Inspecting DNS traffic via tcpdump

If you ever wondered what is going on at the DNS level on your computer (or network), tcpdump can be a useful tool for you. TCPdump basics Tcpdump is a tool that allows you to inspect any packet (TCP, UDP, etc) and its content as they pass through an interface through the libpcap module. The…

2st Commandment: Default-block for iptables

2nd Commandment: You shall always default to block on your iptables rules. If you are configuring iptables (or any firewall for that matter), you should always start with a block all rule. Within iptables, it is very easy to do with: /sbin/iptables -I INPUT -j DROP -m comment –comment “Blocking all traffic by default” So…

Binding multiple IPv6 addresses automatically

Most servers get a IPv6 range (/64) by default. That means that you have millions of IP addresses to use for whatever you feel like. However, assigning them manually to your interfaces can be a bit painful. Assigning all /64 IPv6 addresses with 1 command However, there is a trick with the ip route command…

1st Commandment: Always comment your iptables rules

1st Commandment: You shall always comment your iptables rules. If you are writing an iptables rule, you need to comment it. Period. Whenever someone is trying to understand what is going on with your system and they run iptables -nvL and they see something like this (from our previous post on blocking custom domains via…

Tips and Tricks: Blocking DNS requests via Iptables

If there is a tool we love, it is called iptables. The default firewall tool chain on Linux has a lot of options to filter pretty much any traffic you wish. In this Tips and Tricks, we will show you how to block DNS requests (domain names) via iptables. Enjoy! Understanding DNS DNS is binary…

Linux Security Checklist

Before you deploy any Linux server online, we recommend that you go through this checklist to prevent a breach and/or a compromise.   Organizational Single purpose server. Is this server single purpose? Do not run a mail server with a web server (different purposes), for example. Or a web server with a DNS server. Do…