I was recently building a script to help move things from one server to another and in the process stumbled into a very annoying problem when passing MySQL arguments to a remote server via SSH.
Desired outcome: Create a new user in a remote DB using SSH.
In practice, this should be extremely simple. If you do this on the server, you could execute a command like this:
mysql --user="root" --password="[pass]" --execute="create user 'testing'@'localhost' identified by '123';"
You would now have a new user in your database called testing and it’s password would be 123.
Continue reading “ERROR 1064 (42000) at line 1 – Passing MySQL Create User Arguments via SSH”
If you ever wondered what is going on at the DNS level on your computer (or network), tcpdump can be a useful tool for you.
Tcpdump is a tool that allows you to inspect any packet (TCP, UDP, etc) and its content as they pass through an interface through the libpcap module. The syntax is very simple, but the basics of the command require the network interface name, the protocol and the restrictions of what you are trying to inspect (more on that later):
Continue reading “Inspecting DNS traffic via tcpdump”
In a previous article, we showed how to block specific domains at the DNS level using iptables. Today, we will expand into that and show how to also block HTTP requests for a specific domain (or URL) in there.
Iptables String Matching
Iptables string matching is very powerful and easier to use than the hex-string module we used before. When you specify -m string –string, it will activate the string module and inspect at the packet content for the keyword you are looking for.
Continue reading “Blocking HTTP requests via Iptables for a specific domain”
Most servers get a IPv6 range (/64) by default. That means that you have millions of IP addresses to use for whatever you feel like. However, assigning them manually to your interfaces can be a bit painful.
Assigning all /64 IPv6 addresses with 1 command
However, there is a trick with the ip route command that allows you to link your /64 to the local interface and cover all of them automatically:
Continue reading “Binding multiple IPv6 addresses automatically”
When working on your server you might need to disable the Uncomplicated Firewall (UFW). When doing so you’ll notice it doesn’t display your rules when the application is inactive.
Continue reading “How To List UFW Rules When The Application is Inactive or Disabled”
This is not a comprehensive guide to the UFW application.
It is a basic orientation for the UFW application. This should provide insights you’re probably not aware of, but many might assume you already know.
Continue reading “Working with UFW – Uncomplicated Firewall – on Ubuntu”