Centroid.EU Blog
(this blog is mostly encrypted - adults only)
|
Previous Page
May 7th, 2016
I have a unique home network. This is why I react allergic to people who want
to force a router on me. Another device? And all the topological changes I
have to do to my network! Here is a rundown of my devices:
- hallway - dumb ADSL bridge modem
- hallway - APU router
- hallway - NUC Core i3
- hallway - ASUS 5 GHz AP
- hallway - raspberry pi guest access point
- office - Lanner router
- office - computer 1
- office - macintosh mini (computer 2)
- office - house phone
- office - work phone
- office - fritz repeater
- livingroom - fritz repeater
- livingroom - soekris router
- livingroom - samsung tv
- livingroom - apple tv
- livingroom - fritzbox lte router
- livingroom - freifunk router
Now you may think that some of these can be consolidated into less devices
but there is a problem. I need a firewall between play and work for one,
that's the lanner router. It seperates the office from the rest of the
networks. Where a lot of people who just have a 192.168.178.0/24 network
behind a fritzbox, my network goes deep. I think 3-4 hops deep between
opposite points. I count on routing and not switching. Also re-routing it all
through the hallway to the lte router requires one script on the APU to be
run, which sets new routes out the fritzbox lte router. Highly complex!
I solved this with a vxlan(4) which is layer 2 ethernet over layer 4 UDP.
There is a bit of fragmentation in the wlan because of it but that's on the
main wlan.
Now it goes on to say that without an OS such as OpenBSD I couldn't
even do these network tricks such as vxlan, gif tunnel, ipsec over wlan to
protect phone traffic from the already encrypted wifi. Since wlan is
breakable with effort an ike'd ipsec will keep prying eyes out at first.
Since the computers sleep when I'm away or sleeping there is a bit of
vampire power flowing to keep the RAM in S4 state. But the routers stay
on 24/7. The most these consume I think is 20 watts, which will hopefully
be halfed in 4 years when I'll be looking for replacements. In 2020 the
Lanner for example will be 10 years old and will be retired.
I'm very happy about my network I have. But adding another fritzbox for
example would ruin the entire setup. This is why I hate what we germans
call "zwangsrouter" and I look sceptically at proposals to get routers
certified. How will this help me at all, when most consumer routers are
trash to begin with, security wise or functionality wise? Thanks for
reading.
0 comments
RPI Guest AP done, but not for 2.4 GHz
May 7th, 2016
Well the idea below I turned it around and it works. The AP is supposed to
reboot at 4AM with a new password for the WIFI. However, the 2.4 GHz
spectrum is used too much around here. So I'm steering clear of it all and
using the 5 GHz spectrum, but for that I had to order a new wifi dongle. It'll
be here by wednesday next week. What a neat project. Thanks Heise.de!
0 comments
Not passing down my RPI after all
May 5th, 2016
I was going to hand down my RPI to someone as told on this website but noone
was interested. So I'M going to make a guest Wifi AP out of it. The idea
I got here. I have an external display for the RPI after
all so it can display a QR code for the guest WIFI on a daily or semi-daily
basis. I had never thought of this but it's so brilliant. I'll be testing
it with my ipod which does have QR scanner afaik. The AP will reside beside
my other AP and be plugged into it. I'll probably VLAN it though to the
router which will firewall it away from the rest of my network. It truely
will be a guest access point. Brilliant!
0 comments
My dreamworld
May 3rd, 2016
When I dream at nights I think of the weirdest things, here is what I dream
about occasionally:
- kiwi's - In my language in my dreams a kiwi is a green laser. These usually
scare the hell out of me, for reasons unknown.
- escape - In my dreams I'm often trapped and what appears to be a mental
institution. I often find myself escaping.
- masks - masks such as those worn in Shakespeare's Romeo and Juliet sometimes
hide the identity of my counterparts in dreams.
- Computers - computers are a part in my dream but not always, subways,
streets, and institutional buildings, military facilities as well.
- counting - I often miss an exit often I take the second chance to exit.
- vampires - I'm often a vampire in my dreams, but with fears, anxiety and
I can't fly, I sort of float down.
- presidents - george w. bush often appeared in my dreams, angela merkel and
barack obama not so much.
- deja vous - I sometimes redream going to a place which later makes me
unsure if I went once or twice to that place.
- sex - sometimes I dream of a pretty blonde, very seldom
0 comments
Blog's birthday
May 2nd, 2016
In 5 days is the 7th anniversary of this blog.
Here is
the first article I wrote as far as I can tell. If you've been reading my
blog for a considerable time, I thank you. It's nice to be interesting. Or
maybe you are just stopping by and found something you like? To be honest
I think the mood of the blog changed a few times, at one time I wrote both
german and english into it. I have settled on just english. This suits the
EU readers of this blog more since english is the #1 EU language for ESL
speakers. I also reported on changes to delphinusdnsd a lot, if you were
following that perhaps you found what you were looking for.
0 comments
Considering an SSD upgrade
May 2nd, 2016
I have had SSD's for close to 6 years now. One of the earliest occurences of
me mentioning SSD's was here.
I think it's time to upgrade my capacity on 3 computers with SSD and get
appropriate hd backup storage. I'm thinking of replacing the 40 and 80 GB
SSD's in my routers to 256 GB models. The main workstation that I use..
beta.virgostar.net, would get a 1 TB SSD and a 4 TB harddrive external backup
drive. We're looking at about 500 euros in upgrades. Still considering it.
0 comments
13,500 positions in the German Cyber Army
May 1st, 2016
The german bundeswehr is recruiting hacker talent.
While this is a staggering high number I don't think it's enough and the
approach is wrong. If you look at security, it is a chain. From the smartest
to the dumbest person. If someone can break through the defenses at the
weakest link, the entire chain collapses. That's why I think hiring talent
like is done commercially will not work. Geeks and cyber enthusiasts work
different on many levels. For one, there is no hierarchy everyone is equal to
start. People are judged by their smarts and abilities not by their rank they
might have gotten by looking pretty. So hacker culture and military hierarchy
will clash. It won't work. Pretend they want to make it the best system on
earth.
Pretend they want to build an OS that is secure for the military but
they want to keep windows systems as before. That is what I call a condom
solution, and condoms break. Ie. a firewall is a condom solution if it is
designed to protect the network traffic of a weak windows system. Let me
give you an example how that looks like in a wolf vs. the three pigs scenario.
The wolf will be stopped by a firewall which is made of brick and the pigs
are in a straw hut behind the firewall. If they happen to create a socket out
to the big bad wolfland the chances that they are going to be compromised are
high. So while the firewall sits there unknowingly the fire has burned down
the pigs hut. That's what will happen. Pretend they replace all windows with
this new military OS, chances are that the dumbest soldier will fall victim to
outside elements.
It's like the enigma machine of world war 2. Soldiers
back then had no clue how it worked, they blindly followed orders to use it.
And they didn't second-guess it. They should have. I'm saying this not
because I have nazi sentiments or that I wanted ww2 to last four years longer
than it would have if the enigma was not used, but I'm saying this because
I draw lessons out of history. What really needs to happen, if a nation is
serious about cyber warfare, is that the entire army needs to be groomed
around smarts, not muscles. But preferably both. A cyber culture needs to
take over in the military, and decisions must come from the smartest in order
to continue. In many cases the Internet is the weakest link in terms of
keeping secrets. A smart army does not engage the Internet without having the
right defensive mechanisms in place to thwart off an undermining from the
Internet. The foes of a military on the Internet can't be categorized. For
all we know they could be extraterrestrial aliens even, it's not impossible.
So where do I fit in to say these words? I never participated in cyber
warfare. But I studied some weapons of cyber warfare. Code words such as
smurf, fraggle, pepsi, land, teardrop are not foreign to me, although they
date back to the 1990's. And in some regard the Internet hasn't changed
much since the 1990's. I'm very careful with these tools, in fact if I
ever had to actively use their concepts I would build my own tools as I
distrusted the exploits posted to bugtraq (another ancient full disclosure site)
one hundred percent. Even with the author of smurf who I was close to I
disagreed with his idea of how to spoof an IP packet, but that's irrelevant now.
Now to use these concepts or to defend against them I do hope the military
wants to hire 13000 programmers and 500 scripters because what it comes down
to is programming and not scripting. It's a battle of the minds, productivity,
and I fear the bundeswehr is not ready. We'll see though. Good luck!
0 comments
Doing a training session this summer
April 22nd, 2016
I have booked a training session in the ruby programming language in august
of this year. I'll be learning ruby for 4 days with an instructor. I already
know ruby but not solid so I'm going to do this. Plus it's putting my feet
in the water to more training that I hope to do. At the same time I'm going
to have my vacation then. Looking forward to it.
0 comments
Stand down! OK.
April 15th, 2016
The world is heading toward a conflict. It's time to stand down. It's time
to look back in history and try to understand why people didn't stand down in
the 1930's, and then do the the opposite they did. I shouldn't be even saying
this but the warning signs are in the red. It's time to stand down.
0 comments
12 months of Parship
April 13th, 2016
As you may know I'm single. Finding someone nice hasn't been my priority.
So I'm trying to change that and find someone nice so I went to parship.de
and got a years membership. They aren't cheap by no means. But my train
of thought is, if I can find someone perhaps a gf or even a wife it will
pay itself off 100x to what I'm paying for this. Years ago I tried other
matchmaking services but I hope I have found the right one here. We'll
see.
0 comments
Next Page
|
Search
RSS Feed
Click here for RSS
On this day in
Other links
Have feedback?
By clicking on the header of an article you will be
served a cookie. If you do not agree to this do not
click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries
March, 2023
February, 2023
January, 2023
December, 2022
November, 2022
October, 2022
September, 2022
August, 2022
July, 2022
June, 2022
May, 2022
April, 2022
March, 2022
February, 2022
January, 2022
December, 2021
November, 2021
October, 2021
September, 2021
March, 2021
February, 2021
January, 2021
December, 2020
November, 2020
October, 2020
September, 2020
August, 2020
July, 2020
June, 2020
May, 2020
April, 2020
March, 2020
February, 2020
January, 2020
December, 2019
November, 2019
October, 2019
September, 2019
August, 2019
July, 2019
June, 2019
May, 2019
April, 2019
March, 2019
February, 2019
January, 2019
December, 2018
November, 2018
October, 2018
September, 2018
August, 2018
July, 2018
June, 2018
May, 2018
April, 2018
March, 2018
February, 2018
January, 2018
December, 2017
November, 2017
October, 2017
September, 2017
August, 2017
July, 2017
June, 2017
May, 2017
April, 2017
March, 2017
February, 2017
January, 2017
December, 2016
November, 2016
October, 2016
September, 2016
August, 2016
July, 2016
June, 2016
May, 2016
April, 2016
March, 2016
February, 2016
January, 2016
December, 2015
November, 2015
October, 2015
September, 2015
August, 2015
July, 2015
June, 2015
May, 2015
April, 2015
March, 2015
February, 2015
January, 2015
December, 2014
November, 2014
October, 2014
September, 2014
August, 2014
July, 2014
June, 2014
May, 2014
April, 2014
March, 2014
February, 2014
January, 2014
December, 2013
November, 2013
October, 2013
September, 2013
August, 2013
July, 2013
June, 2013
May, 2013
April, 2013
March, 2013
February, 2013
January, 2013
December, 2012
November, 2012
October, 2012
September, 2012
August, 2012
July, 2012
June, 2012
May, 2012
April, 2012
March, 2012
February, 2012
January, 2012
December, 2011
November, 2011
October, 2011
September, 2011
August, 2011
July, 2011
June, 2011
May, 2011
April, 2011
March, 2011
February, 2011
January, 2011
December, 2010
November, 2010
October, 2010
September, 2010
August, 2010
July, 2010
June, 2010
May, 2010
April, 2010
March, 2010
February, 2010
January, 2010
December, 2009
November, 2009
October, 2009
September, 2009
August, 2009
July, 2009
June, 2009
May, 2009
Powered by BCHS
|