Stargate Logo  Secured by phpPhobos

Smurphtools   
  Login  - No Account?  Create One   
Search 
Monday, 23 April 2018  -
News FeedRSS Feed
rss rdf  
  Home 
  Authentication 
 Documentation 
    Site Documentation 
    About me 
  Legal Notice 
 Applications 
    Web Links 
 RC Models 
    RC Models 
    RC Batteries 
 Modules 
    Downloads 
    Weblinks 
 Blacklists 
    Blacklist 
    Blockout 
    DNS Blacklist 
 Registered Bloggers 
  Blog de Maiwenn 
  Blog de Morgane 
  Joerg's Blog 
 FAQ  [ Topics  ]
 Routerboard RBxxxAH 
 Common Linux problem... 
 Apple Mac-mini 
 PHP Phobos 
 Stargate's Backup sc... 
 eBook Reader / PRS-5... 
 RC Models 
 Server in SolLan 
 System Stats [ Index ]
 Router
  > Gateway 
  > AP 
 Server
  > Nas 
  > Stargate 
 Client
  > RemPi 
Manue & Me

 Joerg's Blog 

 

If you are reading this, you must definitly be bored.
Either that, or you're looking for information about this site and/or its author.
For the first group of people I advise YouTube. For the second group, well, read on.

This is my personal blog page. I'll be referring about all things happening to me - that might be interesting for whoever reads it. I can not garantee it will be very high level for everyone though...

So - what is a blog anyway ? For this - check out Wikipedia - they have the best description for this. If you want to contact me - you'll have to reformat my E-Mail - so - good luck.

What I am ? I call myself a hacker.
Please note - most people think about the bad guys doing bad things to other computers. Well - I would say - that those guys are the Black Hat guys - also known as crackers. What I call myself - is a White Hat hacker. See it as a system administrator using professional tools to probe the robustness of his own systems and networks, and trying to get the maximum out of the used hardware - making its use as efficient as possible. This is legitimate - as I do not break into anything - while crackers attempt gaining unauthorized access to systems for eventual unethic actions.
The difference between hackers and crackers does not lie in the tools or techniques they use (the same hammer can be used to build a wall, or break it down), but in their intentions !
For me - building a stable and secure system is a very interesting challenge, and to know it is stable and secure - I need to test it with all tools available. And this is what I like doing most.


Please note that all I say on these pages is for personal use only and under no circumstance has to be taken/used/copied without my explicit written permission !

 

SteamBOX   [ 
View DetailsView details
 
| 
Print ViewPrint view
 
]
Steambox Icon

 Having a gamer Family (Yes - we are all gamers), and no Console at home, I decided to give a try to a SteamBox. Only - there wasn't any out there that fit my requirements, so I decided to set one up myself.

When I saw the Sentry case, I knew I actually had found the case for the SteamBox. Being on the 3rd batch of Backers, it took a while to arrive though. But when it was finally here, and lots of reading in the forums about what to put inside of it, I finally decided to get the following hardware

  • Gigabyte Z370N Wifi Mini-ITX Motherboard
  • Intel Core i5-8400 with the stock Cooler
  • 2x8GB Ram Corsaire Vengeance 2666-16
  • 500GB SSD 1.8/3.2 960 EVO PCIe M.2
  • Gigabyte 6GB 1060 GTX D5 Gaming
  • Silverstone SST-ST45SF-GF v2 450W Power Supply

I was pleasantly surprised by the quality of the Sentry case. I have never (and I do build up computers for +28years now) seen such good quality for a case.
All chosen parts did fit as if the Box was specifically built around. I didn't have to adapt a thing! See for yourself

I have been quite disappointed by Windows 10 Home. Even though I have an amazingly fast system compared to our old gaming Rigs (CPU twice as fast, GPU twice as fast, M.2 4 to 6 times faster), the Windows 10 System feels way slower than the gaming rigs (They run Win 7, and there is no Browser and no AV running on these. Only Steam and Minecraft allowed).
I'll be doing some benchmarks one of these days. Maybe I will figure out a way to speed things up.
If however it does not work, I'll Install a Win 7 copy on it for testing (we can test for 30 days ...).
If all that does not work out, SteamOS it is! even though there will be some games I won't be able to play. But - it is free, and it does not force me to sell out my familys privacy through all Telemetry-data etc., and I can decide if an AV is required or not myself!

Update: Dumped Windows 10, and installed SteamOS Beta. The OS and even Steam (in big picture mode) is way smoother and more reactive. The Steam_remote works as expected (very nicely), and even the games appear to be as fast (if not faster) as under Windows 10. A :cool: face-cool.svg change IMHO
I was surprised to see Steam to install a recovery partition, and take a Clonezilla dump during the installation onto that partition. A very good idea, other Linux distributions could do too.
Only thing now is that not all games run under SteamOS. But there are quite many indie games, and some AAA Titles (Dying light, Tomb Raider, Metro last light etc.) that do.  

Written on Monday, 12 March 2018 - 22:47 | 244 views
spacer line
RQ-7 Build blog   [ 
View DetailsView details
 
| 
Print ViewPrint view
 
]
RC Logo

 Well - as winter is long, and weather is bad - I decided to go for building a UAV from scratch, using a laser cut kit provided by Hobbking. In terms of hardware to put into, some is already planned as seen in the RC DB

So far - only the main body is glued and start to taking shape.
It will still need some Kit and sanding before applying the cover film to have that part finished. The only sad thing about gluing that plane together is that it requires, despit the laser cut, quite some detail re-work to get it all fit together. This is definitely not a plane for a beginner, and not having built a RC plane in years forces me to actually think the process over and over until I have found the optimal way to do it. This - takes time :} face-smirk.svg
 

Written on Tuesday, 12 December 2017 - 08:11 | 1022 views
spacer line
James Blunt au Zenit   [ 
View DetailsView details
 
| 
Print ViewPrint view
 
]
James Blunt small

 when my wife saw that James Blunt was to perform at the Zenith in Paris, it took barely 5 minutes to buy tickets. And the big day was finally there.
As a man who enjoys music, I went with her - and was seated between my wife and another female groupie who, when both of them started sreaming, made me deaf for the next minute.
Contrary to the other bands we have seen this year, this show was perfect. Audio was very good, and James Blunt himself performed flawlessly for all :cool: face-cool.svg groupies in the Zenith hall :smile: face-smile.svg

I also did enjoy the show immensely. Contrary to many other "so called" artists, James Blunt really answers to the definition. He definitely has an enjoyable voice, he plays various instruments (Keyboard, Guitars etc.) and he also is nice with his audience, cracking jokes, sharing stories and making the audience participate to the show.. A real showmaster who can be considered as brilliant on stage as the french Singer -M-, whose concert we attended 2 years ago but unfortunately forgot to take pictures. 

Written on Friday, 10 November 2017 - 20:02 | 790 views
spacer line
Barclay James Harves   [ 
View DetailsView details
 
| 
Print ViewPrint view
 
]
BJH

 And another concert we went, to make sure that we'll see our Idoles before they leave the face of this earth.
Thie time, we went to Bad Kreuznach/Germany to watch the Concert named: Retrospective. The place they played in was a small sports-hall, and if there were 400 people present, it was allready a lot. Of course, the average age was around 50, and really only Fans showed up (As this group was not that known during their apogee).
Sadly, the first part of the show had bad audio. As soon as the Bass came out, the audio distortion was so strong that the music was not really enjoyable. Luckily we were not the only ones to notice that, and the technicians on stage fixed it for the second part of the show - where audio then was perfect.
The Music was - as known by BJH, rich in details and really enjoyable. The vocals started to show some age - but that didn't make it less good.


All in all, we didn't regret seeing them. Who knows how long they will still be on stage! 

Written on Wednesday, 1 November 2017 - 22:37 | 844 views
spacer line
Paris-Manga Sci-Fi show event.   [ 
View DetailsView details
 
| 
Print ViewPrint view
 
]
Paris Manga

 And another event we went to: The Paris-Manga Sci-Fi show.
Of course, everyone had to get cosplayed again. The nice thing about going to Paris (Parc des Expositions) is that many people are Cosplayed too.
This time we went there disguised as, from left to right: Ohura (my better half), Capt. Kirk (myself), Rey (my youngest) and Ayano Aichi (my oldest).
It was not as crowded or big as the Gamescom, but the warehouse was warm and welcoming and the people were very happy to be there. So we had our pictures taken and we roamed around the different shops looking for pop figurines the girls are collecting, and some other cool stuff for cosplays to come. 

Written on Sunday, 1 October 2017 - 20:30 | 776 views
spacer line
Gamescom 2017   [ 
View DetailsView details
 
| 
Print ViewPrint view
 
]
Gamescon Lowres

 A new edition for us, only this time with kids and Cosplayed.
The kids were respectively left to right: Ayano Aishi from the Yandere Simulator game, Jessie from Pokemon team Rocket, then comes Ondine Kasumi (also known as Misty in the English speaking world) from the Pokemon universe.
In the back, was my humble person cosplayed as Aiden Pearce from the Watchdogs game. And, last but not least, my Wife who made her own Steam-Punk cosplay - not linked to any game, but rather to a type of game (like Bioshock, Borderlands etc.) - which looked amazing. And we were not the only ones to tell her (many asked her for a picture).

The plan for the next conventions is to have everybody cosplayed in the Steam-Punk fashion.
Due to popular demand, here some high-res pics Pic 1, Pic 2

Written on Sunday, 27 August 2017 - 17:15 | 1299 views
spacer line
Toto and Roger Hodgson Concert   [ 
View DetailsView details
 
| 
Print ViewPrint view
 
]
Hodgson

 it was an amazing 2 days we spent at a charming little town in Switzerland, known as Schaffhausen.
After a early morning flight (7h30 from Paris CDG), we landed in Zürich, took the train to Schaffhausen and started visiting a bit before our Hotel-room became available. The one site to visit is the Munot Fortress.
In the evening, we realized that the event Stars in Town taking place every year since 2010, lasts several days and brings in various stars on stage. Our luck was that we had Toto and Roger Hodson (former Supertramp member. He actually also wrote most of the early songs of Supertramp) performing one after the other. And it was truly amazing.
Roger Hodgson was first, and performed as if he never aged. As last song, as it started to rain - guess which Song he performed? Yes It's raining again This man was also able to enchant his public without really playing the mad man.

Next came Toto. Here, the weight of time started showing up on some of the band members. Even though they had a solid performance, I have to personally mention that depending on the instruments that where played, the audio system distorted pretty strong.
Why does Music at concert always has to max out the amplifiers to a point where the audio quality drops drastically?

Anyway - it was an amazing experience to see our old Idols again, playing what we listen on a daily base at home.  

Written on Thursday, 10 August 2017 - 23:34 | 1337 views
spacer line
Holidays in Greece - again   [ 
View DetailsView details
 
| 
Print ViewPrint view
 
]
Ramnous

 as last year we definitely didn't have enough time to see all that was interesting, we (all family) had decided to go back to the same location, same hotel, same everything - except the sites we had missed. These - we had to see again. Of course, Indy was again part of the team.

Regarding the explored sites, we checked out the Temple of Artemis nesseld in a marvellous valley at Brauron, the impressive abandonned fortress of Ramnous overshadowing Euripe's straits, Corintia's site overlooked by an amazing fortress (we didn't have the courage to climb up to). We tried to meet Hercules at Nemea and looked for a less famous hero named Amphiaraos (somewhere around Oropos).

Of course, we went back to Athens to check out Hadrian's gate, which led us to the temple of Zeus. But most impressive was the natioanl archeological museum, which displayed gold Mycaenien treasures from the Peloponnese (Future destination?). As for the Cycladic museum which was a charming surprise, we strongly recommend it.
A small selection of the pictures we took can be found on our static photo album


Because our oldest had her first level in the FFESSM (French divers association), we also made some diving trips. My wife and the little one were not really happy about the weather influencing our diving excursions (it is not a problem to go visit a site during strong winds, however this could prevent a dive).
What you should not miss, are the various Videos we made from the underwater life around the Marathon bay. Notably, the dive at the Katrakilia/Dikastika, Kinasoura and last but not least, a Night dive in the Marathon Bay

Written on Thursday, 3 August 2017 - 22:11 | 1426 views
spacer line
Logitech Harmony Elite and Hub   [ 
View DetailsView details
 
| 
Print ViewPrint view
 
]
Harmony Elite Hub

 So - as my old Harmony Logitech 785 was dying showing signs of old age, I decided it was time to get a new device to control all our Living room Media devices. Note that my old device did provide good service for almost 10 years, so why not use a Harmony device again?
Checking on the Google Brain Extension, I decided to try out the Logitech Harmony Elite which also has a Hub to control other devices etc.

The main reason I wanted to use that setup is because I did read that you can setup you remote control using your tablet. And that - I have to admit, is a bliss. It took me 30Minutes to setup my systems (Could not migrate my old configuration, as the systems are different, and the software is too). The control of the devices works as expected (Better as with my old device, the contacts on the touch-controls weared out over time), and all systems are responsive as expected.
But then came the big BUT.

As I have decent monitoring systems in place, I realized that something was not right since I had the Harmony hub in place, my DNS Server started to answer way more DNS requests than usual...

I then took a packet capture to check what was happening, and realized that all the traffic was coming from the Harmony Hub - and that one goes to pubnub.com.
My first reaction was to block pubnub.com completely at the firewall level. What happens is that the Hub will issue DNS Queries (2 per second) to get a new IP and probe it to connect to the pubnub.com service. after communicating with Logitech Support, they provided me this explanation as to why this happens. After looking through this, and analyzing the traffic that is going out of the Hub direction pubnub.com, it is mainly a keep-alive data connection, to enable people from the outside of your network to control devices in your home. Imagine it to be a back-door into your home, to enable/disable lights or any other controllable devices of your smart-home.
Only I don't want that. I have no smart-home, and thus no devices to be controlled from out in the internet - and anyway - I would never let any device connect to the Internet that I do not control myself. My first reaction was to block any internet access. But as soon as you do that - you cannot configure the devices anymore.

  • Block the Hub on the Firewall for any outgoing traffic using the REJECT option (actually, the firewall tells the device it has refused the communication request to pass). This was my first big mistake. My internal LAN being very fast, the HUB reacted almost immediately and tried to connect to the next of the 1000 (yes, it tries to connect to ps-10.pubnub.com up to ps-1000.pubnub.com, almost 1000 hosts) to send keepalive signals and sync with the servers
  • Next attempt was to configure a silent DROP into my firewall. This works actually best, but causes the Hub or the Elite Remote to behave weird. Either of these devices becomes unresponsive to any commands. Connecting to the Hub through a tablet app also fails after a while.
  • Last attempt was to Hijack the pubnub.com SOA in my own lan. This is a technique to respond to a requests sent for information from the pubnub.com using my own DNS/Caching Server, and return a 127.0.0.1 to the requestor. This too, was a mistake. As the 127.0.0.1 IP is the local IP of the device, so the Hub knows even faster that there is no response coming from the remote host, thos requests a new host IP for the next probe, resulting too in a higher load on servers etc.

In the end, I configure the Harmony device while opening the network, then after the configuration is Ok, disallow any access to the internet using a silent Drop and hope for a timeout to be high enough so it does not SPAM my network with non necessary requests.

My personal conclusion on the harmony Hub is: If you have a smart home and want to be able to control your lights or any other device in your home, while taking a vacation on the Moon, go for it. If however you are a security and privacy savy person, and want to control the device you let into your LAN, and want to know what is going on, you will have to deny internet access to the Hub which will lead to a weird behavior, sudden unresponsiveness and your family being unhappy because that happens. If you are the latter, get something else.

Hopefully Logitech will add the possibility to disable Pubnub alltogether, because that is a real pain. Also, stabilizing the Hub/remote function when Internet connectivity is cut off, should be revised. So my verdict: Harmony Hub is an unfinished product, not really ready for power users (those who do not accept the fact they don't have the control over it's functionality and what it does).  

Written on Thursday, 29 June 2017 - 20:19 | 1602 views
spacer line
Windows 10 and Antivirus?   [ 
View DetailsView details
 
| 
Print ViewPrint view
 
]
Secure Logo

 Well - many say that in case you have a Windows system running, you need a good antivirus program.
Question I ask myself, especially since in the past I have worked quite some time for a large player in the Enterprise Security Division, why do we need to protect the system? Isn't it a requirement that the OS and the applications are programmed decently to not let any malicious code get into the system?
That's how it should be. But in reality we actually have 2 FAIL conditions:

1 - The Operating system is not secured correctly (Poor code) :confused: face-confused.svg
2 - Marketing of the AV manufacturers tells you that without AV, you are vulnerable :sick: face-sick.svg

The worst part is that everyone believes it :angry: face-angry.svg. It goes as far that the Ministry of security tells you to actually install one or better 2 AV software on your computer, and Insurances will insure your business only if you have AV software running on your devices.
This - actually - is a craptacular mess. It only shows we are dealing with the symptoms and are not dealing with the root-cause of the issue - and are believing Marketing crap by the vendors selling AV Software and Microsoft not being able to secure the OS they created - namely the poor crappy code that is at the source of this entire clusterf*ck called IT Security. Thank you so much Microsoft for your role as a leader and as an example of what not to do.

Many however are asking me what to do in terms of security. A part from the fact to dump Microsoft products alltogether, there is not much I can advise. Thing is - my wife and I have 2 Gaming rigs. These are running Windows 7 and Steam/Ubisoft and that's it. These rigs are running now for 5 years, and we had no Viruses on it. But we have applied the following rules to the letter on these rigs (For day to day work, note that we have both mac-mini's. Mine running under linux, my wife's running OS-X). For the kids, connecting to the Internet is allowed only through their Tablets or a dedicated linux network machine.
So - for Windows, strictly apply the following rules:

  • Don't install third-party Anti-Virus Software (Symantec, Avast, Kaspersky etc. - with a lot of luck, they may be able to detect 50% of existing viruses - but for that the performance impact impact of your rig will be up to 20%). To be able to do their work, they need to implant themselves into the system and if that is not done right (as often seen), open up the system to attackers. Something they are supposed to prevent. What Windows 10 provides out of the box is largely enough, and is well integrated to the system already.
  • Make sure your OS is always up to date. Activate automatic updates and let the system install these on a regular base.
    Don't you hate it when your systems boots up under your ass in the middle of a presentation or while writing a document, and there's nothing you can do about it?
    Also, during the Period Microsoft tried to force users to upgrade to Windows 10 - we had to actually disable the Auto-Update function and lock the network down! Shame on you M$.
  • Don't ever read mails under Windows. E-Mails are one of the primary back doors to your Windows System. In case you have to, use Chrome and read mails using GMail Web-UI. Google is known to be very strict on tagging and sorting out suspicious content/mails.
  • Don't ever click on links provided to you by mail or friends through social media. Identify the WebSite the link points to, and enter it manually into your browser. Then use the identifier to find the page.
    Remember - a router/firewall will prevent any connections from outside to the inside. When you click on a link however, you tell the firewall to expect a response from that link's destination. And once you have downloaded code (javascript/ajax), the latter is executed on your browser inside your LAN. This also means that any malicious software can now connect to any site on the outside - once you so gently downloaded it to your local computer by clicking on a link provided to you by friends
  • Don't do social media through Windows OS. The temptation to open a friend's provided link (which can be due to a hacked account) is too high. Use your phone for that!
  • In the Windows 10 Settings pane, disable anything that would provide Microsoft or any third-party your data. This also means disabling Microsoft cloud integration, not using Skype etc.
  • Use a password safe (OpenSource) to store all you login/passwords. Don't allow any system integrated password saving program to do that for you. You don't know where they store your data!
  • Make regular backups of your data. Best is to separate the OS and the user-dat a partition, and make a regular backup on an separated device that will be unplugged after the backup is done.

On the other hand - there are various other things I do to protect our LAN from malicious code attacks.

  • Block various services to traverse your firewall from LAN -> World.
    - This includes essentially DNS requests. Only exception here is your DNS Server.
    - Block all Data collecting/telemetry sites microsoft sends its data to. I had provided a list in an entry to my site here
  • Download regular threat-network lists and let your firewall block these. These lists provide the subnets and/or IP's that are currently known to be controlled by botnets. Locking these out immediatly prevents them to become active against your network. Lock-Direction should be bi-directional and make sure to also block already initiated connections!
  • Use DNS Blacklists and integrate these into your local DNS Server. The principle is actually pretty efficient. It performs a SOA Hijack operation, and returns the local loopback IP of every device if that hostn...  Read more  

Written on Sunday, 5 February 2017 - 10:22 | 2850 views
spacer line
spacer line
      Total of 102 entries found       92 more Next   
 
Problems to  admin(-AT-)solsys(-DOT-)org  - best viewed @ 1920bpp
This site is powered by phpPhobos v2.0b432
© J. Mertin smurphy(-AT-)solsys(-DOT-)org 
Icons - Copyright Breeze artists GPL 2+