Restrict sftp with Linux user namespaces
A script to restrict SFTP to some directories, without needing chroot or other privileged configuration. More..
ANSI Terminal security in 2023 and finding 10 CVEs
A paper detailing how unescaped output to a terminal could result in unexpected code execution, on many terminal emulators. This research found around 10 CVEs in terminal emulators across common client platforms. More..
NAT-Again: IRC NAT helper flaws
A Linux kernel bug allows unencrypted NAT'd IRC sessions to be abused to access resources behind NAT, or drop connections. Switch to TLS right now. Or read on. More..
ip.wtf and showing you your actual HTTP request
Using haproxy in strange ways. More..
Wordle over DNS
Adding another way to implement Wordle to the pile. More..
Introducing RedisIRCd
A custom IRC server that backs to Redis. More..
Microsoft .NET SDK is violating the GDPR, object now
.NET SDK collects more telemetry than was claimed and it is not anonymous. More..
SQLite as a document database
SQLite has had JSON support for a while, but the recently added generated columns feature allows you to treat it like a document database. More..
Vim blowfish encryption
...or why you shouldn't roll your own crypto More..
Tips for XRandR
(or: Help, why doesn't my projector work under Linux?) More..
DTrace and Perl
DTrace provides powerful tracing abilities, combined with perl's support for user defined trace points gives powerful insight into Perl. More..
Make OpenSSH require keys selectively
This is one of those things that I've been doing for ages and is easy to find if you read the fine manual, but not many places online seem to suggest it. More..
Using HAProxy to make SSH and SSL available on the same port
Certain places firewall TCP ports other than the most common ports. There are many techniques for bypassing such restrictions. One simple approach is to run a SSH daemon on port 443, however a downside of this is you need to dedicate an IP address to this SSH service. More..