Broadband users usually deploy a wireless router to connect phones, tablets, laptops and a myriad of other devices. By default these routers broadcast an SSID (service set identifier). A popular scanner WiGLE (Wireless Geographic Logging Engine) is available for Android (Google Play) but not Apple (ask them). People using WiGLE have logged over 5,000,000,000 observations of over 360,000,000 networks and almost 800,000 cell towers.
A little while back, one of our web clients was hacked. I cleaned up but apparently missed a payload. I found a few connections from 22.214.171.124 which is actually in Ukraine but the domain is layershift.ru. I removed the payload but may bomb the site anyway.
The moral is "there is no moral".
I found a fairly new but damaged HP 2-in-1 in the dumpster. The screen was smashed, the case bent and the prospects of repair dim. 2-in-1s are really tablets which plug into a base with keyboard. Hoping for salvage, I pried open the base, removed dozens of screws and finally realized the good stuff was in the tablet part. No screws so I started in one corner and pried the screen and motherboard from its case. More screws and I found memory and CPU were soldered onto the motherboard. The hard disk is an M.2 2280 SSD which I did extract along with the Wifi card.
Monitors in Prague and Fairfax said helen went down around 12:20AM. Symptoms were perplexing. Web server was down, mail server was up. Power distribution system was unreachable so I could not bounce power remotely. Comcast said they could not reset my router remotely. TWR said they could reach my router but got no response.
Raymond's phone was out of order to I had him pick up a new phone, pick up the key from the Crossroads and go to the NOC. Everything looked normal but since Comcast said the Cisco router needed to be reset, Raymond bounced power. Everything came back up.
I backup all user files from "helen" nightly. I found a suspect file in one directory. It came from a hacked Microsoft IIS server in Indonesia. That doesn't mean the culprit is Indonesian merely that a server in Indonesia was compromised by someone somewhere. Both Google and Microsoft rated the IP as "safe".
I archived the file and changed the user password. The goal is to end password logins and replace them with "public keys". That is going to be disruptive - think repeal and replace.
Web server down for a few minutes yesterday around 10:45. Found several attacks on mail and web server. The attacks came from a Windows Remote Desktop Server in Bulgaria with no other ports open.
It is likely the Bulgarian server was compromised and the culprit could have been anywhere. There is a black market in compromised IPs (Internet Protocol addresses) which can be bought for a few pennies each.
After a restart of the web server, the attacker disappeared and normal service resumed.
The US Military switched to SDR (software defined radio) in the 200x period. The US television industry went digital over the same period. Realtek, the company that makes the Ethernet and audio chips used in most computers, came out with DVB-T chips (the decoders in your TV set). When the price dropped below $20, I bought the NooElec NESDR mini 2 kit for $20. This one has MCX socket and the v.3 has SMA which is probably a better choice.
There are certain things which are risky to do. One of them is playing with fire(walls). I was trying to forward some traffic for my current tech (risky behavior #2) when I lost contact with the router for the TWR network.
Of course, the prudent thing to do is make a backup which I had done. But if you can't get to the device you are attempting to restore, you are in deep doo-doo.
I got a Raspberry Pi 3 Model B Media Center Kit from microcenter.com over the holidays. I've heard a lot of buzz about Raspberry Pi and have been curious about ARM for years. I had an old keyboard, monitor and mouse around but the monitor had only VGA and Pi has HDMI so I used an HDMI to VGA adapter.
It is easy to find "fake news" - just open your browser.
I confess to trying the following.
I know the Russian government funds RT. The Intercept carries Julian Assange and Edward Snowden. ET is anathema to Communist China.