DNS server over secure channel such as TLS: by using DNS over TLS over TCP port 443 (the HTTP/TLS port), you should be able to avoid most filtering between you and the recursive server.
Page 2 of 2 | Previous page | Next page | JSON Feed | Atom Feed