Posted by jpluimers on 2021/11/26
[WayBack] 75 Funny Wifi Names (as I already run “Disconnected” and “Access Denied”).
Related blog posts:
–jeroen
Posted in Fun, Network-and-equipment, Power User, WiFi | Leave a Comment »
Posted by jpluimers on 2021/11/25
Cool: [Wayback/Archive.is] GitHub – TimeToogo/tunshell: Remote shell into ephemeral environments 🐚 🦀
Via: [Archive.is] Jan Schaumann on Twitter: “This looks neat: on-demand remote shell into ephemeral environments, e.g. CI/CD pipeline container. Both sides fetch a client, use rendezvous server to negotiate session info, then establish connection or fall back to proxy through rendezvous. “
Posted in Communications Development, Development, DevOps, HTTP, Infrastructure, Internet protocol suite, Power User, Software Development, TCP, WebSockets | Leave a Comment »
Posted by jpluimers on 2021/11/24
An important [Wayback/Archive] A01:2021 – Broken Access Control, in German, is a pre-amble for a future post about getting a feel how to counter the vulnerabilities that OWASP tracks and documents.
Basically remember that Broken Access Control is by far the most vulnerable feature in applications:
Broken Access Control war 2017 auf Platz 5 und ist jetzt Problem #1. 94 % der getesteten Anwendungen hatten irgendeine Form von defekter Zugangskontrolle. Der ehemalige #1 Dauerbrenner Injection ist nur noch auf Platz 3.
Basically the top 3 changed dramatically between 2017 and 2021. The new top-3 is below. Please get acquainted with it.
Moving up from the fifth position, 94% of applications were tested for some form of broken access control with the average incidence rate of 3.81%, and has the most occurrences in the contributed dataset with over 318k. Notable Common Weakness Enumerations (CWEs) included are CWE-200: Exposure of Sensitive Information to an Unauthorized Actor, CWE-201: Exposure of Sensitive Information Through Sent Data, and CWE-352: Cross-Site Request Forgery.
Shifting up one position to #2, previously known as Sensitive Data Exposure, which is more of a broad symptom rather than a root cause, the focus is on failures related to cryptography (or lack thereof). Which often lead to exposure of sensitive data. Notable Common Weakness Enumerations (CWEs) included are CWE-259: Use of Hard-coded Password, CWE-327: Broken or Risky Crypto Algorithm, and CWE-331 Insufficient Entropy .
Injection slides down to the third position. 94% of the applications were tested for some form of injection with a max incidence rate of 19%, an average incidence rate of 3%, and 274k occurances. Notable Common Weakness Enumerations (CWEs) included are CWE-79: Cross-site Scripting, CWE-89: SQL Injection, and CWE-73: External Control of File Name or Path.
Via; [Archive] Kristian Köhntopp on Twitter: “Vieles aus diesem Thread ist nun geordneter in … zu finden.… “
Very much related as A01 was the basic cause of GitHub’s commitment to npm ecosystem security | The GitHub Blog – no npm package can historically ben tracked to be authentic.
We determined that this vulnerability was due to inconsistent authorization checks and validation of data across several microservices that handle requests to the npm registry. In this architecture, the authorization service was properly validating user authorization to packages based on data passed in request URL paths. However, the service that performs underlying updates to the registry data determined which package to publish based on the contents of the uploaded package file.
–jeroen
Posted in Development, Power User, Security, Software Development | Leave a Comment »
Posted by jpluimers on 2021/11/24
A few scripts and tips I found Googling around.
I have seen the below delete-from-mailq.pl script numerous time, usually without any attribution (for instance [Wayback] Postfix Flush the Mail Queue – nixCraft and [Wayback] postfix-delete.pl – Following script deletes all mail from the mailq which matches the regular expression specified as the first argument · GitHub).
The earliest version I could find was in [Wayback] ‘Re: delete messages from mailq’ – MARC by [Wayback] ‘Ralf Hildebrandt ‘ posts – MARC:
--- snip ---
#!/usr/bin/perl
$REGEXP = shift || die "no email-adress given (regexp-style, e.g. bl.*\@yahoo.com)!";
@data = qx</usr/sbin/postqueue -p>;
for (@data) {
if (/^(\w+)\*?\s/) {
$queue_id = $1;
}
if($queue_id) {
if (/$REGEXP/i) {
$Q{$queue_id} = 1;
$queue_id = "";
}
}
}
#open(POSTSUPER,"|cat") || die "couldn't open postsuper" ;
open(POSTSUPER,"|postsuper -d -") || die "couldn't open postsuper" ;
foreach (keys %Q) {
print POSTSUPER "$_\n";
};
close(POSTSUPER);
--- snip ---
And then use:
% delete-from-mailq "^test"
[Wayback] How do I check the postfix queue size? – Server Fault
Lots of great answers and pointers to useful guides/software there.
qstat[Wayback] Postfix Bottleneck Analysis points to [Wayback] Postfix manual – qshape(1): qshape - Print Postfix queue domain and age distribution, then explains about different scenarion and queues:
- [Wayback] Introducing the qshape tool
- [Wayback] Trouble shooting with qshape
- [Wayback] Example 1: Healthy queue
- [Wayback] Example 2: Deferred queue full of dictionary attack bounces
- [Wayback] Example 3: Congestion in the active queue
- [Wayback] Example 4: High volume destination backlog
- [Wayback] Postfix queue directories
postqueue
postqueue -p | tail -n 1Last line in the
postqueue -pshows how many requests and size:
-- 317788 Kbytes in 11860 Requests.
I tried finding the original posting of the below script, but could not. If you find it, please let me know.
#!/usr/bin/env perl # postfix queue/s size # author: # source: http://tech.groups.yahoo.com/group/postfix-users/message/255133 use strict; use warnings; use Symbol; sub count { my ($dir) = @_; my $dh = gensym(); my $c = 0; opendir($dh, $dir) or die "$0: opendir: $dir: $!\n"; while (my $f = readdir($dh)) { if ($f =~ m{^[A-F0-9]{5,}$}) { ++$c; } elsif ($f =~ m{^[A-F0-9]$}) { $c += count("$dir/$f"); } } closedir($dh) or die "closedir: $dir: $!\n"; return $c; } my $qdir = `postconf -h queue_directory`; chomp($qdir); chdir($qdir) or die "$0: chdir: $qdir: $!\n"; printf "Incoming: %d\n", count("incoming"); printf "Active: %d\n", count("active"); printf "Deferred: %d\n", count("deferred"); printf "Bounced: %d\n", count("bounce"); printf "Hold: %d\n", count("hold"); printf "Corrupt: %d\n", count("corrupt");
[Wayback] Inspecting Postfix’s email queue – Tech-G explaining about:
mailqpostqueue -ppostcat -vq XXXXXXXXXX(whereXXXXXXXXXXis the message ID)postqueue -f/postfix flushpostsuper -dto delete messages
More of these in [Wayback] Postfix Mail Queue Management – Linux Hint and [Wayback] Postfix Bottleneck Analysis: queues.
MakefileBased on [Wayback] Using “make” for Postfix file maintenance
MAPS = relays.db aliases.db transport.db relocated.db \
virtual.db sender_checks.db rejected_recips.db \
helo_access.db
all : $(MAPS)
aliases.db : aliases
newaliases
%.db : %
postmap $*
This is my Makefile that runs fine on Tumbleweed (note: all 8-space indents are TAB characters):
MAPS = /etc/aliases.db \ transport.db \ virtual.db \ helo_access.db \ canonical.db \ sasl_passwd.db \ relocated.db \ relay.db \ access.db \ relay_ccerts.db \ sender_canonical.db all : $(MAPS) aliases.db : aliases @echo "Rebuilding $@." newaliases %.db : % @echo "Rebuilding $@." postmap $*
In the future, I might try [Wayback] Makefile.postfix · GitHub, though I think it is convoluted:
| ## Postfix: Makefile to update *.db files | |
| POSTCONF= /usr/sbin/postconf | |
| POSTMAP= /usr/sbin/postmap | |
| default: postmap | |
| postmap: Makefile.postmap | |
| @echo 'Updating database files …' | |
| $(MAKE) -f Makefile.postmap | |
| Makefile.postmap: main.cf | |
| @echo 'Updating $@ …' | |
| @set -e; \ | |
| rm -f $@.$$$$.tmp; \ | |
| echo 'POSTMAP=$(POSTMAP)' >>$@.$$$$.tmp; \ | |
| echo 'postmap::' >>$@.$$$$.tmp; \ | |
| config_directory="$(PWD)"; \ | |
| { $(POSTCONF) -c $(PWD) || kill $$$$; } \ | |
| |tr ' ' '\n' \ | |
| |sed -n \ | |
| -e 's/,$$//' \ | |
| -e 's#^hash:\$$config_directory/##p' \ | |
| -e 's#^hash:'"$$config_directory/##p" \ | |
| |sort -u \ | |
| |while read mapfile; do \ | |
| echo "postmap:: $$mapfile.db" >>$@.$$$$.tmp; \ | |
| echo "$$mapfile.db: $$mapfile" >>$@.$$$$.tmp; \ | |
| echo " \$$(POSTMAP) $$<" >>$@.$$$$.tmp; \ | |
| done; \ | |
| mv $@.$$$$.tmp $@ |
Ralf Hildebrandt is an active and well-known figure in the Postfix community. He’s a systems engineer for T-NetPro, a German telecommunications company and has spoken about Postfix at industry conferences and contributes regularly to a number of open source mailing lists.
Co-author of this book: [Wayback: Book of Postfix State-of-the-Art Message Transport ISBN 9781593270018] (which used to have its own site: [Wayback: The Book of Postfix]
Book of Postfix
State-of-the-Art Message Transport
Publisher: No Starch PressRelease Date: March 2005Pages: 496 Best practices for Postfix–the popular alternative to Sendmail. Developed with security and speed in mind, Postfix has become a popular alternative to Sendmail and comes preinstalled in many Linux distributions as the default mailer. The Book of Postfix is a complete guide to Postfix whether used at home, as a mailrelay or virus-scanning gateway, or as a company mailserver. Practical examples show how to deal with daily challenges like protecting mail users from spam and viruses, managing multiple domains, and offering roaming access.
This is a great review of the book: [Wayback] The Book of Postfix (Ralf Hildebrandt, Patrick Koetter)
For my postfix studies… « The Wiert Corner – irregular stream of stuff
–jeroen
Posted in *nix, *nix-tools, bash, Communications Development, Development, Internet protocol suite, Makefile, postfix, Power User, Scripting, SMTP, Software Development | Leave a Comment »
Posted by jpluimers on 2021/11/23
A long time ago, I experimented a bit with if this then that, but found it too limited for my purposes. Though there were many integrations, the level of automation wsa very limited, especially in the kinds and flexibility of rules. Nice idea, not well executed.
By now, they even charge for it.
So here are some alternatives you might want to use:
Easily create automated workflows with Microsoft Power Automate, previously Microsoft Flow, to improve productivity with business process automation.
Via [Wayback] Ifttt introduceert betaald Pro-abonnement en beperkt gratis versie – Beeld en geluid – Nieuws – Tweakers
–jeroen
Posted in Development, Power User, Software Development | Leave a Comment »
Posted by jpluimers on 2021/11/22
[Wayback/Archive] SNPG – Aanmelden patiënten met een afweerstoornis voor derde prik
Om een patiënt door te verwijzen kunt u een uitnodigingsbrief aanmaken door het volgende formulier in te vullen: [Wayback/Archive] www.formdesk.nl/rivm2/immuno2021. Als u de naam, het adres, woonplaats en emailadres van de patiënt invult in wordt er een uitnodigingsbrief aangemaakt. Dit gebeurt onder AVG-voorwaarden, het RIVM heeft geen toegang tot deze gegevens.
Via [Archive] Valerie van de Flier on Twitter: “Hier kunnen artsen het aanmeldingsformulier vinden: … “
–jeroen
Posted in LifeHacker, Power User | Leave a Comment »
Posted by jpluimers on 2021/11/22
Oh cool: should arrive during the holiday season:
~500pc have been shipped to the backers in the USA and CanadaWe are planning to ship ALL pledges that don’t contain the case by Nov, 19.We are planning to ship ALL pledges that include the case by Dec, 3.Depending on your location it might take from a couple of days to a couple of weeks to actually receive the shipments.Important: we send a notification with a tracking number for every shipment. Please check your Spam folder from time to time.
Source: [Wayback/Archive] PiKVM v3 HAT by Maxim Devaev » Shipping in progress — Kickstarter
Documentation is at [Wayback/Archive] PiKVM v3 HAT guide – PiKVM Handbook via [Wayback/Archive] Thank you for buying PiKVM v3 HAT! showing that the ATX case bracket needs to be 3D-printed separately:
Posted in Hardware, KVM keyboard/video/mouse, PiKVM / Pi-KVM, Power User | Leave a Comment »
Posted by jpluimers on 2021/11/22
This started somewhere towards the end of 2019, and the only solution that consistently is a full reboot.
Chrome (many versions) on MacOS High Sierra sometimes throws these errors only on https://mail.google.com:
Failing solutions:
Searches tried, but no results yet:
This was not the cause: [WayBack] 913220 – Broken Gmail sign in with Chrome 71 and “Block third-party cookies” enabled – chromium – An open-source project to help move the web forward. – Monorail
–jeroen
Posted in Apple, Mac OS X / OS X / MacOS, Power User | Leave a Comment »
Posted by jpluimers on 2021/11/19
Interesting observation [WayBack] Thread by @SNeurotypicals:
Neurotypical social skills develop very early on. They are making friends at 5 and negotiating complex diplomatic scenarios at 10. This can cause NT parents to despair that their kids are behind, and have stopped developing at 8 or 10 or 18 or 25. But we haven’t.For many NDs, social skills development just takes longer. Lacking the innate instincts of neurotypicals, we have to build our frameworks using experience and the scientific method. It takes sophisticated skills and higher order thinking. I hit my stride in my late 20s.
and [WayBack] later on (on neurotypicals versus neurodivergents:
it’s the double empathy problem. They don’t understand us or themselves, we don’t understand them or ourselves (to begin with), but the onus is on us to fix it so we end up having to figure out both sides. It’s an achievement that we make any headway at all.
Related:
–jeroen
Posted in About, LifeHacker, Personal, Power User | Leave a Comment »
Posted by jpluimers on 2021/11/19
I wanted to know how well protected in the Dutch context my vaccination against Covid-19 with the Oxford–AstraZeneca COVID-19 vaccine was, so I asked [Archive] Jeroen Wiert Pluimers on Twitter: “Waar vind ik cijfers rond AstraZeneca voor de groep onder de 60 (met name voor zorgverleners die daarmee gevaccineerd zijn en vaak een hoger risico lopen vanwege veel contacten omdat ze in de zorg werken)… “ and got this:
–jeroen
Posted in Covid-19 / Coronavirus, Health, LifeHacker, Power User, Vaccinations | Leave a Comment »
The Wiert Corner - irregular stream of stuff 