Centroid.EU Blog(this blog is mostly encrypted - adults only)
May 7th, 2016
I have a unique home network. This is why I react allergic to people who want
to force a router on me. Another device? And all the topological changes I
have to do to my network! Here is a rundown of my devices:
- hallway - dumb ADSL bridge modem
- hallway - APU router
- hallway - NUC Core i3
- hallway - ASUS 5 GHz AP
- hallway - raspberry pi guest access point
- office - Lanner router
- office - computer 1
- office - macintosh mini (computer 2)
- office - house phone
- office - work phone
- office - fritz repeater
- livingroom - fritz repeater
- livingroom - soekris router
- livingroom - samsung tv
- livingroom - apple tv
- livingroom - fritzbox lte router
- livingroom - freifunk router
Now you may think that some of these can be consolidated into less devices
but there is a problem. I need a firewall between play and work for one,
that's the lanner router. It seperates the office from the rest of the
networks. Where a lot of people who just have a 192.168.178.0/24 network
behind a fritzbox, my network goes deep. I think 3-4 hops deep between
opposite points. I count on routing and not switching. Also re-routing it all
through the hallway to the lte router requires one script on the APU to be
run, which sets new routes out the fritzbox lte router. Highly complex!
I solved this with a vxlan(4) which is layer 2 ethernet over layer 4 UDP.
There is a bit of fragmentation in the wlan because of it but that's on the
Now it goes on to say that without an OS such as OpenBSD I couldn't
even do these network tricks such as vxlan, gif tunnel, ipsec over wlan to
protect phone traffic from the already encrypted wifi. Since wlan is
breakable with effort an ike'd ipsec will keep prying eyes out at first.
Since the computers sleep when I'm away or sleeping there is a bit of
vampire power flowing to keep the RAM in S4 state. But the routers stay
on 24/7. The most these consume I think is 20 watts, which will hopefully
be halfed in 4 years when I'll be looking for replacements. In 2020 the
Lanner for example will be 10 years old and will be retired.
I'm very happy about my network I have. But adding another fritzbox for
example would ruin the entire setup. This is why I hate what we germans
call "zwangsrouter" and I look sceptically at proposals to get routers
certified. How will this help me at all, when most consumer routers are
trash to begin with, security wise or functionality wise? Thanks for
May 7th, 2016
Well the idea below I turned it around and it works. The AP is supposed to
reboot at 4AM with a new password for the WIFI. However, the 2.4 GHz
spectrum is used too much around here. So I'm steering clear of it all and
using the 5 GHz spectrum, but for that I had to order a new wifi dongle. It'll
be here by wednesday next week. What a neat project. Thanks Heise.de!
May 5th, 2016
I was going to hand down my RPI to someone as told on this website but noone
was interested. So I'M going to make a guest Wifi AP out of it. The idea
I got here. I have an external display for the RPI after
all so it can display a QR code for the guest WIFI on a daily or semi-daily
basis. I had never thought of this but it's so brilliant. I'll be testing
it with my ipod which does have QR scanner afaik. The AP will reside beside
my other AP and be plugged into it. I'll probably VLAN it though to the
router which will firewall it away from the rest of my network. It truely
will be a guest access point. Brilliant!
May 3rd, 2016
When I dream at nights I think of the weirdest things, here is what I dream
- kiwi's - In my language in my dreams a kiwi is a green laser. These usually
scare the hell out of me, for reasons unknown.
- escape - In my dreams I'm often trapped and what appears to be a mental
institution. I often find myself escaping.
- masks - masks such as those worn in Shakespeare's Romeo and Juliet sometimes
hide the identity of my counterparts in dreams.
- Computers - computers are a part in my dream but not always, subways,
streets, and institutional buildings, military facilities as well.
- counting - I often miss an exit often I take the second chance to exit.
- vampires - I'm often a vampire in my dreams, but with fears, anxiety and
I can't fly, I sort of float down.
- presidents - george w. bush often appeared in my dreams, angela merkel and
barack obama not so much.
- deja vous - I sometimes redream going to a place which later makes me
unsure if I went once or twice to that place.
- sex - sometimes I dream of a pretty blonde, very seldom
May 2nd, 2016
In 5 days is the 7th anniversary of this blog.
the first article I wrote as far as I can tell. If you've been reading my
blog for a considerable time, I thank you. It's nice to be interesting. Or
maybe you are just stopping by and found something you like? To be honest
I think the mood of the blog changed a few times, at one time I wrote both
german and english into it. I have settled on just english. This suits the
EU readers of this blog more since english is the #1 EU language for ESL
speakers. I also reported on changes to delphinusdnsd a lot, if you were
following that perhaps you found what you were looking for.
May 2nd, 2016
I have had SSD's for close to 6 years now. One of the earliest occurences of
me mentioning SSD's was here.
I think it's time to upgrade my capacity on 3 computers with SSD and get
appropriate hd backup storage. I'm thinking of replacing the 40 and 80 GB
SSD's in my routers to 256 GB models. The main workstation that I use..
beta.virgostar.net, would get a 1 TB SSD and a 4 TB harddrive external backup
drive. We're looking at about 500 euros in upgrades. Still considering it.
May 1st, 2016
The german bundeswehr is recruiting hacker talent.
While this is a staggering high number I don't think it's enough and the
approach is wrong. If you look at security, it is a chain. From the smartest
to the dumbest person. If someone can break through the defenses at the
weakest link, the entire chain collapses. That's why I think hiring talent
like is done commercially will not work. Geeks and cyber enthusiasts work
different on many levels. For one, there is no hierarchy everyone is equal to
start. People are judged by their smarts and abilities not by their rank they
might have gotten by looking pretty. So hacker culture and military hierarchy
will clash. It won't work. Pretend they want to make it the best system on
Pretend they want to build an OS that is secure for the military but
they want to keep windows systems as before. That is what I call a condom
solution, and condoms break. Ie. a firewall is a condom solution if it is
designed to protect the network traffic of a weak windows system. Let me
give you an example how that looks like in a wolf vs. the three pigs scenario.
The wolf will be stopped by a firewall which is made of brick and the pigs
are in a straw hut behind the firewall. If they happen to create a socket out
to the big bad wolfland the chances that they are going to be compromised are
high. So while the firewall sits there unknowingly the fire has burned down
the pigs hut. That's what will happen. Pretend they replace all windows with
this new military OS, chances are that the dumbest soldier will fall victim to
It's like the enigma machine of world war 2. Soldiers
back then had no clue how it worked, they blindly followed orders to use it.
And they didn't second-guess it. They should have. I'm saying this not
because I have nazi sentiments or that I wanted ww2 to last four years longer
than it would have if the enigma was not used, but I'm saying this because
I draw lessons out of history. What really needs to happen, if a nation is
serious about cyber warfare, is that the entire army needs to be groomed
around smarts, not muscles. But preferably both. A cyber culture needs to
take over in the military, and decisions must come from the smartest in order
to continue. In many cases the Internet is the weakest link in terms of
keeping secrets. A smart army does not engage the Internet without having the
right defensive mechanisms in place to thwart off an undermining from the
Internet. The foes of a military on the Internet can't be categorized. For
all we know they could be extraterrestrial aliens even, it's not impossible.
So where do I fit in to say these words? I never participated in cyber
warfare. But I studied some weapons of cyber warfare. Code words such as
smurf, fraggle, pepsi, land, teardrop are not foreign to me, although they
date back to the 1990's. And in some regard the Internet hasn't changed
much since the 1990's. I'm very careful with these tools, in fact if I
ever had to actively use their concepts I would build my own tools as I
distrusted the exploits posted to bugtraq (another ancient full disclosure site)
one hundred percent. Even with the author of smurf who I was close to I
disagreed with his idea of how to spoof an IP packet, but that's irrelevant now.
Now to use these concepts or to defend against them I do hope the military
wants to hire 13000 programmers and 500 scripters because what it comes down
to is programming and not scripting. It's a battle of the minds, productivity,
and I fear the bundeswehr is not ready. We'll see though. Good luck!
April 22nd, 2016
I have booked a training session in the ruby programming language in august
of this year. I'll be learning ruby for 4 days with an instructor. I already
know ruby but not solid so I'm going to do this. Plus it's putting my feet
in the water to more training that I hope to do. At the same time I'm going
to have my vacation then. Looking forward to it.
April 15th, 2016
The world is heading toward a conflict. It's time to stand down. It's time
to look back in history and try to understand why people didn't stand down in
the 1930's, and then do the the opposite they did. I shouldn't be even saying
this but the warning signs are in the red. It's time to stand down.
April 13th, 2016
As you may know I'm single. Finding someone nice hasn't been my priority.
So I'm trying to change that and find someone nice so I went to parship.de
and got a years membership. They aren't cheap by no means. But my train
of thought is, if I can find someone perhaps a gf or even a wife it will
pay itself off 100x to what I'm paying for this. Years ago I tried other
matchmaking services but I hope I have found the right one here. We'll
Click here for RSS
On this day in
By clicking on the header of an article you will be
served a cookie. If you do not agree to this do not
click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries
Powered by BCHS