The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,860 other subscribers

Archive for the ‘Hardware’ Category

« Previous Entries
Next Entries »

Schlechte Nachrichten für Fritz!box User: http://nic.box/ Euer http://fritz.b…

Posted by jpluimers on 2016/11/18

[WayBack] Schlechte Nachrichten für Fritz!box User: http://nic.box/ Euer http://fritz.box ist nicht mehr das, was es sein sollte. EDIT: Muahahaha … – Kristian Köhntopp – Google+

Now there is http://nic.box/ for the new [WayBackbox top level domain and AVM does not yet have the pre-registered fritz.box there effectuated (because .box is not in final registration state yet).

Kristian:

Schlechte Nachrichten für Fritz!box User: http://nic.box/ Euer http://fritz.box ist nicht mehr das, was es sein sollte.

EDIT: Muahahaha

kris@h1755802:~> host fritz.box
fritz.box has address 127.0.53.53
fritz.box mail is handled by 10 your-dns-needs-immediate-attention.box.

The joke is in the cryptic “your-dns-needs-immediate-attention” and usage of 127.0.53.53. to indicate a gTLD name collision.

Chrome knows about ICANN though and explains it in a slightly more readable form when browsing to http://fritz.box (:

Read the rest of this entry »

Posted in Chrome, Fritz!, Fritz!Box, Internet, Power User, Web Browsers | Leave a Comment »

Getting the vendor from an ethernet network MAC address on-line through the Wireshark OUI Lookup Tool.

Posted by jpluimers on 2016/11/18

In networks, often you want to know which manufacturer or vendor is behind a MAC address.

An easy way to look this up on-line is by using the
Wireshark · OUI Lookup Tool which should have had MAC or MAC address in the title.

It uses both the extensive /etc/manuf Wireshark Ethernet vendor codes and well-known MAC address prefixes (which is a long text file generated from several sources). Some of the prefixes are just the 24-bit (6-hex digit) OUIs, but others are much more fine grained.

What’s really cool is that the tool accepts a very lenient formatting of inputs: full, partial, various hex separators (including none), case insensitive, and vendor names/abbreviations. So entries like these magically work.

0000.0c
08:00:20
01-00-0C-CC-CC-CC
missouri

–jeroen

Posted in Ethernet, Network-and-equipment, Power User | Leave a Comment »

Kerlink IoT station page | LoRa | Semtech

Posted by jpluimers on 2016/11/07

This can be used for TheThingsNetwork.org.

Some downloads:

Attachments
File Last modified Size
Kerlink_gateway_channel_setup_v0.2.pdf 2015-05-18 17:20 838Kb
Kerlink_gateway_installation_R7.pdf 2015-08-13 14:32 805Kb
Python_gateway_spectrum_display.zip 2015-04-09 15:54 10Kb
kerlink_IoT_LoRa_update.zip 2015-08-13 14:27 63Kb
kerlink_IoT_LoRa_update_DHCP.zip 2015-08-13 14:27 64Kb

Source: Kerlink IoT station page | LoRa | Semtech

Posted in *nix, IoT Internet of Things, LoRa - Long Range wireless communications network, Network-and-equipment, Power User, Uncategorized | Leave a Comment »

Just blocked 95.131.[184|185|186|190|191].0/24 on my firewall because suspicious port scanning @WillHillBet

Posted by jpluimers on 2016/11/02

I just blocked these IP subnets on my routers:

  • 95.131.184.0/24
  • 95.131.185.0/24
  • 95.131.186.0/24
  • 95.131.190.0/24
  • 95.131.191.0/24

Within a day they managed to get 60+ IP addresses from these subnets into my port-scanner blacklists because of suspicious port scanning activities.

They mostly belong to Whg (International) Limited, Gibraltar and Whg (International) Limited, United Kingdom  which seem to be related to William Hill Organization Ltd, United Kingdom that I just blocked before.

If the situation continues I’m going to block the 95.131.184.0/26 superblock as well:

–jeroen

Continuation of Just blocked 141.138.130.0/24 and 141.138.131/24 on my firewall because suspicious port scanning @WillHillBet « The Wiert Corner – irregular stream of stuff

Posted in Internet, Network-and-equipment, Power User | Leave a Comment »

Just blocked 141.138.130.0/24 and 141.138.131/24 on my firewall because suspicious port scanning @WillHillBet

Posted by jpluimers on 2016/11/02

I just blocked these IP subnets on my routers:

  • 141.138.130.0/24
  • 141.138.131.0/24

Within a day they managed to get 80+ IP addresses from these subnets into my port-scanner blacklists because of suspicious port scanning activities.

They all belong to William Hill Organization Ltd, United Kingdom.

If the situation continues I’m going to block the superblock as well:

–jeroen

Posted in Network-and-equipment, Power User | 5 Comments »

Comcast: a tool to similate network problems on BSD and Linux – tylertreat/comcast

Posted by jpluimers on 2016/11/01

At first I thought Comcast was a really good joke by Kristian Köhntopp, but it is actually a really cool open source tool with an appropriate name:

Comcast is a tool designed to simulate common network problems like latency, bandwidth restrictions, and dropped/reordered/corrupted packets.

It is written in go and works on BDS and derivatives (including Mac OS X). It could probably made to work on Windows too.

The source is on Github: tylertreat/comcast

–jeroen

via: »Comcast is a tool designed to simulate common network problems like latency,…

Posted in Communications Development, Development, Internet protocol suite, Network-and-equipment, Software Development, TCP | Leave a Comment »

Another +ESP8266 gizmo, this time to automatically reboot your router…

Posted by jpluimers on 2016/10/28

Another +ESP8266 gizmo, this time to automatically reboot your router if connection is lost in order to get 24/7 connectivity. – Jean-Luc Aufranc – Google+

Source: Another +ESP8266 gizmo, this time to automatically reboot your router if…

Posted in Internet, Power User, routers | Leave a Comment »

I don’t have #IoT. I have #LoT. LAN of things. 

Posted by jpluimers on 2016/10/24

Interesting thought:

I don’t have #IoT. I have #LoT. LAN of things. My gadgets have no default gateway and cannot talk to the internet. Simple. Now I’m hoping for broad supp… – Jan Wildeboer – Google+

Devices in a separate LAN (or VLAN) with no default gateway and some firewall rules to access them from your regular LAN and update them through FWUPD an open source firmware update.

Sounds like a dream? We should all make it come true!

Read I don’t have #IoT. I have #LoT. LAN of things. for more ideas.

–jeroen

Posted in IoT Internet of Things, Network-and-equipment, Power User | Leave a Comment »

The IoT strikes back again: half a million IoT devices killed DYN DNS for hours, but fixing this will be hard

Posted by jpluimers on 2016/10/22

Less than a month after The IoT strikes back: 650 Gigabit/second and 1 Terabit/second attacks by IoT devices within a week the IoT struck back again: an estimated half a million IoT devices was used to perform multiple DDoS attacks against Dyn Managed DNS that took around 11 hours to resolve.

Google DNS appears to

Google DNS appears to “live” near me in Amsterdam

High availability usually involves a mix of DNS TTL and/or BGP routing. That’s typically how CDN providers like Cloudflare work (it’s one of the reasons that global DNS servers like Google’s 8.8.8.8 appear near to you and over time routes – some MPLS – to it change). Short DNS TTL can help CDN, requires a very stable DNS infrastructure and is similar to but different fromFast Flux network.

Last months attacks were on a security researcher and a single ISP. The Dyn DNS attack affected even more internet services (not just sites like Twitter, WhatsApp, AirBnB and Github). So I’m with Bruce Schneier that Someone Is Learning How to Take Down the Internet.

Handling these attacks is hard as the DDoS mitigation firms simply cannot handle the sudden increase of attack sizes yet. BCP38 should be part of mitigation, but the puzzle is big and fixing it won’t be easy though root-causes of bugs change as a lot of research is in progress.

I’m not alone in expecting it to get worse though before getting better.

On the client side, I learned that many users could cope by changing their DNS servers to either of these Public DNS Servers:

  • OpenDNS 208.67.222.222, 208.67.220.220, 208.67.222.220, 208.67.220.222
    • OpenDNS does a good job of handing “last known good” IPs when they can’t resolve.
  • Google Public DNS 8.8.8.8, 8.8.4.4
  • Level 3 DNS 4.2.2.1, 4.2.2.2, 4.2.2.3, 4.2.2.4, 4.2.2.5, 4.2.2.6

Some more interesting tidbits on the progress and mitigation on this particular attack are the over time heat-maps of affected regions and BGP routing changes below.

Read the rest of this entry »

Posted in CDN (Content Delivery Network), Cloud, Cloudflare, DNS, Hardware, Infrastructure, Internet, IoT Internet of Things, Network-and-equipment, Opinions, Power User | Leave a Comment »

Some notes on modifying NIB files on Mac OS X to add/change shortcuts

Posted by jpluimers on 2016/10/19

One of the nitpicks in VMware Fusion is that it has no keyboard shortcut for Resume or Suspend. I was trying to add Command-R and Command-S for those but that didn’t work out.

Since the links below seem to work for some other applications, I’ve kept them:

–jeroen

Posted in Apple, Development, Keyboards and Keyboard Shortcuts, Mac, Mac OS X / OS X / MacOS, MacBook, MacBook Retina, MacBook-Air, MacBook-Pro, MacMini, OS X 10.10 Yosemite, OS X 10.11 El Capitan, OS X 10.9 Mavericks, Power User, Software Development | Leave a Comment »

« Previous Entries
Next Entries »