Piotr Duszynski edited this page Jan 4, 2019 · 9 revisions


1. What does "Modlishka" mean?

It's an english pronunciation of a polish word "modliszka". Which means mantis.

2. Is 2FA broken ? How can I properly protect myself?

2FA isn't broken. At the end it is all about 'social engineering' that you will have to be stay alert about. Which can be e-mail, phone, post or face2face based.

If you don't want to always verify if the domain name in the URL address bar of your browser isn't somehow malicious or worry if there's yet another URL spoofing bug, then consider switching to U2F protocol.

3. Some website do not work properly. What should I do?

You will have to instruct the proxy how to handle responses that contain non trivial FQDNs, obfuscated JavaScript code, dynamically added html security attributes (like "integrity"),etc. This requires some manual tuneup of your configuration file.

The following parameters will be helpful to do this:

  -rules string
    	Comma separated list of 'string' patterns and their replacements. 

  -targetRes string
    	Comma separated list of target subdomains that need to pass through the proxy 

Refer to the 'How to use' for further explanation page.

Note: In case of SSL certificate warnings for nested subdomains this might be related to this 'enhancement' issue.

4. Error: too many open files.

You will have to increase your connection limits:

  # ulimit -n 102400
  # sysctl -w net.ipv4.tcp_tw_reuse=1
  # sysctl -w net.ipv4.tcp_tw_recycle=1
  # sysctl -w net.ipv4.ip_local_port_range=50000
  # echo 300000 > /proc/sys/fs/nr_open
  # echo 300000 > /proc/sys/fs/file-max
Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.