Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Got a phone interview for a backend dev job in an opsec company.
Interviewer:
This is a very serious and prestigious position, we take care of the most important bits of code.
*Proceeds to talk introductory nonsense*
Interviewer:
Do you know what a DNS is?
Me:
Yes, of course! DNS stands for Domain Name System.... Blah blah blah... I explain about the servers, about hosts file, about DNS spoofing and everything else possible on this topic.
Interviewer:
See, I was patient with you - letting you finish. I'm not sure what you're talking about and where you got it from, but a DNS is that line in the browser where you type the site's name.
He didn't ask any more questions, just told me that they'll get back to me. I asked not to do that.
Three weeks later I got an email claiming that I'm not qualified.44 -
The DNS server I'm writing in PHP (largely taken from another project) is starting to work!
Next to just blocking queries it logs every blocked query so I can have stats :3
A little terminal output:
65 -
Clearly Mozilla is the villain here for prioritising privacy and personal freedom over censorship, control, and surveillance. Oh, our parental controls don't work! WON'T SOMEBODY THINK OF THE CHILDREN! wtf
20 -
I don't use Google/Facebook for privacy reasons (and their sub-services etc). Haven't used them for ages but noticed that google still loads a lot of domains like analytics etc. This goes for facebook as well.
I now blocked a lot of google/facebook domains through my hosts file.
It's funny to see the amount of DNS requests to those fb/google connected domains nearly go to zero and also the fact that I literally can't load google/facebook anymore!132 -
It's the biggest satisfaction to know that Wix means wank in German!
"why not do it yourself" just adds to it.6 -
Soms week ago a client came to me with the request to restructure the nameservers for his hosting company. Due to the requirements, I soon realised none of the existing DNS servers would be a perfect fit. Me, being a PHP programmer with some decent general linux/server skills decided to do what I do best: write a small nameservers which could execute the zone transfers... in PHP. I proposed the plan to the client and explained to him how this was going to solve all of his problems. He agreed and started worked.
After a few week of reading a dozen RFC documents on the DNS protocol I wrote a DNS library capable of reading/writing the master file format and reading/writing the binary wire format (we needed this anyway, we had some more projects where PHP did not provide is with enough control over the DNS queries). In short, I wrote a decent DNS resolver.
Another two weeks I was working on the actual DNS server which would handle the NOTIFY queries and execute the zone transfers (AXFR queries). I used the pthreads extension to make the server behave like an actual server which can handle multiple request at once. It took some time (in my opinion the pthreads extension is not extremely well documented and a lot of its behavior has to be detected through trail and error, or, reading the C source code. However, it still is a pretty decent extension.)
Yesterday, while debugging some last issues, the DNS server written in PHP received its first NOTIFY about a changed DNS zone. It executed the zone transfer and updated the real database of the actual primary DNS server. I was extremely euphoric and I began to realise what I wrote in the weeks before. I shared the good news the client and with some other people (a network engineer, a server administrator, a junior programmer, etc.). None of which really seemed to understand what I did. The most positive response was: "So, you can execute a zone transfer?", in a kind of condescending way.
This was one of those moments I realised again, most of the people, even those who are fairly technical, will never understand what we programmers do. My euphoric moment soon became a moment of loneliness...21 -
I'm a week into my new job right now. What do I love the most about it?
Learning things all day long and getting paid for it!
I'm learning about hosting things, DNS, cyber security, configurations, Linux (although my current skill set with Linux has been enough for now) and so on!
Hell, easy day today (not that many tickets) so decided to start learning Ansible! Next to that I've gotta learn vim (it just autocorrected that to cum.... O.o), work with hosting panels, mail stuffs (dns, debugging etc etc) and so fucking on.
The boss hasn't been at location yet which will happen tomorrow but he seemed like a very chill guy.
I love this!23 -
Half a week later I finally found out why my DNS server "wasn't working" on any of my servers.
Let's just say that MullVad's anti-dns leaking technology works extremely well.
It was tunneling all DNS requests through its own servers to prevent DNS leaks and I never thought of it a single fucking time!
😅4 -
It's never enough, is it?
I was going to write a simple dns server/proxy/firewallish thingy in php.
That's working. I'm adding a dashboard and api now 😅15 -
Have been working on a frontend with actual stats for the DNS server I'm building. This is the result so far (real stats, red blocked domains are marked by me (in redis) as surveillance domains), thoughts?menu
18 -
*sets up BIND DNS server*
Domain name system..? Domain? As if it wants me to know my place on the internet?!! THAT'S SO OFFENSIVE!!! Change the name right now!!!
BIND? For real, a BDSM reference?! How sexualizing can you white cis males be?!! SO OFFENSIVE!!!
In the /etc/bind/named.conf.local I have to fill in a master type? MASTER??
🅼🅰🆂🆃🅴🆁???
🆂🅾 🅳🅰🅼🅽 🅾🅵🅵🅴🅽🆂🅸🅱🅴
Clearly technology is part of the patriarchy. I can't use DNS like this. Now where's my contributor's covenant?!19 -
So Facebook provided unlimited data access to loads of companies including spotify/microsoft and other big names.
Although there are privacy rules, those companies had deals which excluded them from these privacy rules.
I don't think my custom DNS server or a pihole is enough anymore, let's firewall block all Facebook's fucking ip ranges.
Source: https://fossbytes.com/facebook-gave...19 -
I get a call: "Hey the site is down. Fix it!"
Worked on my workstation, not on my phone => DNS issue.
Local cache: "All OK"
ISP's DNS: "No record"
Google DNS: "Server error"
MXToolbox: "All OK"
CloudFlare DNS: "Domain? What domain?"
After a day of fucking around with configs and wanting to strangle the customer support guy, I just started pressing buttons, until suddenly, it worked. Turns out I'd accidentally enabled DNSSEC on a domain, that wasn't configured for it.
Lesson learned: There is no official DNS error code for "DNSSEC failed somewhere upstream". If you're lucky, you might get something useful out of the authoritative server, but apparently not on Mondays.8 -
Every job description out there:
" JUNIOR XY position.
Requirements: 50 years experience of Assembly, Java and Masonry, HTML, cloud based computing and artificial intelligence. Must be able to write algorithms like Hummingbird. Fluent in English, Mandarin and Latin. Must have five doctor and two Bachelor degrees. Experience in leading a Fortune 500 company benefitial.
Renumeration: 5 rice grains"6 -
Weekend so far:
Chrome Update FUCKED UP my website.
Tried to update my server to Ubuntu 16.04. That FUCKED UP in the middle and I didn't have any recent backup.
Went back to old backup. But didn't see any changes in the website. Was wondering that for 1 hour.
Forgot that my website was using cloudflare caching. In the meantime I have changed my DNS settings.
Out of frustration removed website from cloudflare. That FUCKED UP the DNS further.
Now I have no idea how long it will take the DNS to update.
FUCKING F M L8 -
Something is not working with PTR DNS records right now.
It's getting really frustrating and I'm starting to DuckDuckGo the issue.
Just noticed that I typed this:
"how to setup a fucking ptr record".
I didn't type the 'fucking' intentionally.
😆😅9 -
Fucking crunchyroll hardcodes their access tokens in a Constants Class in their APK, technically that is a security issue.
What the actual fuck Crunchyroll!? No fucking wonder you got DNS Hijacked so quick, security is literally your second priority you dumbed down twats, get some real devs and some real QAs for fucking god sakes, you're tearing down your own system by inviting exploits.9 -
"hi, we have some dns records we'd like to change, they're in the attachment. Could you send a message when it's done? Thanks in advance!"
No, fuck off. Fucking cunts.15 -
This tiny project is awesome. Thanks to @JoshBent (who partly got it from another repo as well) for providing a basic DNS server with hardcoded blacklisting functionality and thanks to @PerfectAsshole for correcting my mysql syntax I was stuck on for way too long.
I've now got this fucker to read blacklisted words from a redis list into an array which checks every requested domain to see if it matches. If yes, it proxies it through to another DNS server and if not, it'll log the requested domain to a mysql database and prints is as blocked onto the terminal.
If the domain matches any host from a service known to be integrated within a mass surveillance network, it also prints this out to thy terminal.
It's working yay! Gonna keep working on it today.13 -
Have multiple and some server related but hereby:
I forcefully quit php on the server I use for devRant related stuffs because I wanted to quit the bakgrounded php process I had running for the dns proxy thingy since I somehow couldn't find the pid.
Two days later I noticed that none of my sites on that server where running anymore and started looking at nginx error logs.
It took me way too long to figure out that I had PHP-FPM installed which runs as a service and by forcefully quitting php the other day.... Yeah, you get it I think.
Started the process again and remembered that one 😅 -
When I'm on call and its weekend, I'm often a little nervous the entire weekend and time seems to go slow.
Programming on the dns proxy/firewall now and time is suddenly going quite faster.
This is a damn relieve.6 -
It's very satisfying to setup Pi-Hole on a vps, point your dns to it, adding the words Facebook and Google to the wildcard blacklist and seeing that literally any request containing either one of those words gets blocked.
On the other hand, it's funny to see that devRant (devrantron) performs around 1k+ requests to devRant every 15 minutes.19 -
In my company we have a weekly meeting for the Tech deparment, so today the IT Director (my direct manager) was describing an issue we are experiencing with our DNS, and he asked
"What we should do with our DNS?"
Instantly I said out loud:
"Resolve them"3 -
Started working on a pihole alternative a while ago.
I like pihole a lot but one of the features I am missing is to be able to define a list of mass surveillance related domains (Snowden leaks; PRISM program and such) and show statistics based on dns queries containing blacklisted domains, prases/words and surveillance-related domains/words (google/facebook/microsoft/apple etc).
Started working on one based on an existing (php based) dns server which is open source and slowly but surely developed something which worked.
Then, I found out that the php resolving function (dns resolving) uses the system default, which can, of course, be google's dns as well. Changing this would be ideal but while the documentation suggested that it could be done some way, it didn't work for me so I chose a library which can do it with specific dns servers (to use as external dns servers).
This library used a different way of showing the retrieved dns query results and really wasn't in for converting everything by hand so i kinda quit the project a while ago.
A few days ago I thought fuck it and started again.
Now have a working version based on the new dns resolving library and made some other good improvements.
For those who are wondering why I chose PHP for this: why the fuck not?
Happy happy happy.
18 -
* How other sites charge for a domain name
- The domain (abc.com) is available
---- Price => $14
* How AWS charges
- Your domain (abc.com) is available
--- Domain name => $18.99
--- DNS resolution => $17.88
--- Hosted zone (1) => $10.97
--- Route53 Interface => $45.67
--- Network ACL => $63.90
--- Security Group => $199.78
--- NAT Gateway (1) => $78.99
--- IP linking => $120.89
--- Peer Connection => $67.00
--- Reverve Endpoint => $120.44
--- DNS Propagation => $87.00
--- Egress Gateway => $98.34
--- DNS Queries (1m) => $0.40
--------------------------------
---- TOTAL => $2903.99
(Pay for what you use... learn more)
--------------------------------17 -
--- linux.org domain taken over, doxxed person who created CoC (but wait!) ---
At the time of writing, linux.org does not support HTTPS and has an empty page. Previously, that page showed quite a lot of information about the doxxed person
www.linux.org redirects to the previously doxxed person's Twitter account.
Currently, this seems like a DNS takeover.
We ask you not to spam them. Yes, they created the CoC, something lots of you hate. However, they only created it. They weren't responsible for quite a few open-source projects adopting it. Thus, doxxing then like this was a (objectively) terrible idea, as they aren't responsible for those that made Linux use the widely-hated CoC.
Thanks for reading this brief article, take care.27 -
Christmas-rant:
So I'm having a nice dinner with my in-laws when one of them turns to me: "So, what I want is a website with a link on it to another website, you can do this right?". Seems overly complicated to achieve this result, I know, but she had a fair reason for it. So, I start walking her through what she would need for it. "First thing, let's buy a domain name." "I have to buy these??! I don't believe you, I know people that did not pay for this!" "Well, that's technically impossible except for certain subdomains", I respond politely. "No, I don't believe you!"
So far my happy helping christmas mood.
Merry christmas y'all!16 -
Best ad-blocking solution ?
Ad-block ?
FUCK NO !!!!
Pi-hole and modify ad-block filters to block only youtube ads !!
Now sites are not able to know that im blocking ads because pi-hole is DNS based and youtube doesnt care about it.12 -
So I guess you could say Dyn users got Dynied service when their servers were ddossed...
Badum tiss...4 -
I 'work' at a Minecraft server btw.
So here I am, 12 o clock, chatting with my friends, nothing weird here.
An employee of our hosting company sends me a message, because he knows we are hosting there. He asks us if we have changed our DNS for the server move. I was scared for a second, and asked 'what server move?'
He tells me that our server will be moved to "a better performing node". He told me that all server owners were alerted over email.
So here I am, 12:30 at night fixing my DNS settings and hoping that everything goes all right.
Damn, I hate it when people don't property communicate their maintenance dates with the rest of the team, does anyone relate?9 -
Pro tip: never set custom script stuff related to dns server forcing things in a root firewall app if you don't know what you're doing.
How would I know? There's a slight chance that I just went offline for a few days (mobile only) to figure this shit out 😅
All fixed now, though!21 -
Fucking Gmail !!!! I hate you so much !!!
My mail server is fucking perfect, I have all the records in my DNS and even have a 10/10 score on mail-tester.com.
But this fucking Gmail keeps putting me the spam folder ! Why do you hate my so much ?21 -
Dear namecheap, I honestly love your service and prices but how in the hell can I see an ip address in the dig of a new domain (url shortener) which I never put or saw there and which doesn't even belong to any server I own/operate?!
DNS cache after the last chance of three days ago, nah, don't think so.
Fucking hell.6 -
Feeling productive at a Sunday evening. Let's install a DNS server and a fucking mail server on two forgotten VPS's I am still paying for.
SO A-FUCKING-PPEARANTLY, THEIR WEB MANAGEMENT PANEL IS FUCKED UP SO I CANNOT REINSTALL MY MOTHERFUCKER VPS's. HOW FUCKING FUCKING FUCKING FUCKING DIFFICULT CAN IT BE.15 -
First lecture of computer networks. Let's shove all of these abbreviations with their meaning, and possibly a associated port number in one 1.5 hour lecture:
HTTP, HTTPS, FTP, FTPS, SFTP, TCP, IP, UDP, ISP, DSL, DNS, LAN, WLAN, WDM, P2P, TELNET, PGP, TLS, SSL, SSH, MIME, SMTP, POP3, IMAP, IANA, DHT, RTT, DHCP
I really feel sorry for students who didn't have previous knowledge about this stuff..5 -
DevRant makes me really proud how well developers can act together as a group. Makes me think what we could accomplish if we would take all the world's developers and programmers to one place and make our own country. Our currency will be devCoin. World domination follows shortly afterwards14
-
How my lecturer drilled JS syntax into us:
Write this:
var x = document.element;
x.value = 10;
Instead of this:
document.element.value = 10;
His reasoning:
"You make the cake in the kitchen, you don't put icing on it on your way to present the cake"4 -
Holy shit my server survived a DNS amplification attack!
I thought my iptables rules were not very effective, since I kept seeing 1-2 ANY requests getting through my pihole (only to be ignored by the upstream cloudflare server).
Turns out, they never actually *kicked in*, until now.
The craziest part is that one ip belongs to the Ministry of a country!! :O
Eat that, motherfuckers! God I love it when this shit actually works!5 -
My devGoals for 2019 are:
- Move DNS blocking from hosts file to a PiHole (or similar) at home
- Implement a full HAL for some smol microcontroller in C
- Create better automation templates for testing, building & deployment for our Angular projects
- Get rid of crippling depression
- Force my boss away from firebase and google tools in general
- Spread the love for CraftCMS
- Spread more love in general (with protection of course) 😄3 -
That moment when you're finally getting your user registration and login system up and running!
As a web dev student I feel like I have accomplished something :)10 -
Okay, help :(
Trying to get my dns server in php to work from the outside (it's on a vm on one of my dedi's) but it's not working.
- Port forwarding works well: confirmed.
- Connection type: UDP; confirmed.
- I *can* dig from the host (dedicated server) to the vm.
- nmap scans show an open port.
The exact same happens on my local network.
I'm lost.13 -
Had my pure PHP web app rejected on a market platform because I didn't use a framework..
BITCH IT WORKS PERFECTLY WITHOUT A FUCKING FRAMEWORK, IF YOU WOULD HAVE TESTED IT YOU WOULD HAVE SEEN THAT!22 -
> clicks Twitter shortcut
*dns probe failed*
"oh, is cloudflare dns down?"
> goes to cloudflarestatus.com
*dns probe failed*
"ah, right dns isn't working..."7 -
Decided to throw pi-hole in a bin and found enough resources to throw together my own dns filter in node, which if not on the blacklist - proxies the request to an actual dns, which allows to filter given just a word too (because it's regex matching), "came up" with the idea after @Linuxxx wanted to make (or made?) some big hosts file via php matching and blocking to block anything that e.g. contains "google".
By resources I totally mean I would have ate shit, if it wasn't for: https://peteris.rocks/blog/... as most docs are absolute garbage regarding node-dns
54 -
Started part time job at a company, had to log my time on timesheets. Said fuck this and now the whole company logs their hours on a custom web based time logging system which I built.5
-
Had a configure issue on a site running through CloudFlare hosted at WPEngine. Support on chat guy says "can I take a look at your setup" so I screenshot him! He says they're are new ways to point to WPEngine whilst using SSL so I say OK and he points me to a support article which seems accurate. He then says now I want you to change two records so I say ok (not thinking) which I do (stupidly)
Result site no longer reachable.
What do I do now? He says very seriously "you need to wait 24-48 hours for the DNS to propogate"
"Your joking it's a huge site with 20k visitors per day with advertisers on it"
"I'm sorry there is nothing I can do until the DNS YOU changed has propagated"
"I changed?" "Yes you changed the CloudFlare settings"
"You told me to!"
"Is there anything else I can help you with?"7 -
Wish me luck. I HAVE to launch 10 websites (yes, ten) this week and half if not all of the clients don't know their DNS accounts or log ins. I foresee a lot of long nights in my near future. Story of our life, right?5
-
What docker means:
Sorry pal, service names mustn't contain spaces
What docker says:
desc = name must be valid as a DNS component1 -
Lads, this DDoS attack on DYN is must be getting pretty bad, the Department of Homeland security just launched an emergency investigation into the source and apparently Amazon has started being interrupted22
-
Too many night shifts.
But it's done.
After the last migrations my emotional state is... Questionable.
VM migrations between different CPU vendors and generations leading to segfaults because of unsupported X86 extensions.... Thx for doing that at 23 o'clock after 8 hours of work....
Forgetting a left over NIC in a virtual machine, creating a routing loop, leading to very erratic behaviour and fun things.
Someone forgot to check the '"Unique" box, mass spawning a cluster of VMs with same MAC adresses....
DNS fuckery since someone thought that reboot would flush the cache of an DNS server.... Nope most DNS servers have persistent caches. You'll have to flush manually.
And let's not forget the joy of the 12 plus pages of when and where to move VMs, harddrives and VLAN configuration.
Oh migrations are such a festival of joy.
Finally done with that shit -.-4 -
Having an philosophy exam in less than six hours. It's 2 am. Laying in bed, thinking about that stupid DNS bug and how to fix it. I have 4 1/2 hours of sleep left - wish me luck ¯\_(ツ)_/¯4
-
Client asks to point their domain to a new 'squarespace' they just got, then call you bc they cannot access the admin console to their old site and 'it's so weird that all the requests are now going to squarespace !!'
1 -
From acme.sh manpage:
"--yes-I-know-dns-manual-mode-enough-go-ahead-please Force to use dns manual mode: https://github.com/Neilpang/..." -
Our teacher just told us to share our code via drive or dropbox or something like that, and I was there like "hey ever heard of git?????"8
-
TIP:
1.1.1.1: the fastest, privacy-first consumer DNS service
I switched to faster DNS,
And believe it or not, it improved my internet speed.
Just add this DNS and you're gonna experience faster browsing
DNS1: 1.1.1.1
DNS2: 1.0.0.1
comment below if you experience it.
20 -
I asked my CS teacher why my institutions domain had only the www subdomain pointing to the webspace, but not also the second level domain itself. He then explained me that www is the *protocol* on the internet and it's necessary for the website to be accessible, and that pointing the SLD to the webspace in addition therefore wouldn't work.
How could I ever take him serious again? He's supposed to teach networking btw.2 -
Send an open-solicitation to a company for a medior PHP back-end developer.
Got rejected because "I do web development"...
Bitch, I'm writing an entire CMS in PHP, write entire DNS servers in PHP, write Discord bots in PHP, wrote an entire gameserver in PHP and you're gonna whine to me that "I do web development" because I also know front-end stuff?5 -
We upgraded to Dyn Managed DNS last month, now we're down with the DDoS attack! If we didn't upgrade from their standard plan, we would be online still 😂1
-
Well then, looks like my pihole attracted the attention of a botnet with 65 zombies attempting a large DNS amplification attack.
Time to unleash the BANHAMMER
Fun fact: only a few hundereds of their requests actually show up in the pihole logs. The other 40k+ requests they attempted were blocked by my firewall :D
14 -
Next 3 days I' ll be working on moving our email server to new server because the old datacenter is closing down. Clients are pissed and they are fucking verbally bashing me left to right when I told them that their emails will be down since most of them host their own DNS.
I am fucked.3 -
The only time I actually open Safari is during those debugging moments when I hope that all other browsers have just given up on me.1
-
I've got this customer who for some fucking reason won't change their DNS to point to our new servers, but wants to fucking stay on that old piece of crap, where we have to ask our sub-provider to generate a CSR to send to our customer to use to sign a certificate to send to us to send to our sub-provider. Because yeah, that's so much fucking easier than just pointing your domain to our new system, and get SSL set up automatically. For fucks sakes! And also, your certificate expires tomorrow, and since our idiot sub-provider hasn't responded to my email about CSR in a week, you basically have no option. So get that thumb out your butt and just switch the DNS!
-
As usual a rather clickbait title, because only the chrome extensions (as always) seem to be vulnerable:
"Warning – 3 Popular VPN Services Are Leaking Your IP Address"
"Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data."
"VPN Mentor revealed that three popular VPN service providers—HotSpot Shield, PureVPN, and Zenmate"
"PureVPN is the same company who lied to have a 'no log' policy, but a few months ago helped the FBI with logs that lead to the arrest of a Massachusetts man in a cyberstalking case."
"Hijack all traffic (CVE-2018-7879) "
"DNS leak (CVE-2018-7878)"
"Real IP Address leak (CVE-2018-7880)"
9 -
While spending time with my girlfriend and son in Moscow, I tried to reach back to some recruiters on LinkedIn .. but there is no access from Russian dns!! I can't even make the app work!!9
-
I just got an email that a client changed their DNS zone files to point at a new server. Turns out that they haven't set the server up yet. Client is wondering why that domain's emails aren't working, and why their site is down. They didn't want to give me the Domain's portal login credentials until now, because they "could do it without [me]." Tomorrow morning should be fun.4
-
Customer complains that the deployed desktop app is slow at site x.
I check it out with users at site x, and indeed, it does have a delay when trying to connect to a share on a server.
Checks with users at site y and z, no issues.
After a bit of digging, the resolve of a DNS record is most likely the culprit.
Send the ticket to the customer network team to investigate.
Get it back after an hour.
"We have pinged the DNS name, and it responds fine, there must be a bug in the application".
Oh and also, I wrote this rant at work, in my head, with a lot more cursewords involed.3 -
Running WireShark to see what one of our partners is sending across.
Outdated TLS: Ok, that's par for the course.
Leaking data through DNS queries: ButWhy.jpg
Website leaked through DNS doesn't require auth to view information. TableFlip.jpg2 -
Domain server goes down, it's the gateway and DNS too.
Ok I'll just remove the domain, it's been orphaned really since you went to the cloud.
Don't have local admin password.
Ok call old it company who set up gear
Out of business
Ok boot to Linux and reset
Usb boot locked
Don't have bios password
Call old it company
Still out of business.
Wait, can I just set manual ipv4 ? Ok domain without a domain controller... If it works it works.2 -
Secretly installed Automate app on my friend's Android phone to mess with him. (For those who don't know, with Automate you can automate anything on an Android device).
Made a 'flow' that would read his incoming sms's, and send an email to me with his exact location if I sent him an SMS saying 'where are you?'.
Was funny to mess with him and tell him his exact location even though we were miles apart.
Cleared it up for him a while later but it made me feel like #hackerman8 -
Last night I had a panic attack and woke up in cold sweats because in the dream I had I was constantly using the wrong variables in the wrong places...
-
I absolutely love the dev community but one thing I just can't stand is the snobbery that permeates it. I don't understand why some devs expect non devs to know or understand the intricacies of computer programming or even computers in general when it's really not their job to do so.
"Ahhhhh!! How DARE this non dev PEASANT ask me about hacking Facebook accounts!! Does he NOT understand the basics of DNS spoofing and social engineering!!1!!1! bahh"2 -
Client is setting up Google Suite, needs me to create a TXT record. She sends me a screenshot of the record that needs to be created, so I ask her to copy/paste the record values .... she copy and pastes the URL and sends that to me. I ask again for her to copy the values in the fields on the page and send them to me ... she sends me another screenshot. How do these people get through a day?3
-
Wow so WindScribe VPN apparently now has DNS ad blocking sort of like PiHole.
So no more annoying popups and video ads... Or messages from the sites saying I'm using an ad blocker!
And the kicker is I bought a life time subscription for $40 a few years ago.
Guess they were able to grow nice and big.9 -
Who thought it would be a good idea to limit the length of a dns record to 255 chars?
Is one really not allowed to use a proper dkim key in 2018!
The funny thing was that they just cut off the rest without informing the user!
Had to convince the guy to switch dns „provider“9 -
me: *hosting docker registry for our team*
me: *sets up ssl and cloudflare dns and shit*
me: *tries to push to registry*
my pc: *413 rEQuEst EnTITy tOo LarGe*
me: *spends 4 hours scrutinizing the shit out of my nginx configs*
me: *finally finds cloudflare sitting there rejecting all of the requests... that cheeky bastard* -
Either CloudFlare itself has decided to join the fun of attacking my DNS server, or somebody is just spoofing their IP in the UDP packets.
Crap, my ipset script is basically useless now, since the real source could be from anywhere :(
Any suggestions on what could I do to make this attack stop? It's not causing any real issues (at least for now), but it's still annoying as hell.
Get fucked, stupid skiddie who keeps manually changing the ip source in his script
10 -
Just found a nice hosting provider that actually have some customers in the taxi and transport segment.
The provider offer emailsservices, webhosting, dns services. So far so good.
The only problem that I can find here is that everything is hosted on one single IP.
The DNS-servers, the mail server and webserver is one fucking server.2 -
So I my boss told me about an interview ha had for a new account manager position.
${BOSS} so can you tell me about your knowledge with DNS and DHCP?
${GIRL} I have no idea, I dont listen to West Coast rap
${BOSS} ...5 -
School, if you're gonna define a custom local DNS for your networks, maybe make sure it's healthy?
2 -
I have been playing around with coinhive because I really like it's concept. Pretty cool so far.
Does anyone here have experience with it? What are your thoughts?
Also.. why can't pihole let me whitelist wildcard domains?? I hate having to disable my DNS server every time I want to test the miner.. I guess I will just have to make a pihole / ftl plugin for it..5 -
Sometimes I have to work with physical hardware. There are over 300 machines in our lab, split among two subnets. But for some reason, I can never access my machines by hostnames.
Every other week, there's an IP conflict on this network, requiring me to log into the active directory server and delete old DNS entries. This usually happens because someone decided to deploy 64 VMs on a huge server, all at once, didn't boot them with a delay, let alone with with a warning to IT.
Then when my superior asks how my progress has been and I respond with "I can't even get the machines to ping each other by hostname, there's something wrong with the DNS:, I get the following response: "HOW COME NOBODY ELSE IS HAVING PROBLEMS WITH THIS. YOU'RE FULL OF SHIT", from someone who spends 90% of the year abroad, working remotely.5 -
Network manager: administration just canceled our domain registration 2 months before schedule.
Boss: uh.. OK... but can't we make a script to route traffic from www.canceled.com to our server?
Me: that's not how DNS works ( proceed to explain how DNS works )
PS: boss is lead developer... wtf?2 -
OH MY GOD, i cant believe this is my 25th day without a job... why!!!! not with all the kubernetes and node js and javascript that i know. lol. not to mention golang and python and all the networking stuff, dns, aws etc. lol where are all the recruiters when i need them?!!!!8
-
Since a few days I have my first dev job in a small it company. At my first day I directly stared to implement a rest api for managing dns servers.
Today I completed the prototype and all works well. What a feeling :)5 -
I've been wondering why I have such big issues with DNS propagation on a website I moved - I just checked and somebody modified the old A record to have TTL of... 7 days.
Jesus fucking christ, why?4 -
Fave IDE: Rube-Goldberg Distributed Physical Editor (RGDPE)
- 3x5 note cards, rite aid brand
- pilot rolling ball gel pen
- white out
- a scanner with OCR, email
- a raspberry pi running a local email server and dns
- a raspberry pi running an SMTP receiver and language service and a handler to invoke the compiler
- a speak and spell to print out the language service results
Why: why not?3 -
How can I use a custom DNS server on my schools network?
They seem to block any DNS that isn't their own. I've tried 8.8.8.8 and the new cloudflare one. Both blocked, it's a real issue because their default dns dies for about a minute every 12/24 hrs causing my VPN to go down.
How do they even block external DNS servers?5 -
Well. Fuck.
A sunny monday morning. The sun almost glimpsing over the horizon. I'm on my way to the office, taking a breath of fresh cool air. It is infused by the scent of sweet pastries.
I reach the office, but something is different. Why is the door slightly opened? Carefully I grab the door handle. I do my first step past the doorframe and wooosch. Thick and sticky stuff is running done my spine, finding it's way through my clothes. I feel so un-fucking-believably dirty in this very moment.
This should give you an impression how I felt when I had to change a DNS record in this completely broken setup for just a matter of seconds until the letsencrypt client renewed the certificate.
I'm feeling seriously dirty.1 -
Week this is bad, how can Mozilla say this is for better Security? Shit 💩💩💩🖕🖕🖕
https://blog.ungleich.ch/en-us/cms/...4 -
Kubernetes is a breeze they said. Now I‘m sitting here for several hours trying to find out why my pods randomly fail to resolve domain names.
Coming along my adventure: broken systemd configs, systemd-resolved stub causing loops, broken k3s modules and finding out that busybox‘s nslookup is broken for versions greater than v1.28.4.
50 issues later, I figured out that the dude who setup the corporate network (where the machine in question is located) uses two nameservers: one to resolve the internal routes and one for all the external domains. Luckily, coredns randomly picks a nameserver for each request. Therefore, sometimes queries for external domains reach the nameserver dedicated to the internal network which then answers with NXDOMAIN.
I hate networking so so much...5 -
I already wrote a rant about this yesterday, but since I'm a sysadmin trying to convert to dev.. I dunno, maybe it's not a bad idea to muddy the waters a bit and talk about why not to be a sysadmin.
Personally I think it's that the perceived barrier to entry is just too high, while it isn't. You don't need a huge Ceph cluster and massive servers when you're just starting out. Why overbuild an appliance like that if it's gonna start out at maybe 5 requests a minute?
Let's take an example - DNS servers! So there's been this guy on the bind-users mailing list asking how to set up a DNS server on 2 public servers, along with a website. Nothing special I guess - you can read the thread here: https://0x0.st/ZY-d. Aside from the question being quite confusing, there was advice to read RFC's, get a book, read the BIND ARM, etc etc. And the person to deny this? No one less than Stephane Bortzmeyer, one of the people who works for nic.fr (so he maintains the .fr TLD) and wrote some of those RFC's as part of the DNSOP working group in the IETF. As for valid reasons to set up a DNS server? Could just be to learn how the DNS works, or hell even for fun. As far as professional DNS servers go.. this (https://0x0.st/ZYo9) is the nugget that powers the K root server, one of the 13 root servers that power the root zone of the internet, aka the zone apex. 2 RJ45 connections, and a console connection. The reason why this is possible is the massive recursor networks that ISP's, Google DNS, Cloudflare DNS, Quad9, etc etc provide. Point is, you don't need huge infrastructure to run a server!
Or maybe your business needs email. How many thousands of emails per second are you gonna need to build your mail server against? How many millions will you need to store? If your business has 10 employees and all of those manage about 10k emails total.. well that's easy, 100k emails total. Per second? Hundreds of emails per second per employee? Haha, of course not. Maybe you'll see an email a minute at most. That is not to say that all email services are like this - it is true that ISP's who offer email to their customers, and especially providers like Microsoft and Google do need massive mail servers that can handle thousands of emails per second. But you are not Microsoft or Google. So yeah, focus on the parts of email that are actually hard.. and there is plenty.
Among sysadmins you have this distinction between "professional" sysadmins and homelabbers. I don't mind the distinction itself but I think both augment each other. If you've started out by jumping into a heap of legacy at an established company, you will have plenty of resources, immediately high complexity, and probably a clusterfuck right away. But you will have massive amounts of resources. If you start out with a homelab, you will have not many resources, small workloads, and something completely new for you to build and learn with. And when running a server like that, you'll probably find that the resources required are quite small, to provide you with your new services. My DHCP servers take 12MB memory each. My DNS servers hover around the 40MB mark. The mail server.. to be fair that one consumes around 150. But if you'd hear the people saying that you need huge servers.. omg you need at least a TB of RAM on your server and 72 cores, massive disks and Ceph!1!
No you don't. All that does is scaring people away and creating a toxic environment for everyone. Stop it.1 -
Mozilla will update the browser to DNS-over-HTTPS security feature to all Firefox users in the U.S. by default in the coming weeks.
According to the report of TechCrunch : Whenever you visit a website ; even if it's HTTPS enabled, the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS or DoH encrypts the request so that it can not be intercepted or hijacked in order to send a user to a malicious site. These unencrypted DNS queries can also be used to snoop on which websites a user visits. The feature relies on sending DNS queries to third-party providers such as Cloudflare and NextDNS which will have their DoH offering into Firefox and will process DoH queries. Mozilla also said it plans to expand to other DoH providers and regions.13 -
Analog mail still works!
Stickers finally arrived! Thanks @dfox and @trogus for this amazing community !
1 -
Oh man setting up postfix and dovecot (plus things like rspamd) is a pain in the ass.
But it's worth it, having your own mail server is just quite a good feeling.
Now I just need to find out how to get it to pass the spam filter of Google, despite the server and the DNS zone being well-configured (better than my school's mail server according to tests, but that one still manages to pass. I have no idea why.)9 -
the coolest project was mine: a dynamic DNS like dyndns, wrote in scala, an API layer in ruby and a lot of sysadmin stuff like ospf any cast. A big technical success, a total financial failure... but I enjoyed and I learned a lot!
-
Firefox will be enabling dns over https by default in the near future for all its users
https://forbes.com/sites/...5 -
For all the privacy focused people out there, Cloudflare and APnic announced (about 2 days ago) that they created a privacy-first super fast dns server (1.1.1.1 and 1.0.0.1)
https://1.1.1.1/3 -
Someone on our team trying hard to sound smart while troubleshooting: "What is the dns address of the traffic hitting our loadbalancer?"7
-
About 5 years ago I worked at a small company developing websites and .NET applications.
They haven't changed any passwords which means, I still have access to ALL of their customers DNS setups.
Of course I wouldn't do anything.
But just the thought, that I could make an infinite loop, by redirecting the domains, is amazing.
Or redirecting them to a porn site.3 -
!rant seems that my raspberry pi serial idea is a little bit complex at the moment and may take a more serious turn later, but I have studied and found DOS based TCP/IP software that will allow me to use my 5150 with actual Ethernet. There are a few 8bit ISA Ethernet cards that will work in the 5150 and separate executables that will configure DHCP, DNS, and even allow me to use a terminal emulator and SSH to connect to *nix based computers over lan! I'll keep you all posted!
6 -
Don’t ring me up all nasty asking why these other domains that you never told me about don’t “work”... and you don’t have dns access ‘cos you don’t know what it is and I need to speak to some geezer from another company that you fired. FUCK OFF, now I have to do some whois fishing to find out the shit you are blaming me for.1
-
Nude and stranded while fighting off a group of polar bears and wolves in the Arctic, or attempting to try and explain to a web designer what glue records are and why their DNS is fucked...
Easy choice 🌫❄⛄🐺🐧 -
DNS ove TLS might come just in time for the Netherlands (if we're lucky).
https://xda-developers.com/android-...5 -
Started coding HTML, CSS and JavaScript as part of my multimedia design studies. Lecturer would throw up a simple 960 page on the projector, said "make this" and left the room. Being thrown in the deep end is definitely a way to learn that taught me a lot
-
The sorting button on devRant's feed page is just Gilfoyle's tattoo twice, once upside down like Dinesh says.
3 -
Why do we still speak in direct DNS?
I don't know about you, but I have observed so many DNS mishaps in my day, and also have observed that developers and non-devs consistently fail to have a succinct mental model of how to set DNS properly for a website.
There are lots of services that make setting DNS easier than ever, but I'm kind of surprised so many people still have to think directly in terms of CNAMES, APEX DOMAINS, and all the direct domain knowledge of DNS.
Can't we have a higher level abstraction that compiles to DNS with more safety guards? Sure, let me dip into DNS when I need to, but why are DNS settings tables still such a normal thing?
I write Ruby code so I don't have to write C code. I'm sure there are attempts in DNS abstraction, but the fact that I haven't come across them means they are probably still too leaky or just not mainstream.
Thoughts on the matter?4 -
I just found out my router has 2 SEPARATE places where you can specify the DNS servers. So I changed one place but not the other, and they don't seem to be linked! Such bullshit design.2
-
When your IT department needs to make a DNS entry for you and it's been blocking your sprint for 9 days.1
-
EVERY FUCKING TIME I HAVE TO ASK FOR SOME DNS CONFIGURATION OTHER THAN A SINGLE "A" RECORD THE TI HEAD MANAGES TO FUCK UP...
WHAT THE FUCK IS SO HARD DUDE???
CNAME? OK!
FUCKINGSUBDOMAIN > FUCKING.ALIAS.COM
THIS TIME OUR FUCKING PROVIDER CANT MANAGE ROOT DOMAIN CNAMES SO WHAT DID HE DO?
SIMPLE SAID "ALL DONE" AND ONE WEEK LATTER PEOPLE ARE COMPLAINING BECAUSE THE FUCKING ROOT DOMAIN ISN'T WORKING...
COME ON DUDE, JUST KILL YOURSELF.
AND FOR THE FUCKING MILLIONTH TIME: DOMAIN REGISTAR AND DOMAIN MANAGER ARE TWO SEPARATE FUCKING THINGS! YOU CAN REGISTER YOUR FUCKING DOMAIN ON GODADDY AND MANAGE IT ON FUCKING CLOUDFLARE BY CONFIGURING THE FUCKING DNS SERVERS5 -
What is with IT and their obsession with error messages?
"If there is no error message, I cannot help"
Your not going to get an error message because the problem is VPN is messing up my DNS due to tunneling. There is no error other than me not having Internet if VPN disconnects unless I reboot.2 -
I have a gitlab instance behind a reverse proxy at gitlab.mydoman.pizza (yeah my TLD is .pizza 😎🍕). I have a personal site hosted on GitHub pages. I have a CNAME record in GitHub repo pointing to mydomain.pizza. I have 4 A records on my domain registrar pointing to the GitHub pages server IP addresses. now both mydomain.pizza and myusername.github.io both go to my gitlab instance??¿¿ what the fuuuuuckkkkk?¿?¿1
-
Today I wrote a python messenger bot which listens to only one command;
get ip
It then replies with its public IP address. I figured this would be the easiest hotfix until I fix my dynamic DNS client.
Now thinking of it I could also make an "update domain" command for doing the API call, and then link the two with a loop and minute delay. Marvelous.4 -
Ugh, since I bought a few domain names, and thus my contact details are public (grrr), I get stupid quotes from people around the world going like: "Hey! I'm a web dev specialised in [insert technology here], I want money! Contact me!", or "Hi, I am [redacted], we are a talented agency in [cuntry] and can offer you the best in web development blablabla".
The only help I need is "fuck off".
It feels like I'm taking a dump in a public toilet and people knock on the door willing to help me clean my ass for me.2 -
When you spend 3 days on Xamarins shitty ServicePointManager for HttpClients and final get it to work on all devices
-
I updated my hosting packages, purchasing a new VPS. Half way through my download of all the hosted sites, I wondered why it had stopped. Yeaaaaah... I'd updated the DNS to point to the new server mid transaction. Hodor.
2 -
Looking for ideas here...
OK, customer runs a manufacturing business. A local web developer solicits them, convinces them to let him move their website onto his system.
He then promptly disappears. No phone calls, no e-mail, no anything for 3 months by the time they called me looking to fix things.
Since we have no access to FTP or anything except the OpenCart admin, we agree to a basic rebuild of the website and a redeployment onto a SiteGround account that they control. Dev process goes smoothly, customer is happy.
Come time to launch and...naturally, the previous dev pointed the nameservers to his account, which will not allow the business to make changes because they aren't the account owner.
"We can work around this," I figure, since all we *really* need to do is change the A records, and we can leave the e-mail set up as it is (hopefully).
Well, that hopefully is kind of true—turns out instead of being set up in GoDaddy (where the domain is registered) it's set up in Gmail—and the customer doesn't know which account is the Google admin account associated with the domain. For all we know it could be the previous developer—again.
I've been able to dig up the A, MX, and TXT records, and I'm seeing references to dreamhost.com (where the nameservers are at) in the SPF data in the TXT records. Am I going to have to update these records, or will it be safe to just leave them as they are and simply update the A record as originally planned?6 -
Oh, you've found a work around for your browser caching? No problem, here's DNS caching so you can fuck with your code again... and not know what the issue is
~ Sincerely, ISP4 -
Ugh... Spent the last hour figuring out why my Python script wouldn't send an email. Turns out my computer used a DNS cache that pointed to the wrong name server, but BT (shitty UK ISP) takes fucking forever to update their DNS. And obviously you can't edit the modem's DNS to the Google DNS, because fuck you that's why.
I want Richard's decentralised Internet right now.2 -
My company is getting a new website. This involves getting new hosting.
I made the old one, and it's all just static html. I'm not that attached to it but it's an important detail.
The bosses want the switch to the new site to happen instantly, but I pointed out that with DNS propagation times etc it can't really happen that way.
So I suggested the new web guys host our old site for a few days and we change the DNS now. Then when they want to launch we don't have to wait for the DNS and they can just swap it out.
This involves dropping 10MB of html files into the web directory on the new server.
For this service they are charging us for 2 hours of their time!
I guess I'm in the wrong business... -
I know I'm going to get the blame 🙄...
They transferred a domain didn't tell me they were doing it then now they are with 123reg ... shit web hosting
On top of that the dns wasn't transferred over so currently the old site is dead 🙄1 -
"This site uses cookies" is the most useless thing ever... Who fucking cares if it does. What is next? We should put explanation how DNS server or apache works?7
-
Took a whack at installing arch...
I failed. 😔
My rj-45 port is broken and i I couldn't figure out how to manually set a static ip, default gateway and dns for the wifi interface thru the terminal when installing.
Oh well. Maybe next time5 -
Youtube with its annoying ads that pass my dns server. Well, no longer! Just add /api/stats/ads to the universal routing. Poof ads gone ^^,2
-
I fucking hate having to use Windows 2008 R2 Server.
We have a college project and the deadline is near. Fml. I did the ftp server, the ad dc, dns server, and when I am about to configure the dhcp server Windows fucking fucks everything up. Urrghhh...
I will never ever touch any windows server os in my life again. It is just a pain in the ass...4 -
Hey guys :D So, finally I have to build a website for a service. That means setting up a server and all that stuff...
What servers do you recommend? Also service for DNS?
Thanks :D16 -
If anyone is really bored, or doesn't have literally anything else to with their life, I just posted my first article :D
https://medium.com/@ksiig/...
If you want, take a look and tell me what you think :)11 -
Ayoooo, fuck you telstra you cock mongering assholes. What the fuck do we pay you for.
Seriously, a 20s DNS lookup time for azure services -.-2 -
What the fuck?
I can't understand people who are using ad blocking extensions in their browsers... Why don't you just use hosts file ad blocking or DNS service that filters ad provider hosts?
In this case you will have much faster working browser won't you?9 -
As a webdev telling a system admin that he should set the DNS records before moving the domain name to keep the email working. It does bother me
-
I was 4 I think. Managed to reconfigure the IP and DNS settings and got the internet working again (it was a dial-up, in 2002). My entire family thought I was a prodigy of sorts (I am not).
Now all I do is restart the wifi if it's not working. -
Finally something good in the name of Privacy. I hope this is NOT a joke !!!
https://blog.cloudflare.com/announc...2 -
I'm migrating a site. I moved the host, I need to change DNS servers. It's protected with one time codes sent to an email I don't have access to. The guy who has the access disappeared without a word, it's been over two hours now. I CAN'T DO SHIT WITHOUT THOSE FUCKING DIGITS YOU FUCKER
-
I just wanted to transfer my domain from domain operator dns to other dns provider.
Now I lost control over my domain and it redirects to those fuckers website.
I thought fuck them, this is their last fuck up so decided to transfer domains from this piece of shit provider to any other.
It turned out you need to send request using post office or visit their office by yourself to get EEC (authinfo) code
Their office is 300km away but cause it’s fucking faster and more reliable then waiting a month for their mail with fucking numbers I will go and do it next week.
Let the fucking hell begin.
I hope those motherfuckers would food poison and shit themselves into their beds till end of their fucking life.
Fuck those fuckers.8 -
I haven't touched my OpenVPN server configuration in almost a year. Everything seemed to "just work" the way I wanted it.
I have now just found out that all ipv6 DNS queries were actually going to the wrong ip.
Why am I such a magnet for stupid shit like this?
Every time I try to do something beautiful, elaborate, complex, I always get some small shitty detail wrong.
It's like "close, but no cigar".
Every.
Single.
Time.
Sigh
Bonus fun fact: I only found out thanks to Windows' DNS leak feature. Thanks, Windows!5 -
just had to configure dns on my raspberry pi to google and copy a "tilde" because my US-Layout mac-keyboard wouldnt find it.2
-
Schoolproject teammate refuses to pull my changes in git before applying his because he thinks we're going to have conflicts ?!?!?!1
-
Was slightly panicking at work today when I couldn't reach my server at home anymore, though it might have crashed or something. Turns out my isp changed my fucking IP address! It hasn't done that in years! WHY NOW? Ugh, time to update *all* the dns records I suppose...2
-
To the sysadmins:
We are currently installing and configuring dns, dhcp, smb, ftp and webserver on Ubuntu vms in class.
The teacher changed his mind and want us to install a system that has everything installed and configured.
He recommended Zentyal to us.
What would you use and why would you use it?5 -
## Learning k8s
Sooo yeah, 2 days have been wasted only because I did not reset my cluster correctly the first time. Prolly some iptables rules were left that prevented me from using DNS. Nothing worked...
2 fucking days..
2 FUCKING DAYS!!! F!!!11 -
change your routers dns server in case your vodafone (germany) internet keeps you from getting shit done today.3
-
oh THAT'S why malwiki was down...
what the fuck do you mean amplified the whole internet's dns the fuck does that even MEAN
4 -
Fuck this god damn router. Up to now I was really happy with the router/modem my ISP gave me (UPC Connect Box) but today I set up pi-hole on my raspberry and found out that I can't change my fucking routers DNS settings....13
-
GOOGLE, I WANT TO FUCK YOUR ASS, WHY THE HELL THE NEWER VERSIONS OF ANDROID ARE NO LONGER ABLE TO OPEN THE FUCKING WEB APPS ON LOCAL NETWORKS, THE SAME APP IS ACCESSIBLE FROM IOS AND FUCKING ANDROID CAN’T FIGURE OUT THE CORRECT DNS OF THE LOCAL IP ADDRESS BECAUSE YOU DROPPED IPV4 SUPPORT YOU ASSHOLES.6
-
Should start a game called The DNS Game. You keep saying DNS louder and louder in a public venue back and forth with a friend, until one of you chickens out.
-
What was the name of the service for acquiring domains for free (or was it with privacy(?)) that was trendy a couple of weeks ago here?
I might be thinking of buying a domain5 -
rant && what do you think?
so one of our ISP (Orange Slovakia) had troubles with service for like two days. Their DNS servers translated domains to IPs reaaally slow or not at all. So when i saw the dns error in chrome (yes i use chrome and not quantum) I changed my dns to google dns and ignored it.
Two days later when the service was back up and running, this ISP went to the local media and made a statement "we had a DDOS attack, no user data were harmed, blabla" that was when my BS radar went bananas... so somebody DDOSd your DNS server ... for two fucking days straight... this is probably a lie or they have really noob engineers (or both).
I'm not an expert on network services or routing, or servers but, how about turning off this server, IP and setting up a backup on a different IP ? Possibly anyone here with experience how to handle DDOS? Whats the chance of this happening? i'm really curious23 -
Request for internal service
FW takes request
FW NATs request to external / WAN IP
Other FW (different location) gets request
DNS redirect for whole domain
"data-zone: *.*.*.org redirect"
Via DNS redirect request goes to LB
LB sends request to other LB
LB send request to NGINX server
NGINX resolves via Host header
And now you get a TLS handshake error somewhere in the travel of the request...
The level of fucked: my arse can take the Eiffeltower horizontal. -
Manager took a week off to work on his house. Today he doesn't show up on Slack until after noon and says he's "catching up on e-mails." He praises how there are fewer DNS issues what what we did must have worked .... all praise from him feels hollow and meaningless.
-
Now why the fuck is one DNS record (for the www prefix) working but the other isn't? WHAT THE FUCK???2
-
Client: After two weeks of silence. "Are we ready to launch?"
Me: "Yeah, sure!" Forgetting there's a half-finished refactor from two weeks ago.
*spends an hour cowboy coding php in Plesk editor before IT guy updates DNS* -
The current finish of the whole network stuff is... exhausting.
We are in the finishing phase...
Like in the Simpsons:
Knife goes in, guts come out.
I've debugged today 4 h DNS...
One of the nodes - and the only node of 5 - didn't resolve one zone of many correctly.
It always tried to resolve via INet / Dot ...
So a _very_ special snowflake.
After going crazy... I decided to isolate the setup and increase verbosity for debugging.
It tourned out that the DNS server answered correctly - but was asked then again for a response by the defective node.
So I ripped out DNSSEC out from the DNS server, hoping the defective node would be fine with it.
Nope. It resolved then by itself via internet...
Well...
A lot of domain-insecure sprinkles later the defective node behaved correctly.
But why the fuck does _ONE_ single fucking stupid cunt machine decide to go rogue? Every node is equal....
It's just... Insane.
And reading the logs was insane too. -
I quite enjoy finding some documentation from folks who have been working here before me. I hate searching for it though.
Found some in onenote, some scattered and quadrupled over several files across many shares. It's like the norm, right.
Today I found a bunch of documentation inside keepass entries. What the fuck comes next? I swear I'll start putting documentation inside dns txt records if I find any more sick places that people put valid documentation into.3 -
FUCK ANDROID EMULATOR!
WHY DOES IT HAS TO CONNECT THROUGH GOOGLE'S DNS?
AND AFTER ALL THE FUSS I HAD TO TEST ON A PHYSICAL DEVICE!4 -
You should write comments in your code, and in case of Perl you must write comments in your code.
I've done some DNS zone editing stuff using Perl's magic around 4 years ago and now I have no fucking idea what's going on in there. It's on production DNS server since then, no problems so far... -
Just spent an hour debugging why my iPhone couldn't resolve a local domain name. Turns out that that's a known issue that Apple ignores since iOS8 👍
-
I have dnsmasq running on my laptop to speed up dns resolution, never been so glad I didn't turn my laptop off. cause I'm one of the few actually watching this hack and wondering what kind of system is going to be thought of to replace dns
-
How do I make my blog https? I have a blog using Jekyll and GitHub pages. I have a custom domain so I tried cloudflare free SSL plan - destroyed my DNS records. Haha. Any good post for me to follow and get that green padlock?8
-
Thank you Cloudflare for replacing my MX records with A's, so that I now don't have a working mailserver, but also subdomains linked to my 404 page! Cloudflare you are great, where can I terminate the contract? When I import the confirguration in my friend's nameservers, it works. When I import it in my domain registrars nameservers, it works. When I import it in the cloudflare's nameservers, everything fucks up and it makes freaking subdomains. And that bullshit even displays MX records on their DNS dashboard! FUUUUCK
-
DigitalOcean. Easy to use, rebuild and destroy. DNS is a plus. However, I had problems with using the droplets at a specific location.
I recently started using AWS Lightsail as well and found it so far so good. -
Talk about giving me a headache..
Mmh k, so i want to move my current domain to cloudflare.
Go to current provider, their site report a previous provider has the record but that provider says they have nothing left.
Great.
Contact current provider and they tell me to contact cloudflare, cloudflare tells me to resolve that issue with my previous provider....
Starting to feel like just dropping it and getting a new ... -
Worked until now on my private mac and used pymssql and freetds to connect and work with a MSSQL DB and Python
Two days ago I switched to an Ubuntu Machine and I couldn't get it to work.
As it turns out Ubuntu was not able to solve the DNS Name into an IP Address.
FML - 2 days wasted2 -
Yeah, sure.. I'll configure your DNS & mail server.. while I'm at it, I'll also optimise your db settings & configure backups..and don't forget LDAP & group policies!! Sure, no probs!! :/4
-
How do you guys handle wifi on laptop with i3 setup? Isnt it ugly as fuck to scan and connect to wifi multiple times via cli? I mean setting default dns per wifi, spoofing mac in public wifi etc?6
-
So across different apartments, different routers, different notebooks and operating systems, my mother always ran into the issue where she had no internet access until I flushed the DNS-Cache. Never figured out how she achieves this.3
-
Raspian, which runs my primary DNS, just corrupted my sudo file... Well fuck. Have to reformat, this time ill use arch.7
-
Set up customer's e-mail addresses in Plesk. Worked fine in testing, all goes well for about a week.
Then their e-mail stops delivering. Stuff arrives, but outgoing messages either bounce or fail silently altogether. I contact 1&1 support, and they help set up SPF and DMARC on the domain, and then we wait and see once the DNS changes propagate.
Well, something about these changes caused my business e-mail (on a separate server) to exhibit the same problem now, when it had been working for 3 years without issue prior to that.
Check back with 1&1 2 days later to see why the first one isn't working; we verified all of the records across everything, tweaked a couple other things (like setting the full hostname in Plesk to mail.servername.com), and waited 2 more days.
Still having the same problem on both accounts. did a bit of looking up the issue for Plesk and found that in order for SPF/DMARC to work, they have to be activated on the Plesk-wide mail settings, and then again individually at the domain level.
Made these changes on my business e-mail's server and domain and it fixed the problem!
Made the same changes on the server with the customer's domain and...still seeing the same issue.
Have checked all settings between them and they're identical. All the appropriate DNS records are in place. I'm kind of at a loss for waht else to check at this point.1 -
Having to sort out the domain and hosting arrangements and dns management as the client has no clue where anything is or who owns what, and the previous web developer is intentionally not giving a fuck.1
-
Setting up active/dr site that is not allowed to subscribe to any “cloud” services to facilitate scaling/auto failover. Ive resorted to use DNS-based failover which updates the ip attached to the host and re-propogate dns records which took 2minutes to come back online... this shoulve been better if we’re allowed to use cloud-based load balancers
-
I don't know what's causing this issue, but my money is on systemd.
All I want is to be able to use my desktop without it randomly forgetting the address of my DNS server. Is that too much to ask? None of the other machines on the LAN have this problem, just the one machine that I interact with most. But of course SOMETHING just had to not work right with that ONE machine.4 -
I have configured on my local desktop a pi.hole and Stubby. They were working fine and happy together, but after a comment from @FrodoSwaggins about local DNS server, I trying to add Unbound as well.
So, on my configuration, pi.hole points to unbound, which points to Stubby. Everything local, each one with their own ip@port listener, but it does not work.
If I point Unbount to an external DNS (Quad9, for exemple), it works. If I point pi.hole to Stubby, it works. But the 3 of them does not work.
Does anyone has any idea what could be happening?
Thanks!6 -
So I follow Linus Tech Tips and set my computer's DNS server to 1.1.1.1 but the dumbass in me didn't set any backup servers.
Come Friday night, internet is not working on my computer. After a modem/router restart and it still not working, I thought it was just the internet in the house was down for a little bit (it was connecting to the router perfectly fine). The next morning I wake up and my phone's connected to WiFi and it's working, so I'm like, "great, internet's back"
Not for my laptop lol. Nothing's loading there. Since it's just this device that's having trouble, I decide to forget the network and log back in. Still not working.
I finally remembered my DNS server setting and add Google's external DNS servers to the list and now it's working.9 -
Was having problems on a VPN where my URL was constantly redirecting to https, after https was disabled, spent ages reconfiguring nginx, removing and adding nginx again with no luck. Eventually said fuck it, backed up everything of importance, destroyed the droplet and spun up a new one. Installed nginx and redone the DNS for the domain only for the same thing to happen. It was at that moment I discovered it was chrome caching the HSTS domain. I now have a long night ahead of me configuring the new droplet and restoring the backup data.
-
On holiday with parents and gf...
Wifi here forces you to use their DNS (using Google's or Cloudflare or any other DNS is blocked)...
Can't use my OpenVPN either...
fuck...12 -
Decide to move to docker for windows from toolbox. Worked well until vpn/s-tunnel all crapped out.
Found out about hyperv, default ethernet, HNS, windows DNS etc etc getting confused.
Removed docker and hyper v, back to working again.
Interface index for adapter selection , really ? -
So I'm interested in building a Raspberry Pi stack at home to continue securing and adding my smart home capabilities, 👍
Have ideas for 2/3 but what else could I look to add?
1. Pi. Hole with cloudflared argo proxy for all DNS
2. Home Automation server
3. IPS / IDS like Bro or snort? Or firewall like pfsense?
4. Log server with Splunk agent from other pi's and router....
5. What else?
Ideas in the comments -
Yanno, a popup that states "failure. No specific error was returned with this API call" is about as useful as "Error code: NOPE. Good luck fuckers!"
This occured after hitting the delete button for an MX record on a host that I'm migrating away from. -
Another part of messy network gone.
Caching fucked me hard....
Isn't it just lovely that nowadays you need to nearly wipe a machine to get it from claiming stale data....
And thanks to DNS, HAProxy -/ service names / ... I think I know now why the curse of babel is so powerful.
When you have to think for 2 mins to make sure you've set the zone's right, cause otherwise you need to ProxyJump with SSH through more tunnels than imaginable (VPN/HO) to fix possible caching on several DNS servers.... You'll realize that it's russian roulette with too much bullets. :(
And If a monitoring service asks another monitoring service for status information which asks the first monitoring service which then asks the second monitoring cause you were too late...
You'll get very funky monitoring statistics.
Too slow, had to nuke it (mismatched a DNS name, the second monitoring service should have been a service node).
I think I've had more near death scenarios in the last 2 weeks than I like.
Hopefully I'll never have to do that again.
(Splitting and reordering a few dozen VLANs, assigning proper DNS names, loadbalancer migration....) -
So I just had my first coding interview for an internship next summer. It was online, because I'm currently on a different continent. The company uses coderpad.io to do the interview. The website restricts what packages you're allowed to use, and FORCES you to use poorly documented, deprecated ones. On top of that, it fails to send http get requests HALF of the time because of DNS problems! Gaaah!1
-
!rant
I'm dreaming of a web language that is as close to the English language as possible.
Imagine:
<html>
nav bar with 5 links
slider with 3 images that runs automatically
Section with 3 images next to each other
Paragraph with first word in red
Footer with menu and sign up form
</html>
This would be the shit!6 -
Use linux they said. It is stable they said.
I use a linux VM for managing DNS with BIND and configuration via WebMIN.
A minor webmin update : Sure, let’s click.
“Update failed. WebMIN requires UnZIP” Poof whole interface is down. Here we go for 30+ minutes of manual rolling back, installing unzip, retrying update. That shit only happens on linux.23 -
Working with a client (who is a "techie") to authenticate mailchimp for their domain. After a week of fumbling about and with pressure building, the domain registrar claims to have set the correct DNS settings and to get pressure off him, he writes an email saying,
"CNAME has been added ask mailchimp to propagate on their end". FML -
Just out of curiosity...
Is there a way to prevent a DDoS attack using settings in the Router? Like, changing the DNS Port to maybe 54 because most people just spam 53 with random packets?6 -
Things that I learned today (15-07-20):
Suppose you have a hosted zone (both private and public) i.e. y.test.com. in AWS r53. and you created r53 DNS record in the public host zone sample1.y.test.com and if you will try to reach this DNS from ec2 you will not be able to. it will give you an error that DNS does not exist but out of ec2, it will work.
To make it work, you have to create the same record in a private hosted zone. Then only you can connect from within an EC2 instance.
So apparently EC2 always looks for the DNS for your registered name server in private hosted zone.
There should be a fail-safe, if it's not in the private hosted zone, it should look in public as well. (idk)
Maybe it was silly of me to not knowing this in the first place. ( wasted good amount of time)4 -
I was about to ask a question on how to get a win2008 dns Server to work after 2 hours of full frustration until I saw that I was using the wrong gateway... 😂3
-
I bought a domain name from porkbun. It's still not propagated, I put the A record almost a week ago. Any idea?7
-
My internet connection is so messed up. Again certain websites are not loading on my Mac but they are loading on my phone using WiFi. I tried clearing cookies, flushing DNS cache and changing DNS servers to OpenDNS or Google DNS.
8 -
https://support.live.com/ returns "Service Unavailable - DNS failure" but hotmail continues to list my servers as spammer...
how the fuck do I delist my server like this!!! FUCK!4 -
Seriously fuck dreamhost.
First, their configuration is more complicated than it needs to be. Then their website is slow and buggy. Penultimately, their support people don't understand English, are bots, or are dumb as bricks. Finally, they don't have a custom ALIAS record for interop with Heroku.
I'm so glad I'm almost done switching! (Last domain will be transferred away on Friday!). -
OK, I've got a couple customers I provide e-mail hosting for, but recently it's been...more trouble than it's worth, to put it simply. I'm looking to offload that part of what I do onto another service.
Does anyone have any recommendations for e-mail hosting services? Bonus points if they have good customer support.3 -
So I just tried to restart my dns caching service while conversing with someone. I typed 'sudo shutdown -r now'. 🙊
-
That lovely moment, when I have to spend an hour on mail delivery issue, only to find out the message was flagged as spam due to a faulty dns blacklist.
Though the way it got flagged is idiotic and funny at the same time, too.
The blacklist domain got parked, dunno why, and of course, all of the dns queries thus got redirected to a different dns server that just returned the A records of the dns park owners.
Guess what that causes when you use that blacklist? Every single email gets flagged, including that one of ours that I had to debug.
Fml, an hour of overtime for a stupid malfunctioning blacklist... -
WiFi’s acting funny— certain websites are not loading. Probably some DNS resolution error. How do I fix this ?9
-
Homelab is starting to get big enough to justify a dns server. Time to start anthropomorphizing my servers.7
-
Any opinion about cheap hosting? Im currenty at transip for dns but i want a small server with open port config or docker suport10
-
Today wasted around 5 hours installing nginx, apache stills working and keeping listen on 80 port after uninstalling it reboot finally the thing was i dont change the fucking dns of the server and trying to connect to the domain 5 hours later tried to connect to the ip... Fuck my life1
-
In addition to being able to lookup DNS queries over Twitter, telegram (even literal ones), devRant, HTTP(s), TLS and even the DNS protocol itself - Cloudflare will now offer DNS-over-HAM in London.
Sources:
- Heise Online (German): https://heise.de/newsticker/...
- Original Tweet: https://mobile.twitter.com/jgrahamc...1 -
I hate BT.
Today, it started redirecting me to a page saying, basically, to activate their DNS server on the router for "BT Protect" and "Parental Controls" to work, despite the fact that my parents never turned it on. Their support lines appear to be staffed with Indians taught to answer very basic questions, and forwarded me to "tech experts" from BT, a service that apparently costs £8 a month, because "the issue is out of their scope".
How is this even legal?1 -
Fuck domain re-sellers who don't know what they're doing, you fucking moron you do not need DNS if the Service provider is same as domain and hosting, all you had to do was to change A record with @/${Insert IP Address here} values, it's taking you ages to do that, fucking idiots.
I will probably ask to transfer the domain name to my account if that is possible.9 -
Anybody here recommends a good domain registrar? I've been using GoDaddy for mostly everything for years but I'm kind of tired of their shit. Doesn't need to be super private or anything just a good service.
I've heard that Cloudflare now is also becoming a domain registrar, is it good? what do you guys think9 -
I am not sure what's wrong but from this evening I can only access Google's sites + some other site using my WiFi but can't access devRant + other tons of site
Tried to reset the router, tried changing the DNS addresses, tried using VPN but nothing worked2 -
I need to have domainB show the contents of domainsA without redirect. Oh and its WordPress if that makes it worse.
Support just said "You gotta clone the website" but there's gotta be a better way.
It's cloud hosting from HostGator so I don't have access to virtualhosts.6 -
I need some help with parking a domain in ovh.com webhosting. It's a real pain in the ass so any input is strongly appreciated. I kinda figured out what todo already, but still need some clarification.
Normally after buying a webhosting all I would need to do is login to my domain registrar's website and in the control panel just change nameservers to webhosting nameservers and that's all. Webhosting provider would take care of the rest (subdomain creation, e-mail creation and etc.) But because OVH are assholes, they support this type of domain parking only for domains registered at OVH.
For external domains, procedure is as follows:
For the configuration to function, you will need to make the following adjustments with the current provider:
Insert a TXT record for the domain ovhcontrol.mydomain.com with the value jwyPolzgrZyIShzaQItqw
Point the A record of your domain mydomain.com to 51.244.97.19
Point the A record of your domain www.mydomain.com to 51.244.97.19
So basically I had to login to registrars cPanel and first of all I had to park my domain back to my registrar (I had to switch to default nameservers which are provided by domain registrar)
Only then I got advanced access to dns zone in order to add the required records above.
When I open my domain registrars dns zone cpanel this is what I see:
http://prntscr.com/nekx40
So basically, as I understand, I just need to add these required records like this?
http://prntscr.com/nekxjc
Am I correct?
So basically my OVH webhosting doesn't deal with dns zone at all, I will have to use my own registrar for adding subdomains?
What about e-mail addresses? OVH doesnt allow me to create emailboxes for "externally" parked domain addresses. Will I have to search for some e-mail provider, and add some additional records?
Any input/help would be appreciated.1 -
arrrrrrgh status quo for a reason! how am i supposed to test anything if youre continually going to fuck with DNS??!!
-
Perforce clients apparently require working reverse DNS against the server they're connecting to in order to function properly.
That is all. -
So I was very bored this week and deceided to get my head wrapped around Kubernetes and the hype around it. After trying to get a cluster run on my old contano servers I almost lose my nerve and just went for DigitalOcean. Holy shit I am impressed by the service. 30 seconds TTL DNS, hourly rate billing and spinning a scaleable cluster in only minutes. I fell in love1
-
Just a thought, would you pay a monthly fee to manage your domains? I've been using DNSimple for about 2 years now, hands down, one of the best I've used but just recently they started charging 5 USD per month for the basic plan :/1
-
Want to send an email? Sure thing, how about you configure first a DKIM, DMARC, SPF and some reverse DNS. Otherwise your mail can go fuck itself, because it won't even make it to the spam folder. Even if you do all these time consuming fuckwit tasks I might just mark your mail as spam. Because fuck you, that's why.
Sending mail to Gmail in a nutshell.2 -
Today I found a subdomain whose CNAME record points to some s3 bucket that doesn't exist but on opening that subdomain, it redirects me to some other s3 bucket that exists
can anybody shed some light on this?
PS: there are none other DNS records5 -
Does anyone have a favorite DNS service they use for their general home / mobile traffic?
For instance: AdGuard, OpenDNS, FreeDNS, Fool, Quad9 etc..
Considering speed, and privacy here.7 -
I have some homework todo:
1.- Install & config a lemp environment for testing
1.1.- Maybe mongoDB & nodejs
2.- Install & config a gitlab server
3.- Config a local DNS -
Did any of you have found a viable and reliable email hoster for custom domains that doesn't force you to transfer your domain(just setup the DNS records properly)?
And that can make programmatically possible write emails?13
Top Tags
Weekly Rant
View