DNS

Articles

Pokemon Emerald in WebAssembly(https://github.com/tripplyons/pokeemerald-wasm) Github wxt: Next-gen Web Extension Framework Skills for threat modeling, scanning, triage, patching, plus an autonomous scanning harness you can /customize A curated list of awesome 3D printing resources hermes-agent: It’s the only agent with a built-in learning loop - it creates skills from experience, improves them during use, nudges itself to persist knowledge, searches its own past conversations, and builds a deepening model of who you are across sessions. Run it on a $5 VPS, a GPU cluster, or serverless infrastructure that costs nearly nothing when idle. It’s not tied to your laptop - talk to it from Telegram while it works on a cloud VM. loupe: A privacy-focused iOS app that raises awareness about what native apps can see(https://apps.apple.com/cn/app/loupe-app%E8%83%BD%E7%9C%8B%E5%88%B0%E4%BB%80%E4%B9%88/id6766152470) LaunchNext: Bring your Launchpad back in MacOS26+ ,highly customizable, powerful, free. endlessh: SSH tarpit that slowly sends an endless banner iptables-tracer: Trace packets as they go through iptables chains serverless-dns: The RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io ouch: stands for Obvious Unified Compression Helper. It’s a CLI tool for compressing and decompressing various formats.(https://github.com/ouch-org/ouch#supported-formats) shpool: shpool is a service that enables session persistence by allowing the creation of named shell sessions owned by shpool so that the session is not lost if the connection drops. shpool can be thought of as a lighter weight alternative to tmux or GNU screen. While tmux and screen take over the whole terminal and provide window splitting and tiling features, shpool only provides persistent sessions. The biggest advantage of this approach is that shpool does not break native scrollback or copy-paste. capslock: is a capability analysis CLI for Go packages that informs users of which privileged operations a given package can access. This works by classifying the capabilities of Go packages by following transitive calls to privileged standard library operations. unregistry: Push docker images directly to remote servers without an external registry NetNewsWire is a free and open-source feed reader for macOS and iOS. It supports RSS, Atom, JSON Feed, and RSS-in-JSON formats. K4YT3X’s Hardened & Optimized Linux Kernel Parameters Turso is an in-process SQL database, compatible with SQLite. zizmor is a static analysis tool for GitHub Actions. RustFS is a high-performance, distributed object storage system built in Rust. Usage: is a spec and CLI for defining CLI tools. Arguments, flags, environment variables, and config files can all be defined in a Usage spec. It can be thought of like OpenAPI (swagger) for CLIs. SurfSense: An open source, privacy focused alternative to NotebookLM for teams with no data limits. ICANN implementation of the Registry Data Access Protocol (RDAP) OpenRDAP is a command line RDAP client implementation in Go. Article 1-Click GitHub Token Stealing via a VSCode Bug Linux 系统误将 chmod 权限改成了 000，如何恢复? Laptops all have built-in security tokens these days Tailscale and RustDesk: Secure remote access to all your desktops Unexpected security footguns in Go’s parsers 君子慎讀辭典中標注的「讀音」和「語音」是什麼？拜託別再「我汗你」了！ Linux 系统误将 chmod 权限改成了 000，如何恢复? #include <sys/stat.h> int main() { chmod("/usr/bin/chmod", 0755); return 0; } ubuntu@ubuntu:~$ which chmod /usr/bin/chmod ubuntu@ubuntu:~$ ls -lh /usr/bin/chmod lrwxrwxrwx 1 root root 8 Sep 27 2025 /usr/bin/chmod -> gnuchmod ubuntu@ubuntu:~$ ls -lh /usr/bin/gnuchmod -rwxr-xr-x 1 root root 67K Jan 23 21:34 /usr/bin/gnuchmod ubuntu@ubuntu:~$ sudo chmod 000 /usr/bin/chmod ubuntu@ubuntu:~$ ls -lh /usr/bin/chmod lrwxrwxrwx 1 root root 8 Sep 27 2025 /usr/bin/chmod -> gnuchmod ubuntu@ubuntu:~$ ls -lh /usr/bin/gnuchmod ---------- 1 root root 67K Jan 23 21:34 /usr/bin/gnuchmod ubuntu@ubuntu:~$ cat main.c #include <sys/stat.h> int main() { chmod("/usr/bin/chmod", 0755); return 0; } ubuntu@ubuntu:~$ gcc ./main.c ubuntu@ubuntu:~$ sudo ./a.out ubuntu@ubuntu:~$ ls -lh /usr/bin/chmod lrwxrwxrwx 1 root root 8 Sep 27 2025 /usr/bin/chmod -> gnuchmod ubuntu@ubuntu:~$ ls -lh /usr/bin/gnuchmod -rwxr-xr-x 1 root root 67K Jan 23 21:34 /usr/bin/gnuchmod Laptops all have built-in security tokens these days macOS https://github.com/yubico/libfido2

Wednesday, June 10, 2026 閱讀

Mosdns-X

Mosdns-X 讓 Linux 系統的 DNS 更快更乾淨：部署 Mosdns-X 安裝 bash <(curl -sL https://raw.githubusercontent.com/lidebyte/bashshell/refs/heads/main/mosdns-x-manager.sh) 設定 sudo tee /etc/mosdns-x/config.yaml > /dev/null <<'EOF' # mosdns-x 并发查询（无分流）配置 log: level: info file: /var/log/mosdns-x/mosdns-x.log plugins: # 缓存插件 - tag: cache type: cache args: size: 1024 lazy_cache_ttl: 1800 # 并发上游：取最先返回的可用答案 - tag: forward_all type: fast_forward args: upstream: # 阿里 - addr: "udp://223.5.5.5" - addr: "tls://dns.alidns.com" # DNSPod / doh.pub - addr: "udp://119.29.29.29" - addr: "tls://dot.pub" # Cloudflare - addr: "udp://1.1.1.1" - addr: "tls://cloudflare-dns.com" # Google - addr: "udp://8.8.8.8" - addr: "tls://dns.google" # 主流水线：小缓存 → 并发优选 - tag: main type: sequence args: exec: - cache - forward_all # 监听（双栈 UDP/TCP 53） servers: - exec: main listeners: - addr: :53 protocol: udp - addr: :53 protocol: tcp EOF systemd sudo tee /etc/systemd/system/mosdns.service > /dev/null <<'EOF' [Unit] Description=Mosdns-X DNS Accelerator After=network.target [Service] Type=simple User=root Group=root ExecStart=/usr/local/bin/mosdns-x start --as-service -d /usr/local/bin -c /etc/mosdns-x/config.yaml Restart=always RestartSec=5 StandardOutput=journal StandardError=journal SyslogIdentifier=mosdns [Install] WantedBy=multi-user.target EOF sudo systemctl daemon-reload sudo systemctl enable --now mosdns # 备份系统 DNS sudo cp -n /etc/resolv.conf /etc/resolv.conf.mosdns-backup # 改为使用本地 Mosdns-X echo -e "nameserver 127.0.0.1\noptions edns0" | sudo tee /etc/resolv.conf # 若 53 端口被 systemd-resolved 占用，可禁用它 sudo systemctl disable --now systemd-resolved 2>/dev/null || true # 如果想顺便加锁（防止被 DHCP 修改），加上 chattr 一起执行： echo -e "nameserver 127.0.0.1\n" > /etc/resolv.conf && chattr +i /etc/resolv.conf # 查看进程状态 sudo systemctl status mosdns --no-pager # 测试解析速度（第二次命中缓存更快） dig +stats www.google.com dig +stats www.baidu.com # 查看实时日志 tail -f /var/log/mosdns-x/mosdns-x.log

Sunday, November 9, 2025 閱讀

在瀏覽器輸入網址並送出後，到底發生了什麼事？

Sunday, July 18, 2021 閱讀

在 Ubuntu 22.04|20.04|18.04 安裝 PowerDNS 與 PowerDNS-Admin

在 Ubuntu 22.04|20.04|18.04 安裝 PowerDNS 與 PowerDNS-Admin 使用 Galera 複寫的 PowerDNS 主主架構 https://www.scaleway.com/en/docs/installing-powerdns-server-on-ubuntu-bionic/ 安裝 PowerDNS $ sudo apt update $ sudo apt install mariadb-server -y $ sudo mysql -u root CREATE DATABASE powerdns; GRANT ALL ON powerdns.* TO 'powerdns'@'localhost' IDENTIFIED BY 'Str0ngPasswOrd'; FLUSH PRIVILEGES; USE powerdns; CREATE TABLE domains ( id INT AUTO_INCREMENT, name VARCHAR(255) NOT NULL, master VARCHAR(128) DEFAULT NULL, last_check INT DEFAULT NULL, type VARCHAR(6) NOT NULL, notified_serial INT UNSIGNED DEFAULT NULL, account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE UNIQUE INDEX name_index ON domains(name); CREATE TABLE records ( id BIGINT AUTO_INCREMENT, domain_id INT DEFAULT NULL, name VARCHAR(255) DEFAULT NULL, type VARCHAR(10) DEFAULT NULL, content VARCHAR(64000) DEFAULT NULL, ttl INT DEFAULT NULL, prio INT DEFAULT NULL, change_date INT DEFAULT NULL, disabled TINYINT(1) DEFAULT 0, ordername VARCHAR(255) BINARY DEFAULT NULL, auth TINYINT(1) DEFAULT 1, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX nametype_index ON records(name,type); CREATE INDEX domain_id ON records(domain_id); CREATE INDEX ordername ON records (ordername); CREATE TABLE supermasters ( ip VARCHAR(64) NOT NULL, nameserver VARCHAR(255) NOT NULL, account VARCHAR(40) CHARACTER SET 'utf8' NOT NULL, PRIMARY KEY (ip, nameserver) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE TABLE comments ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, name VARCHAR(255) NOT NULL, type VARCHAR(10) NOT NULL, modified_at INT NOT NULL, account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL, comment TEXT CHARACTER SET 'utf8' NOT NULL, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX comments_name_type_idx ON comments (name, type); CREATE INDEX comments_order_idx ON comments (domain_id, modified_at); CREATE TABLE domainmetadata ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, kind VARCHAR(32), content TEXT, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind); CREATE TABLE cryptokeys ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, flags INT NOT NULL, active BOOL, content TEXT, PRIMARY KEY(id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX domainidindex ON cryptokeys(domain_id); CREATE TABLE tsigkeys ( id INT AUTO_INCREMENT, name VARCHAR(255), algorithm VARCHAR(50), secret VARCHAR(255), PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm); $ sudo systemctl disable systemd-resolved $ sudo systemctl stop systemd-resolved $ ls -lh /etc/resolv.conf lrwxrwxrwx 1 root root 39 Jul 24 15:50 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf $ sudo unlink /etc/resolv.conf $ echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf 新增 Ubuntu 22.04|20.04|18.04 的 PowerDNS 官方套件庫。

Friday, September 25, 2020 閱讀