For my link archive: [WayBack] Encode/Decode Quoted Printable – Webatic.
It did a splendid job at decoding email files in MIME format Quoted-printable.
–jeroen
Archive for the ‘Communications Development’ Category
JSONPlaceholder – Fake online REST API for developers
Posted by jpluimers on 2021/03/25
A great way for testing REST JSON calls is using the [WayBack] JSONPlaceholder – Fake online REST API for developers:
Fake Online REST API for Testing and Prototyping
Serving ~200M requests per month
Powered by JSON Server [WayBack] + LowDB [WayBack]
It is like [WayBack] Placeholder.com: Placeholder Images Done For You [JPG, GIF & PNG] but for JSON and supports both CORS and JSON-P for cross domain requests.
You can either use that site (which has a predefined set of REST calls) or the basic [WayBack] My JSON Server – Fake online REST server for teams that allows you to respond it to a db.json file from github:
Fake Online REST server for teams
Create a JSON file on GitHub
github.com/user/repo/master/db.json{ "posts": [ { "id": 1, "title": "hello" } ], "profile": { "name": "typicode" } }Get instantly a fake server
my-json-server.typicode.com/user/repo/posts/1{ "id": 1, "title": "hello" }
Related
- [WayBack] typicode · GitHub
- [WayBack] GitHub – typicode/json-server: Get a full fake REST API with zero coding in less than 30 seconds (seriously)
Documentation
There is basic documentation at the repository [WayBack] GitHub – typicode/jsonplaceholder: A simple online fake REST API server:
Share this:
Posted in Communications Development, Development, HTTP, Internet protocol suite, JavaScript/ECMAScript, JSON, REST, Scripting, Software Development, TCP | Leave a Comment »
Some links with notes on WoonVeilig/Egardia security system communications, protocols and support by 3rd party home automation apps
Posted by jpluimers on 2021/03/23
Security issues for older models (mainly GATE01 and WV-1716 systems; which used a lot of Climax components):
- [WayBack] Woonveilig Alarmpanel – Domoticz
- [WayBack] Woonveilig Alarm System – Older models (WV-1716 & GATE01) – Share your Projects! – Home Assistant Community
- [WayBack] Eins, zwei, drei, vier, drin | c’t | Heise Magazine
A more recent security review:
- a privacy label for IoT products in a consumer market
- [WayBack] Diermen_R_van_2018_CS.pdf
- [WayBack] The Internet of Things: a privacy label for IoT products in a consumer market
- [WayBack] The Internet of Things: a privacy label for IoT products in a consumer market – Cyber Security Academy
This thesis is about the design of an IoT privacy label and the methodologies to collect the necessary information to populate the privacy label for an IoT product and its entire ecosystem. The privacy risks of IoT ecosystems are determined by testing all components in the ecosystem for vulnerabilities. These vulnerabilities can be found by security scans, penetration tests and audits, and quantified by using the Common Vulnerability Scoring System (CSS). The level of the privacy risk can be determined and expressed by combining the sensitivity of the personal information being processed and the vulnerabilities in the IoT ecosystem. A conceptual six-layer IoT service model has been developed to better understand the architecture of the IoT product and to structurally test all components. Three case studies were performed in this research to assess and improve the methodologies and design of the privacy label.
Key words: IoT ecosystem, privacy risk matrix, privacy label, IoT security testing
Physical security is important too; ensure the system is in an enclosed closet, powered by a UPS and your communication lines are secured as well: [WayBack] Manipulationen an Alarmanlagen verhindern – Smarthomewiki
Dutch links on the hardware connections and protocols used:
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: projecten
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: Woonveilig systeem project 1 (adding classic reedcontacts to your Egardia door/window sensor)
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling:
- gate01.alt.egardia.com
- ics.egardia.com
- http://www.woonveilig.nl
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: Woonveilig alarmsysteem lokale toegang
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: Woonveilig alarmsysteem gekoppeld aan Raspberry Pi
More recent information:
- [WayBack] Egardia – Home Assistant: Instructions on how to setup Egardia / Woonveilig within Home Assistant.
- [WayBack] GitHub – jeroenterheerdt/python-egardia: Python library to interface with Egardia / Woonveilig alarm
API usage:
- [WayBack] Announcement: mozaiq expands Egardia alarm system • mozaiq
- [WayBack] Woonveilig / Eguardia support – Ideas & Suggestions – Homey Community Forum
- [WayBack] WoonVeilig App | Case Study | The Mobile Company
More subdomains (in 2019) via:
- [WayBack] How to find Subdomains of a Domain in Minutes?
- woonveilig.nl
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- woonveilig.nl
- htbridge.com: SSL Security Test of woonveilig.nl
- alarmsysteem.woonveilig.nl
- woonveilig.nl
- cms.woonveilig.nl
- http://www.woonveilig.nl
- mijn.woonveilig.nl
- dnsdumpster.com: [WayBack] woonveilig.nl-201903251445.xlsx
-
alarmsysteem.woonveilig.nl mijn.woonveilig.nl srv01.woonveilig.nl http://www.woonveilig.nl
-
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- egardia.com
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- my.egardia.com
- egardia.com
- cms.egardia.com
- mobile.egardia.com
- http://www.egardia.com
- ftp.egardia.com
- localhost.egardia.com
- mail.egardia.com
- htbridge.com: SSL Security Test of egardia.com
- cam05.dev03.egardia.com
- dev03.egardia.com
- egardia.com
- http://www.egardia.com
- my.egardia.com
- rt.egardia.com
- dnsdumpster.com: [WayBack] egardia.com-201903251438.xlsx
-
dev03.egardia.com stream01.dev03.egardia.com cam05.dev03.egardia.com app01.egardia.com app02.egardia.com cpe01.egardia.com cpe02.egardia.com ftp01.egardia.com ftp02.egardia.com galera01.egardia.com galera02.egardia.com galera03.egardia.com lb01.egardia.com lb02.egardia.com mailout.egardia.com my.egardia.com nfs01.egardia.com nuance01.egardia.com sip01.egardia.com sql01.egardia.com sql02.egardia.com rt.egardia.com srv01.egardia.com http://www.egardia.com stream01.egardia.com stream02.egardia.com
-
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- woonveilig.nl
–jeroen
Share this:
Posted in Communications Development, Development, Power User, Security, Software Development | Leave a Comment »
Postfix TLS Support
Posted by jpluimers on 2021/02/25
For my link archive:
- [WayBack] Postfix TLS Support
Topics covered in this section:
- Server-side certificate and private key configuration
- Server-side forward-secrecy configuration
- Server-side TLS activity logging
- Enabling TLS in the Postfix SMTP server
- Client certificate verification
- Supporting AUTH over TLS only
- Server-side TLS session cache
- Server access control
- Server-side cipher controls
- Miscellaneous server controls
- [WayBack] Adding TLS support to Postfix
- [WayBack] How to secure Postfix using Let’s Encrypt – UpCloud
- [WayBack] How to configure TLS encryption in Postfix – Zurgl (adding it to an existing Postfix configuration)
- [WayBack] enforce TLS on incoming mail in postfix – Server Fault
- [WayBack] Postfix and TLS encryption
In this post I will show how I setup a smtp server running Postfix with TLS encryption and with the correct cyphers. So that email between smtp servers where possible is using strong email encryption.
–jeroen
Share this:
Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, postfix, Power User, SMTP | Leave a Comment »
🔎Julia Evans🔍 on Twitter: “ngrep: grep your network!… “
Posted by jpluimers on 2021/02/16
[WayBack] 🔎Julia Evans🔍 auf Twitter: “ngrep: grep your network!… “
So this taught me a new tool and other new things:
- ngrep – Wikipedia
ngrep is similar to tcpdump, but it has the ability to look for a regular expression in the payload of the packet, and show the matching packets on a screen or console. It allows users to see all unencrypted traffic being passed over the network, by putting the network interface into promiscuous mode.
ngrep with an appropriate BPF filter syntax, can be used to debug plain text protocols interactions like HTTP, SMTP, FTP, DNS, among others, or to search for a specific string or pattern, using a grep regular expression syntax.[4][5]
ngrep also can be used to capture traffic on the wire and store pcap dump files, or to read files generated by other sniffer applications, like tcpdump, or wireshark.
ngrep has various options or command line arguments. The ngrep man page in UNIX-like operating systems show a list of available options.
- [WayBack] GitHub – jpr5/ngrep.
ngrep is like GNU grep applied to the network layer. It’s a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
- [WayBack] BPF syntax
- Berkeley Packet Filter – Wikipedia
–jeroen
Share this:
Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Power User, Software Development, Wireshark | Leave a Comment »
