-
Recent Posts
- Postfix Operational tips
- Live stream to YouTube from a Raspberry Pi + webcam
- How to add private root CAs in SLES or Redhat
- Fishcam using Raspberry Pi and some network tricks
- The IT Detective agency: Live hack caught, partially stopped
- Evaluation of WPI’s multiple camera coprocessor using Raspberry Pi
- Google Hangouts Meet – what do these IPs all have in common?
- Consumer Tech: amazing little Bluetooth adapter for your car
- Great serial port concentrator: Raritan Dominion
- Counting active leases on an old ISC DHCP server
- The IT Detective Agency: Cisco Jabber Carriage Return problem fixed
- Latest spear phishing: your password plus extortion
- Voice and data vlans on one switch port, no vlan tagging: how does that work?
- Solution to this week’s NPR puzzle using simple Linux commands, again
- The IT detective agency: rogue IPv6 device messes up DHCP for entire subnet
- Where is my IP without the aggressive ads
- What credit card fraud looks like
- NJ homeowners: how to sell your SRECs from your solar panels
- Linux tip: how to enable remote syslog on SLES
- Suppress /apple-touch-icon URLs on an F5 ASM
-
Recent Comments
- Dheeraj on Amazon Fire Stick/Sony BRAVIA TV compatibility problem – one solution
- Johnson on Amazon Fire Stick/Sony BRAVIA TV compatibility problem – one solution
- Hayat Rafique on Superimpose grid on video ouput from an IP camera
- sachin on Amazon Fire Stick/Sony BRAVIA TV compatibility problem – one solution
- john on Amazon Fire Stick/Sony BRAVIA TV compatibility problem – one solution
Archives
Categories
- Admin
- Ajax
- Apache
- CentOS
- Consumer Tech
- Digital Currency
- DNS
- Exchange Online
- First Robotics
- flot
- Home Computing
- Hosting Service
- Image Manipulation
- Internet Mail
- IT Operational Excellence
- JavaScript
- jquery
- Linux
- Network Technologies
- ntp
- Perl
- Popular Science
- Proxy
- Python
- Raspberry Pi
- Scams
- Security
- SLES
- Spam
- TCP/IP
- Uncategorized
- Web Site Technologies
Meta
Category Archives: Security
The latest on handling of SHA-1 certificates by the major browsers
Intro A certain organization is still using SHA-1 certificates internally, in spite of years of warnings, as I write this in February, 2017. But in the security world lack of action = eventual weakness. Ignorance is not bliss and putting … Continue reading
The IT Detective agency: the case of the incompatible sftp client
Intro I was asked for assistance with this sftp problem: $ sftp <user@host> DH_GEX group out of range: 1536 !< 1024 !< 8192 Couldn’t read packet: Connection reset by peerDH_GEX group out of range: 1536 !< 1024 !< 8192 Couldn’t … Continue reading
drjohnstechtalk now uses HTTP Strict Transport Security, HSTS
Intro I was reading about a kind of amazingly thorough exploit which could be done using a Raspberry Pi zero. Physical access is required, but the scope of what this guy has figured out and put together is really amazing. … Continue reading
Roll your own dynamic DNS update service
Intro I know my old Cisco router only has built-in support for two dynamic DNS services, dyndns.org and TZO.com. Nowadays you have to pay for those, if even they work (the web site domain names seem to have changed, but … Continue reading
Posted in CentOS, DNS, Linux, Network Technologies, Raspberry Pi, Security, Web Site Technologies
Tagged crontab, nsupdate, PHP, sudo
Leave a comment
Internet Explorer can’t access https page – maybe a client CERT is needed?
Intro I don’t see such issues often, but today two came to my attention. Both are quasi-government sites. Here’s an example of what you see when testing with your browser if it’s Internet Explorer: The details Just for the fun … Continue reading
IP address wall of shame
Intro It can be very time-consuming to report bad actors on the Internet. The results are unpredictable and I suppose in some cases the situation could be worsened. Out of general frustration, I’ve decided to publicly list the worst offenders. … Continue reading
Idea for free web server certificates: Let’s Encrypt
Intro I’ve written various articles about SSL. I just came across a way to get your certificates for free, letsencrypt.org. But their thing is to automate certificate management. I think you have to set up the whole automated certificate management … Continue reading
Posted in Admin, Apache, CentOS, Network Technologies, Security, Web Site Technologies
Tagged ACME, acme.sh, CERTbot, Let's Encrypt
Leave a comment
Microsoft Exchange Online Protection is not PCI compliant
Intro Microsoft’s cloud offering, Office 365, is pretty good for enterprises. It’s clear a lot of thought has been put into it, especially the security model. But it isn’t perfect and one area where it surprisingly falls short is compliance … Continue reading
The IT Detective Agency: Cisco Jabber stopped working for some using WAN connections
Intro This is probably the hardest case I’ve ever encountered. It’s so complicated many people needed to get involved to contribute to the solution. Initial symptoms It’s not easy to describe the problem while providing appropriate obfuscation. Over the course … Continue reading
Posted in Admin, Network Technologies, Proxy, Security, TCP/IP, Web Site Technologies
Leave a comment
The IT Detective Agency: WordPress login failure leads to discovery of ssh brute force attack
Intro Yes my WordPress instance never gave any problems for years. Then one day my usual username/password wouldn’t log me in! One thing led to another until I realized I was under an ssh brute force attack from Hong Kong. … Continue reading
Posted in Admin, CentOS, Linux, Security
Tagged AWS Security Groups, btmp, DenyHosts, fail2ban
Leave a comment