Centroid.EU Blog

(this blog is mostly encrypted - adults only)
  

Previous Page


Purchased Reggae for March

February 26th, 2014

Two Albums because it's my birthday mid month. I have purchased:

  • Lutan Fyah - Life of a King
  • Queen Ifrica - Penthouse Flashback Series
Ok I'm going to listen to these now...on random.

0 comments

Win for the Consumer in Germany

February 25th, 2014

Consumers who have been locked in by their ISP to use a certain router don't have to comply to this anymore. Apparently the Bundesnetzagentur has made it law starting today that "Routerzwang" is not legal anymore. This is a win for the consumer in my eyes. Those ISP's that don't give up access data to their users are making themselves liable to be sued.

0 comments

Upgraded my FritzBox Repeater 300E

February 20th, 2014

AVM the manufacturer of routers and networking gear has provided a fix on most of its products against a root-exploit. My AVM Repeater 300E was also affected so I flashed its firmware. It took me 30 minutes after that trying to figure out why my network didn't work anymore. Turns out that the upgrade changed the MAC address of the repeater and network nodes behind it and I used static permanent ARP on my OpenBSD router. Hence nothing worked until I deleted the arp entry and updated it with a new one.

0 comments

My Apartment: Year 1

February 19th, 2014

On February 13th, 2013 I moved in here. I don't regret moving here at all. It's a nice place. The setup that you see in the photo is pretty well what it is now, sans the G4 Cube which has been donated to the OpenBSD Project. Anyhow...

0 comments

New Computer, the decision factor

February 18th, 2014

In 2 months I'm buying a new computer. I plan on gathering a list on what I want and then ask a computer store to put it together for me. That's how I did Jupiter (computer) last. This new computer will be named Mercury. So far I have gathered these links:

Now this selection leaves a few questions. I know the Xeon is more powerful than the Core i7, and I don't need a graphics chip so I'll probably go with a Xeon. But is this CPU compatible with the SABERTOOTH mainboard I do not know. I've found a site that says they work together but that some functionality of the Xeon don't work. My question is.. would that make it more unstable? As far as storage and video card is concerned; I'll be reusing my SSD from Jupiter and also the graphics card, although when these people build my new Mercury I'll ask them to put an AMD/ATI card in there.

Mercury will be running the OpenBSD Operating System natively just like Jupiter did. I'm gonna try to put 32 GB of RAM in there. Jupiter only had 8 GB. Well here's to planning this computer. OBTW if I didn't get OpenBSD on the thing I'd try Linux or buy a Mac.

0 comments

OpenSMTPD on FreeBSD with SpamAssassin

February 15th, 2014

Today the spam got to me in such a way that I wanted to try out a spam filter. I decided to work with spamassassin because I've never tried it before. SpamAssassin is a perl script that uses Bayesian filters to mark/tag a mail as spam when a certain score is reached.

So what I did was first bring my FreeBSD's mail jail up to speed. A portupgrade -af put everything installed from /usr/ports to the latest version.

Next I installed /usr/ports/mail/p5-Mail-SpamAssassin, I selected to not run as root which was recommended for some reason. Then I played a bit with amavisd and couldn't figure it out. Next I tried spampd which uses spamassassin and it worked right away. With a few tests I installed a new opensmtpd (which isn't the latest in the ports, I compiled it from an old snapshot, beware) configuration file and I'll share it with you:

listen on 10.3.2.1 port 25 tls certificate mail.solarscale.de auth-optional
listen on 2a01:4f8:d13:1980::25 port 25 tls certificate mail.solarscale.de auth-optional
listen on 127.0.0.1 port 10025 tag DESPAMMED

table aliases db:/usr/local/etc/aliases.db
table users db:/usr/local/etc/smtpusers.db

max-message-size 90000000

accept tagged DESPAMMED for domain "centroid.eu" virtual  deliver to mbox
accept tagged DESPAMMED for domain "galileo.solarscale.de" virtual  deliver to mbox
accept tagged DESPAMMED for domain "solarscale.de" virtual  deliver to mbox
accept tagged DESPAMMED for domain "io.solarscale.de" virtual  deliver to mbox
accept tagged DESPAMMED for domain "amdeutschhof.de" virtual  deliver to mbox
accept tagged DESPAMMED for domain "virgostar.net" virtual  deliver to mbox

accept for local alias  deliver to mbox

# domains in order
accept from any for domain "galileo.solarscale.de" alias  relay via smtp://127.0.0.1:10024
accept from any for domain "centroid.eu" virtual  relay via smtp://127.0.0.1:10024
accept from any for domain "solarscale.de" virtual  relay via smtp://127.0.0.1:10024
accept from any for domain "io.solarscale.de" virtual  relay via smtp://127.0.0.1:10024
accept from any for domain "amdeutschhof.de" virtual  relay via smtp://127.0.0.1:10024
accept from any for domain "virgostar.net" virtual  relay via smtp://127.0.0.1:10024

accept for any relay

And then in spampd I had the following config as read from /etc/rc.conf

spampd_enable="YES"
spampd_flags="--user=spamd --group=spamd --host 127.0.0.1:10024 \
--relayhost=127.0.0.1:10025 --dose --tagall --auto-whitelist"

That was all I had to do. I've run a thousand test mails and have watched mail come in, the highest score I got was 3.4 out of 5.0, so not quite spam. But i'm sure I'll get a spam mail one of these days...

0 comments

Happy Valentines day!

February 14th, 2014

I got a new book for Valentines day. Written in the german language it is "Peer-to-Peer-Netzwerke" (P2P Networks) by Peter Mahlmann and Christian Schindelhauer. I have read a little bit in this book already and think it was worth the buy.

0 comments

SVPRadio.COM did get Media attention in 2012

February 13th, 2014

I recently found this article at googling for SVP Radio. Probably missed by many as it was new years, but worth the read anyhow. I was silly last night listening on SVP Radio until 4AM! Good times! svpradio.com.

0 comments

Security can be about Incentives

February 12th, 2014

Basically if the governments want a secure infrastructure they could offer incentives for companies to act accordingly. How does the government do that? By giving away money, for free, given a set of conditions.

Pretend the incentive is set for secure email in that the provider encrypts per SSL in and outgoing email, that's worth some money. If the provider also encrypts mailboxes that are used to store your mail so that even the administrators would be penalized in time if they snooped that would be another set of duckets.

If the provider installs anti-spoof filters, that's another incentive to give them money. And deflection attacks would be minimized. You can go further, VPN exchanges could be set up which are like Internet exchange points but they only pass ESP and IKE/Oakley. Networks that are interested in attaching to these exchange points will have to "peer" with their peers by exchanging crypto certificates and then their traffic is encrypted over the exchange point.

What else can you do, governments could offer money incentives for people programming in secure Open Source software, and money incentives for people providing right patches to fix mistakes. An entire community of security professionals could thus in a non-binding manner make their living. It's an open market, no deadlines but no bullshit.

Think about it Mr. Politician.

0 comments

New naming scheme after planets

February 12th, 2014

I have 1 planet left to name, and that'll happen soon after the month of march. And then I'll be naming hosts after the greek alphabet. This will give me 24 possible names. I have a png from wikipedia here:

This is in my plans.

0 comments

Next Page

Search

RSS Feed

Click here for RSS

On this day in

Other links

Have feedback?

By clicking on the header of an article you will be served a cookie. If you do not agree to this do not click on the header. Thanks!

Using a text-based webbrowser?

... such as lynx? Welcome back it's working again for the time being.

Older Blog Entries


Powered by BCHS