Sometimes you just need a simple tool that works. udp_redirect is a tiny utility for redirecting UDP packets to another destination and sending responses back to the original sender. No iptables, no FIFO files, no pipes, no additional dependencies – just a single C file and a working binary.

I used it to redirect OpenVPN UDP traffic in order to hide the real IP address, and it turned out to be one of the simplest and most reliable solutions for quick UDP forwarding.

The tool listens on a given IP and port, forwards incoming packets to a specified destination, and remembers the sender's address. When a response comes back, it is sent to the original sender. This behavior is very similar to how symmetric NAT works.

There is also an echo mode, where all received packets are sent back to the sender, which is useful for testing and debugging.

The utility was originally used to test VoIP tools by looping RTP ports, but it can be handy in many networking and testing scenarios.

Non-routable IPv4 addresses appear everywhere: in private networks, VPNs, NAT setups, ISP infrastructure, and test environments – yet their purpose is often misunderstood.

This article provides a clear, RFC-based overview of non-routable IPv4 ranges, including private address space (RFC1918), CGNAT, loopback, link-local addressing, multicast, documentation networks, and reserved blocks. Real-world scenarios such as NAT and VPN usage are covered without unnecessary theory.

Modern distributed systems rarely operate in perfect network environments. Unstable Wi-Fi, overloaded routers, mobile links, and long WAN routes can easily break even well-designed applications. To understand how a service behaves under such conditions, QA teams must simulate real-world network degradation during testing.

Clumsy is a Windows-based tool that intercepts and manipulates network packets on the fly, allowing testers to reproduce latency, packet loss, duplication, reordering, corruption, and bandwidth limits without modifying application code. Built on top of the WinDivert driver, it affects traffic system-wide and makes it possible to validate client-server behavior in scenarios that are difficult to reproduce naturally.

Memory leaks in C and C++ applications often remain invisible until the system starts slowing down, consuming excessive RAM, or crashing under load. Standard monitoring and logs rarely reveal hidden issues such as silent leaks, misuse of dynamic memory, or undefined behavior inside large server components.

Valgrind is one of the most effective tools for dynamic memory analysis. It runs your application inside a virtual CPU, tracks every allocation, and exposes problems that are almost impossible to detect with regular tests. Memcheck helps identify leaks and invalid memory access, while Massif shows how memory usage grows over time – essential for understanding performance degradation.

If you work with C/C++ software or long-running services, this article will help you detect memory issues before they impact production.

Static SSH credentials-passwords or even keys-are increasingly risky. One leaked key or weak passphrase can mean full server compromise.

The solution? Add TOTP-based two-factor authentication. It's lightweight, standards-based, and works with any authenticator app (Google Authenticator, Authy, Raivo, etc.). No external services, no complex tooling.

I walk through enabling TOTP for SSH on modern Ubuntu and Debian systems using the google-authenticator PAM module-covering setup, safe testing lockout. All in five minutes.

Most CI/CD and backend systems come with built-in notifications – but what about standalone scripts, cron jobs, or custom services that still need reliable alerts? Telegram Bot API offers a simple, fast, cross-platform solution that requires no SDKs and takes only minutes to set up.

With just a bot token and a chat ID, engineers can send messages directly to Telegram through a single HTTP request.

Creating a bot via @BotFather, retrieving your chat ID, and sending a message through GET or POST makes Telegram an accessible, lightweight alerting channel for virtually any environment.

In an increasingly complex tooling landscape, Telegram's straightforward API proves that effective engineering doesn't need to be over-engineered. Sometimes the best solution is the one that just works – instantly.

Authentication and authorization are two core security processes that work together to protect systems and data. Authentication focuses on verifying a user's identity, while authorization defines what resources and actions that user is allowed to access. Understanding this distinction is crucial for building strong security.

A useful analogy is an airport: first, a passenger's identity is confirmed, and only then are their privileges determined – such as boarding class or lounge access. In digital systems the logic is the same. Authentication ensures users are genuine, and authorization grants specific permissions based on roles and policies. Proper configuration of both mechanisms is essential for any secure environment.

Wireshark remains one of the most trusted tools for network engineers, security teams, and integrators – and its true power comes from display filters that instantly cut through noisy packet captures.

From DHCP and ARP discovery to HTTP inspection and multicast debugging, the article provides practical, ready-to-use filters that engineers rely on every day. Whether you're troubleshooting a camera, analyzing DNS, or tracking HTTPS flows, these filters will dramatically speed up your Wireshark workflow.

This is the first post on this site. Technically, it's not my first attempt at blogging – but it is the first time I'm using my own lightweight CMS, built over a couple of weekends.

Past attempts didn't last. Time, as usual, was the main obstacle: urgent releases on my work, personal infrastructure troubles, relocations, and business trips – all pulled attention away. So yes, I'm cautiously optimistic this time. Let's see how long it lasts.

But here's the important part: this blog isn't meant to be groundbreaking or revolutionary. Think of it more as a public notebook – an extension of my personal knowledge base. Over the years, I've often found myself explaining seemingly simple, practical solutions to colleagues. Sometimes I'm even surprised: "Wait, you haven't seen this trick before? It's so easy to use!"

That's exactly what I want to share here: the "obvious" tricks, the small scripts, the configuration tweaks, the debugging workflows – things that save real time in day-to-day work but rarely make it into documentation or talks.

No fluff, I hope. No trends-for-the-sake-of-trends. Just working thinks

Let's begin...