SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Friday, August 22nd, 2025: The -n switch; Commvault Exploit; Docker Desktop Escape Vuln;
Aug 22, 2025
The importance of using the '-n' command line switch is highlighted, focusing on how it can enhance operational security by disabling reverse DNS lookups. Recent vulnerabilities in Commvault's enterprise backup solution are discussed, urging immediate patches for users. Additionally, a concerning Docker Desktop vulnerability is unveiled, revealing how attackers could escape from containers to compromise the host system. The insights stress the need for developers to prioritize security in their software.
AI Snips
Chapters
Transcript
Episode notes
Wireshark Preserves Time-Accurate Name Mappings
- Wireshark can reconstruct IP-to-name mappings from captured DNS queries at capture time, avoiding later, risky lookups.
- This preserves the exact host-name relationships as they existed when the traffic was recorded.
Disable Reverse DNS With -n
- Disable reverse DNS lookups with the -n switch when capturing or analyzing packets to avoid leaking DNS queries.
- Use tools' -n option to prevent live name resolution and protect operational security.
Patch Commvault Now
- Patch Commvault immediately if you use their enterprise backup solution to close the disclosed chains.
- Review authentication and command handling code to learn from these vulnerabilities even if you don't run Commvault.