The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming

    20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now

    20140424-Windows-7-free-disk-space

    More Photos
  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,722 other followers

Archive for March 6th, 2017

Generate Mozilla Security Recommended Web Server Configuration Files

Posted by jpluimers on 2017/03/06

In case you manually want to configure or have a web-server that’s not supported by certbot for letsencrypt (yet): Generate Mozilla Security Recommended Web Server Configuration Files.

At the time of writing, these were supported by the generator (* were not supported by certbot for letsencrypt yet):

–jeroen

via: Feature request: admin web interface over HTTPS · Issue #630 · pi-hole/pi-hole

Posted in *nix, *nix-tools, Apache2, Encryption, Let's Encrypt (letsencrypt/certbot), Power User, Security | Leave a Comment »

Getting the IP addresses of gmail MX servers – via Super User – dig isn’t enough

Posted by jpluimers on 2017/03/06

I needed the current IP-addresses of the gmail MX server (don’t ask the details; but it has to do with the brain-dead TP-LINK ER5120 configuration possibilities).

This is the command I finally used:

dig @8.8.8.8 +short MX gmail.com | sed "s/^[0-9]* //g" | sed "s/.$//" | xargs -I {} dig @8.8.8.8 +short {} | uniq | sort

Basically it’s a three stage sequence which had to work on OS X as well as Linux using a bash shell:

  1. Use the Google DNS servers (either 8.8.8.8 or 8.8.4.4)
  2. Get the FQDNs of MX records of gmail.com which are the mail servers for GMail.
  3. Translate these in IPv4 addresses
  4. Filter into a distinct list (just in case entries are duplicate: they aren’t yet, but might be)

The basics of the above are about using dig to get short (or terse) answers with as little (but still to the point) information as possible.
Read the rest of this entry »

Posted in *nix, *nix-tools, Power User | Leave a Comment »

Trojans communicating through DNS: Cisco’s Talos Intelligence Group Blog: Covert Channels and Poor Decisions: The Tale of DNSMessenger

Posted by jpluimers on 2017/03/06

DNS traffic within corporate networks should also be considered a channel that an attacker can use to implement a fully functional, bidirectional C2 infrastructure.

Source: [WayBackCisco’s Talos Intelligence Group Blog: Covert Channels and Poor Decisions: The Tale of DNSMessenger

–jeroen

Posted in DNS, Internet, Power User, Security | Leave a Comment »

 
%d bloggers like this: