The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,708 other followers

Archive for the ‘Communications Development’ Category

« Previous Entries

Some links about the TCP SACK PANIC attacks on Linux and FreeBSD Kernels

Posted by jpluimers on 2019/06/20

The TCP SACK vulnerabilities as found by Netflix: [WayBack] security-bulletins/2019-001.md at master · Netflix/security-bulletins · GitHub.

Easy, but slow workaround from [WayBack] linux – How to disable TCP SACK for CentOS? – Super User:

Temporary (until boot):

echo "0" > /proc/sys/net/ipv4/tcp_sack

Permanent (even after boot):

echo "net.ipv4.tcp_sack = 0" >> /etc/sysctl.conf
sysctl -p

Coverage:

–jeroen

Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Power User, Security, TCP | Leave a Comment »

draft-ietf-appsawg-http-forwarded-10 – Forwarded HTTP Extension (X-Forwarded-For, X-Forwarded-By, and X-Forwarded-Proto)

Posted by jpluimers on 2019/05/21

Since many HTTP stacks do not have fields for this so it’s hard to get the originating IP address:

It is about these HTTP header fields with and without X- prefix:

  • Forwarded
  • X-Forwarded-For
  • X-Forwarded-By
  • X-Forwarded-Proto

Note that widely used tools like HAProxy do not always fully adhere to the “standard”…

Via:

–jeroen

Posted in Communications Development, Development, HTTP, Internet protocol suite, Software Development, TCP | Leave a Comment »

scp a remote file to a local machine

Posted by jpluimers on 2019/03/15

For me, scp is like tar; somehow I Google this every time…

  1. On the remote machine, find out the full path of the remote file: 
    ~ # ssh username@192.168.71.123
...
~ # ls -alh `find /vmfs/volumes/ | grep -w W81Entx64CI | grep '\.vmdk$'`
-rw-------    1 root     root      200.0G Aug 26 22:48 /vmfs/volumes/552f5788-33e30274-8dba-001f29022aed/VM/PSO/W81Entx64CI/W81Entx64CI-flat.vmdk
-rw-------    1 root     root         500 Aug 19 16:36 /vmfs/volumes/552f5788-33e30274-8dba-001f29022aed/VM/PSO/W81Entx64CI/W81Entx64CI.vmdk
  2. On the local machine, go to the right directory, then copy the file from the remote machine: 
    ~ # cd /vmfs/volumes/Samsung512NVME/PSO/VM/W81Entx64CI/
~ # time scp -v username@192.168.71.123:/vmfs/volumes/552f5788-33e30274-8dba-001f29022aed/PSO/W81Entx64CI/W81Entx64CI-flat.vmdk W81Entx64CI-flat.vmdk

 

I don't know what's worse--the fact that after 15 years of using tar I still can't keep the flags straight, or that after 15 years of technological advancement I'm still mucking with tar flags that were 15 years old when I started.

I don’t know what’s worse–the fact that after 15 years of using tar I still can’t keep the flags straight, or that after 15 years of technological advancement I’m still mucking with tar flags that were 15 years old when I started.

The last line will logon over ssh and shows the file transfer in a verbose way.

Requirements:

  • both machines have ssh
  • local machine has firewall entry to allow client ssh
  • remote machine has sshd and firewall entry to allow sshd server connections

Via [WayBackshell – How to scp a folder from remote to local? – Stack Overflow (thanks [WayBack] Gryphius)

Image source: [WayBackxkcd: tar

–jeroen

Posted in Communications Development, Development, Internet protocol suite, SSH, TCP | Leave a Comment »

IP over Avian Carriers

Posted by jpluimers on 2019/02/21

From the geek fun department: [WayBackIP over Avian Carriers – Wikipedia.

I learned through this slightly after the fight to keep HTTP status code 418 (I’m a teapot) which is part of RFC2324 released on April 1st, 1998.

The IP over Avian Carriers is part of three RFCs, all released on April 1st in various years:

–jeroen

via: Http-statuscode ‘I’m a teapot’ is voorlopig veilig – IT Pro – .Geeks – Tweakers

Posted in Communications Development, Development, Fun, Geeky, HTTP, Internet protocol suite, Software Development, TCP | Leave a Comment »

Accessing storage (NAS) over the Internet via FTP | FRITZ!Box 7490 | AVM International

Posted by jpluimers on 2019/02/13

Of course you don’t want this. So by the time you read this, the connection has been closed.

For testing some Internet of Shit stuff from a client that cannot do SFTP, I needed a temporary FTP accessible connection.

These links helped:

TL;DR:

  1. Preparing the USB stick:
    1. Ensure the USB disk is FAT/FAT32/NTFS
    2. Create a directory in the root of the USB disk for the FTP user (for now: FtpDirectory)
    3. Insert the USB disk in the Fritz!Box
  2. Logon to the Fritz!Box web UI
    1. Configure a user for FTP:
      1. In the menu, go to System, then FRITZ!Box Users
      2. Click Add user
      3. Name the user (for now: MyFtpUser)
      4. Ensure that user *only* has a checkmark for `Access to NAS contents`
      5. Click the button Add directory
      6. In the popup click Select folder
      7. Choose the FtpDirectory you just made
      8. Click OK
      9. Ensure the read and write checkboxes are enabled
      10. Click OK
    2. Configure the USB stick for FPT access
      1. In the menu, go to Home Network, then USB Devices
      2. Observe if the device is visible and has the correct file system (if not: ask AVM)
      3. In the menu, go to Internet, then Permit Access
      4. Click on the FRITZ!Box Services
      5. Ensure there is a checkmark at Internet access to your storage media via FTP/FTPS enabled
      6. At TCP Port for FTP/FTPS, fill in 21 (many IoT devices cannot use a different port)
      7. Ensure there is *no* checkmark at Allow only secure FTP connections (FTPS)
      8. Make a note of the value after FTP address (something like ftp://example.org:21`)
      9. Click Apply
  3. Test

–jeroen

Posted in Communications Development, Development, Fritz!Box, FTP, Internet protocol suite, IoT Internet of Things, Network-and-equipment, Power User, Software Development, TCP | Leave a Comment »

« Previous Entries
 
%d bloggers like this: