In the past years credential theft has become a common theme among web sites. They all stem from a compromise of the web or application server or unrelated other infrastructure. Once access to the file system of the database server is achieved or the database can be accessed using the application’s credentials, the stored secret […]
This is a common pitfall. Another of your assumptions crumbles. Neither syslog over TCP nor syslog over UDP implement any application layer confirmation of the receipt of any log messages. If anything occurs between the writing to the buffer or the sending of the log over the socket and the logs having been written to […]
Here’s an example line for default.pa or similiar, or for running using pacmd. I haven’t tested it, but pulseaudio accepts this line just fine: load-module module-echo-cancel use_master_format=1 aec_method=webrtc use_volume_sharing=1 aec_args=”analog_gain_control=0 digital_gain_control=1 beamforming=1 mic_geometry=-0.04,0,0,0.04,0,0 target_direction=4.71238898,0,0″ source_master=alsa_input.usb-046d_0821_FDA941A0-00.analog-stereo sink_master=alsa_output.pci-0000_43_00.1.hdmi-stereo-extra3 source_name=echoCancel_source sink_name=echoCancel_sink Needs LC_NUMERIC=C in environment to be able to correctly read the mic_geometry. Using commas instead of periods […]
What is it? iptables is a cli frontend to netfilter, the Linux kernel firewall/nat implementation for OSI layer 3 and 4.
Just some standards for writing applications I came up with to make it easy to deal with, fast and provide a high level of availability.
Don’t use iptables to apply your rules one at a time, use iptables-restore to apply a whole ruleset in one action. Set your INPUT and FORWARD policy to DROP. Don’t set your OUTPUT policy to DROP unless you really know what you’re doing. If you’re going to implement a blacklist or whitelist, you should look […]
Summary page of the Netfilter related resources iptables 101 and FAQ to get started quickly iptables tutorial from frozentux flowgraph of the packets in netfilter as png or svg Managing large lists of IPs,subnets, protocols or ports in iptables using ipset Dynamically updating ipsets from DNS records Periodically updating a blocklist from an IP using […]