Centroid.EU Blog
(this blog is mostly encrypted - adults only)
|
Previous Page
April 20th, 2018
I have enabled DANE. This should verify the signature of my TLS self-signed
certificate for SMTP (STARTTLS) on port 25. A dig output looks like so:
;; QUESTION SECTION:
;_25._tcp.mail.solarscale.de. IN TLSA
;; ANSWER SECTION:
_25._tcp.mail.solarscale.de. 300 IN TLSA 2 0 1 98B61AC29E9891A9CC07A72E57
C38CE7DA306EB08C1058AC08EC39CE 84181C29
_25._tcp.mail.solarscale.de. 300 IN RRSIG TLSA 8 5 300 20180619185611 2018
0420185611 63558 solarscale.de. FOr0n6jh1mKZz6PacZnsXMc+0+Q8fGmJ8q4Fw7uFT5fXBgN$
ckHTLjr3 7db0CGhFr8zDyk0fmV2u/JduJfwaxpf24g3OcakhUWq7aaZf6n9aqOxC yaiUzsYmdHYkF$
MK2SB/xbARZitCUoxaKEmWVGnJMckJZQ/z8c6mfhU/ 6Zs=
;; Query time: 16 msec
It took me two tries to get the 2 0 1 (DANE-TA with certificate checking with
SHA256 checksum). I used this validator @dane.sys4.de. I don't know if this means I have turned on
DEmail at home now or not. Probably not but who knows?
0 comments
Oh Bavaria! :-(
April 16th, 2018
Dear Reader. I want to make you aware of the following laws that are a
threat for mentally ill people in Bavaria (a state in Germany where I live).
The Süddeutsche Zeitung wrote about this today. What I can gather from the news is that it is
easier for the police to target mentally ill people and lock them up with
little evidence of wrongdoing. It makes me sad to no end and fearful.
We're nearing a police state here if these laws make it. And with my estimate
of 10% of the population of having had contact with the mental health system
that would be over 1 million people in Bavaria who get a "police record" for
being mentally ill. What I gather from the article is this record stays in
the police files for 5 years. This is wrong. I'm of the opinion that we
have an increasing problem with poverty and mental illnesses these days and
that's the first thing that the right wingers attack. It's targetting people
who can't defend themselves against a systemic abuse against them.
To be poor is not a
crime, and to become mentally ill is not preventable, it just happens. If we
knew how to prevent it, we'd prevent it, trust me. So this is a russian
roulette with civil liberties. I'm so sad about this. When I hear people
talking of a creeping islamization of europe I roll my eyes, look at what's
really creeping into this land! It's draconian laws and fascism.
I for one won't be voting the CSU party who have invented this law. Also
inform yourself about
Gustl Mollath, who was locked away in a psychiatric institution in this
state and he was neither mentally ill nor guilty of a crime. These laws
could give rise to Mollathism. It's sad.
0 comments
The end of soekris in my household
April 15th, 2018
Yesterday I transplanted the new powersupply in the soekris that I have called
venus, but it turned out to be the logic board after all. So I have the
following items for sale:
- 19" soekris 6501 case with 2 internal power supplies (old one seperate)
- 2x 4 port LAN cards for 6501, and riser
- desktop case for soekris 6501 with SSD mount, included here is my soekris
6501 and external power supply, if you can make the soekris work again it's
yours
- The cases may have some screws missing/lost
- email soekris [at] centroid.eu and make me an offer for any of the items
above.
Thanks soekris it was a good ride!
0 comments
Donation time: 100 EUR go to OpenBSD
April 7th, 2018
I have donated 100 EUR to OpenBSD and Theo de Raadt for the 6.3 release.
With this I start with 100 EUR for OpenBSD in 2018. I believe I'll make
a similar donation for 6.4.
0 comments
I bartered for a used computer
April 1st, 2018
I bought my parents a new 2 disk Synology NAS and in return got their old
computer. The specs for the new/old computer are:
- Intel Core i3-2120 CPU @ 3.30 GHz
- 4 GB RAM (DDR3-1333 2 DIMMS 2GB)
- 1 TB hdisk
- DVD drive
- Acer monitor
- Logitech speakers
It's hard to tell who got the better deal considering this is a full fledged
home computer. It runs OpenBSD well that's all I know because it's dual
partitioned, but I'll probably wipe it anyhow. Happy April Fools day! :-)
0 comments
Making use of delphinusdnsd regions (for logs)
March 31th, 2018
Today I turned on regions on my delphinusdnsd running on omega.virgostar.net.
This is only useful for logging and statistics, but it allows me to give an
indicator right away what region a query for my dns service comes from. I'll
give you an example log:
Mar 31 16:23:01 omega delphinusdnsd[42119]: request on descriptor 12 interface \
"108.61.211.139" from 88.198.139.3 (ttl=57, region=2) for "psi.virgostar.net." \
type=A(1) class=1, edns0, dnssecok, answering "psi.virgostar.net." (46/235)
Mar 31 16:23:01 omega delphinusdnsd[42119]: request on descriptor 16 interface \
"2001:19f0:6c00:9041:5400:ff:fe11:3332" from 2a01:4f8:0:a104::add:1b (ttl=54, \
region=8) for "psi.virgostar.net." type=AAAA(28) class=1, edns0, dnssecok, \
answering "psi.virgostar.net." (46/247)
for example the above two logs are a typical delphinusdnsd log that I log from
recursive nameservers that look up my services. As you can see there is a
region code 2 and 8. When I cross reference that to my regions file that would
be:
region "RIPE[2]" {
region "RIPE6[8]" {
So from the European region. I can go deeper for a /24 as well, but it's
costly because every IP lookup goes through a singly linked list and does
a comparison for netmask. So it's best to stay on the major regions which
are usually continental.
The data for making these region lists I got from
IANA and are publically available. I'm not too worried about spying as
this is really very coarse logging. Also most end-users use a resolving
recursor (a proxy) to get their DNS so it doesn't reveal them per se. I have
also made this list publically available
here (delphinusdns.regions).
Happy Easter!
0 comments
New router at home
March 25th, 2018
I have received the Ubiquiti Unifi Security Gateway Model USG, from the shop
where I bought it. First time at poweron I installed OpenBSD on it. I
required a serial console cable (cisco cable) and an ethernet cable to perform
the netboot (bootstrap). Here is the commands I used that worked for me:
boot, press a key to break into the prompt...
# dhcp
# tftpboot 0 bsd.rd
# bootoctlinux rootdev=rd0 coremask=0x3
then install OpenBSD via HTTP from zeta. I called this new box 'eta'
I want to provide you the dmesg of this box:
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2018 OpenBSD. All rights reserved. https://www.OpenBSD.org
OpenBSD 6.3 (GENERIC.MP) #0: Sat Mar 24 03:50:49 UTC 2018
visa@octeon:/usr/src/sys/arch/octeon/compile/GENERIC.MP
real mem = 536870912 (512MB)
avail mem = 523862016 (499MB)
mainbus0 at root: board 20004 rev 0.16
cpu0 at mainbus0: CN50xx CPU rev 0.1 500 MHz, Software FP emulation
cpu0: cache L1-I 32KB 4 way D 16KB 64 way, L2 128KB 8 way
cpu1 at mainbus0: CN50xx CPU rev 0.1 500 MHz, Software FP emulation
cpu1: cache L1-I 32KB 4 way D 16KB 64 way, L2 128KB 8 way
clock0 at mainbus0: int 5
iobus0 at mainbus0
simplebus0 at iobus0: "soc"
octciu0 at simplebus0
cn30xxsmi0 at simplebus0
com0 at simplebus0: ns16550a, 64 byte fifo
com0: console
dwctwo0 at iobus0 base 0x1180068000000 irq 56
usb0 at dwctwo0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Octeon DWC2 root hub" rev 2.00/1.00 \
addr 1
octrng0 at iobus0 base 0x1400000000000 irq 0
cn30xxgmx0 at iobus0 base 0x1180008000000
cnmac0 at cn30xxgmx0: RGMII, address fc:ec:da:04:8d:68
atphy0 at cnmac0 phy 7: AR8035 10/100/1000 PHY, rev. 2
cnmac1 at cn30xxgmx0: RGMII, address fc:ec:da:04:8d:69
atphy1 at cnmac1 phy 6: AR8035 10/100/1000 PHY, rev. 2
cnmac2 at cn30xxgmx0: RGMII, address fc:ec:da:04:8d:6a
atphy2 at cnmac2 phy 5: AR8035 10/100/1000 PHY, rev. 2
/dev/ksyms: Symbol table not valid.
umass0 at uhub0 port 1 configuration 1 interface 0 "vendor 0x13fe UDinfo UF2 \
4GB" rev 2.00/1.00 addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: <, UDinfo UF2 4GB, PMAP> SCSI4 0/direct removable serial.13fe420077C9177D2781
sd0: 3824MB, 512 bytes/sector, 7831552 sectors
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
boot device: sd0
root on sd0a (32485cbbbe75c57b.a) swap on sd0b dump on sd0b
WARNING: No TOD clock, believing file system.
WARNING: CHECK AND RESET THE DATE!
Anyhow that's it. I'm very happy so far. Now I'll run a few benches on this
new router. Who knows maybe it's some sort of super-computer (hehe). Thanks
goes out to visa and the entire octeon team at OpenBSD for making this possible.
0 comments
Ordered 2 Power Supplies for Soekris 6501
March 23rd, 2018
I have ordered these from soekris.eu which still carry stock. Remember soekris
as a company closed their shop around May 11th, 2017. I highly suspect the
powersupply in the case has dead/leaking capacitors since I hear a humming
sound from the undead soekris. I'm hoping that if the internal powersupply
doesn't work out that I'll be able to transplant the 6501 into the portable
case and use the external power supply. Here is hoping it'll work out.
0 comments
Next Page
|
Search
RSS Feed
Click here for RSS
On this day in
Other links
Have feedback?
By clicking on the header of an article you will be
served a cookie. If you do not agree to this do not
click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries
November, 2023
October, 2023
September, 2023
August, 2023
July, 2023
June, 2023
May, 2023
April, 2023
March, 2023
February, 2023
January, 2023
December, 2022
November, 2022
October, 2022
September, 2022
August, 2022
July, 2022
June, 2022
May, 2022
April, 2022
March, 2022
February, 2022
January, 2022
December, 2021
November, 2021
October, 2021
September, 2021
March, 2021
February, 2021
January, 2021
December, 2020
November, 2020
October, 2020
September, 2020
August, 2020
July, 2020
June, 2020
May, 2020
April, 2020
March, 2020
February, 2020
January, 2020
December, 2019
November, 2019
October, 2019
September, 2019
August, 2019
July, 2019
June, 2019
May, 2019
April, 2019
March, 2019
February, 2019
January, 2019
December, 2018
November, 2018
October, 2018
September, 2018
August, 2018
July, 2018
June, 2018
May, 2018
April, 2018
March, 2018
February, 2018
January, 2018
December, 2017
November, 2017
October, 2017
September, 2017
August, 2017
July, 2017
June, 2017
May, 2017
April, 2017
March, 2017
February, 2017
January, 2017
December, 2016
November, 2016
October, 2016
September, 2016
August, 2016
July, 2016
June, 2016
May, 2016
April, 2016
March, 2016
February, 2016
January, 2016
December, 2015
November, 2015
October, 2015
September, 2015
August, 2015
July, 2015
June, 2015
May, 2015
April, 2015
March, 2015
February, 2015
January, 2015
December, 2014
November, 2014
October, 2014
September, 2014
August, 2014
July, 2014
June, 2014
May, 2014
April, 2014
March, 2014
February, 2014
January, 2014
December, 2013
November, 2013
October, 2013
September, 2013
August, 2013
July, 2013
June, 2013
May, 2013
April, 2013
March, 2013
February, 2013
January, 2013
December, 2012
November, 2012
October, 2012
September, 2012
August, 2012
July, 2012
June, 2012
May, 2012
April, 2012
March, 2012
February, 2012
January, 2012
December, 2011
November, 2011
October, 2011
September, 2011
August, 2011
July, 2011
June, 2011
May, 2011
April, 2011
March, 2011
February, 2011
January, 2011
December, 2010
November, 2010
October, 2010
September, 2010
August, 2010
July, 2010
June, 2010
May, 2010
April, 2010
March, 2010
February, 2010
January, 2010
December, 2009
November, 2009
October, 2009
September, 2009
August, 2009
July, 2009
June, 2009
May, 2009
Powered by BCHS
|