Centroid.EU Blog
(this blog is mostly encrypted - adults only)
|
Previous Page
September 23rd, 2009
As some of you may know I'm the author of the Wildcard DNS server. I read
the
following words from Nominum:
"Open Source DNS a Recipe for Problems".
And I have to disagree to this somewhat. But when looking at my own meagre
DNS server, there is a few areas of concern. First, my server wasn't meant
to be put on the Internet when I first wrote it close to four years ago, but
it's functionality allowed it to be run as an authoritative nameserver.
I have been serving the centroid.eu zone with it and continually studying
the logs of it and I'm happy to report that my server was never killed from
remote, I never had to restart the server. I'm surprised that it works out
to be fairly stable.
Wildcard DNS was and is a research project and while I'm at it I'm sharing
the source of it. Whoever wants to use it should know the license. The
license (BSD license) protects me as the author of the program from being
sued by someone who may get damaged by using this DNS server. There is
some risk using this software, but I personally am pretty happy. Writing
a DNS server isn't easy, but when you do you learn a lot. How the DNS
protocol is utterly broken (by using 16 bit ID's), for example. Nominum
can't get around the 16 bit ID problem, it's a protocol problem.
So anyhow, I'm in the process of adding new functionality to Wildcard DNS
that no other open source nameserver has, and I'm looking forward in seeing
it run and experiment with it. When it turns out to work pretty well the
functionality can be put into other nameservers at their will.
If you ask me Nominum just wants a bigger chunk of the monopoly that BIND
used to have and now are on a warpath to be the dominant dns server.
Good for them, and good luck.
0 comments
Happy Equinox
September 22nd, 2009
Today is the equinox. The
sun sets at the North Pole and rises at the South Pole. Also night should be
as long as day.
0 comments
Random Hackepedia
September 19th, 2009
A process covers the entire address space for the size of a pointer (32 bit in 32 bit architectures, 64 bit for 64 bit architectures). Since virtual memory is being used not all areas of a process has real memory assigned to it and only some parts (access to parts that have no memory results in a SIGSEGV signal and the process is killed)...
To read more about heap,
click on link.
0 comments
Random Hackepedia
September 12th, 2009
A Firewall is part of an Operating System's networking stack that allows one to create policies for network traffic, and permit or deny that traffic accordingly...
To read more about firewalls
, click on the link.
0 comments
Planet of the Users (OpenBSD song)
September 8th, 2009
Today the new OpenBSD song
came out for OpenBSD 4.6. The song is
inspired by the movie "Planet of the Apes", where in the future Puffy flies
to our planet in a timemachine. As he lands he sees a world that is evil.
People have their arms surgically removed at birth and have a screen before
their eyes to see, probably to take them out of their misery. Personal
robots do all tasks that arms would have done. Puffy gets caught after
someone identifies him as a hacker, but then escapes after turning the
warden fish's display off (who by the way sees him as a woman in a bikini).
The story reminds me of a brainstorm I had in my old apartment where people
get their limbs removed in order to program for a slave driver. Can't run
away if you got no legs.
Puffy says "stop this future", and I agree, we don't need limbless people that
would otherwise have healthy limbs. Down with slavery!
0 comments
Identifying OS by TTL
September 7th, 2009
By default BSD and Linux systems have a TTL of 64. Windows systems have a
default TTL of 128. Given that information one can with some certainty say
what OS did a DNS lookup on a
wildcarddns DNS server. It requires logging turned on and evaluating
the log with AWK.
Here is a small shell script:
grep wild /var/log/all | grep ttl | grep -v "ttl=0" |
awk '{split($14,a, "="); split(a[2], b, ")"); print b[1]; }'|\
sort | uniq -c | \
awk 'BEGIN { printf("DNS lookups per operating system\n"); } {if ($2 > 64) { if
($2 > 128) hash["unknown"] += $1; else hash["windows"] += $1;} else hash["unix"]
+= $1; } END { for (i in hash) { printf("%10-s - %s lookups\n", i, hash[i]);} }
'
The output looks somewhat like this:
DNS lookups per operating system
unknown - 11 lookups
windows - 90 lookups
unix - 242 lookups
Unknown OS is anything over a TTL of 128 (probably with a default ttl of 255).
Here are some TTL's of default systems:
setebos$ uname -a
OpenBSD setebos.solarscale.de 4.5 GENERIC#0 i386
setebos$ sysctl -a | grep ttl
net.inet.ip.ttl=64
# uname -a
SunOS sycorax 5.10 Generic_137138-09 i86pc i386 i86pc
# ndd /dev/ip ip_def_ttl
255
# ndd /dev/udp udp_ipv4_ttl
255
[pjp@uranus ~]$ uname -a
Linux uranus.centroid.eu 2.6.18-92.1.13.el5 #1 SMP ... cut
[pjp@uranus ~]$ cat /proc/sys/net/ipv4/ip_default_ttl
64
So unknown can be changed to solaris.
0 comments
Schneier's new crypto book
September 5th, 2009
Bruce Schneier announces
a new book called "cryptography engineering" which is a sequel to
"practical cryptography". I think I'm gonna buy this new book since I have
another book of his called "applied cryptography" and it was a nice to have.
0 comments
Random Hackepedia
September 5th, 2009
A system call is an API for a userland process to communicate with the kernel to request data or services outside of it's protected memory...
To read more about system calls go to hackepedia.
0 comments
Wildcarddns feature
August 31st, 2009
I've improved the code on
wildcarddnsd so that it grabs the incoming ttl and displays it in the
logs. Eventually I want to make it so that the dns server closest to an
IP will reply. This requires some coding with sockets between two or more
wildcarddns servers and allowing it to get the TTL is just a small step.
How long it'll be before done I don't know, don't get your hopes up too
high on it, unless you want to do some work and contribute.
0 comments
Next Page
|
Search
RSS Feed
Click here for RSS
On this day in
Other links
Have feedback?
By clicking on the header of an article you will be
served a cookie. If you do not agree to this do not
click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries
November, 2023
October, 2023
September, 2023
August, 2023
July, 2023
June, 2023
May, 2023
April, 2023
March, 2023
February, 2023
January, 2023
December, 2022
November, 2022
October, 2022
September, 2022
August, 2022
July, 2022
June, 2022
May, 2022
April, 2022
March, 2022
February, 2022
January, 2022
December, 2021
November, 2021
October, 2021
September, 2021
March, 2021
February, 2021
January, 2021
December, 2020
November, 2020
October, 2020
September, 2020
August, 2020
July, 2020
June, 2020
May, 2020
April, 2020
March, 2020
February, 2020
January, 2020
December, 2019
November, 2019
October, 2019
September, 2019
August, 2019
July, 2019
June, 2019
May, 2019
April, 2019
March, 2019
February, 2019
January, 2019
December, 2018
November, 2018
October, 2018
September, 2018
August, 2018
July, 2018
June, 2018
May, 2018
April, 2018
March, 2018
February, 2018
January, 2018
December, 2017
November, 2017
October, 2017
September, 2017
August, 2017
July, 2017
June, 2017
May, 2017
April, 2017
March, 2017
February, 2017
January, 2017
December, 2016
November, 2016
October, 2016
September, 2016
August, 2016
July, 2016
June, 2016
May, 2016
April, 2016
March, 2016
February, 2016
January, 2016
December, 2015
November, 2015
October, 2015
September, 2015
August, 2015
July, 2015
June, 2015
May, 2015
April, 2015
March, 2015
February, 2015
January, 2015
December, 2014
November, 2014
October, 2014
September, 2014
August, 2014
July, 2014
June, 2014
May, 2014
April, 2014
March, 2014
February, 2014
January, 2014
December, 2013
November, 2013
October, 2013
September, 2013
August, 2013
July, 2013
June, 2013
May, 2013
April, 2013
March, 2013
February, 2013
January, 2013
December, 2012
November, 2012
October, 2012
September, 2012
August, 2012
July, 2012
June, 2012
May, 2012
April, 2012
March, 2012
February, 2012
January, 2012
December, 2011
November, 2011
October, 2011
September, 2011
August, 2011
July, 2011
June, 2011
May, 2011
April, 2011
March, 2011
February, 2011
January, 2011
December, 2010
November, 2010
October, 2010
September, 2010
August, 2010
July, 2010
June, 2010
May, 2010
April, 2010
March, 2010
February, 2010
January, 2010
December, 2009
November, 2009
October, 2009
September, 2009
August, 2009
July, 2009
June, 2009
May, 2009
Powered by BCHS
|