cat brain.log | less » dns

Securing Your Internet Traffic on a Public Network

Paul — Mon, 13 Dec 2010 00:06:53 +0000

I was on a public WiFi hotspot and was worried about someone sniffing my passwords with firesheep. I went in search of a howto that would teach allow me to tunnel browser traffic to my secure home network over SSH. What I found was How To Tunnel Traffic With SSH. It is the easiest and one of the more straight-forward tunneling approaches. It requires Firefox, a secure remote server running ssh, and the putty client.

The long and short of it is to set up a local SOCKS5 proxy with putty. Simply open up putty, go to Connection>SSH>Tunnels. Add a new forwarded port (say 1080), make it dynamic, then hit add. Now log in to your remote machine and you have a local SOCKS5 proxy running on port 1080. You can then point your browser to use this proxy for all your web traffic.

The link also mentions how to make Firefox tunnel DNS requests for added security, but I won’t go into that.

Happy safe browsing!

When a Domain is Blocked by Filtering Software

Paul — Wed, 11 Aug 2010 01:17:04 +0000

Can’t access your favorite websites because some stupid ISP or access point is using DNS-level filtering?

Set your DNS to use Google’s DNS:
8.8.8.8 and 8.8.4.4

Then flush the existing DNS cache and register the new DNS.

In Windows 7, you’ll need elevated privileges to changes to the DNS. Make sure you start cmd.exe as Administrator.

Press the window Key
Type “cmd”
Right click the cmd.exe that’s found.
Select “Run as administrator”
Type ipconfig /flushdns
Then type ipconfig /registerdns

Now you’re free to roam the internet.

Static IP with DHCP-Assigned DNS on Ubuntu 9.10

Paul — Thu, 03 Dec 2009 20:05:08 +0000

There is a ton of bug reports regarding the Network-Manager’s nm-applet not properly configuring static ips. There are, and always have been, bugs in the nm-applet, in each of its versions. In short, getting a static ip with dhcp assigned DNS parameters requires editing the /etc/dhcp3/dhclient.conf file. Here we go.

sudo vi /etc/dhcp3/dhclient.conf

>>
alias {
  interface "eth0";
  fixed-address 192.168.1.101;
  option subnet-mask 255.255.255.255;
}
<<

sudo dhclient -r
sudo dhclient

EDIT FOR Ubuntu Server 11.04 (Reference)

$ sudo vi /etc/network/interfaces
Append the following configuration:

auto eth0:0
iface eth0:0 inet static
address 192.168.1.101
netmask 255.255.255.0
broadcast 192.168.1.255
network 192.168.1.0

$ sudo /etc/init.d/networking restart

MySQL DNS Caching

Paul — Tue, 23 Dec 2008 11:09:29 +0000

On December 12, 2008, SCCOOS metadata system was broken. The error was cryptic, but the message was clear: Connection to [IP] denied.

Resolution

Using the MySQL command-line tool:
mysql -u admin -p [-h ] [-P ] mysql> flush hosts;

That’s it!

Chain of Events

UCSD’s DNS was polluted, identifying 132.239.123.144 as ridge2000.org for the past few weeks.
Sandbar was restarted last week, freeing up both the OS and MySQL DNS caches, which meant all new connections will need to query a DNS server to identify whether it’s an allowed machine or not (do you see a security vulnerability?).
Both the OS and MySQL cached the hostname, but MySQL further rejected all connections from alfredo because MySQL thought that alfredo was ridge2000 instead.
The mysql database, user table identifies user sccoos can connect to sandbar from alfredo.ucsd.edu.
The OS cache probably cleared, but since so few machines access sandbar, the MySQL cache hadn’t filled up yet.
Just last night (2008-12-22), the UCSD DNS purged the ridge2000.org name from its list, so UCSD’s DNS is clean, but any caches may still be polluted.

Windows machines cycle their caches regularly, so the problem isn’t more wide-spread or commonly understood.
The long-lasting MySQL DNS cache is disturbing, but alternatives would cripple the imperative nature of a database.