Archive for the ‘Networking’ Category
by Jason Stewart
I recently noticed that “competitor research” and “SEO” bots were accounting for almost 60% of the traffic on my webserver. Here were the worst offenders: trendiction.com (trendictionbot) User Agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64; trendictionbot0.5.0; trendiction search; http://www.trendiction.de/bot; please let us know of any problems; web at trendiction.com) Gecko/20170101 Firefox/67.0" Network(s) – 144.76.0.0/16 (Hetzner […]
by Jason Stewart
When Information Technology (IT) is working, it is a force-multiplier that lets you do more with less. When IT is not working, loss and liability typically ensue: Internet and power outages become lost sales. Data breaches can lead to loss of customers, legal liability, and a damaged reputation. Lost or corrupted data—like customer lists or […]
by Jason Stewart
How many countries really need to see to your website?
POSTED: 2016-08-09
UPDATED:
2019-08-10
CATEGORIES:
Networking
by Jason Stewart
DNS done right!
by Jason Stewart
In the dark old days of not long ago, most web-based interactive content was delivered via ActiveX or NPAPI browser plug-ins (ex: Java, Flash, etc.). The danger of browser plug-ins is that once installed, they can do just about anything with your computer (read files, install viruses, alter system files, etc.). With the rise of […]
POSTED: 2015-12-23
UPDATED:
2017-01-28
CATEGORIES:
Networking,
Web
by Jason Stewart
System > General Setup > Enable IPv6 Support Interfaces > WAN > IPv6 Configuration > IPv6 Mode: DHCP Interfaces > LAN > IPv6 Mode: DHCP-PD (DHCP Prefix Delegation) Interfaces > LAN > IPv6 Prefix Delegation: 1 / 64 Interfaces > LAN > IPv6 RA: Send IPv6 router advertisements, Flags = “Managed” Firewall > IPv6 Rules […]
by Jason Stewart
To encrypt the transmission of e-mail from our e-mail clients (Outlook, Thunderbird, Windows Mail, iMail, iPhone Mail, Android Mail, etc.) to our e-mail servers, many of us (whether we know it or not) are using STARTTLS. STARTTLS is a way for clear text communication protocols to “upgrade” to a secured connection. If client and server […]
by Jason Stewart
Thanks to the recent NSA/Snowden allegations, all of the major websites have been sending every picture, post, and tweet over “secure” HTTP (HTTP/S). This particular usage of HTTP/S is FAANG moat-making, and security theater. HTTP/S only secures a connection between two endpoints. An endpoint would be a device (like your phone or desktop) or a […]
by Jason Stewart
It is a lot easier to help people with their computers when you can see their screen. VNC is a great way to share screens, but its traditional configuration can be challenging for someone in need of support. A more user-friendly way to provide support is via VNC Listening Mode. Instead of setting up a […]
by Jason Stewart
Most enterprise firewalls block all traffic not explicitly allowed by a rule. Because of this, people often fail to make proper allowances for ICMP in their firewall rules. The IETF has a great set of guidelines on ICMP filtering here: http://tools.ietf.org/html/draft-ietf-opsec-icmp-filtering-04 Some network guys will say, “I don’t want this server to be pinged or […]
POSTED: 2014-02-18
UPDATED:
2017-06-29
CATEGORIES:
Networking
by Jason Stewart
Is your Samba slow? Samba file sharing is great, but performance under Samba’s default configuration is fairly poor. Here are a few options that I add to my smb.conf to get the speed that I need: [global] # FORCE THE DISK SYSTEM TO ALLOCATE REAL STORAGE BLOCKS WHEN # A FILE IS CREATED OR EXTENDED […]
by Jason Stewart
I had a terrible experience last week. I had set up brand-new network equipment at a customer’s place. It was a stock configuration that I had deployed several times before. Yet for some strange reason, their network began to fail and recover mysteriously at highly irregular intervals. It took an after-hours troubleshooting session to identify […]
POSTED: 2013-05-10
UPDATED:
2016-12-25
CATEGORIES:
Networking
by Jason Stewart
If you have ever encountered the situation where name-based resolution fails, yet a check against dig or nslookup succeeds for the same hostname, you may be experiencing a conflict with Multicast DNS (mDNS) name resolution. On February 20, 2013, IETF published and approved RFC 6762 which reserves .local as a fake TLD for hostnames that […]
by Jason Stewart
ZyXel PLA-407 Powerline Pass-Thru Ethernet Adapter I have been experimenting with a ZyXel PLA-407 Powerline Pass-Thru Ethernet Adapter. Per the instruction manual, it “supports a data transfer rate of up to 200 Mbps.” Like most people, I get a fraction of this at best. Approximately 80 feet of 12 AWG 3-strand copper wiring connects the […]
POSTED: 2013-01-10
UPDATED:
2016-12-25
CATEGORIES:
Networking
by Jason Stewart
Step 1: Create the Certificate Signing Request (CSR) openssl req -nodes -newkey rsa:2048 -keyout mysite.com.key -out mysite.com.csr It will ask the following questions. Answer all of them except for the last two (challenge password and optional company name). If you do set a challenge password, each program which uses the certificate will also need to […]
by Jason Stewart
Enter config mode, create a local administrative user (in the event of RADIUS failure), and enable AAA new model: config t username admin privilege 15 password 0 <ADMIN PASSWORD> aaa new-model Specify the RADIUS server information: radius-server host <RADIUS SERVER IP> auth-port <RADIUS AUTH UDP PORT #> acct-port <RADIUS ACCT UDP PORT #> radius-server retransmit […]
POSTED: 2012-02-14
UPDATED:
2015-05-19
CATEGORIES:
Networking
by Jason Stewart
DO: Give VLANs descriptive names. Comment configuration lines as much as reasonably possible. Disable TELNET! Use SSH instead. (Requires crypto image on Cisco) Have a dedicated management VLAN and IP subnet. Limit access to the SSH console with layer 3 ACLs if possible. For correct timestamps, configure the clock to synchronize with a Network Time […]
Deprecated: str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated in /var/www/eggplant.pro/site/blog/wp-content/themes/eggplant2/inc/nav.php on line 14