I literally laughed out loud

Got a phone interview for a backend dev job in an opsec company.

Interviewer:
This is a very serious and prestigious position, we take care of the most important bits of code.

*Proceeds to talk introductory nonsense*

Interviewer:
Do you know what a DNS is?

Me:
Yes, of course! DNS stands for Domain Name System.... Blah blah blah... I explain about the servers, about hosts file, about DNS spoofing and everything else possible on this topic.

Interviewer:
See, I was patient with you - letting you finish. I'm not sure what you're talking about and where you got it from, but a DNS is that line in the browser where you type the site's name.

He didn't ask any more questions, just told me that they'll get back to me. I asked not to do that.

Three weeks later I got an email claiming that I'm not qualified.

Told us to use facebook or google drive to share code instead of git

Did you know 8.8.8.8 has a TXT Record to xkcd?

The DNS server I'm writing in PHP (largely taken from another project) is starting to work!

Next to just blocking queries it logs every blocked query so I can have stats :3

A little terminal output:

I’ll tell you a DNS joke but be advised, it could take up to 24 hours for everyone to get it.

I’ll tell you a DNS joke but be advised, it could take up to 24 hours for everyone to get it.

Clearly Mozilla is the villain here for prioritising privacy and personal freedom over censorship, control, and surveillance. Oh, our parental controls don't work! WON'T SOMEBODY THINK OF THE CHILDREN! wtf

Turkish protesters against government trying shutting down social networks

I don't use Google/Facebook for privacy reasons (and their sub-services etc). Haven't used them for ages but noticed that google still loads a lot of domains like analytics etc. This goes for facebook as well.

I now blocked a lot of google/facebook domains through my hosts file.

It's funny to see the amount of DNS requests to those fb/google connected domains nearly go to zero and also the fact that I literally can't load google/facebook anymore!

It's the biggest satisfaction to know that Wix means wank in German!
"why not do it yourself" just adds to it.

Last september:
I get an email from a customer who want to end the contract. I inform him that the contract runs to the end of March and it will be terminated the last of march.

Customer agrees and I do not hear a word from him. Until now when I closed down all his services.

Angry email:
Why did you close the server and email? are you **** stupid!?

I reply:
21/9 2016, you wanted to terminate all services you had with us. That means that your domains, DNS-services, VPS, email and Office 365 was going to be closed today.

Why is this not uncommon?!

Thanks Google...

I often think in if statements ..

I'm a week into my new job right now. What do I love the most about it?

Learning things all day long and getting paid for it!

I'm learning about hosting things, DNS, cyber security, configurations, Linux (although my current skill set with Linux has been enough for now) and so on!

Hell, easy day today (not that many tickets) so decided to start learning Ansible! Next to that I've gotta learn vim (it just autocorrected that to cum.... O.o), work with hosting panels, mail stuffs (dns, debugging etc etc) and so fucking on.

The boss hasn't been at location yet which will happen tomorrow but he seemed like a very chill guy.

I love this!

Soms week ago a client came to me with the request to restructure the nameservers for his hosting company. Due to the requirements, I soon realised none of the existing DNS servers would be a perfect fit. Me, being a PHP programmer with some decent general linux/server skills decided to do what I do best: write a small nameservers which could execute the zone transfers... in PHP. I proposed the plan to the client and explained to him how this was going to solve all of his problems. He agreed and started worked.

After a few week of reading a dozen RFC documents on the DNS protocol I wrote a DNS library capable of reading/writing the master file format and reading/writing the binary wire format (we needed this anyway, we had some more projects where PHP did not provide is with enough control over the DNS queries). In short, I wrote a decent DNS resolver.

Another two weeks I was working on the actual DNS server which would handle the NOTIFY queries and execute the zone transfers (AXFR queries). I used the pthreads extension to make the server behave like an actual server which can handle multiple request at once. It took some time (in my opinion the pthreads extension is not extremely well documented and a lot of its behavior has to be detected through trail and error, or, reading the C source code. However, it still is a pretty decent extension.)

Yesterday, while debugging some last issues, the DNS server written in PHP received its first NOTIFY about a changed DNS zone. It executed the zone transfer and updated the real database of the actual primary DNS server. I was extremely euphoric and I began to realise what I wrote in the weeks before. I shared the good news the client and with some other people (a network engineer, a server administrator, a junior programmer, etc.). None of which really seemed to understand what I did. The most positive response was: "So, you can execute a zone transfer?", in a kind of condescending way.

This was one of those moments I realised again, most of the people, even those who are fairly technical, will never understand what we programmers do. My euphoric moment soon became a moment of loneliness...

Half a week later I finally found out why my DNS server "wasn't working" on any of my servers.

Let's just say that MullVad's anti-dns leaking technology works extremely well.

It was tunneling all DNS requests through its own servers to prevent DNS leaks and I never thought of it a single fucking time!

😅

Have been working on a frontend with actual stats for the DNS server I'm building. This is the result so far (real stats, red blocked domains are marked by me (in redis) as surveillance domains), thoughts?menu

It's never enough, is it?

I was going to write a simple dns server/proxy/firewallish thingy in php.

That's working. I'm adding a dashboard and api now 😅

*sets up BIND DNS server*

Domain name system..? Domain? As if it wants me to know my place on the internet?!! THAT'S SO OFFENSIVE!!! Change the name right now!!!

BIND? For real, a BDSM reference?! How sexualizing can you white cis males be?!! SO OFFENSIVE!!!

In the /etc/bind/named.conf.local I have to fill in a master type? MASTER??
🅼🅰🆂🆃🅴🆁???

🆂🅾 🅳🅰🅼🅽 🅾🅵🅵🅴🅽🆂🅸🅱🅴

Clearly technology is part of the patriarchy. I can't use DNS like this. Now where's my contributor's covenant?!

I never expected this, but some mofo seems to have defaced linux.org. DNS takeover I guess? 🙈

I live in the terminal. I write lots of scripts (Shell, Python, node js) to automate tasks that would take hours to do by my teammates. Recently, I started automating everything that I put my hands on using Ansile: from pointing DNS server to continuons deployment, provisionning a fully customized infrastructure on the cloud using just a single command!

This is because automation gives you super power, the feeling that what you do help tl increase the productivity, reduce bugs etc.. Simply, once mastered, automation is ausome!

I get a call: "Hey the site is down. Fix it!"
Worked on my workstation, not on my phone => DNS issue.

Local cache: "All OK"
ISP's DNS: "No record"
Google DNS: "Server error"
MXToolbox: "All OK"
CloudFlare DNS: "Domain? What domain?"

After a day of fucking around with configs and wanting to strangle the customer support guy, I just started pressing buttons, until suddenly, it worked. Turns out I'd accidentally enabled DNSSEC on a domain, that wasn't configured for it.

Lesson learned: There is no official DNS error code for "DNSSEC failed somewhere upstream". If you're lucky, you might get something useful out of the authoritative server, but apparently not on Mondays.

Weekend so far:

Chrome Update FUCKED UP my website.

Tried to update my server to Ubuntu 16.04. That FUCKED UP in the middle and I didn't have any recent backup.

Went back to old backup. But didn't see any changes in the website. Was wondering that for 1 hour.

Forgot that my website was using cloudflare caching. In the meantime I have changed my DNS settings.

Out of frustration removed website from cloudflare. That FUCKED UP the DNS further.

Now I have no idea how long it will take the DNS to update.

FUCKING F M L

Every job description out there:
" JUNIOR XY position.
Requirements: 50 years experience of Assembly, Java and Masonry, HTML, cloud based computing and artificial intelligence. Must be able to write algorithms like Hummingbird. Fluent in English, Mandarin and Latin. Must have five doctor and two Bachelor degrees. Experience in leading a Fortune 500 company benefitial.
Renumeration: 5 rice grains"

A: dns record.
AA: batery
AAA: batery
AAAA: dns record

Something is not working with PTR DNS records right now.

It's getting really frustrating and I'm starting to DuckDuckGo the issue.

Just noticed that I typed this:

"how to setup a fucking ptr record".

I didn't type the 'fucking' intentionally.

😆😅

It's funny to see when certain stuff works without realizing it.

I've got multiple vpn servers and whenever I connect to one it sets my DNS to my pihole's one (hosted on one of my dedicated servers).

I keep forgetting to change my search engine to duckduckgo and no matter what I search for, no page is/was loading and manually have/had to go to duckduckgo.

Then I suddenly realized: the pihole has blacklisted Google so I literally can't connect to google.com/nl!

Awesome 😊

"hi, we have some dns records we'd like to change, they're in the attachment. Could you send a message when it's done? Thanks in advance!"

No, fuck off. Fucking cunts.

Fucking crunchyroll hardcodes their access tokens in a Constants Class in their APK, technically that is a security issue.

What the actual fuck Crunchyroll!? No fucking wonder you got DNS Hijacked so quick, security is literally your second priority you dumbed down twats, get some real devs and some real QAs for fucking god sakes, you're tearing down your own system by inviting exploits.

It's very satisfying to setup Pi-Hole on a vps, point your dns to it, adding the words Facebook and Google to the wildcard blacklist and seeing that literally any request containing either one of those words gets blocked.

On the other hand, it's funny to see that devRant (devrantron) performs around 1k+ requests to devRant every 15 minutes.

1.1.1.1
OR
8.8.8.8
🤔

This tiny project is awesome. Thanks to @JoshBent (who partly got it from another repo as well) for providing a basic DNS server with hardcoded blacklisting functionality and thanks to @PerfectAsshole for correcting my mysql syntax I was stuck on for way too long.

I've now got this fucker to read blacklisted words from a redis list into an array which checks every requested domain to see if it matches. If yes, it proxies it through to another DNS server and if not, it'll log the requested domain to a mysql database and prints is as blocked onto the terminal.

If the domain matches any host from a service known to be integrated within a mass surveillance network, it also prints this out to thy terminal.

It's working yay! Gonna keep working on it today.

Have multiple and some server related but hereby:

I forcefully quit php on the server I use for devRant related stuffs because I wanted to quit the bakgrounded php process I had running for the dns proxy thingy since I somehow couldn't find the pid.

Two days later I noticed that none of my sites on that server where running anymore and started looking at nginx error logs.

It took me way too long to figure out that I had PHP-FPM installed which runs as a service and by forcefully quitting php the other day.... Yeah, you get it I think.

Started the process again and remembered that one 😅

When I'm on call and its weekend, I'm often a little nervous the entire weekend and time seems to go slow.

Programming on the dns proxy/firewall now and time is suddenly going quite faster.

This is a damn relieve.

What is a domain name system doing in a hospital..!
And, it has its own office too..!

You can fuck up dns records in 1 seconds but to unfuck it up takes ages 😒😒😒😒

Started working on a pihole alternative a while ago.

I like pihole a lot but one of the features I am missing is to be able to define a list of mass surveillance related domains (Snowden leaks; PRISM program and such) and show statistics based on dns queries containing blacklisted domains, prases/words and surveillance-related domains/words (google/facebook/microsoft/apple etc).

Started working on one based on an existing (php based) dns server which is open source and slowly but surely developed something which worked.
Then, I found out that the php resolving function (dns resolving) uses the system default, which can, of course, be google's dns as well. Changing this would be ideal but while the documentation suggested that it could be done some way, it didn't work for me so I chose a library which can do it with specific dns servers (to use as external dns servers).
This library used a different way of showing the retrieved dns query results and really wasn't in for converting everything by hand so i kinda quit the project a while ago.

A few days ago I thought fuck it and started again.
Now have a working version based on the new dns resolving library and made some other good improvements.

For those who are wondering why I chose PHP for this: why the fuck not?

Happy happy happy.

In my company we have a weekly meeting for the Tech deparment, so today the IT Director (my direct manager) was describing an issue we are experiencing with our DNS, and he asked

"What we should do with our DNS?"

Instantly I said out loud:

"Resolve them"

Behold this gem I found at a local super market back in July!

Christmas-rant:

So I'm having a nice dinner with my in-laws when one of them turns to me: "So, what I want is a website with a link on it to another website, you can do this right?". Seems overly complicated to achieve this result, I know, but she had a fair reason for it. So, I start walking her through what she would need for it. "First thing, let's buy a domain name." "I have to buy these??! I don't believe you, I know people that did not pay for this!" "Well, that's technically impossible except for certain subdomains", I respond politely. "No, I don't believe you!"

So far my happy helping christmas mood.

Merry christmas y'all!

Best ad-blocking solution ?
Ad-block ?
FUCK NO !!!!
Pi-hole and modify ad-block filters to block only youtube ads !!
Now sites are not able to know that im blocking ads because pi-hole is DNS based and youtube doesnt care about it.

So I guess you could say Dyn users got Dynied service when their servers were ddossed...

Badum tiss...

I 'work' at a Minecraft server btw.

So here I am, 12 o clock, chatting with my friends, nothing weird here.

An employee of our hosting company sends me a message, because he knows we are hosting there. He asks us if we have changed our DNS for the server move. I was scared for a second, and asked 'what server move?'

He tells me that our server will be moved to "a better performing node". He told me that all server owners were alerted over email.

So here I am, 12:30 at night fixing my DNS settings and hoping that everything goes all right.

Damn, I hate it when people don't property communicate their maintenance dates with the rest of the team, does anyone relate?

If you need a break, just say the DNS changes are propagating.

Pro tip: never set custom script stuff related to dns server forcing things in a root firewall app if you don't know what you're doing.

How would I know? There's a slight chance that I just went offline for a few days (mobile only) to figure this shit out 😅

All fixed now, though!

I should build a free DNS service..

devDNS - A DNS over devRant service inspired by @1111resolve on twitter

- So let’s check if this DNS thingy does work
(4 hours later)
- it doesn’t

Fucking Gmail !!!! I hate you so much !!!

My mail server is fucking perfect, I have all the records in my DNS and even have a 10/10 score on mail-tester.com.
But this fucking Gmail keeps putting me the spam folder ! Why do you hate my so much ?

I like that with IPv6 addresses you can get creative 😆

DevRant makes me really proud how well developers can act together as a group. Makes me think what we could accomplish if we would take all the world's developers and programmers to one place and make our own country. Our currency will be devCoin. World domination follows shortly afterwards

Dear namecheap, I honestly love your service and prices but how in the hell can I see an ip address in the dig of a new domain (url shortener) which I never put or saw there and which doesn't even belong to any server I own/operate?!

DNS cache after the last chance of three days ago, nah, don't think so.

Fucking hell.

Fuck you OnePlus, fuck you.

Edit: I blocked open.oneplus.net in my DNS as well.

Am i the only one feeling the need for a facebook darktheme?

First lecture of computer networks. Let's shove all of these abbreviations with their meaning, and possibly a associated port number in one 1.5 hour lecture:

HTTP, HTTPS, FTP, FTPS, SFTP, TCP, IP, UDP, ISP, DSL, DNS, LAN, WLAN, WDM, P2P, TELNET, PGP, TLS, SSL, SSH, MIME, SMTP, POP3, IMAP, IANA, DHT, RTT, DHCP

I really feel sorry for students who didn't have previous knowledge about this stuff..

ALWAYS CHECK THE MX RECORDS WHEN CHANGING DNS 🌎🔥😭

Holy shit my server survived a DNS amplification attack!

I thought my iptables rules were not very effective, since I kept seeing 1-2 ANY requests getting through my pihole (only to be ignored by the upstream cloudflare server).
Turns out, they never actually *kicked in*, until now.

The craziest part is that one ip belongs to the Ministry of a country!! :O

Eat that, motherfuckers! God I love it when this shit actually works!

Feeling productive at a Sunday evening. Let's install a DNS server and a fucking mail server on two forgotten VPS's I am still paying for.

SO A-FUCKING-PPEARANTLY, THEIR WEB MANAGEMENT PANEL IS FUCKED UP SO I CANNOT REINSTALL MY MOTHERFUCKER VPS's. HOW FUCKING FUCKING FUCKING FUCKING DIFFICULT CAN IT BE.

How my lecturer drilled JS syntax into us:

Write this:
var x = document.element;
x.value = 10;

Instead of this:
document.element.value = 10;

His reasoning:
"You make the cake in the kitchen, you don't put icing on it on your way to present the cake"

That moment when you're finally getting your user registration and login system up and running!
As a web dev student I feel like I have accomplished something :)

My devGoals for 2019 are:

- Move DNS blocking from hosts file to a PiHole (or similar) at home

- Implement a full HAL for some smol microcontroller in C

- Create better automation templates for testing, building & deployment for our Angular projects

- Get rid of crippling depression

- Force my boss away from firebase and google tools in general

- Spread the love for CraftCMS

- Spread more love in general (with protection of course) 😄

I can't access Google anymore.

I am genuinely happy about this.

Okay, help :(

Trying to get my dns server in php to work from the outside (it's on a vm on one of my dedi's) but it's not working.

- Port forwarding works well: confirmed.
- Connection type: UDP; confirmed.
- I *can* dig from the host (dedicated server) to the vm.
- nmap scans show an open port.

The exact same happens on my local network.

I'm lost.

Had my pure PHP web app rejected on a market platform because I didn't use a framework..
BITCH IT WORKS PERFECTLY WITHOUT A FUCKING FRAMEWORK, IF YOU WOULD HAVE TESTED IT YOU WOULD HAVE SEEN THAT!

I was working on a website for a client and had asked for the login details for the DNS provider so I could update the records to point to the new host.

2 weeks went by with no reply then I got a text saying "Could you take a look at the site? Seems to be down". I explained that I was waiting for him to give me the login details and asked what site he was talking about.

He thought the staging site was the actual website, he was advertising the URL as his new website.

.htpasswd credentials and all.

I had no words.

Had a configure issue on a site running through CloudFlare hosted at WPEngine. Support on chat guy says "can I take a look at your setup" so I screenshot him! He says they're are new ways to point to WPEngine whilst using SSL so I say OK and he points me to a support article which seems accurate. He then says now I want you to change two records so I say ok (not thinking) which I do (stupidly)

Result site no longer reachable.

What do I do now? He says very seriously "you need to wait 24-48 hours for the DNS to propogate"

"Your joking it's a huge site with 20k visitors per day with advertisers on it"

"I'm sorry there is nothing I can do until the DNS YOU changed has propagated"

"I changed?" "Yes you changed the CloudFlare settings"

"You told me to!"

"Is there anything else I can help you with?"

> clicks Twitter shortcut
*dns probe failed*

"oh, is cloudflare dns down?"

> goes to cloudflarestatus.com
*dns probe failed*

"ah, right dns isn't working..."

StackOverflow is ruthless! You only have to breathe and you'll get downvoted!

Started part time job at a company, had to log my time on timesheets. Said fuck this and now the whole company logs their hours on a custom web based time logging system which I built.

Well, sure ... This might be a way of dealing with DNS issues ... for some people.

I'm in college and I'm renting a room. It has 100mb/s WiFi, so that's neat, but...
I just learned that the password for the router's admin panel is the default one. Ffs, why didn't they change it? They know I'm studying IT. Do they not realise just how much power this gives me? I can get a raspberry pi, set it up to act as a DNS and spy on everyone using this WiFi.
On the plus side, I also learned from that, that we are not limited to 2.4GHz, but we can also use 5GHz (although on a different SSID).

I hate handling DNS issues... every time I try to explain how DNS works, users come back even more confused.

So I was setting up my friend's NAS. Got everything worked in minutes (dns, port forwarding etc.). Enabled ftp connection tried it locally, working. Tried remotely, timed out...

After half an hour I was about to tear my hair out one by one when he suddenly said to wait a sec he knows what's the problem. Tapped two on his phone and suddenly, it's working.

THE FUCKING PHOTO UPLOADING FROM HIS PHONE TO THE CLOUD BLOCKED ALL INCOMING CONNECTIONS AND HE WAS AWARE OF THAT ALL ALONG. WHAT THE FUCK MAN, DO YOU ENJOY SEEING ME STRUGGLE?? That was literally an "I'm out" moment.

Wish me luck. I HAVE to launch 10 websites (yes, ten) this week and half if not all of the clients don't know their DNS accounts or log ins. I foresee a lot of long nights in my near future. Story of our life, right?

Lads, this DDoS attack on DYN is must be getting pretty bad, the Department of Homeland security just launched an emergency investigation into the source and apparently Amazon has started being interrupted

That moment you realize good guy Google lets you flush their public DNS.

What docker means:
Sorry pal, service names mustn't contain spaces

What docker says:
desc = name must be valid as a DNS component

Pihole, an adblocking DNS Server, Update log is awesome :'D

Daily reminder that github and gitlab still don't have ipv6 dns records

When the junior system administrator enters 9.9.9.9 instead of 8.8.8.8 as the name server

I asked my CS teacher why my institutions domain had only the www subdomain pointing to the webspace, but not also the second level domain itself. He then explained me that www is the *protocol* on the internet and it's necessary for the website to be accessible, and that pointing the SLD to the webspace in addition therefore wouldn't work.

How could I ever take him serious again? He's supposed to teach networking btw.

Our teacher just told us to share our code via drive or dropbox or something like that, and I was there like "hey ever heard of git?????"

Having an philosophy exam in less than six hours. It's 2 am. Laying in bed, thinking about that stupid DNS bug and how to fix it. I have 4 1/2 hours of sleep left - wish me luck ¯\_(ツ)_/¯

It’s not dns
There is no way it’s dns
.
.
.
.
.
.
.
.
.
.
.
it was dns

Well then, looks like my pihole attracted the attention of a botnet with 65 zombies attempting a large DNS amplification attack.
Time to unleash the BANHAMMER

Fun fact: only a few hundereds of their requests actually show up in the pihole logs. The other 40k+ requests they attempted were blocked by my firewall :D

Client asks to point their domain to a new 'squarespace' they just got, then call you bc they cannot access the admin console to their old site and 'it's so weird that all the requests are now going to squarespace !!'

We upgraded to Dyn Managed DNS last month, now we're down with the DDoS attack! If we didn't upgrade from their standard plan, we would be online still 😂

Ordered a Raspberry pi.
Excited to work on it.
Also ordered heat sink with it so as to make it 24/7

Till now I've thought to use as a cached DNS server+VPN client [and from it I'll share the incoming college WiFi to LAN (yes my college is finally getting WiFi for us in hostels)]+mopidy server with iris client

Give some more ideas.
Also, will the RPi be aple to work 24/7 without burning up if heat sink is installed?

TIP:

1.1.1.1: the fastest, privacy-first consumer DNS service

I switched to faster DNS,
And believe it or not, it improved my internet speed.

Just add this DNS and you're gonna experience faster browsing

DNS1: 1.1.1.1
DNS2: 1.0.0.1

comment below if you experience it.

The only time I actually open Safari is during those debugging moments when I hope that all other browsers have just given up on me.

While spending time with my girlfriend and son in Moscow, I tried to reach back to some recruiters on LinkedIn .. but there is no access from Russian dns!! I can't even make the app work!!

Next 3 days I' ll be working on moving our email server to new server because the old datacenter is closing down. Clients are pissed and they are fucking verbally bashing me left to right when I told them that their emails will be down since most of them host their own DNS.

I am fucked.

!rant

Just succesfully running DNS server on local network using raspi!!
Awesome

"It's not DNS
It is never DNS
It was DNS"

-Richard Campbell

Last night I had a panic attack and woke up in cold sweats because in the dream I had I was constantly using the wrong variables in the wrong places...

The best DNS service? Why?

As usual a rather clickbait title, because only the chrome extensions (as always) seem to be vulnerable:

"Warning – 3 Popular VPN Services Are Leaking Your IP Address"

"Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data."

"VPN Mentor revealed that three popular VPN service providers—HotSpot Shield, PureVPN, and Zenmate"

"PureVPN is the same company who lied to have a 'no log' policy, but a few months ago helped the FBI with logs that lead to the arrest of a Massachusetts man in a cyberstalking case."

"Hijack all traffic (CVE-2018-7879) "
"DNS leak (CVE-2018-7878)"
"Real IP Address leak (CVE-2018-7880)"

Last Sunday, we deployed 300 major application/service configuration changes, 60+ load balancer changes, DNS cutovers, changes to mission critical SQL servers, and informatica connection changes. This impacted every line of business, all customer facing apps, and all internal apps.

6 days from DEV to PROD, which includes all developer effort.

Deployment succesful!

The best thing about perl is it doesn't care about errors and really tries to do what you ask, without throwing exceptions.
The worst? It does exactly what you ask, no matter how insane.
Typed $arri[ $0 ] instead of $arr[0] inside a function that detected what changes were needed in dns zones. $0 is script name and path, strings are converted to integers as needed and there's a little thing called vivification.
You see where this train wreck is going.
Also my dog died today.
Got to love Mondays :/

me: *hosting docker registry for our team*

me: *sets up ssl and cloudflare dns and shit*

me: *tries to push to registry*

my pc: *413 rEQuEst EnTITy tOo LarGe*

me: *spends 4 hours scrutinizing the shit out of my nginx configs*

me: *finally finds cloudflare sitting there rejecting all of the requests... that cheeky bastard*

Kubernetes Note:
"Default" is not the default DNS policy.

OK!!!! (╯°□°）╯︵ ┻━┻

I just got an email that a client changed their DNS zone files to point at a new server. Turns out that they haven't set the server up yet. Client is wondering why that domain's emails aren't working, and why their site is down. They didn't want to give me the Domain's portal login credentials until now, because they "could do it without [me]." Tomorrow morning should be fun.

Just found a nice hosting provider that actually have some customers in the taxi and transport segment.

The provider offer emailsservices, webhosting, dns services. So far so good.

The only problem that I can find here is that everything is hosted on one single IP.
The DNS-servers, the mail server and webserver is one fucking server.

Domain server goes down, it's the gateway and DNS too.

Ok I'll just remove the domain, it's been orphaned really since you went to the cloud.

Don't have local admin password.

Ok call old it company who set up gear

Out of business

Ok boot to Linux and reset

Usb boot locked

Don't have bios password

Call old it company

Still out of business.

Wait, can I just set manual ipv4 ? Ok domain without a domain controller... If it works it works.

I absolutely love the dev community but one thing I just can't stand is the snobbery that permeates it. I don't understand why some devs expect non devs to know or understand the intricacies of computer programming or even computers in general when it's really not their job to do so.

"Ahhhhh!! How DARE this non dev PEASANT ask me about hacking Facebook accounts!! Does he NOT understand the basics of DNS spoofing and social engineering!!1!!1! bahh"

Customer complains that the deployed desktop app is slow at site x.
I check it out with users at site x, and indeed, it does have a delay when trying to connect to a share on a server.
Checks with users at site y and z, no issues.
After a bit of digging, the resolve of a DNS record is most likely the culprit.
Send the ticket to the customer network team to investigate.
Get it back after an hour.

"We have pinged the DNS name, and it responds fine, there must be a bug in the application".

Oh and also, I wrote this rant at work, in my head, with a lot more cursewords involed.

Running WireShark to see what one of our partners is sending across.

Outdated TLS: Ok, that's par for the course.
Leaking data through DNS queries: ButWhy.jpg
Website leaked through DNS doesn't require auth to view information. TableFlip.jpg

Either CloudFlare itself has decided to join the fun of attacking my DNS server, or somebody is just spoofing their IP in the UDP packets.
Crap, my ipset script is basically useless now, since the real source could be from anywhere :(

Any suggestions on what could I do to make this attack stop? It's not causing any real issues (at least for now), but it's still annoying as hell.
Get fucked, stupid skiddie who keeps manually changing the ip source in his script

There seems to be a lot of people protesting and coming together in support of net neutrality.

The rant here, where the fuck were all of you during the election? That was the time to come together and do something, now your efforts are futile.

What's worse, I'll wager net neutrality gets overturned and next election the same batch of assholes get voted in.

What can you actually do to solve the problem? Peer to peer internet similar to tor but fast enough to support considerable traffic. Platform needs to be like tor with encrypted decentralized DNS.

Start an ISP. This would also help.

Get cracking, smart people.

So I my boss told me about an interview ha had for a new account manager position.
${BOSS} so can you tell me about your knowledge with DNS and DHCP?
${GIRL} I have no idea, I dont listen to West Coast rap
${BOSS} ...

Because of all pandemic stuff, I got back to my home country for a few weeks, while working remotely.

So today I connect to VPN and try to access jira, can’t do it - server is down. Asking others for help, doing all kinds of weird testing, nothing helps... Then just suddendly, out of nowhere I came up with idea to change DNS server (now here I have zero knowledge about networks, and if someone asked I couldn’t even explain the purpose of DNS), and it worked!

It feels damn good, especially when I didn’t know what I am doing.

School, if you're gonna define a custom local DNS for your networks, maybe make sure it's healthy?

Wow so WindScribe VPN apparently now has DNS ad blocking sort of like PiHole.

So no more annoying popups and video ads... Or messages from the sites saying I'm using an ad blocker!

And the kicker is I bought a life time subscription for $40 a few years ago.

Guess they were able to grow nice and big.

Who thought it would be a good idea to limit the length of a dns record to 255 chars?

Is one really not allowed to use a proper dkim key in 2018!

The funny thing was that they just cut off the rest without informing the user!

Had to convince the guy to switch dns „provider“

Secretly installed Automate app on my friend's Android phone to mess with him. (For those who don't know, with Automate you can automate anything on an Android device).
Made a 'flow' that would read his incoming sms's, and send an email to me with his exact location if I sent him an SMS saying 'where are you?'.
Was funny to mess with him and tell him his exact location even though we were miles apart.
Cleared it up for him a while later but it made me feel like #hackerman

That lovely moment when a client calls out of the blue at 4:30PM (we close at 5), 3 weeks before scheduled launch and says, "My website goes down tomorrow so where are we at with the new site?" So...I scrambled all day today to get the site done and it turns out they don't even own their domain or control their DNS. (facepalm) They put in a 30 day cancellation with their current provider and didn't bother to mention we had barely 2 weeks to develop a full custom site.

As I was updating my apps, I accidentally pressed netflix and opened the app detail, it was mildly shocking when I saw the 3 star rating

Apparently most of the 1 star reviews are disgruntled indonesians that were unable to use the app 🤷🏻‍♂️🙆🏻‍♂️

For those who don't know, the largest (national? I think) indonesian isp blocked netflix over various bs reasons, though under it all they just want to promote their own streaming service

Cloudflare dns to the rescue

Client is setting up Google Suite, needs me to create a TXT record. She sends me a screenshot of the record that needs to be created, so I ask her to copy/paste the record values .... she copy and pastes the URL and sends that to me. I ask again for her to copy the values in the fields on the page and send them to me ... she sends me another screenshot. How do these people get through a day?

Sometimes I have to work with physical hardware. There are over 300 machines in our lab, split among two subnets. But for some reason, I can never access my machines by hostnames.

Every other week, there's an IP conflict on this network, requiring me to log into the active directory server and delete old DNS entries. This usually happens because someone decided to deploy 64 VMs on a huge server, all at once, didn't boot them with a delay, let alone with with a warning to IT.

Then when my superior asks how my progress has been and I respond with "I can't even get the machines to ping each other by hostname, there's something wrong with the DNS:, I get the following response: "HOW COME NOBODY ELSE IS HAVING PROBLEMS WITH THIS. YOU'RE FULL OF SHIT", from someone who spends 90% of the year abroad, working remotely.

OH MY GOD, i cant believe this is my 25th day without a job... why!!!! not with all the kubernetes and node js and javascript that i know. lol. not to mention golang and python and all the networking stuff, dns, aws etc. lol where are all the recruiters when i need them?!!!!

I have been playing around with coinhive because I really like it's concept. Pretty cool so far.

Does anyone here have experience with it? What are your thoughts?

Also.. why can't pihole let me whitelist wildcard domains?? I hate having to disable my DNS server every time I want to test the miner.. I guess I will just have to make a pihole / ftl plugin for it..

How can I use a custom DNS server on my schools network?

They seem to block any DNS that isn't their own. I've tried 8.8.8.8 and the new cloudflare one. Both blocked, it's a real issue because their default dns dies for about a minute every 12/24 hrs causing my VPN to go down.

How do they even block external DNS servers?

The whole email and DNS system is fucked up!

Got a new excuse for slacking off... DNS propagation... eurghhh

Mozilla will update the browser to DNS-over-HTTPS security feature to all Firefox users in the U.S. by default in the coming weeks.

According to the report of TechCrunch : Whenever you visit a website ; even if it's HTTPS enabled, the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS or DoH encrypts the request so that it can not be intercepted or hijacked in order to send a user to a malicious site. These unencrypted DNS queries can also be used to snoop on which websites a user visits. The feature relies on sending DNS queries to third-party providers such as Cloudflare and NextDNS which will have their DoH offering into Firefox and will process DoH queries. Mozilla also said it plans to expand to other DoH providers and regions.

Webmin because why not ✓
Lamp stack ✓
Dynamic DNS client ✓
PhpMyAdmin X

Dear DigitalOcean. SINCE WHEN do you consider a PMA installation
without Https SECURE?
And why the fuck do you make me install an aptitude package that skips both file system AND Apache config cleanup on purging?
It's just a raspberry, but if it runs lamp I want PMA, and if it runs anything, I want Https. Is that too much to ask for from a tutorial source otherwise so reliable that I do anything you say without a questioning thought?

Oh VPN... why must you keep screwing up my DNS every 5 minutes forcing me to reboot...

Well. Fuck.

A sunny monday morning. The sun almost glimpsing over the horizon. I'm on my way to the office, taking a breath of fresh cool air. It is infused by the scent of sweet pastries.

I reach the office, but something is different. Why is the door slightly opened? Carefully I grab the door handle. I do my first step past the doorframe and wooosch. Thick and sticky stuff is running done my spine, finding it's way through my clothes. I feel so un-fucking-believably dirty in this very moment.

This should give you an impression how I felt when I had to change a DNS record in this completely broken setup for just a matter of seconds until the letsencrypt client renewed the certificate.

I'm feeling seriously dirty.

Thank you, noip.com

Fave IDE: Rube-Goldberg Distributed Physical Editor (RGDPE)

- 3x5 note cards, rite aid brand
- pilot rolling ball gel pen
- white out
- a scanner with OCR, email
- a raspberry pi running a local email server and dns
- a raspberry pi running an SMTP receiver and language service and a handler to invoke the compiler
- a speak and spell to print out the language service results

Why: why not?

Since a few days I have my first dev job in a small it company. At my first day I directly stared to implement a rest api for managing dns servers.

Today I completed the prototype and all works well. What a feeling :)

Has anybody noticed this?

Google is focusing on 8.8.8.8!

Oh man setting up postfix and dovecot (plus things like rspamd) is a pain in the ass.
But it's worth it, having your own mail server is just quite a good feeling.
Now I just need to find out how to get it to pass the spam filter of Google, despite the server and the DNS zone being well-configured (better than my school's mail server according to tests, but that one still manages to pass. I have no idea why.)

!rant seems that my raspberry pi serial idea is a little bit complex at the moment and may take a more serious turn later, but I have studied and found DOS based TCP/IP software that will allow me to use my 5150 with actual Ethernet. There are a few 8bit ISA Ethernet cards that will work in the 5150 and separate executables that will configure DHCP, DNS, and even allow me to use a terminal emulator and SSH to connect to *nix based computers over lan! I'll keep you all posted!

Who all use 8.8.8.8 and 8.8.4.4 as their DNS servers 😉

the coolest project was mine: a dynamic DNS like dyndns, wrote in scala, an API layer in ruby and a lot of sysadmin stuff like ospf any cast. A big technical success, a total financial failure... but I enjoyed and I learned a lot!

Analog mail still works!
Stickers finally arrived! Thanks @dfox and @trogus for this amazing community !

I'm too dumb for setting up Pi Hole 😭

Anyone used Pi-Hole on their network to block ads? Set a box up with it just to see and so far pretty impressed!

About 5 years ago I worked at a small company developing websites and .NET applications.

They haven't changed any passwords which means, I still have access to ALL of their customers DNS setups.

Of course I wouldn't do anything.

But just the thought, that I could make an infinite loop, by redirecting the domains, is amazing.

Or redirecting them to a porn site.

Fuuuuuck my DNS server crashed and I'm not at home D:

What's the best IDE you guys have used?

Don’t ring me up all nasty asking why these other domains that you never told me about don’t “work”... and you don’t have dns access ‘cos you don’t know what it is and I need to speak to some geezer from another company that you fired. FUCK OFF, now I have to do some whois fishing to find out the shit you are blaming me for.

When you setup your own dynamic DNS and stuff just works first time, for once..

Scaled custom help desk software across 5 school districts. Way harder than it sounds when you realize that we needed a tunnel to get an external site working, complex routing to get the servers to communicate with one another without exposing one districts network to the others. And I also made it auto deploy on a successful CI test. The only thing that really perfectly worked on the first try was the database (CockroachDB). Everything else was a complete mess of DNS and routing rules.

Dev: Please let us know when will be a good time to make a DNS switch for launching the site?
Client: ok
...
....
Client: one hour later, hey I did a DNS switch to your server but the site is not there?!
Dev: (Fuck me running!!) fuck fuck fuck fuck and fuck my life!

If it compiles, ship it!

Nude and stranded while fighting off a group of polar bears and wolves in the Arctic, or attempting to try and explain to a web designer what glue records are and why their DNS is fucked...

Easy choice 🌫❄⛄🐺🐧

I have a gitlab instance behind a reverse proxy at gitlab.mydoman.pizza (yeah my TLD is .pizza 😎🍕). I have a personal site hosted on GitHub pages. I have a CNAME record in GitHub repo pointing to mydomain.pizza. I have 4 A records on my domain registrar pointing to the GitHub pages server IP addresses. now both mydomain.pizza and myusername.github.io both go to my gitlab instance??¿¿ what the fuuuuuckkkkk?¿?¿

Yeah sure... how about I don't stay with you

A minute of silence for chromebooks

when Verizon fios (now frontier) has dns routing issues and half your websites including slack won't load. so you spend the first 30 minutes of your day researching and finally end up having to manually change your dns servers to Google in your routers admin. fucking mondays man....

Cloudflare is unable to resolve.... Itself?

EVERY FUCKING TIME I HAVE TO ASK FOR SOME DNS CONFIGURATION OTHER THAN A SINGLE "A" RECORD THE TI HEAD MANAGES TO FUCK UP...

WHAT THE FUCK IS SO HARD DUDE???

CNAME? OK!

FUCKINGSUBDOMAIN > FUCKING.ALIAS.COM

THIS TIME OUR FUCKING PROVIDER CANT MANAGE ROOT DOMAIN CNAMES SO WHAT DID HE DO?
SIMPLE SAID "ALL DONE" AND ONE WEEK LATTER PEOPLE ARE COMPLAINING BECAUSE THE FUCKING ROOT DOMAIN ISN'T WORKING...

COME ON DUDE, JUST KILL YOURSELF.

AND FOR THE FUCKING MILLIONTH TIME: DOMAIN REGISTAR AND DOMAIN MANAGER ARE TWO SEPARATE FUCKING THINGS! YOU CAN REGISTER YOUR FUCKING DOMAIN ON GODADDY AND MANAGE IT ON FUCKING CLOUDFLARE BY CONFIGURING THE FUCKING DNS SERVERS

For somebody who went to a liberal arts college, I'm surprisingly resistant to inconsequential changes. For instance, I flipped a shit when my online banking changed their dns configurations a little bit.

The sorting button on devRant's feed page is just Gilfoyle's tattoo twice, once upside down like Dinesh says.

Started coding HTML, CSS and JavaScript as part of my multimedia design studies. Lecturer would throw up a simple 960 page on the projector, said "make this" and left the room. Being thrown in the deep end is definitely a way to learn that taught me a lot

I'm so tired of fs issues with webpack/react. fucking useless piece of shit. I look online and it looks like it's a pain in the ass for anyone actually using a modern stack. Literally just trying to use mailjet's API to send emails from a React app and I've been solving dependency issues for fucking hours because of the MANY node modules it requires. requires fs, dns, tls, and dgram for a FUCKING post request because mailjet makes you use their node package.

"This site uses cookies" is the most useless thing ever... Who fucking cares if it does. What is next? We should put explanation how DNS server or apache works?

Best:
Huge update and refactoring on my private infrastructure (gigabit lan, ipv6, new vpn architecture, new dns, new mailserver and much more). And there is no more microsoft in my little kingdom :)

Also i stumbled over devrant ;)

Worst:
Still a lot of unfinished projects, more and more problems at work because of lack of concentration. Been diagnosed with adhd this year, so at least i know the source of my problems, but it still hurts to fail :(

Best wishes for 2017++ to the devrant community!

Took a whack at installing arch...

I failed. 😔
My rj-45 port is broken and i I couldn't figure out how to manually set a static ip, default gateway and dns for the wifi interface thru the terminal when installing.

Oh well. Maybe next time

What is with IT and their obsession with error messages?

"If there is no error message, I cannot help"

Your not going to get an error message because the problem is VPN is messing up my DNS due to tunneling. There is no error other than me not having Internet if VPN disconnects unless I reboot.

I just found out my router has 2 SEPARATE places where you can specify the DNS servers. So I changed one place but not the other, and they don't seem to be linked! Such bullshit design.

When your IT department needs to make a DNS entry for you and it's been blocking your sprint for 9 days.

When you spend 3 days on Xamarins shitty ServicePointManager for HttpClients and final get it to work on all devices

don't you love that moment when you are trying to set up a test environment but end up spending 3 days trying to get one little service to work?

I can't seem to find any auto dns that works with minimal configuration to use with vagrant or docker...

Youtube with its annoying ads that pass my dns server. Well, no longer! Just add /api/stats/ads to the universal routing. Poof ads gone ^^,

Ugh, since I bought a few domain names, and thus my contact details are public (grrr), I get stupid quotes from people around the world going like: "Hey! I'm a web dev specialised in [insert technology here], I want money! Contact me!", or "Hi, I am [redacted], we are a talented agency in [cuntry] and can offer you the best in web development blablabla".

The only help I need is "fuck off".

It feels like I'm taking a dump in a public toilet and people knock on the door willing to help me clean my ass for me.

Today I wrote a python messenger bot which listens to only one command;
get ip
It then replies with its public IP address. I figured this would be the easiest hotfix until I fix my dynamic DNS client.

Now thinking of it I could also make an "update domain" command for doing the API call, and then link the two with a loop and minute delay. Marvelous.

I know I'm going to get the blame 🙄...

They transferred a domain didn't tell me they were doing it then now they are with 123reg ... shit web hosting

On top of that the dns wasn't transferred over so currently the old site is dead 🙄

Why use git when you have dns TXT records?