Centroid.EU Blog(this blog is mostly encrypted - adults only)
February 26th, 2014
Two Albums because it's my birthday mid month. I have purchased:
- Lutan Fyah - Life of a King
- Queen Ifrica - Penthouse Flashback Series
Ok I'm going to listen to these now...on random.
February 25th, 2014
Consumers who have been locked in by their ISP to use a certain router don't
have to comply to this anymore. Apparently the Bundesnetzagentur has made it
law starting today that "Routerzwang" is not legal anymore. This is a win for the consumer in my eyes. Those
ISP's that don't give up access data to their users are making themselves
liable to be sued.
February 20th, 2014
AVM the manufacturer of routers and networking gear has provided a fix on
most of its products against a root-exploit. My AVM Repeater 300E was also
affected so I flashed its firmware. It took me 30 minutes after that trying
to figure out why my network didn't work anymore. Turns out that the upgrade
changed the MAC address of the repeater and network nodes behind it and I
used static permanent ARP on my OpenBSD router. Hence nothing worked until
I deleted the arp entry and updated it with a new one.
February 19th, 2014
On February 13th, 2013 I moved in here.
I don't regret moving here at all. It's a nice place. The setup that you see
in the photo is pretty well what it is now, sans the G4 Cube which has been
donated to the OpenBSD Project. Anyhow...
February 18th, 2014
In 2 months I'm buying a new computer. I plan on gathering a list on what
I want and then ask a computer store to put it together for me. That's how
I did Jupiter (computer) last. This new computer will be named Mercury.
So far I have gathered these links:
Now this selection leaves a few questions. I know the Xeon is more powerful
than the Core i7, and I don't need a graphics chip so I'll probably go with a
Xeon. But is this CPU compatible with the SABERTOOTH mainboard I do not know.
I've found a site that says they work together but that some functionality of
the Xeon don't work. My question is.. would that make it more unstable? As
far as storage and video card is concerned; I'll be reusing my SSD from
Jupiter and also the graphics card, although when these people build my new
Mercury I'll ask them to put an AMD/ATI card in there.
Mercury will be running the OpenBSD Operating System natively just like
Jupiter did. I'm gonna try to put 32 GB of RAM in there. Jupiter only had
8 GB. Well here's to planning this computer. OBTW if I didn't get OpenBSD
on the thing I'd try Linux or buy a Mac.
February 15th, 2014
Today the spam got to me in such a way that I wanted to try out a spam filter.
I decided to work with spamassassin because I've never tried it before.
SpamAssassin is a perl script that uses Bayesian filters to mark/tag a mail
as spam when a certain score is reached.
So what I did was first bring my FreeBSD's mail jail up to speed. A
portupgrade -af put everything installed from /usr/ports to the latest
Next I installed /usr/ports/mail/p5-Mail-SpamAssassin, I selected to not
run as root which was recommended for some reason. Then I played a bit
with amavisd and couldn't figure it out. Next I tried spampd which uses
spamassassin and it worked right away. With a few tests I installed a new
opensmtpd (which isn't the latest in the ports, I compiled it from an old
snapshot, beware) configuration file and I'll share it with you:
listen on 10.3.2.1 port 25 tls certificate mail.solarscale.de auth-optional
listen on 2a01:4f8:d13:1980::25 port 25 tls certificate mail.solarscale.de auth-optional
listen on 127.0.0.1 port 10025 tag DESPAMMED
table aliases db:/usr/local/etc/aliases.db
table users db:/usr/local/etc/smtpusers.db
accept tagged DESPAMMED for domain "centroid.eu" virtual deliver to mbox
accept tagged DESPAMMED for domain "galileo.solarscale.de" virtual deliver to mbox
accept tagged DESPAMMED for domain "solarscale.de" virtual deliver to mbox
accept tagged DESPAMMED for domain "io.solarscale.de" virtual deliver to mbox
accept tagged DESPAMMED for domain "amdeutschhof.de" virtual deliver to mbox
accept tagged DESPAMMED for domain "virgostar.net" virtual deliver to mbox
accept for local alias deliver to mbox
# domains in order
accept from any for domain "galileo.solarscale.de" alias relay via smtp://127.0.0.1:10024
accept from any for domain "centroid.eu" virtual relay via smtp://127.0.0.1:10024
accept from any for domain "solarscale.de" virtual relay via smtp://127.0.0.1:10024
accept from any for domain "io.solarscale.de" virtual relay via smtp://127.0.0.1:10024
accept from any for domain "amdeutschhof.de" virtual relay via smtp://127.0.0.1:10024
accept from any for domain "virgostar.net" virtual relay via smtp://127.0.0.1:10024
accept for any relay
And then in spampd I had the following config as read from /etc/rc.conf
spampd_flags="--user=spamd --group=spamd --host 127.0.0.1:10024 \
--relayhost=127.0.0.1:10025 --dose --tagall --auto-whitelist"
That was all I had to do. I've run a thousand test mails and have watched
mail come in, the highest score I got was 3.4 out of 5.0, so not quite spam.
But i'm sure I'll get a spam mail one of these days...
February 14th, 2014
I got a new book for Valentines day. Written in the german language it is
"Peer-to-Peer-Netzwerke" (P2P Networks) by Peter Mahlmann and Christian
Schindelhauer. I have read a little bit in this book already and think it
was worth the buy.
February 13th, 2014
I recently found this article at googling for
SVP Radio. Probably missed by many as it was new years, but worth the read
anyhow. I was silly last night listening on SVP Radio until 4AM! Good times!
February 12th, 2014
Basically if the governments want a secure infrastructure they could
offer incentives for companies to act accordingly. How does the
government do that? By giving away money, for free, given a set of
Pretend the incentive is set for secure email in that the provider
encrypts per SSL in and outgoing email, that's worth some money.
If the provider also encrypts mailboxes that are used to store your
mail so that even the administrators would be penalized in time if they
snooped that would be another set of duckets.
If the provider installs anti-spoof filters, that's another incentive
to give them money. And deflection attacks would be minimized. You
can go further, VPN exchanges could be set up which are like Internet
exchange points but they only pass ESP and IKE/Oakley. Networks that
are interested in attaching to these exchange points will have to
"peer" with their peers by exchanging crypto certificates and then
their traffic is encrypted over the exchange point.
What else can you do, governments could offer money incentives for people
programming in secure Open Source software, and money incentives for
people providing right patches to fix mistakes. An entire community of
security professionals could thus in a non-binding manner make their
living. It's an open market, no deadlines but no bullshit.
Think about it Mr. Politician.
February 12th, 2014
I have 1 planet left to name, and that'll happen soon after the month of
march. And then I'll be naming hosts after the greek alphabet. This will
give me 24 possible names. I have a png from wikipedia here:
This is in my plans.
Click here for RSS
On this day in
By clicking on the header of an article you will be
served a cookie. If you do not agree to this do not
click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries
Powered by BCHS