Or how to block the entire Facebook network. In my last post on Facebook’s misfortunes I mentioned that my wife initially blamed me, assuming it was just local and that I had made some new change to my local network configuration. Now whilst I do actually bin some of Facebook’s more annoying subdomains (such as …
Category: networks and networking
Permanent link to this article: https://baldric.net/2021/10/15/zuck-off-facebook/
Sep 06 2021
check2ip gone
For many years now I have used check2ip to, well, check my IP address. That service on a single page on the net gave me a quick snapshot of my current address and the DNS servers I was resolving against. I used it because I have a bunch of VPNs (and usually route my traffic …
Permanent link to this article: https://baldric.net/2021/09/06/check2ip-gone/
Dec 01 2020
VPS comparison
My last post highlighted the astonishingly good deal I have just had from racknerd. I’ve been running VPS systems for some time now so I thought I would look back over my archived email to see what I could find about my earliest experiences. I found an invoice for a system I first rented back …
Permanent link to this article: https://baldric.net/2020/12/01/vps-comparison/
Nov 30 2020
an even bigger bargain VPS
At about this time last year I wrote about my impressively cheap new VPS on ITLDC’s network in Prague. Prices of VPSs continue to come down and I now have several dotted around Europe which each cost me around three euros per month. But I am always on the lookout for a new provider and, …
Permanent link to this article: https://baldric.net/2020/11/30/an-even-bigger-bargain-vps/
Oct 27 2020
braindead mail service
Back in early 2019, I wrote about a problem I was having with mail from my system going to BT based accounts. At the time, BT was rejecting my mail as potential spam. As I wrote at the time, I was pleasantly surprised when the BT postmaster replied positively to my request that they investigate …
Permanent link to this article: https://baldric.net/2020/10/27/braindead-mail-service/
Jun 06 2020
encrypting DNS on android
My previous two posts discussed the need for encrypted DNS and then how to do it on a linux desktop. I do not have any Microsoft systems so I have no idea how to approach the problem if you use any form of Windows OS, nor do I have any Apple devices so I can’t …
Permanent link to this article: https://baldric.net/2020/06/06/encrypting-dns-on-android/
May 25 2020
encrypting DNS with dnsmasq and stubby
In my last post I explained that in order to better protect my privacy I wanted to move all my DNS requests from the existing system of clear text requests to one of encrypted requests. My existing system forwarded DNS requests from my internal dnsmasq caching servers to one of my (four) unbound resolvers and …
Permanent link to this article: https://baldric.net/2020/05/25/encrypting-dns-with-dnsmasq-and-stubby/
May 06 2020
encrypting DNS
Any casual reader of trivia will be aware that I care about my privacy and that I go to some lengths to maintain that privacy in the face of concerted attempts by ISPs, corporations, government agencies and others to subvert it. In particular I use personally managed OpenVPN servers at various locations to tunnel my …
Permanent link to this article: https://baldric.net/2020/05/06/encrypting-dns/
Feb 27 2020
have I been pwned?
Well, I don’t think so. But for a while I was not entirely sure. Following the move last November of trivia from a VM on UK2’s datacentre in London to our new home on a faster VM on ITLDC’s network I have been making a variety of minor changes and doing some essential housework. One …
Permanent link to this article: https://baldric.net/2020/02/27/have-i-been-pwned/
Jan 22 2020
TLS certificate checks
My move of trivia to a new VM last December prompted me to look again at my server configuration. In particular I wanted to ensure that I was properly redirecting all HTTP requests to HTTPS and that the ciphers and protocols I support are as up to date and strong as possible. Mozilla offers a …
Permanent link to this article: https://baldric.net/2020/01/22/tls-certificate-checks/
Jan 14 2020
retiring the slugs
I first started using Linksys NSLU2s (aka “slugs”) in early 2008. Back then I considered them quite useful and I even ran webservers and local apt-caches on them. But realistically they are (and even then, were) a tad underpowered. Worse, since Debian on the XScale-IXP42x hasn’t been updated for several years, the slugs are probably …
Permanent link to this article: https://baldric.net/2020/01/14/retiring-the-slugs/
Nov 28 2019
a bargain VPS
I have been using services from ITLDC for about three years now. I initially picked one of their cheap VMs based in the Netherlands whilst I was expanding my VPN usage, and frankly, I was not expecting much in the way of customer service or assistance for the very low price I paid. After all …
Permanent link to this article: https://baldric.net/2019/11/28/a-bargain-vps/
Jul 07 2019
openvpn clients on pfsense
In my 2017 article on using OpenVPN on a SOHO router I said: “In testing, I’ve found that using a standard OpenVPN setup (using UDP as the transport) has only a negligible impact on my network usage – certainly much less than using Tor.” That was true back then but is unfortunately not so true …
Permanent link to this article: https://baldric.net/2019/07/07/openvpn-clients-on-pfsense/
Jun 26 2019
one unbound and you are free
I have written about my use of OpenVPN in several posts in the past, most latterly in May 2017 in my note about the Investigatory Powers (IP) Bill. In that post I noted that all the major ISPs would be expected to log all their customers’ internet connectivity and to retain such logs for so …
Permanent link to this article: https://baldric.net/2019/06/26/one-unbound-and-you-are-free/
Dec 11 2018
well I never
It’s not often that I find myself agreeing with GCHQ, but ex GCHQ Director Robert Hannigan’s recent comments in an interview with the BBC Today programme struck a chord. Hannigan headed GCHQ from April 2014 until his resignation for family reasons last year. Whilst in post he pushed for greater transparency at the SIGINT agency. …
Permanent link to this article: https://baldric.net/2018/12/11/well-i-never/
May 12 2017
using a VPN to take back your privacy
With the passage into law of the iniquitous Investigatory Powers (IP) Bill in the UK at the end of November last year, it is way past time for all those who care about civil liberties in this country to exercise their right to privacy. The new IP Act permits HMG and its various agencies to …
Permanent link to this article: https://baldric.net/2017/05/12/using-a-vpn-to-take-back-your-privacy/
Jan 24 2016
guest network
Last month Troy Hunt posted an interesting comment on his blog about the problems around the etiquette of allowing guests onto your home wifi network. In his post, Hunt notes that guests can be deeply offended at being refused access. This is understandable. If they are guests in your home then they are probably close …
Permanent link to this article: https://baldric.net/2016/01/24/guest-network/
Nov 10 2015
torflow
Yesterday, Kenneth Freeman posted a note to the tor-relays list drawing attention to a new resource called TorFlow. TorFlow is a beautiful visualisation of Tor network traffic around the world. It enables you to see where traffic is concentrated (Europe) and where there is almost none (Australasia). Having the data overlaid on a world map …
Permanent link to this article: https://baldric.net/2015/11/10/torflow/
Jul 30 2015
get your porn here
Dear Dave is at it again. Sometimes I worry about our PM’s priorities. Not content with his earlier insistence that UK ISPs must introduce “family friendly (read “porn”) filters”, our man in No 10 now wants to “see age restrictions put into place or these (i.e. “porn”) websites will face being shut down”. El Reg …
Permanent link to this article: https://baldric.net/2015/07/30/get-your-porn-here/
Aug 13 2014
net neutrality
My apologies that this is a few weeks late – but it still bears posting. John Oliver at HBO gave the best description of the net neutrality argument I have seen so far. Following that broadcast, the FCC servers were, rather predictably, overwhelmed by the outraged response from the trolls that Oliver set loose. Unfortunately, …
Permanent link to this article: https://baldric.net/2014/08/13/net-neutrality/
Apr 08 2014
heartbleed
This is nasty. There is a remotely exploitable bug in openssl which leads to the leak of memory contents from the server to the client and from the client to the server. In practice this means that an attacker can read 64K chunks of memory on a vulnerable service, thus potentially exposing security critical information. …
Permanent link to this article: https://baldric.net/2014/04/08/heartbleed/
Oct 05 2013
good news for tor
The past couple of days have seen a flurry of news stories about Tor. Some of the news has hit the mainstream media, some of it hasn’t. Yet. A couple of day ago, a rather plaintive post to the tor-talk mailing list read: “looking for a way to contact silk road.Site shut down.money at stake.” …
Permanent link to this article: https://baldric.net/2013/10/05/good-news-for-tor/
Sep 20 2013
that’s another password I have to change
Michael Horowitz has posted an interesting article over at Computer world. In it he points out that, by default, most android devices (tablets and ‘phones) routinely ‘phone home to Google to back up Wi-Fi passwords along with other assorted settings. Google sells this option as a convenience to help you regain settings after you upgrade …
Permanent link to this article: https://baldric.net/2013/09/20/thats-another-password-i-have-to-change/
Sep 10 2013
tor node upgrade
I have switched my tor node to the experimental branch and it is now running version 0.2.4.17-rc. The huge load on the network seen since the botnet starting using it on about 19 August last has forced the tor project team to recommend that all relay operators move to the 0.2.4 branch (and this release …
Permanent link to this article: https://baldric.net/2013/09/10/tor-node-upgrade/
with thanks to Dr Fun
click image for full size