User account on helen.ls.net hacked.

Submitted by tarvid on Fri, 03/10/2017 - 11:41

I backup all user files from "helen" nightly. I found a suspect file in one directory. It came from a hacked Microsoft IIS server in Indonesia. That doesn't mean the culprit is Indonesian merely that a server in Indonesia was compromised by someone somewhere. Both Google and Microsoft rated the IP as "safe". 

I archived the file and changed the user password. The goal is to end password logins and replace them with "public keys". That is going to be disruptive - think repeal and replace.

DOS Attack from Bulgaria

Submitted by tarvid on Wed, 02/15/2017 - 09:55

Web server down for a few minutes yesterday around 10:45. Found several attacks on mail and web server. The attacks came from a Windows Remote Desktop Server in Bulgaria with no other ports open.

It is likely the Bulgarian server was compromised and the culprit could have been anywhere. There is a black market in compromised IPs (Internet Protocol addresses) which can be bought for a few pennies each.

After a restart of the web server, the attacker disappeared and normal service resumed. 

Software defined radios

Submitted by tarvid on Sat, 02/11/2017 - 09:47

The US Military switched to SDR (software defined radio) in the 200x period. The US television industry went digital over the same period. Realtek, the company that makes the Ethernet and audio chips used in most computers, came out with DVB-T chips (the decoders in your TV set). When the price dropped below $20, I bought the NooElec NESDR mini 2 kit for $20. This one has MCX socket and the v.3 has SMA which is probably a better choice.

Oops!

Submitted by tarvid on Wed, 02/08/2017 - 08:54

There are certain things which are risky to do. One of them is playing with fire(walls). I was trying to forward some traffic for my current tech (risky behavior #2) when I lost contact with the router for the TWR network.

Of course, the prudent thing to do is make a backup which I had done. But if you can't get to the device you are attempting to restore, you are in deep doo-doo. 

Miranda Warning

Submitted by tarvid on Sat, 01/21/2017 - 07:51

You have the right to remain silent.

Anything you type or say will be recorded.

Anything you type or say will be used to manipulate you and may be used against you, not only in a court of law, but also in a myriad of ways you cannot even imagine.

You may be able to delete posts but eradication is difficult if not impossible (http://mashable.com/2014/07/02/how-delete-facebook/#T.8t7Eg6GOqA).

You have the right, nay even the responsibility, to think before typing or saying anything.

Google - speed bumps - Android

Submitted by tarvid on Fri, 01/13/2017 - 22:29

Google's motto was "Don't be evil". Alphabet's motto is "Do the right thing". Both are examples of corporate mendacity. 

Android Marshmallow and Nougat introduced a feature which requires an arcane incantation to unveil much of the underlying power of the world's most popular operating system. As an example, enabling MTP, the USB transfer mode which allows Windows to download photos from your smart phones camera, requires the following:

Paypal

Submitted by tarvid on Tue, 01/10/2017 - 08:10

Finally added a Paypal button. I'll know if it works. If it doesn't email tarvid@ls.net

It works!