I’ve seen DNS leaks compromise even the most secure Linux setups - it’s a common issue that can expose your online activities. When running a small Linux server, ensuring the security and integrity of your DNS setup is crucial. A DNS leak occurs when your system sends DNS queries to an unintended DNS server, potentially revealing your browsing history. In this article, we’ll focus on troubleshooting DNS leaks on a small Linux server using systemd-resolved.
When dealing with network connectivity issues in Linux, I’ve found the ss command to be one of the most useful tools in my toolkit. ss stands for “socket statistics” and is used to dump socket statistics. It can display stats for PACKET sockets, TCP sockets, UDP sockets, DCCP sockets, RAW sockets, Unix domain sockets, and more. In practice, this command has helped me identify and resolve a wide range of network connectivity issues.
I’ve seen this go wrong when running a multi-service Linux host - local port conflicts can be a real headache. These conflicts arise when two or more services attempt to bind to the same port, causing one or more of them to fail. To troubleshoot local port conflicts, I usually start with the ss command and nftables on a Linux system.
A port conflict occurs when a service tries to bind to a port that is already in use by another service. This can happen when multiple services are configured to use the same port, or when a service is not properly configured to use a unique port. Don’t bother with the traditional netstat command - the ss command is a more modern replacement.
I’ve seen systemd-resolved cause its fair share of issues with split DNS and local hostnames, but it’s actually a powerful tool for managing DNS resolution on Linux systems. As part of the systemd ecosystem, it aims to improve the DNS resolution process and provide better integration with other systemd services.
Split DNS, or split-horizon DNS, is a technique used to provide different DNS responses based on the client’s location. This is commonly used in environments where internal and external DNS zones need to be separated - think of a company with an internal DNS zone for its internal network and a separate external DNS zone for its public-facing services. Don’t bother with split DNS if you don’t need it, but if you do, systemd-resolved can be configured to handle it.
[Read More]I’ve seen many Linux users struggle with Network Manager, a popular utility for managing network connections. It’s usually a straightforward tool, but sometimes it can be frustrating to deal with. One common issue is the “Network Manager Disabled” error, which can be tricky to resolve. In my experience, this error often occurs when Network Manager is unable to manage a network interface, and there are several reasons why this might happen.
[Read More]As a Linux user, you’re probably already thinking about how to harden your system for security. But when it comes to laptops, this process is even more crucial. I mean, think about it - laptops are portable, and they’re often connecting to various networks, some of which might not be entirely trustworthy. The rise in public Wi-Fi exploits in recent years only adds to the importance of securing your laptop. In this article, we’ll focus on firewall rules and network profiles to help you navigate these scenarios securely.
[Read More]