SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Friday, August 22nd, 2025: The -n switch; Commvault Exploit; Docker Desktop Escape Vuln;
Aug 22, 2025
The importance of using the '-n' command line switch is highlighted, focusing on how it can enhance operational security by disabling reverse DNS lookups. Recent vulnerabilities in Commvault's enterprise backup solution are discussed, urging immediate patches for users. Additionally, a concerning Docker Desktop vulnerability is unveiled, revealing how attackers could escape from containers to compromise the host system. The insights stress the need for developers to prioritize security in their software.
AI Snips
Chapters
Transcript
Episode notes
Disable Reverse DNS With -n
- Disable reverse DNS lookups with the -n switch when capturing or analyzing packets to avoid leaking DNS queries.
- Use tools' -n option to prevent live name resolution and protect operational security.
Wireshark Preserves Time-Accurate Name Mappings
- Wireshark can reconstruct IP-to-name mappings from captured DNS queries at capture time, avoiding later, risky lookups.
- This preserves the exact host-name relationships as they existed when the traffic was recorded.
Commvault Flaws Chain To Pre-Auth RCE
- WatchTowr disclosed multiple Commvault vulnerabilities that chain from login command injection to pre-auth RCE.
- These flaws show how authentication and command handling mistakes can lead to full product compromise.