today's howtos
-
A formal analysis of Karn’s Algorithm
At the NDS2 Lab at Northeastern University, we study Internet protocols using a variety of techniques for this very purpose. For example, in a prior blog post, I wrote about how we synthesized attacks against protocols given only their prose specifications. Today, I’ll zoom in on two critical components that are used in many Internet protocols — Karn’s Algorithm and the RTO calculation — and explain our recent efforts to formally verify them.
-
The Nuance of “Domain”
That was my mental model of URLs until I indexed my blog’s links and realized there’s more to “domain” than initially meets the eye.
-
JQ: Another Tool We Thought We Knew
So often you'll see folks (me included) use "jq" to take an unformatted JSON mess and turn it into a readable output. For instance, last thursday we used the Shodan API to dump about 650k of host info like this: [...]
-
Manage Galaxy Buds on Linux with this Open Source App
Samsung provide official apps for managing Galaxy Buds on Android, iOS, and Windows. Linux users have to fill the silence with unofficial apps, such as the opens-source Galaxy Buds Client this spotlight post is about.
-
Where the speed limits on our Amanda backups appear to be in 2023
The first change was the move to our Linux fileservers, with 10G networking and SSD storage. With SSDs, we had both greatly increased read bandwidth and greatly increased IOs per second (which matters for scanning filesystems and figuring out what to back up for incremental backups). This unambiguously moved the limit on our backup speeds to the write speed of our Amanda 'holding disks', which were a striped set of HDDs. With some hand-waving the striped filesystem could do around 200 Mbytes/sec (starting out higher and then dropping over time), which was under what the fileservers could now deliver.
-
bpfilter is forever
This week it was brought to my attention that bpfilter might be delaying our kernel boot sequence. The initial thought was that bpfilter’s usermode upcalls were stalling for some reason and caused boot time stalls.
While it is true that module initialization for built-in modules (ie. CONFIG_FOO=y) is serialized and that in theory it is possible for the boot to be stalled if a module was slow, it turned out not to be the case for bpfilter, as we had CONFIG_BPFILTER_UMH=m which actually causes bpfilter.ko to be built and loaded separately.
So end of story, at least for the important side of the investigation.
-
How To Enable DNS Over TLS on Debian 12 Bookworm
This tutorial will help you setup DoT (short for DNS over TLS) security into your Debian 12 Bookworm. With this, we hope you will have a very secure internet access so nobody can forcefully block or redirect your browsing activities in the middle especially for your dns line. This article complements our both Debian 12 Install Guide and After Install Recommendation. We choose here a secure public dns service that serves DoT --Quad9 from Swiss-- to replace our internet service provider's one which does not support it. We hope this will be helpful for you.
-
How to Find Public IP Address in Linux From Command Line
In the vast world of Linux, having a reliable way to identify your public IP address is crucial for various networking tasks. Whether you’re troubleshooting connectivity issues, configuring a server, or setting up remote access, knowing your public IP address can be a lifesaver.