For my research list: [WayBack] flyover-reverse-engineering/README.md at master · retroplasma/flyover-reverse-engineering · GitHub
–jeroen
Archive for the ‘Power User’ Category
flyover-reverse-engineering/README.md at master · retroplasma/flyover-reverse-engineering · GitHub
Posted by jpluimers on 2021/03/30
Posted in Apple, Development, Go (golang), Mac OS X / OS X / MacOS, Power User, Software Development | Leave a Comment »
Next time traveling in countries I do not speak the language of: use live (real time!) Google Translate of signage and voice.
Posted by jpluimers on 2021/03/29
Google translate is so useful.
The thread below is [WayBack] Thread by @shanselman: “Anytime I’m traveling I use Google Translate to check translations in real time on signage. You have to see it to belis real and LIVE while you move your camera. @ Paris Sorry, your browser doesn’t support embedded videos Folk […]”
But first one via [WayBack] Hadi Hariri on Twitter: “This is pretty damn cool.… “
[WayBack] Leon Fayer on Twitter: “Another point for Google docs… “
Live translate (Via Danny Thorpe and Mark Miller):
Share this:
Posted in Google, GoogleTranslate, Power User | Leave a Comment »
Disable ESXi Password Complexity – Perfect Cloud
Posted by jpluimers on 2021/03/29
Sometimes you have a long enough password, that matches with the confirmation, but pressing “Enter” to continue gives “Password does not have enough character types”:
From [WayBack] Disable ESXi Password Complexity – Perfect Cloud:
A part of my job as a VMware Certified Instructor is to update our lab systems whenever new vSphere versions come out. After upgrading from 5.5 to 6.0 I decided we should change passwords, h…
This is the workflow:
- Make a backup of
/etc/pam.d/passwd. - Use
vito edit/etc/pam.d/passwd, and:- Put a
#in front of the lines starting withpassword requisite - Remove the
use_authtokbit of the line starting withpassword sufficient - Put a
#in front of the line starting withpassword required - Quit
viwhile saving (pressEsc, then enter:wqon the prompt)
- Put a
- Change the password to a less secure one
- Restore the original
/etc/pam.d/passwd.
Via: esxi 6 force short password – Google Search
Working around this on during ESXi installation fails
I tried this:
- Press Alt-F1 to go from the installation screen to the console screen
- Logon as root, with no password at all to get to the command-prompt:
- Perform the
/etc/pam.d/passwdediting steps above - Press Alt-F2 to go back to the install screen
- Enter root password
The password requirements stayed.
(more screenshots at [WayBack] ESXi 6.7 installation Guide – Let We-i Go)
Related
- [WayBack] passwdqc – password/passphrase strength checking and policy enforcement toolset for your servers and software
- [WayBack] installing ESXi 6.7, stuck on root password with this message :password must be at least 7 characters long : vmware
The default required password complexity changed between 6.5 and 6.7.
In addition to needing to be at least seven characters, the password must include at least three of the four character classes:
-
Upper case – exception: the first character being upper case does not count towards the class requirement
-
Lower case
-
Numbers – exception: the last character being a number does not count towards the class requirement
-
Symbols
Also, no dictionary words (whether spelt forwards or backwards).
-
- [WayBack] ESXi Passwords and Account Lockout
For ESXi hosts, you have to use a password with predefined requirements. You can change the required length and character class requirement or allow pass phrases using the
Security.PasswordQualityControladvanced option. - “Security.PasswordQualityControl” – Google Search
- [WayBack] ESXi 6.x Password Calculator for Security.PasswordQualityControl | Virtually Blogging
- [WayBack] Virtual Maestro: VMware ESXi 6.X password policy
- [WayBack] VMware ESXi6 Password Policy – ivobeerens.nl
- [WayBack] Virtual Maestro: VMware ESXi 6.X password policy
- [Archive.is] vSphere Documentation Center
Example: Editing
/etc/pam.d/passwdpassword requisite /lib/security/$ISA/pam_passwdqc.so retry=N min=N0,N1,N2,N3,N4
values
password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=12,9,8,7,6
With this setting in effect, the password requirements are:
- retry=3: A user is allowed 3 attempts to enter a sufficient password.
- N0=12: Passwords containing characters from one character class must be at least 12 characters long.
- N1=9: Passwords containing characters from two character classes must be at least nine characters long.
- N2=8: Passphrases must contain words that are each at least eight characters long.
- N3=7: Passwords containing characters from three character classes must be at least seven characters long.
- N4=6: Passwords containing characters from all four character classes must be at least six characters long.
- [WayBack] VMware:ESXi Kennwortsicherheit heruntersetzen oder ändern – znilwiki
Passwortklassen sind schlicht
Grossbuchstaben Kleinbuchstaben Zahlen Sonderzeichen
wobei das erste Zeichen nicht zählt. Also gilt
dumpfbacke : 1 Passwortklasse Dumpfbacke : 1 Passwortklasse DumpfBacke : 2 Passwortklassen DumpfBacke1 : 3 Passwortklassen DumpfBacke1% : 4 Passwortklassen
Indem man alle Werte auf 0 setzt, also
password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=0,0,0,0,0
schaltet man alle Anforderungen aus.
Alternativ geht das auch mitpassword requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=8,8,8,7,6 enforce=none
On my ESXI 6.5 system where the italic bit is removed, besides the two lines being commented out:
- original
/etc/pam.d/passwd:
#%PAM-1.0 # Change only through host advanced option "Security.PasswordQualityControl". password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7 password sufficient /lib/security/$ISA/pam_unix.so use_authtok nullok shadow sha512 password required /lib/security/$ISA/pam_deny.so - modified
/etc/pam.d/passwd:
#%PAM-1.0 # Change only through host advanced option "Security.PasswordQualityControl". #password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7 password sufficient /lib/security/$ISA/pam_unix.so nullok shadow sha512 #password required /lib/security/$ISA/pam_deny.so
On my ESXI 6.7 system (which adds the bold lines below):
- original
/etc/pam.d/passwd:
#%PAM-1.0 # Change only through host advanced option "Security.PasswordQualityControl". password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7 # Change only through host advanced option "Security.PasswordHistory" password requisite /lib/security/$ISA/pam_pwhistory.so use_authtok enforce_for_root retry=2 remember=0 password sufficient /lib/security/$ISA/pam_unix.so use_authtok nullok shadow sha512 password required /lib/security/$ISA/pam_deny.so - modified
/etc/pam.d/passwd:
#%PAM-1.0 # Change only through host advanced option "Security.PasswordQualityControl". #password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7 # Change only through host advanced option "Security.PasswordHistory" #password requisite /lib/security/$ISA/pam_pwhistory.so use_authtok enforce_for_root retry=2 remember=0 password sufficient /lib/security/$ISA/pam_unix.so nullok shadow sha512 #password required /lib/security/$ISA/pam_deny.so
–jeroen
Share this:
Posted in *nix, ESXi6, ESXi6.5, ESXi6.7, Power User, Virtualization, VMware, VMware ESXi | Leave a Comment »
GGD GHOR vaccination notes
Posted by jpluimers on 2021/03/28
Notes:
- https://vragen.coronatest.nl/dl/Gezondheidsverklaring_2.pdf
- https://vragen.coronatest.nl/dl/Health%20Statement_2.pdf
Phone tel:+318001533
You get confirmation by SMS and e-mail and you need to bring the following things to the vaccination site:
- A mask
- Your passport, driver’s license or ID
- This appointment confirmation letter
- A completed health statement.
More information: GGD Vaccination Medical Information Line (088 767 40 80).
Related:
Share this:
Posted in About, LifeHacker, Personal, Power User | Leave a Comment »
email file decoding: Encode/Decode Quoted Printable – Webatic
Posted by jpluimers on 2021/03/26
For my link archive: [WayBack] Encode/Decode Quoted Printable – Webatic.
It did a splendid job at decoding email files in MIME format Quoted-printable.
–jeroen
Share this:
Posted in *nix, *nix-tools, Communications Development, Development, eMail, Encoding, Internet, Internet protocol suite, Power User, sendmail, SMTP, SocialMedia, Software Development | Leave a Comment »
Chocolatey: installing Forticlient
Posted by jpluimers on 2021/03/26
I needed Forticlient on a machine one day, so this is how to install the most recent Forticlient 6 using chocolatey:
choco install --yes forticlient --source https://www.myget.org/F/public-choco/api/v2
This ensures you can automatically update from Chocolatey instead of manually from the Forticlient GUI.
The update command is slightly different as a choco update will complain it cannot find the source for forticlient; you need this in stead:
choco update forticlient --source https://www.myget.org/F/public-choco/api/v2
Based on [WayBack] public-choco – forticlient 6.0.4.0182 | MyGet.
–jeroen
Share this:
Posted in Chocolatey, Power User, Windows | Leave a Comment »
Interactive tool to record a web-site, then archive it as WARC: GitHub – webrecorder/webrecorder-user-guide: webrecorder user guide and glossary
Posted by jpluimers on 2021/03/26
Learned about this in the fall of G+: [WayBack] GitHub – webrecorder/webrecorder-user-guide: webrecorder user guide and glossary
Back then, fully automated tools were easier.
So it is on my list of things to try one day for smaller projects.
- [WayBack] Webrecorder | Homepage: Create high-fidelity, interactive web archives of any web site you browse.
- [WayBack] GitHub – webrecorder/webrecorder: Web Archiving For All!
From the glossary:
Quick Start
- Enter a URL in the box in the center of the screen labeled ‘URL to capture’.
- Press the ‘start’ button (look down and to the right of the box where you entered the URL).
- Interact with the web page that loads so Webrecorder can capture the content displayed on this page. To collect audio or video from a page be sure to press ‘play’ so the file will load into the browser.
- Continue to visit and browse the pages you would like to capture. Each page you view will be included in your capture session. Note: you will be capturing the contents of each page you visit but will not automatically obtain pages that are linked to on the pages you collect (hyperlinks).
- To end your capture session hover over the ‘Capture’ button in the upper left corner of the screen so it changes to read ‘Stop’ then click that button.
- Your capture will then be browsable. Note: the capture will not ‘replay’ like a linear recording but instead be an interactive copy of the pages you have collected.
- If you are a logged-in user, this session will be saved to your account automatically. If you are not logged in an account, you can sign up for an account or log in to your existing account to save the collection after you create it. If you do not log in you can still download your collection for a limited time (approximately 90 minutes from when you stop your recording session).
–jeroen
Share this:
Posted in Internet, InternetArchive, Power User | Leave a Comment »
Build your own Infrared reader head for electriciti smart meters for around USD 6: haus-automatisierung.com [4K] – YouTube
Posted by jpluimers on 2021/03/24
In German, but very interesting IR-Lesekopf für SmartMeter selber bauen | haus-automatisierung.com [4K] – YouTube:
- Manual steps (Genaue Anleitung) [WayBack] hardware:controllers:ir-schreib-lesekopf-ttl-ausgang [wiki.volkszaehler.org]
- Case (Gehäuse) [WayBack] IR Lesekopf für SmartMeter by klein0r – Thingiverse
- Ringmagnet – [Archive.is] Neodym Ringmagnet 27 x 5 mm mit 16 mm Bohrung, Grade N42, vernickelt, Supermagnet: AmazonSmile: Baumarkt
I could not find the promised follow-up video at haus-automatisierung.com – YouTube, but the manual steps and the site below have enough information for me.
Too bad the site is way to big to fully archive in the WayBack machine. I only saved the top pages:
- [WayBack] start [wiki.volkszaehler.org]
- [WayBack] basics [wiki.volkszaehler.org]
- [WayBack] volkszaehler [wiki.volkszaehler.org]
- [WayBack] overview [wiki.volkszaehler.org]
- [WayBack] howto:getstarted [wiki.volkszaehler.org]
- [WayBack] howto [wiki.volkszaehler.org]
- [WayBack] howto:debug [wiki.volkszaehler.org]
- [WayBack] contact [wiki.volkszaehler.org]
- [WayBack] faq [wiki.volkszaehler.org]
- [WayBack] development [wiki.volkszaehler.org]
- [WayBack] hardware [wiki.volkszaehler.org]
- [WayBack] software [wiki.volkszaehler.org]
- [WayBack] Übersicht [wiki.volkszaehler.org] (sitemap)
Related: [WayBack] MQTT-Grundlagen-Kurs – haus-automatisierung.com
–jeroen
Share this:
Posted in Development, Hardware Development, Hardware Interfacing, IoT Internet of Things, Raspberry Pi, Software Development | Leave a Comment »
Some links with notes on WoonVeilig/Egardia security system communications, protocols and support by 3rd party home automation apps
Posted by jpluimers on 2021/03/23
Security issues for older models (mainly GATE01 and WV-1716 systems; which used a lot of Climax components):
- [WayBack] Woonveilig Alarmpanel – Domoticz
- [WayBack] Woonveilig Alarm System – Older models (WV-1716 & GATE01) – Share your Projects! – Home Assistant Community
- [WayBack] Eins, zwei, drei, vier, drin | c’t | Heise Magazine
A more recent security review:
- a privacy label for IoT products in a consumer market
- [WayBack] Diermen_R_van_2018_CS.pdf
- [WayBack] The Internet of Things: a privacy label for IoT products in a consumer market
- [WayBack] The Internet of Things: a privacy label for IoT products in a consumer market – Cyber Security Academy
This thesis is about the design of an IoT privacy label and the methodologies to collect the necessary information to populate the privacy label for an IoT product and its entire ecosystem. The privacy risks of IoT ecosystems are determined by testing all components in the ecosystem for vulnerabilities. These vulnerabilities can be found by security scans, penetration tests and audits, and quantified by using the Common Vulnerability Scoring System (CSS). The level of the privacy risk can be determined and expressed by combining the sensitivity of the personal information being processed and the vulnerabilities in the IoT ecosystem. A conceptual six-layer IoT service model has been developed to better understand the architecture of the IoT product and to structurally test all components. Three case studies were performed in this research to assess and improve the methodologies and design of the privacy label.
Key words: IoT ecosystem, privacy risk matrix, privacy label, IoT security testing
Physical security is important too; ensure the system is in an enclosed closet, powered by a UPS and your communication lines are secured as well: [WayBack] Manipulationen an Alarmanlagen verhindern – Smarthomewiki
Dutch links on the hardware connections and protocols used:
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: projecten
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: Woonveilig systeem project 1 (adding classic reedcontacts to your Egardia door/window sensor)
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling:
- gate01.alt.egardia.com
- ics.egardia.com
- http://www.woonveilig.nl
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: Woonveilig alarmsysteem lokale toegang
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: Woonveilig alarmsysteem gekoppeld aan Raspberry Pi
More recent information:
- [WayBack] Egardia – Home Assistant: Instructions on how to setup Egardia / Woonveilig within Home Assistant.
- [WayBack] GitHub – jeroenterheerdt/python-egardia: Python library to interface with Egardia / Woonveilig alarm
API usage:
- [WayBack] Announcement: mozaiq expands Egardia alarm system • mozaiq
- [WayBack] Woonveilig / Eguardia support – Ideas & Suggestions – Homey Community Forum
- [WayBack] WoonVeilig App | Case Study | The Mobile Company
More subdomains (in 2019) via:
- [WayBack] How to find Subdomains of a Domain in Minutes?
- woonveilig.nl
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- woonveilig.nl
- htbridge.com: SSL Security Test of woonveilig.nl
- alarmsysteem.woonveilig.nl
- woonveilig.nl
- cms.woonveilig.nl
- http://www.woonveilig.nl
- mijn.woonveilig.nl
- dnsdumpster.com: [WayBack] woonveilig.nl-201903251445.xlsx
-
alarmsysteem.woonveilig.nl mijn.woonveilig.nl srv01.woonveilig.nl http://www.woonveilig.nl
-
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- egardia.com
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- my.egardia.com
- egardia.com
- cms.egardia.com
- mobile.egardia.com
- http://www.egardia.com
- ftp.egardia.com
- localhost.egardia.com
- mail.egardia.com
- htbridge.com: SSL Security Test of egardia.com
- cam05.dev03.egardia.com
- dev03.egardia.com
- egardia.com
- http://www.egardia.com
- my.egardia.com
- rt.egardia.com
- dnsdumpster.com: [WayBack] egardia.com-201903251438.xlsx
-
dev03.egardia.com stream01.dev03.egardia.com cam05.dev03.egardia.com app01.egardia.com app02.egardia.com cpe01.egardia.com cpe02.egardia.com ftp01.egardia.com ftp02.egardia.com galera01.egardia.com galera02.egardia.com galera03.egardia.com lb01.egardia.com lb02.egardia.com mailout.egardia.com my.egardia.com nfs01.egardia.com nuance01.egardia.com sip01.egardia.com sql01.egardia.com sql02.egardia.com rt.egardia.com srv01.egardia.com http://www.egardia.com stream01.egardia.com stream02.egardia.com
-
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- woonveilig.nl
–jeroen
Share this:
Posted in Communications Development, Development, Power User, Security, Software Development | Leave a Comment »
em-dosbox – Windows 3.11 on the Web
Posted by jpluimers on 2021/03/22
Cool: [Archive.is/WayBack] em-dosbox – Windows 3.11 on the Web.
Via [WayBack] JRWR – Forrest F. on Twitter: “I love this thing, http://vrcade.io/win311 Boots into Windows 3.11 with a internet connection (over a fake modem!)”
–jeroen
Share this:
Posted in History, Windows, Windows 3.11 | 2 Comments »
The Wiert Corner - irregular stream of stuff 