With much of the web switching to HTTPS and at least some people becoming more concerned about privacy, DNS has recently come into the spotlight because it provides an ISP with the ability to monitor which websites a user visits. Multiple mitigations have been proposed - Android for example is going …
read moreOther articles
Web Service Security
As a developer, I've used lots of web services and also implemented plenty myself. I've seen services with IP-based security provided by network firewalls, services protected by standard HTTP Authentication, TLS with client and server certificates and custom mechanisms using API keys. Recently, OAuth 2.0 has been added to …
read morePreventing Cascading Failure
With the advent of reactive programming and frameworks like Netflix' Hystrix, classic stability patterns like Nygard's Circuit Breaker Pattern have entered mainstream software development. The circuit breaker is used inside your clients to cut the connection to a collaborating system (the server) once you notice the server doesn't answer in …
read moreLiving in the Future with IPv6
Setting Up a SOCKS Proxy Using OpenSSH
Web browsing on a public Wifi network is a security risk as it's quite simple to capture network traffic. Even if you only connect to SSL-protected sites, people can still find out which web sites you're accessing. Fortunately, there is a quick way to protect your privacy - all you need …
read moreSetting Up a Web Proxy with Squid
Setting up a Squid forward proxy can be a pretty daunting task since Squid is an extremely flexible piece of software. In this article, I'm going to provide a minimal non-caching, authenticated configuration. I have tested this with Squid 3.1.12 on Ubuntu 13.04, but with minor adjustments …
read moreGetting Started With Kerberos
Recently, I have been playing with Kerberos, a popular Single Sign On system (SSO) that is used in many large organizations. My first contact with Kerberos has been at university in a network security course, but that only covered the cryptographic part, not the more practical issues like setting up …
read moreSharing Files Revisited
It's amazing how sometimes problems solve themselves. Since my last article, I got a new home router (a FRITZ!Box Fon WLAN 7320) that nicely solves the problem of accessing network devices with dynamic addresses even without Zeroconf.
My router also acts as a DNS proxy and provides a few …
read moreSharing Files With Android Devices
Occasionally I want to transfer a file from my Linux desktop machine to one of my Android-based devices via my home network. Shouldn't be a problem, there are lots of networking protocols for this, right? In practice, many solutions you think of aren't convenient enough for daily use.
Services like …
read more