Category: networks and networking

tunnelling X over ssh

OK, yes, I know there are probably already a gazillion web pages on the ‘net explaining exactly how to do this, but I got caught out by a silly gotcha when I tried to do this a couple of days ago, so I thought I’d post a note. Firstly, X is not exactly a secure …

Continue reading

Permanent link to this article: https://baldric.net/2011/12/19/tunnelling-x-over-ssh/

tp-link respond

A couple of weeks ago, I wrote about the problems I had with a TP-Link IP camera. Today I received a comment on that post from a guy called Luke in the TP-Link support team. In that response he apologises for the difficulties I had and promises to investigate further. His response deserves as wide …

Continue reading

Permanent link to this article: https://baldric.net/2011/11/30/tp-link-respond/

do not buy one of these

image of TP-Link IP camera

  Standalone IP cameras have come down in price quite remarkably over the past few years. It is now perfectly possible to get a camera for between £50.00 and £75.00, and this makes them attractive for anyone wanting to set up simple “home surveillance” systems. I bought one recently just to see what I could …

Continue reading

Permanent link to this article: https://baldric.net/2011/11/16/do-not-buy-one-of-these/

no police here

screenshot of www.police.uk website

The UK Home Office launched a new crime statistics website today at www.police.uk. The site is supposed to show “Local crime and policing information for England and Wales”. I’m not entirely convinced of the merit of the site in the first place (and can see all sorts of potential objections arising in some of the …

Continue reading

Permanent link to this article: https://baldric.net/2011/02/01/no-police-here/

phone home

image of etherape capture

Google’s chrome browser first appeared back in 2008, since when many commentators have sung its praises. Apparently it is “blindingly fast” (well, let’s face it firefox can be a tad slow, particularly if loaded down with a swathe of plugins) “clean”, and “simple”. Until recently I had not tried chrome (for some fairly obvious reasons) …

Continue reading

Permanent link to this article: https://baldric.net/2010/08/29/phone-home/

update to autossh – or how ServerAliveInterval makes this unnecessary

I had a couple of comments on my earlier post about autossh which suggested that I should look at alternative mechanisms for keeping my ssh tunnel up. Rob in particular suggested that setting “ServerAliveInterval” should work. Oddly I had tried this in the past whilst trying out various configuration options and I swear it didn’t …

Continue reading

Permanent link to this article: https://baldric.net/2010/08/27/update-to-autossh-or-how-serveraliveinterval-makes-this-unnecessary/

autossh – or how to use tor through a central ssh proxy

Since I first set up a remote tor node on a VPS about this time last year, I have played about with various configurations (and used different providers) but I have now settled on using two high bandwidth servers on different networks. One (at daily.co.uk) allows 750 Gig of traffic per month, the other (a …

Continue reading

Permanent link to this article: https://baldric.net/2010/08/01/autossh-or-how-to-use-tor-through-a-central-ssh-proxy/

scroogle is having a problem

I posted a note about scroogle back in January. Scroogle offered an SSL interface to the google engine, and, moreover, didn’t lumber its users with google cookies and sundry other irritations. Since then, however, google themselves have started to offer an SSL interface and, coincidentally, scroogle seem to have started to have some problems. If …

Continue reading

Permanent link to this article: https://baldric.net/2010/07/04/scroogle-is-having-a-problem/

webDAV in lighttpd on debian

I back up all my critical files to one of my slugs using rsync over ssh (and just because I am really cautious I back that slug up to another NAS). Most of the files I care about are the obvious photos of friends and family. I guess that most people these days will have …

Continue reading

Permanent link to this article: https://baldric.net/2010/03/31/webdav-in-lighttpd-on-debian/

unplugged

My earlier problems with the sheevaplug all seem to have stemmed from the fact that I had installed Lenny to SDHC cards. As I mentioned in my post of 7 March, I burned through two cards before eventually giving up and trying a new installation to USB disk. This seems to have fixed the problem …

Continue reading

Permanent link to this article: https://baldric.net/2010/03/30/unplugged/

plug instability

I’m still having a variety of problems with my sheevaplug. Not least of which is the fact that SDHC cards don’t seem to be the best choice of boot medium. I have had failures with two cards now and some searching of the various on-line fora suggests that I am not alone here. In particular, …

Continue reading

Permanent link to this article: https://baldric.net/2010/03/07/plug-instability/

from slug to plug

image of sheevaplug

Well this took rather longer than expected. I intended to write about my latest toy much earlier than this, but several things got in the way – more of which later. About three or four weeks ago I bought myself a new sheevaplug. The plug has been on sale in the US for some time, …

Continue reading

Permanent link to this article: https://baldric.net/2010/02/28/from-slug-to-plug/

system monitoring with munin

A while back a friend and colleague of mine introduced me to the server monitoring tool called munin which he had installed on one of the servers he maintains. It looked interesting enough for me to stick it on my “to do” list for my VPSs. Having a bunch of relevant stats presented in graphical …

Continue reading

Permanent link to this article: https://baldric.net/2009/11/15/system-monitoring-with-munin/

debian on a DNS-313

I bought another new toy last week – a D-Link DNS 313 NAS. Actually, this was a mistake because what I really wanted was the DNS-323. I just wasn’t careful enough at the time. Quite apart from having space for two 3.5″ SATA hard drives instead of just one, the 323 is a very different …

Continue reading

Permanent link to this article: https://baldric.net/2009/10/03/debian-on-a-dns-313/

wordpress on lighttpd

I have commented in the past how I prefer lighttpd to apache, particularly on low powered machines such as the slug. I used to be a big apache fan, in fact I think I first used it at version 1.3.0 or maybe 1.3.1, having migrated from NCSA 1.5.1 (and before that Cern 3.0) back in …

Continue reading

Permanent link to this article: https://baldric.net/2009/09/12/wordpress-on-lighttpd/

zf05

I really missed the old phrack magazine. Some of the “loopback” entries in particular are superb examples of technical nous, complete irreverance and deadpan humour. One of my favourites (from phrack 55) appears in my blogroll under “network (in)security”. I am particularly fond of the observation that details of how to exploit old vulnerabilities are …

Continue reading

Permanent link to this article: https://baldric.net/2009/08/02/zf05/

dns failure – a cautionary tale

I recently moved one of my domains between two registrars. It seemed like a good idea at the time, but on reflection it was both foolish and unnecessary. Unnecessary because my main requirement for moving it (greater control of my DNS records for that domain) could have been met simply by my redelegating the NS …

Continue reading

Permanent link to this article: https://baldric.net/2009/08/02/dns-failure-a-cautionary-tale/

tor on a vps

I value my privacy – and I dislike the increasing tendency of every commercial website under the sun to attempt to track and/or profile me. Yes, I know all the arguments in favour of advertising, and well targeted advertising at that, but I get tired of the Amazon style approach which assumes that just because …

Continue reading

Permanent link to this article: https://baldric.net/2009/07/05/tor-on-a-vps/

upgrading the slug – a lesson in addresses

My ever growing DVD collection has been taking its toll on my disk storage. Despite the fact that ripping a DVD to PSP format typically shrinks it to between 300 and 500 MB, that still means that I have over 300 GB of videos on my PC. Add to that the OGG vorbis audio collection …

Continue reading

Permanent link to this article: https://baldric.net/2009/03/01/upgrading-the-slug-a-lesson-in-addresses/

and yet more DNS lunacy

A company called Unified Root is offering to register new top level domains in advance of the proposed ICANN changes. The company describes itself in the following terms: “UnifiedRoot (Unified Root) is an independent, privately owned company, based in Amsterdam, which makes corporate and public top-level domains (TLDs) available worldwide. Through our own efforts and …

Continue reading

Permanent link to this article: https://baldric.net/2008/12/24/and-yet-more-dns-lunacy/

more DNS silliness

I came across an interesting post on Avert labs site recently. That post pointed to an earlier SANS posting, which in turn, referenced a Symantec discussion of a new Trojan called Trojan.Flush.M. This trojan is an interesting variant of a class of trojans which hijack local DNS settings to force the compromised machine to use …

Continue reading

Permanent link to this article: https://baldric.net/2008/12/24/more-dns-silliness/

where did my bandwidth go

Have you ever wondered what was eating your network? Would you like to be able to check exactly which application was responsible for that sudden spike in outbound traffic? NetHogs might help. This neat little utility calls itself a “small ‘net top’ tool”, and that is exactly what it is. NetHogs groups bandwidth usage by …

Continue reading

Permanent link to this article: https://baldric.net/2008/08/20/where-did-my-bandwidth-go/

trusting DNS

Dan Kaminsky has (quite rightly) been hitting the press a lot in the weeks since 8 July when he announced the work done to fix a flaw he had discovered in DNS. The vulnerability itself was new, but its impact (cache poisoning) was not. Indeed, we’ve known about the dangers of poisoned DNS caches for …

Continue reading

Permanent link to this article: https://baldric.net/2008/08/10/trusting-dns/

backtrack 3 released

Any half decent sysadmin will routinely test the security of his or her own systems. A good, and sensible, sysadmin will follow up those tests with an independent security audit by a professional company – preferably one which is a member of a recognised industry body (such as CREST). Finding the holes in your security …

Continue reading

Permanent link to this article: https://baldric.net/2008/06/20/backtrack-3-released/