I literally laughed out loud

Got a phone interview for a backend dev job in an opsec company.

Interviewer:
This is a very serious and prestigious position, we take care of the most important bits of code.

*Proceeds to talk introductory nonsense*

Interviewer:
Do you know what a DNS is?

Me:
Yes, of course! DNS stands for Domain Name System.... Blah blah blah... I explain about the servers, about hosts file, about DNS spoofing and everything else possible on this topic.

Interviewer:
See, I was patient with you - letting you finish. I'm not sure what you're talking about and where you got it from, but a DNS is that line in the browser where you type the site's name.

He didn't ask any more questions, just told me that they'll get back to me. I asked not to do that.

Three weeks later I got an email claiming that I'm not qualified.

Told us to use facebook or google drive to share code instead of git

Did you know 8.8.8.8 has a TXT Record to xkcd?

The DNS server I'm writing in PHP (largely taken from another project) is starting to work!

Next to just blocking queries it logs every blocked query so I can have stats :3

A little terminal output:

I’ll tell you a DNS joke but be advised, it could take up to 24 hours for everyone to get it.

I’ll tell you a DNS joke but be advised, it could take up to 24 hours for everyone to get it.

Clearly Mozilla is the villain here for prioritising privacy and personal freedom over censorship, control, and surveillance. Oh, our parental controls don't work! WON'T SOMEBODY THINK OF THE CHILDREN! wtf

Came home to visit my mother for mother's day. Signed into wifi, couldn't hit steam. Thought it was odd so I Googled it.
Clicked on the first link, DNS doesn't exist. Hit the second link... Okay No way serverfault is no longer a valid DNS. Went to stack overflow, can't hit it. In fact, the only website I am allowed to hit is google, Yahoo, and Netflix. Okay, that's clearly a breach of her rights, they're filtering her. Gonna login to the router and fix it.... NOOOPEEE
`arp-scan` tells me I need to have an IP address... Wait, I'm not being given an IP address? That's odd... Okay only MAC addresses... Okay, I can hit the router using 10.0.0.1... Nope, blocked IP. Can't hit it.
I told my mother she should abandon this ISP and find a new one, but she won't budge...

Welp, I'm breaking into XFINITY wifi and resetting whatever shit provisioning they did to this machine and undoing all the damage...
The only tool I have is my phone...

Wish me luck devRant...

Turkish protesters against government trying shutting down social networks

I don't use Google/Facebook for privacy reasons (and their sub-services etc). Haven't used them for ages but noticed that google still loads a lot of domains like analytics etc. This goes for facebook as well.

I now blocked a lot of google/facebook domains through my hosts file.

It's funny to see the amount of DNS requests to those fb/google connected domains nearly go to zero and also the fact that I literally can't load google/facebook anymore!

Thanks Google...

Last september:
I get an email from a customer who want to end the contract. I inform him that the contract runs to the end of March and it will be terminated the last of march.

Customer agrees and I do not hear a word from him. Until now when I closed down all his services.

Angry email:
Why did you close the server and email? are you **** stupid!?

I reply:
21/9 2016, you wanted to terminate all services you had with us. That means that your domains, DNS-services, VPS, email and Office 365 was going to be closed today.

Why is this not uncommon?!

It's the biggest satisfaction to know that Wix means wank in German!
"why not do it yourself" just adds to it.

I often think in if statements ..

I'm a week into my new job right now. What do I love the most about it?

Learning things all day long and getting paid for it!

I'm learning about hosting things, DNS, cyber security, configurations, Linux (although my current skill set with Linux has been enough for now) and so on!

Hell, easy day today (not that many tickets) so decided to start learning Ansible! Next to that I've gotta learn vim (it just autocorrected that to cum.... O.o), work with hosting panels, mail stuffs (dns, debugging etc etc) and so fucking on.

The boss hasn't been at location yet which will happen tomorrow but he seemed like a very chill guy.

I love this!

Soms week ago a client came to me with the request to restructure the nameservers for his hosting company. Due to the requirements, I soon realised none of the existing DNS servers would be a perfect fit. Me, being a PHP programmer with some decent general linux/server skills decided to do what I do best: write a small nameservers which could execute the zone transfers... in PHP. I proposed the plan to the client and explained to him how this was going to solve all of his problems. He agreed and started worked.

After a few week of reading a dozen RFC documents on the DNS protocol I wrote a DNS library capable of reading/writing the master file format and reading/writing the binary wire format (we needed this anyway, we had some more projects where PHP did not provide is with enough control over the DNS queries). In short, I wrote a decent DNS resolver.

Another two weeks I was working on the actual DNS server which would handle the NOTIFY queries and execute the zone transfers (AXFR queries). I used the pthreads extension to make the server behave like an actual server which can handle multiple request at once. It took some time (in my opinion the pthreads extension is not extremely well documented and a lot of its behavior has to be detected through trail and error, or, reading the C source code. However, it still is a pretty decent extension.)

Yesterday, while debugging some last issues, the DNS server written in PHP received its first NOTIFY about a changed DNS zone. It executed the zone transfer and updated the real database of the actual primary DNS server. I was extremely euphoric and I began to realise what I wrote in the weeks before. I shared the good news the client and with some other people (a network engineer, a server administrator, a junior programmer, etc.). None of which really seemed to understand what I did. The most positive response was: "So, you can execute a zone transfer?", in a kind of condescending way.

This was one of those moments I realised again, most of the people, even those who are fairly technical, will never understand what we programmers do. My euphoric moment soon became a moment of loneliness...

Holy fuck, this is starting to work!

Problem: I am highly anti google/facebook/few others and I'd rather null route those DNS requests.
The problem is that the pihole only can blacklist domains or wildcard domains but not words. So if Google would come up with a new name for some of their domains, I'd be fucked because I can't filter out the word Google through the pihole.

Today I fucking found the solution (still a work in progress but a PoC is nearly working):
Compiled a program which can monitor DNS queries/requests and logs them to a file.
Have a php (yes I write most of my cli tools in php) script tailing the log file and gathering the requested domains from it.
Then I can see if the domain contains the substring which I don't like (google as word for example) and echo it to the end of my hosts file with 0.0.0.0 in front of it if that's the case.

Holy fuck this seems to be working! 😍

Have been working on a frontend with actual stats for the DNS server I'm building. This is the result so far (real stats, red blocked domains are marked by me (in redis) as surveillance domains), thoughts?menu

Half a week later I finally found out why my DNS server "wasn't working" on any of my servers.

Let's just say that MullVad's anti-dns leaking technology works extremely well.

It was tunneling all DNS requests through its own servers to prevent DNS leaks and I never thought of it a single fucking time!

😅

*sets up BIND DNS server*

Domain name system..? Domain? As if it wants me to know my place on the internet?!! THAT'S SO OFFENSIVE!!! Change the name right now!!!

BIND? For real, a BDSM reference?! How sexualizing can you white cis males be?!! SO OFFENSIVE!!!

In the /etc/bind/named.conf.local I have to fill in a master type? MASTER??
🅼🅰🆂🆃🅴🆁???

🆂🅾 🅳🅰🅼🅽 🅾🅵🅵🅴🅽🆂🅸🅱🅴

Clearly technology is part of the patriarchy. I can't use DNS like this. Now where's my contributor's covenant?!

It's never enough, is it?

I was going to write a simple dns server/proxy/firewallish thingy in php.

That's working. I'm adding a dashboard and api now 😅

I never expected this, but some mofo seems to have defaced linux.org. DNS takeover I guess? 🙈

I get a call: "Hey the site is down. Fix it!"
Worked on my workstation, not on my phone => DNS issue.

Local cache: "All OK"
ISP's DNS: "No record"
Google DNS: "Server error"
MXToolbox: "All OK"
CloudFlare DNS: "Domain? What domain?"

After a day of fucking around with configs and wanting to strangle the customer support guy, I just started pressing buttons, until suddenly, it worked. Turns out I'd accidentally enabled DNSSEC on a domain, that wasn't configured for it.

Lesson learned: There is no official DNS error code for "DNSSEC failed somewhere upstream". If you're lucky, you might get something useful out of the authoritative server, but apparently not on Mondays.

I live in the terminal. I write lots of scripts (Shell, Python, node js) to automate tasks that would take hours to do by my teammates. Recently, I started automating everything that I put my hands on using Ansile: from pointing DNS server to continuons deployment, provisionning a fully customized infrastructure on the cloud using just a single command!

This is because automation gives you super power, the feeling that what you do help tl increase the productivity, reduce bugs etc.. Simply, once mastered, automation is ausome!

Weekend so far:

Chrome Update FUCKED UP my website.

Tried to update my server to Ubuntu 16.04. That FUCKED UP in the middle and I didn't have any recent backup.

Went back to old backup. But didn't see any changes in the website. Was wondering that for 1 hour.

Forgot that my website was using cloudflare caching. In the meantime I have changed my DNS settings.

Out of frustration removed website from cloudflare. That FUCKED UP the DNS further.

Now I have no idea how long it will take the DNS to update.

FUCKING F M L

Every job description out there:
" JUNIOR XY position.
Requirements: 50 years experience of Assembly, Java and Masonry, HTML, cloud based computing and artificial intelligence. Must be able to write algorithms like Hummingbird. Fluent in English, Mandarin and Latin. Must have five doctor and two Bachelor degrees. Experience in leading a Fortune 500 company benefitial.
Renumeration: 5 rice grains"

Something is not working with PTR DNS records right now.

It's getting really frustrating and I'm starting to DuckDuckGo the issue.

Just noticed that I typed this:

"how to setup a fucking ptr record".

I didn't type the 'fucking' intentionally.

😆😅

This is going to be a long rant, coz this is the only way to vent out my frustration against our tech head.

Yesterday, while our fucking twat tech head was playing around in company aws account, he terminated the production server. By mistake, apparently. Coz he doesn't know shit about server management. But that egoist ass won't admit and fucked the production server.

And then ran away. We developers sprang into action. Updated dns to point to staging server, setup virtual hosts, env files, point to prod database, force flush dns cache. All systems were up and running in 30 mins. And since it was staging server, it had lot of untested features and codes, and we spent rest of the day fixing the bugs.

And that tech head, who ran away hiding his tail between his legs, after he fucked the server, came back after systems were up. And started cracking jokes, that "so many features got released in 1 day" . "We cut server cost by shutting down 1 server."

We were struggling and working in full throttle to make the services running again. And that fuckity fucker was cracking jokes.

And I don't even know what excuse he gave to ceo for the downtime. I am pretty sure he would have made up some crappy excuse to hide his fucking mistake. That ass never admits his mistake. I am thinking to go to ceo today and tell the real story and get that faggot head fired or at least a strict warning.

It's very satisfying to setup Pi-Hole on a vps, point your dns to it, adding the words Facebook and Google to the wildcard blacklist and seeing that literally any request containing either one of those words gets blocked.

On the other hand, it's funny to see that devRant (devrantron) performs around 1k+ requests to devRant every 15 minutes.

Fucking crunchyroll hardcodes their access tokens in a Constants Class in their APK, technically that is a security issue.

What the actual fuck Crunchyroll!? No fucking wonder you got DNS Hijacked so quick, security is literally your second priority you dumbed down twats, get some real devs and some real QAs for fucking god sakes, you're tearing down your own system by inviting exploits.

It's funny to see when certain stuff works without realizing it.

I've got multiple vpn servers and whenever I connect to one it sets my DNS to my pihole's one (hosted on one of my dedicated servers).

I keep forgetting to change my search engine to duckduckgo and no matter what I search for, no page is/was loading and manually have/had to go to duckduckgo.

Then I suddenly realized: the pihole has blacklisted Google so I literally can't connect to google.com/nl!

Awesome 😊

1.1.1.1
OR
8.8.8.8
🤔

This tiny project is awesome. Thanks to @JoshBent (who partly got it from another repo as well) for providing a basic DNS server with hardcoded blacklisting functionality and thanks to @PerfectAsshole for correcting my mysql syntax I was stuck on for way too long.

I've now got this fucker to read blacklisted words from a redis list into an array which checks every requested domain to see if it matches. If yes, it proxies it through to another DNS server and if not, it'll log the requested domain to a mysql database and prints is as blocked onto the terminal.

If the domain matches any host from a service known to be integrated within a mass surveillance network, it also prints this out to thy terminal.

It's working yay! Gonna keep working on it today.

"hi, we have some dns records we'd like to change, they're in the attachment. Could you send a message when it's done? Thanks in advance!"

No, fuck off. Fucking cunts.

Have multiple and some server related but hereby:

I forcefully quit php on the server I use for devRant related stuffs because I wanted to quit the bakgrounded php process I had running for the dns proxy thingy since I somehow couldn't find the pid.

Two days later I noticed that none of my sites on that server where running anymore and started looking at nginx error logs.

It took me way too long to figure out that I had PHP-FPM installed which runs as a service and by forcefully quitting php the other day.... Yeah, you get it I think.

Started the process again and remembered that one 😅

When I'm on call and its weekend, I'm often a little nervous the entire weekend and time seems to go slow.

Programming on the dns proxy/firewall now and time is suddenly going quite faster.

This is a damn relieve.

What is a domain name system doing in a hospital..!
And, it has its own office too..!

You can fuck up dns records in 1 seconds but to unfuck it up takes ages 😒😒😒😒

I have been using this DNS by Cloudfare and have seen slight improvement in performance.

How reliable and trustworthy it is?

Behold this gem I found at a local super market back in July!

In my company we have a weekly meeting for the Tech deparment, so today the IT Director (my direct manager) was describing an issue we are experiencing with our DNS, and he asked

"What we should do with our DNS?"

Instantly I said out loud:

"Resolve them"

Started working on a pihole alternative a while ago.

I like pihole a lot but one of the features I am missing is to be able to define a list of mass surveillance related domains (Snowden leaks; PRISM program and such) and show statistics based on dns queries containing blacklisted domains, prases/words and surveillance-related domains/words (google/facebook/microsoft/apple etc).

Started working on one based on an existing (php based) dns server which is open source and slowly but surely developed something which worked.
Then, I found out that the php resolving function (dns resolving) uses the system default, which can, of course, be google's dns as well. Changing this would be ideal but while the documentation suggested that it could be done some way, it didn't work for me so I chose a library which can do it with specific dns servers (to use as external dns servers).
This library used a different way of showing the retrieved dns query results and really wasn't in for converting everything by hand so i kinda quit the project a while ago.

A few days ago I thought fuck it and started again.
Now have a working version based on the new dns resolving library and made some other good improvements.

For those who are wondering why I chose PHP for this: why the fuck not?

Happy happy happy.

Christmas-rant:

So I'm having a nice dinner with my in-laws when one of them turns to me: "So, what I want is a website with a link on it to another website, you can do this right?". Seems overly complicated to achieve this result, I know, but she had a fair reason for it. So, I start walking her through what she would need for it. "First thing, let's buy a domain name." "I have to buy these??! I don't believe you, I know people that did not pay for this!" "Well, that's technically impossible except for certain subdomains", I respond politely. "No, I don't believe you!"

So far my happy helping christmas mood.

Merry christmas y'all!

Best ad-blocking solution ?
Ad-block ?
FUCK NO !!!!
Pi-hole and modify ad-block filters to block only youtube ads !!
Now sites are not able to know that im blocking ads because pi-hole is DNS based and youtube doesnt care about it.

So I guess you could say Dyn users got Dynied service when their servers were ddossed...

Badum tiss...

I 'work' at a Minecraft server btw.

So here I am, 12 o clock, chatting with my friends, nothing weird here.

An employee of our hosting company sends me a message, because he knows we are hosting there. He asks us if we have changed our DNS for the server move. I was scared for a second, and asked 'what server move?'

He tells me that our server will be moved to "a better performing node". He told me that all server owners were alerted over email.

So here I am, 12:30 at night fixing my DNS settings and hoping that everything goes all right.

Damn, I hate it when people don't property communicate their maintenance dates with the rest of the team, does anyone relate?

I should build a free DNS service..

Pro tip: never set custom script stuff related to dns server forcing things in a root firewall app if you don't know what you're doing.

How would I know? There's a slight chance that I just went offline for a few days (mobile only) to figure this shit out 😅

All fixed now, though!

Visual Studio Code.

I've tried you because of hearing a lot of good stuff about you. I'd switch back to netbeans regardless because I love netbeans and I always try to use as little as possible from companies like Google/microsoft/facebook (and others) but what you're pulling right now is un-fucking-believable.

I've disabled ANY AND EVERY form of calling home I could (find) in your settings. Crash reports, automatic updates, metrics, you name it. I've searched all the fucking settings but I can't find any other home calling thing that's enabled and yet:

I'm monitoring every goddamn DNS request (through my own DNS server) and I'm still seeing calls to a Microsoft owned domain. Closed all my browser sessions and you as well and it stopped. Started browser again but not you, nothing.
Started you again: BAM. Calls to that damned Microsoft owned domain again.

If you can't honour my decision for disabling any form of home calls, go fuck yourself.

Netbeans, I'm back, I've missed you 💜

If you need a break, just say the DNS changes are propagating.

Fucking Gmail !!!! I hate you so much !!!

My mail server is fucking perfect, I have all the records in my DNS and even have a 10/10 score on mail-tester.com.
But this fucking Gmail keeps putting me the spam folder ! Why do you hate my so much ?

So I been telling Cox no to upgrading my modem for the past 2 months, my modem works fine, so now last night the modem just stops working, the internet is out and I call support, I tell them the problem and they without even thinking ask what version of modem I have, I tell then gen 2,they then offered a upgrade for free and the old gen 2 ones were not working lately, I reluctantly agreed to swap them for free, so after I got off the phone I was curious, I decided to packet sniff and find all my data is being sent just fine, but once it reaches the Cox main gateway it just drops the packet, I even pinged the DNS and it responded fine, turns out they just shut my connection off and basically forced me to upgrade to their gen 3 enhanced Wi-Fi bullshit

Dear namecheap, I honestly love your service and prices but how in the hell can I see an ip address in the dig of a new domain (url shortener) which I never put or saw there and which doesn't even belong to any server I own/operate?!

DNS cache after the last chance of three days ago, nah, don't think so.

Fucking hell.

- So let’s check if this DNS thingy does work
(4 hours later)
- it doesn’t

Fuck you OnePlus, fuck you.

Edit: I blocked open.oneplus.net in my DNS as well.

DevRant makes me really proud how well developers can act together as a group. Makes me think what we could accomplish if we would take all the world's developers and programmers to one place and make our own country. Our currency will be devCoin. World domination follows shortly afterwards

devDNS - A DNS over devRant service inspired by @1111resolve on twitter

Holy shit my server survived a DNS amplification attack!

I thought my iptables rules were not very effective, since I kept seeing 1-2 ANY requests getting through my pihole (only to be ignored by the upstream cloudflare server).
Turns out, they never actually *kicked in*, until now.

The craziest part is that one ip belongs to the Ministry of a country!! :O

Eat that, motherfuckers! God I love it when this shit actually works!

That moment when you're finally getting your user registration and login system up and running!
As a web dev student I feel like I have accomplished something :)

Am i the only one feeling the need for a facebook darktheme?

First lecture of computer networks. Let's shove all of these abbreviations with their meaning, and possibly a associated port number in one 1.5 hour lecture:

HTTP, HTTPS, FTP, FTPS, SFTP, TCP, IP, UDP, ISP, DSL, DNS, LAN, WLAN, WDM, P2P, TELNET, PGP, TLS, SSL, SSH, MIME, SMTP, POP3, IMAP, IANA, DHT, RTT, DHCP

I really feel sorry for students who didn't have previous knowledge about this stuff..

ALWAYS CHECK THE MX RECORDS WHEN CHANGING DNS 🌎🔥😭

How my lecturer drilled JS syntax into us:

Write this:
var x = document.element;
x.value = 10;

Instead of this:
document.element.value = 10;

His reasoning:
"You make the cake in the kitchen, you don't put icing on it on your way to present the cake"

Feeling productive at a Sunday evening. Let's install a DNS server and a fucking mail server on two forgotten VPS's I am still paying for.

SO A-FUCKING-PPEARANTLY, THEIR WEB MANAGEMENT PANEL IS FUCKED UP SO I CANNOT REINSTALL MY MOTHERFUCKER VPS's. HOW FUCKING FUCKING FUCKING FUCKING DIFFICULT CAN IT BE.

My devGoals for 2019 are:

- Move DNS blocking from hosts file to a PiHole (or similar) at home

- Implement a full HAL for some smol microcontroller in C

- Create better automation templates for testing, building & deployment for our Angular projects

- Get rid of crippling depression

- Force my boss away from firebase and google tools in general

- Spread the love for CraftCMS

- Spread more love in general (with protection of course) 😄

Okay, help :(

Trying to get my dns server in php to work from the outside (it's on a vm on one of my dedi's) but it's not working.

- Port forwarding works well: confirmed.
- Connection type: UDP; confirmed.
- I *can* dig from the host (dedicated server) to the vm.
- nmap scans show an open port.

The exact same happens on my local network.

I'm lost.

I can't access Google anymore.

I am genuinely happy about this.

Had my pure PHP web app rejected on a market platform because I didn't use a framework..
BITCH IT WORKS PERFECTLY WITHOUT A FUCKING FRAMEWORK, IF YOU WOULD HAVE TESTED IT YOU WOULD HAVE SEEN THAT!

I was working on a website for a client and had asked for the login details for the DNS provider so I could update the records to point to the new host.

2 weeks went by with no reply then I got a text saying "Could you take a look at the site? Seems to be down". I explained that I was waiting for him to give me the login details and asked what site he was talking about.

He thought the staging site was the actual website, he was advertising the URL as his new website.

.htpasswd credentials and all.

I had no words.

Had a configure issue on a site running through CloudFlare hosted at WPEngine. Support on chat guy says "can I take a look at your setup" so I screenshot him! He says they're are new ways to point to WPEngine whilst using SSL so I say OK and he points me to a support article which seems accurate. He then says now I want you to change two records so I say ok (not thinking) which I do (stupidly)

Result site no longer reachable.

What do I do now? He says very seriously "you need to wait 24-48 hours for the DNS to propogate"

"Your joking it's a huge site with 20k visitors per day with advertisers on it"

"I'm sorry there is nothing I can do until the DNS YOU changed has propagated"

"I changed?" "Yes you changed the CloudFlare settings"

"You told me to!"

"Is there anything else I can help you with?"

Well, sure ... This might be a way of dealing with DNS issues ... for some people.

StackOverflow is ruthless! You only have to breathe and you'll get downvoted!

I'm in college and I'm renting a room. It has 100mb/s WiFi, so that's neat, but...
I just learned that the password for the router's admin panel is the default one. Ffs, why didn't they change it? They know I'm studying IT. Do they not realise just how much power this gives me? I can get a raspberry pi, set it up to act as a DNS and spy on everyone using this WiFi.
On the plus side, I also learned from that, that we are not limited to 2.4GHz, but we can also use 5GHz (although on a different SSID).

Started part time job at a company, had to log my time on timesheets. Said fuck this and now the whole company logs their hours on a custom web based time logging system which I built.

So my host of choice decided to migrate an old site to a new set of IPs without warning yesterday, down side to a VPS I guess.

Now this wouldn’t be an issue if it wasn’t on a dedicated IP you wankers.

DNS won’t resolve to new location yet and Virtual hosts contained the old IPs and for some fuck of a reason the httpd file is auto generated 😡so updating it will be lost on reboot.

Like What the flying fuck you imbeciles, this site has been up and running for 5+ years on this IP.
I barely do any maintenance for t as it’s just an old horse sitting on the web but fuck you don’t need to fuck with it or atleast give some fucking warning before you go drop it offline 😡

I hate handling DNS issues... every time I try to explain how DNS works, users come back even more confused.

So I was setting up my friend's NAS. Got everything worked in minutes (dns, port forwarding etc.). Enabled ftp connection tried it locally, working. Tried remotely, timed out...

After half an hour I was about to tear my hair out one by one when he suddenly said to wait a sec he knows what's the problem. Tapped two on his phone and suddenly, it's working.

THE FUCKING PHOTO UPLOADING FROM HIS PHONE TO THE CLOUD BLOCKED ALL INCOMING CONNECTIONS AND HE WAS AWARE OF THAT ALL ALONG. WHAT THE FUCK MAN, DO YOU ENJOY SEEING ME STRUGGLE?? That was literally an "I'm out" moment.

What docker means:
Sorry pal, service names mustn't contain spaces

What docker says:
desc = name must be valid as a DNS component

Wish me luck. I HAVE to launch 10 websites (yes, ten) this week and half if not all of the clients don't know their DNS accounts or log ins. I foresee a lot of long nights in my near future. Story of our life, right?

Lads, this DDoS attack on DYN is must be getting pretty bad, the Department of Homeland security just launched an emergency investigation into the source and apparently Amazon has started being interrupted

Pihole, an adblocking DNS Server, Update log is awesome :'D

That moment you realize good guy Google lets you flush their public DNS.

Our teacher just told us to share our code via drive or dropbox or something like that, and I was there like "hey ever heard of git?????"

When the junior system administrator enters 9.9.9.9 instead of 8.8.8.8 as the name server

Having an philosophy exam in less than six hours. It's 2 am. Laying in bed, thinking about that stupid DNS bug and how to fix it. I have 4 1/2 hours of sleep left - wish me luck ¯\_(ツ)_/¯

Well then, looks like my pihole attracted the attention of a botnet with 65 zombies attempting a large DNS amplification attack.
Time to unleash the BANHAMMER

Fun fact: only a few hundereds of their requests actually show up in the pihole logs. The other 40k+ requests they attempted were blocked by my firewall :D

Ordered a Raspberry pi.
Excited to work on it.
Also ordered heat sink with it so as to make it 24/7

Till now I've thought to use as a cached DNS server+VPN client [and from it I'll share the incoming college WiFi to LAN (yes my college is finally getting WiFi for us in hostels)]+mopidy server with iris client

Give some more ideas.
Also, will the RPi be aple to work 24/7 without burning up if heat sink is installed?

I asked my CS teacher why my institutions domain had only the www subdomain pointing to the webspace, but not also the second level domain itself. He then explained me that www is the *protocol* on the internet and it's necessary for the website to be accessible, and that pointing the SLD to the webspace in addition therefore wouldn't work.

How could I ever take him serious again? He's supposed to teach networking btw.

TIP:

1.1.1.1: the fastest, privacy-first consumer DNS service

I switched to faster DNS,
And believe it or not, it improved my internet speed.

Just add this DNS and you're gonna experience faster browsing

DNS1: 1.1.1.1
DNS2: 1.0.0.1

comment below if you experience it.

We upgraded to Dyn Managed DNS last month, now we're down with the DDoS attack! If we didn't upgrade from their standard plan, we would be online still 😂

What ? No.
I totally didnt just buy a server.
What ? Turning my home into homelab i hear ?
You sir are correct.
Android ROM compiling, DNS, Steam cache and just all the good stuff you can think of running off of this thing.
Oh and its DL360 G8. Yeah i know little older but TBH 12 cores and 24 threads are jeez fucking amazing if you ask me
And thats not counting the upgrades i have ready for it. 2x 8 core CPUs so that would be 32 fucking threads.
And all that for the sweet price of 115Euro.
Not a bad deal at all if you ask me.

Client asks to point their domain to a new 'squarespace' they just got, then call you bc they cannot access the admin console to their old site and 'it's so weird that all the requests are now going to squarespace !!'

The only time I actually open Safari is during those debugging moments when I hope that all other browsers have just given up on me.

The best DNS service? Why?

Last night I had a panic attack and woke up in cold sweats because in the dream I had I was constantly using the wrong variables in the wrong places...

The best thing about perl is it doesn't care about errors and really tries to do what you ask, without throwing exceptions.
The worst? It does exactly what you ask, no matter how insane.
Typed $arri[ $0 ] instead of $arr[0] inside a function that detected what changes were needed in dns zones. $0 is script name and path, strings are converted to integers as needed and there's a little thing called vivification.
You see where this train wreck is going.
Also my dog died today.
Got to love Mondays :/

Next 3 days I' ll be working on moving our email server to new server because the old datacenter is closing down. Clients are pissed and they are fucking verbally bashing me left to right when I told them that their emails will be down since most of them host their own DNS.

I am fucked.

While spending time with my girlfriend and son in Moscow, I tried to reach back to some recruiters on LinkedIn .. but there is no access from Russian dns!! I can't even make the app work!!

Just found a nice hosting provider that actually have some customers in the taxi and transport segment.

The provider offer emailsservices, webhosting, dns services. So far so good.

The only problem that I can find here is that everything is hosted on one single IP.
The DNS-servers, the mail server and webserver is one fucking server.

Domain server goes down, it's the gateway and DNS too.

Ok I'll just remove the domain, it's been orphaned really since you went to the cloud.

Don't have local admin password.

Ok call old it company who set up gear

Out of business

Ok boot to Linux and reset

Usb boot locked

Don't have bios password

Call old it company

Still out of business.

Wait, can I just set manual ipv4 ? Ok domain without a domain controller... If it works it works.

"It's not DNS
It is never DNS
It was DNS"

-Richard Campbell

As usual a rather clickbait title, because only the chrome extensions (as always) seem to be vulnerable:

"Warning – 3 Popular VPN Services Are Leaking Your IP Address"

"Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data."

"VPN Mentor revealed that three popular VPN service providers—HotSpot Shield, PureVPN, and Zenmate"

"PureVPN is the same company who lied to have a 'no log' policy, but a few months ago helped the FBI with logs that lead to the arrest of a Massachusetts man in a cyberstalking case."

"Hijack all traffic (CVE-2018-7879) "
"DNS leak (CVE-2018-7878)"
"Real IP Address leak (CVE-2018-7880)"

!rant

Just succesfully running DNS server on local network using raspi!!
Awesome

me: *hosting docker registry for our team*

me: *sets up ssl and cloudflare dns and shit*

me: *tries to push to registry*

my pc: *413 rEQuEst EnTITy tOo LarGe*

me: *spends 4 hours scrutinizing the shit out of my nginx configs*

me: *finally finds cloudflare sitting there rejecting all of the requests... that cheeky bastard*

That lovely moment when a client calls out of the blue at 4:30PM (we close at 5), 3 weeks before scheduled launch and says, "My website goes down tomorrow so where are we at with the new site?" So...I scrambled all day today to get the site done and it turns out they don't even own their domain or control their DNS. (facepalm) They put in a 30 day cancellation with their current provider and didn't bother to mention we had barely 2 weeks to develop a full custom site.

Either CloudFlare itself has decided to join the fun of attacking my DNS server, or somebody is just spoofing their IP in the UDP packets.
Crap, my ipset script is basically useless now, since the real source could be from anywhere :(

Any suggestions on what could I do to make this attack stop? It's not causing any real issues (at least for now), but it's still annoying as hell.
Get fucked, stupid skiddie who keeps manually changing the ip source in his script

Running WireShark to see what one of our partners is sending across.

Outdated TLS: Ok, that's par for the course.
Leaking data through DNS queries: ButWhy.jpg
Website leaked through DNS doesn't require auth to view information. TableFlip.jpg

Kubernetes Note:
"Default" is not the default DNS policy.

OK!!!! (╯°□°）╯︵ ┻━┻

Last Sunday, we deployed 300 major application/service configuration changes, 60+ load balancer changes, DNS cutovers, changes to mission critical SQL servers, and informatica connection changes. This impacted every line of business, all customer facing apps, and all internal apps.

6 days from DEV to PROD, which includes all developer effort.

Deployment succesful!

I absolutely love the dev community but one thing I just can't stand is the snobbery that permeates it. I don't understand why some devs expect non devs to know or understand the intricacies of computer programming or even computers in general when it's really not their job to do so.

"Ahhhhh!! How DARE this non dev PEASANT ask me about hacking Facebook accounts!! Does he NOT understand the basics of DNS spoofing and social engineering!!1!!1! bahh"

I just got an email that a client changed their DNS zone files to point at a new server. Turns out that they haven't set the server up yet. Client is wondering why that domain's emails aren't working, and why their site is down. They didn't want to give me the Domain's portal login credentials until now, because they "could do it without [me]." Tomorrow morning should be fun.

So I my boss told me about an interview ha had for a new account manager position.
${BOSS} so can you tell me about your knowledge with DNS and DHCP?
${GIRL} I have no idea, I dont listen to West Coast rap
${BOSS} ...

Customer complains that the deployed desktop app is slow at site x.
I check it out with users at site x, and indeed, it does have a delay when trying to connect to a share on a server.
Checks with users at site y and z, no issues.
After a bit of digging, the resolve of a DNS record is most likely the culprit.
Send the ticket to the customer network team to investigate.
Get it back after an hour.

"We have pinged the DNS name, and it responds fine, there must be a bug in the application".

Oh and also, I wrote this rant at work, in my head, with a lot more cursewords involed.

Wow so WindScribe VPN apparently now has DNS ad blocking sort of like PiHole.

So no more annoying popups and video ads... Or messages from the sites saying I'm using an ad blocker!

And the kicker is I bought a life time subscription for $40 a few years ago.

Guess they were able to grow nice and big.

Secretly installed Automate app on my friend's Android phone to mess with him. (For those who don't know, with Automate you can automate anything on an Android device).
Made a 'flow' that would read his incoming sms's, and send an email to me with his exact location if I sent him an SMS saying 'where are you?'.
Was funny to mess with him and tell him his exact location even though we were miles apart.
Cleared it up for him a while later but it made me feel like #hackerman

How can I use a custom DNS server on my schools network?

They seem to block any DNS that isn't their own. I've tried 8.8.8.8 and the new cloudflare one. Both blocked, it's a real issue because their default dns dies for about a minute every 12/24 hrs causing my VPN to go down.

How do they even block external DNS servers?

There seems to be a lot of people protesting and coming together in support of net neutrality.

The rant here, where the fuck were all of you during the election? That was the time to come together and do something, now your efforts are futile.

What's worse, I'll wager net neutrality gets overturned and next election the same batch of assholes get voted in.

What can you actually do to solve the problem? Peer to peer internet similar to tor but fast enough to support considerable traffic. Platform needs to be like tor with encrypted decentralized DNS.

Start an ISP. This would also help.

Get cracking, smart people.

Who thought it would be a good idea to limit the length of a dns record to 255 chars?

Is one really not allowed to use a proper dkim key in 2018!

The funny thing was that they just cut off the rest without informing the user!

Had to convince the guy to switch dns „provider“

School, if you're gonna define a custom local DNS for your networks, maybe make sure it's healthy?

Client is setting up Google Suite, needs me to create a TXT record. She sends me a screenshot of the record that needs to be created, so I ask her to copy/paste the record values .... she copy and pastes the URL and sends that to me. I ask again for her to copy the values in the fields on the page and send them to me ... she sends me another screenshot. How do these people get through a day?

Thank you, noip.com

The whole email and DNS system is fucked up!

OH MY GOD, i cant believe this is my 25th day without a job... why!!!! not with all the kubernetes and node js and javascript that i know. lol. not to mention golang and python and all the networking stuff, dns, aws etc. lol where are all the recruiters when i need them?!!!!

Sometimes I have to work with physical hardware. There are over 300 machines in our lab, split among two subnets. But for some reason, I can never access my machines by hostnames.

Every other week, there's an IP conflict on this network, requiring me to log into the active directory server and delete old DNS entries. This usually happens because someone decided to deploy 64 VMs on a huge server, all at once, didn't boot them with a delay, let alone with with a warning to IT.

Then when my superior asks how my progress has been and I respond with "I can't even get the machines to ping each other by hostname, there's something wrong with the DNS:, I get the following response: "HOW COME NOBODY ELSE IS HAVING PROBLEMS WITH THIS. YOU'RE FULL OF SHIT", from someone who spends 90% of the year abroad, working remotely.

I have been playing around with coinhive because I really like it's concept. Pretty cool so far.

Does anyone here have experience with it? What are your thoughts?

Also.. why can't pihole let me whitelist wildcard domains?? I hate having to disable my DNS server every time I want to test the miner.. I guess I will just have to make a pihole / ftl plugin for it..

Oh VPN... why must you keep screwing up my DNS every 5 minutes forcing me to reboot...

Since a few days I have my first dev job in a small it company. At my first day I directly stared to implement a rest api for managing dns servers.

Today I completed the prototype and all works well. What a feeling :)

Who all use 8.8.8.8 and 8.8.4.4 as their DNS servers 😉

Fucking christ this year is a fucking shitfest:

- wpa2 krack
- "DUHK Attack Lets Hackers Recover Encryption Key Used in VPNs & Web Sessions"
- "Hacker Hijacks CoinHive's DNS to Mine Cryptocurrency Using Thousands of Websites"
- "Bad Rabbit: New Ransomware Attack Rapidly Spreading Across Europe"

My fucking router didn't yet get patched, my fucking phone is outdated and I can't change to my patched one because devrant just shits the bed in extended desktop mode. Windows 8.1 loses support in 3 months, rendering my last chance of using it on my surface pro done, making me use windows 10 with its fucking shit ass not optimized tablet interface. I have just fucking constant paranoia what else could be hacked tomorrow, nothing is fucking safe anymore for fucks sake. I even went as far as implement 3 step auth and intrusion detection on my shitty ass VPS nodes, fucking give me a break you fucking assholes.

Well. Fuck.

A sunny monday morning. The sun almost glimpsing over the horizon. I'm on my way to the office, taking a breath of fresh cool air. It is infused by the scent of sweet pastries.

I reach the office, but something is different. Why is the door slightly opened? Carefully I grab the door handle. I do my first step past the doorframe and wooosch. Thick and sticky stuff is running done my spine, finding it's way through my clothes. I feel so un-fucking-believably dirty in this very moment.

This should give you an impression how I felt when I had to change a DNS record in this completely broken setup for just a matter of seconds until the letsencrypt client renewed the certificate.

I'm feeling seriously dirty.

Got a new excuse for slacking off... DNS propagation... eurghhh

Has anybody noticed this?

Google is focusing on 8.8.8.8!

Oh man setting up postfix and dovecot (plus things like rspamd) is a pain in the ass.
But it's worth it, having your own mail server is just quite a good feeling.
Now I just need to find out how to get it to pass the spam filter of Google, despite the server and the DNS zone being well-configured (better than my school's mail server according to tests, but that one still manages to pass. I have no idea why.)

Everytime you tell yourself "This time I'm going to make them stop putting the cart before the horse again!!! No more forced shit implementations!!! NO MORE ! I'm strong!!"

The last hour in the next week:
- Selinux: off
- Firewall: Any-Any
- Application data: Everything installed on OS disc.
- Documentation: At best, someone remembers the server supposed-to-be dns record
- Service Accounts: Your domain admin account and sysadmin for databases.
- Patching: DON'T EVER THINK ABOUT IT..AND NO REBOOTING! I have set very important runtime variables.
- Backup: Maybe someone else will set this up.
- Monitoring: Not needed since clients will create tickets if system fails.
- Production Status: vague at best. Sort of silently transitioned to production.
- Handover status: Probably, but I quit before the project closed.

!

the coolest project was mine: a dynamic DNS like dyndns, wrote in scala, an API layer in ruby and a lot of sysadmin stuff like ospf any cast. A big technical success, a total financial failure... but I enjoyed and I learned a lot!

Analog mail still works!
Stickers finally arrived! Thanks @dfox and @trogus for this amazing community !

Fuuuuuck my DNS server crashed and I'm not at home D:

Webmin because why not ✓
Lamp stack ✓
Dynamic DNS client ✓
PhpMyAdmin X

Dear DigitalOcean. SINCE WHEN do you consider a PMA installation
without Https SECURE?
And why the fuck do you make me install an aptitude package that skips both file system AND Apache config cleanup on purging?
It's just a raspberry, but if it runs lamp I want PMA, and if it runs anything, I want Https. Is that too much to ask for from a tutorial source otherwise so reliable that I do anything you say without a questioning thought?

Ordered a new LG TV. First thing I did was hoist “install PiHole” up to the top of my to-do list so that I can make sure the TV isn’t going to be reporting telemetry to anyone.

Glad I did. My phone and Windows VM’s now pull DNS only from the PiHole. What a great piece of software.

!rant seems that my raspberry pi serial idea is a little bit complex at the moment and may take a more serious turn later, but I have studied and found DOS based TCP/IP software that will allow me to use my 5150 with actual Ethernet. There are a few 8bit ISA Ethernet cards that will work in the 5150 and separate executables that will configure DHCP, DNS, and even allow me to use a terminal emulator and SSH to connect to *nix based computers over lan! I'll keep you all posted!

Anyone used Pi-Hole on their network to block ads? Set a box up with it just to see and so far pretty impressed!

What's the best IDE you guys have used?

I'm too dumb for setting up Pi Hole 😭

Don’t ring me up all nasty asking why these other domains that you never told me about don’t “work”... and you don’t have dns access ‘cos you don’t know what it is and I need to speak to some geezer from another company that you fired. FUCK OFF, now I have to do some whois fishing to find out the shit you are blaming me for.

About 5 years ago I worked at a small company developing websites and .NET applications.

They haven't changed any passwords which means, I still have access to ALL of their customers DNS setups.

Of course I wouldn't do anything.

But just the thought, that I could make an infinite loop, by redirecting the domains, is amazing.

Or redirecting them to a porn site.

When you setup your own dynamic DNS and stuff just works first time, for once..

What is with IT and their obsession with error messages?

"If there is no error message, I cannot help"

Your not going to get an error message because the problem is VPN is messing up my DNS due to tunneling. There is no error other than me not having Internet if VPN disconnects unless I reboot.

So been working with Linux for almost 10 years now, so am not new with this. But yesterday, a friend had difficulties accessing Wikipedia and their sister sites so I tried to help him out, you know, the usual way. Ping, Direct IP, DNS, and proxies/VPN, checking his /etc/hosts, but to no avail. Decided to download TeamViewer and install it so that I can help him out remotely. Went afk for 30min for dinner and when I came back, TeamViewer installation .Deb installer literally uninstalled every single software from my Kubuntu machine, from Spotify and slowly even my file manager and terminal was uninstalled. When it was over, even my grub was uninstalled.

Had anyone faced the same issue before?

EVERY FUCKING TIME I HAVE TO ASK FOR SOME DNS CONFIGURATION OTHER THAN A SINGLE "A" RECORD THE TI HEAD MANAGES TO FUCK UP...

WHAT THE FUCK IS SO HARD DUDE???

CNAME? OK!

FUCKINGSUBDOMAIN > FUCKING.ALIAS.COM

THIS TIME OUR FUCKING PROVIDER CANT MANAGE ROOT DOMAIN CNAMES SO WHAT DID HE DO?
SIMPLE SAID "ALL DONE" AND ONE WEEK LATTER PEOPLE ARE COMPLAINING BECAUSE THE FUCKING ROOT DOMAIN ISN'T WORKING...

COME ON DUDE, JUST KILL YOURSELF.

AND FOR THE FUCKING MILLIONTH TIME: DOMAIN REGISTAR AND DOMAIN MANAGER ARE TWO SEPARATE FUCKING THINGS! YOU CAN REGISTER YOUR FUCKING DOMAIN ON GODADDY AND MANAGE IT ON FUCKING CLOUDFLARE BY CONFIGURING THE FUCKING DNS SERVERS

For somebody who went to a liberal arts college, I'm surprisingly resistant to inconsequential changes. For instance, I flipped a shit when my online banking changed their dns configurations a little bit.

Nude and stranded while fighting off a group of polar bears and wolves in the Arctic, or attempting to try and explain to a web designer what glue records are and why their DNS is fucked...

Easy choice 🌫❄⛄🐺🐧

The sorting button on devRant's feed page is just Gilfoyle's tattoo twice, once upside down like Dinesh says.

A minute of silence for chromebooks

Started coding HTML, CSS and JavaScript as part of my multimedia design studies. Lecturer would throw up a simple 960 page on the projector, said "make this" and left the room. Being thrown in the deep end is definitely a way to learn that taught me a lot

Cloudflare is unable to resolve.... Itself?

Dev: Please let us know when will be a good time to make a DNS switch for launching the site?
Client: ok
...
....
Client: one hour later, hey I did a DNS switch to your server but the site is not there?!
Dev: (Fuck me running!!) fuck fuck fuck fuck and fuck my life!

when Verizon fios (now frontier) has dns routing issues and half your websites including slack won't load. so you spend the first 30 minutes of your day researching and finally end up having to manually change your dns servers to Google in your routers admin. fucking mondays man....

If it compiles, ship it!

Scaled custom help desk software across 5 school districts. Way harder than it sounds when you realize that we needed a tunnel to get an external site working, complex routing to get the servers to communicate with one another without exposing one districts network to the others. And I also made it auto deploy on a successful CI test. The only thing that really perfectly worked on the first try was the database (CockroachDB). Everything else was a complete mess of DNS and routing rules.

Yeah sure... how about I don't stay with you

Ugh, since I bought a few domain names, and thus my contact details are public (grrr), I get stupid quotes from people around the world going like: "Hey! I'm a web dev specialised in [insert technology here], I want money! Contact me!", or "Hi, I am [redacted], we are a talented agency in [cuntry] and can offer you the best in web development blablabla".

The only help I need is "fuck off".

It feels like I'm taking a dump in a public toilet and people knock on the door willing to help me clean my ass for me.

I have a gitlab instance behind a reverse proxy at gitlab.mydoman.pizza (yeah my TLD is .pizza 😎🍕). I have a personal site hosted on GitHub pages. I have a CNAME record in GitHub repo pointing to mydomain.pizza. I have 4 A records on my domain registrar pointing to the GitHub pages server IP addresses. now both mydomain.pizza and myusername.github.io both go to my gitlab instance??¿¿ what the fuuuuuckkkkk?¿?¿

Best:
Huge update and refactoring on my private infrastructure (gigabit lan, ipv6, new vpn architecture, new dns, new mailserver and much more). And there is no more microsoft in my little kingdom :)

Also i stumbled over devrant ;)

Worst:
Still a lot of unfinished projects, more and more problems at work because of lack of concentration. Been diagnosed with adhd this year, so at least i know the source of my problems, but it still hurts to fail :(

Best wishes for 2017++ to the devrant community!

don't you love that moment when you are trying to set up a test environment but end up spending 3 days trying to get one little service to work?

I can't seem to find any auto dns that works with minimal configuration to use with vagrant or docker...

Took a whack at installing arch...

I failed. 😔
My rj-45 port is broken and i I couldn't figure out how to manually set a static ip, default gateway and dns for the wifi interface thru the terminal when installing.

Oh well. Maybe next time

When you spend 3 days on Xamarins shitty ServicePointManager for HttpClients and final get it to work on all devices

I just found out my router has 2 SEPARATE places where you can specify the DNS servers. So I changed one place but not the other, and they don't seem to be linked! Such bullshit design.

"This site uses cookies" is the most useless thing ever... Who fucking cares if it does. What is next? We should put explanation how DNS server or apache works?

I fucking hate having to use Windows 2008 R2 Server.
We have a college project and the deadline is near. Fml. I did the ftp server, the ad dc, dns server, and when I am about to configure the dhcp server Windows fucking fucks everything up. Urrghhh...
I will never ever touch any windows server os in my life again. It is just a pain in the ass...

Ugh... Spent the last hour figuring out why my Python script wouldn't send an email. Turns out my computer used a DNS cache that pointed to the wrong name server, but BT (shitty UK ISP) takes fucking forever to update their DNS. And obviously you can't edit the modem's DNS to the Google DNS, because fuck you that's why.

I want Richard's decentralised Internet right now.