July greetings

As usual I have been slacking on posting to the front page of the site.  The forums are the active place for newer content.  Some threads of interest so far this year are:

New year Eighteen

Reporting in for another year of computer stuff, video games and general contemplation and rambling. Holy shit though, the whole Spectre and Meltdown turned into more than just an Intel issue and they even got the branded vulnerability treatment. Patches continue to release and be tested, while it looks like you can count on some performance hits in the mitigation of these flaws.

If you have read some of my recent benchmark review threads, you will notice I used the Final Fantasy XIV Benchmark utilities for a couple of years. My laptop seems to have taken a score hit of about 2000 points / 20 FPS but I also have to make sure that’s not just the Oculus 2.0 Beta killing my GPU.

Even stepping aside of the CPU issues, patching has been getting way more rapid. Looking back on 2017, I can remember when devices like QNAP storage servers semi-rarely having firmware updates, to having a new firmware drop monthly. Between all the vulns at *nix kernel levels and core software packages last year, it has been an intensifying ride. Getting all armchair here, but it seems like the days of your biggest concern being default passwords, are getting side–stepped by core component flaws. Not saying default passwords are not still an awful practice, but more that the level of these core vulnerabilities are making the passwords irrelevant in scope.

Other than that, I keep reading tech and various other articles and books when I can. I’m also a big fan of trying to relax in the world of games. I have been spending most of that time on Nintendo titles, Indie Games and VR Content.
I also caught that crazy cold that was going around this week and it had my sinus’ in a knot for at least 2 days straight.

If you work in tech, be sure to take care of yourself. Speaking as someone in a role with limited funding for obsolete equipment, I can say I feel the trying pinch of keeping legacy gear spinning.
Enjoy the new year!

Red Faction

I’m putting a front page post up from tOucan’s post a few months ago.  He is playing on PS4 and presumably PC as well.  Jump in the thread and suggest times you would like to meet up for some games.

Front page back up

I rolled back to WordPress.  Largely for the sake of prior post content and not needing to manually redesign the wheel from scratch.

Here’s hoping it can be viable without add-on plugins installed.  I will back fill some forum posts of interest, since the host migration and rollback from this summer.

15 years

If you check the whois for the site, you may notice it has been around now for 15 years.  If you have old links, they may and should very well still work.

Heart of the site is the forums but I still have content write ups buried away from clickable links.  Most of those are ported PHPNuke or straight up html pages.

Happy 15th to the site!  Thanks to old school visitors and new ones too.

Here are a few oldies.

ATI 9700 vs Nvidia 6800LE graphic card review.
Coldstone’s GTA Vice City Mod Pack.
t0ucan’s Cookies 4 CuBa story.
Ancient forum archive restored <-+ This is where most of the old reviews came from, when I launched the site on PHPNuke, having admin’d the House Of +PLuS+ running the same platform back in 2002-ish.

I have some info from an old Vidomi dvd encoder guide, but that is ancient and kind of useless, compared to using mencoder to convert ripped VOB files to AVI, then merging them.  The Vidomi app was glitchy, at best.
Mencoder bash syntax below for conversation’s sake.

cd /media/user/SourceDisk/Vobs/Cosmos_Disc01/FullDisc/DVD_VIDEO/VIDEO_TS
mencoder 'VTS_01_1.VOB' -ovc xvid -xvidencopts bitrate=1800 -o 'Cosmos_Disc01 1 of 5.avi' -oac mp3lame -lameopts abr:br=192 -sid 1000
mencoder 'VTS_01_2.VOB' -ovc xvid -xvidencopts bitrate=1800 -o 'Cosmos_Disc01 2 of 5.avi' -oac mp3lame -lameopts abr:br=192 -sid 1000
mencoder 'VTS_01_3.VOB' -ovc xvid -xvidencopts bitrate=1800 -o 'Cosmos_Disc01 3 of 5.avi' -oac mp3lame -lameopts abr:br=192 -sid 1000
mencoder 'VTS_01_4.VOB' -ovc xvid -xvidencopts bitrate=1800 -o 'Cosmos_Disc01 4 of 5.avi' -oac mp3lame -lameopts abr:br=192 -sid 1000
mencoder 'VTS_01_5.VOB' -ovc xvid -xvidencopts bitrate=1800 -o 'Cosmos_Disc01 5 of 5.avi' -oac mp3lame -lameopts abr:br=192 -sid 1000
mencoder -oac copy -ovc copy 'Cosmos_Disc01 1 of 5.avi' 'Cosmos_Disc01 2 of 5.avi' 'Cosmos_Disc01 3 of 5.avi' 'Cosmos_Disc01 4 of 5.avi' 'Cosmos_Disc01 5 of 5.avi' -o '/media/user/OutputDisk/Vobs/Cosmos_Disc01.avi'

Pi-Hole config guide

Pi Rasperry Pi-Hole config quide:
Howdy and welcome to another thread.  I have a history of not being a fan of advertisements and do not run those banners on this site.  Besides a security concern, I think advertisement gets really creepy online.
Pi-Hole is an Operating System with dns capabilties and use of adblocking lists.  The added benefit of the request being denied even without plugin-based web browsing, is pretty handy.

Before you install, be sure if you are using a RaspberryPi or whatever device, that your user password is one of your own.  You do not want to go default with your LAN traffic.  If you wanna log a fun time, you can use one of these for short-term logging a little CTF monitoring style.  Logs are configured to purge after a few days on your standard Pi-Hole install. Please be sure to update your OS image with latest patches via said package manager.  In my case I set the primary network connection to a static address.  I have the service connection IP address details to use the actual router as DNS server.  Since all your other network DNS will be set to the fixed IP Address you bound to your Pi-Hole installed device.
SSH is likely disabled.  I like to administer my SSH session by serial to usb in the case of my Raspberry Pi installs.

Follow the install guide and advisory on their site about the bash | pipe install.  Quick comes at a trade off when you do not review the install process part for part.  If you go for the easy install and read the disclaimer, you can run the single line install:

curl -sSL https://install.pi-hole.net | bash

This thread is for administering and keeping yours updated, as with my configuration I ran into update issues using just the one connection.  Details ahead cover enabling a second connection to fetch updates, since you will have the primary network connection with a set IP address that handles DNS requests handed off from your router / main DNS device on your network.

To do updates to the OS and Pi-Hole local web services device / OS, I disable the service network connection to resolve conflicts of web requests to get out locally.  All the LAN clients will be fine getting pages.  In this case, I suspect the localhost calls in the Pi-Hole logs relate to my network layout and the device being bound to serve back to itself.  When logged into the [deviceIP]/admin configuration page I would also get failures to resolve list update servers.

Having plugged in a second USB NIC or using Wireless as an update connection, I ran the following commands to handle my network adapters.  Turning off the static address service NIC. In most cases likely eth0 as shown below

sudo ifconfig eth0 down

Do some pings and the like to see they should now resolve.  Do your updates etc for the OS.  In my case, Raspbian on a Pi 3.

Once those finish, load up the Web Admin panel for your Pi-hole install. Get your ip address for the active network connection with:

ifconfig

Connect to that IP address in a web browser and add ‘/admin’ into the address bar at the end of the IP Address without the quotes around the path.

Login with your admin password to the admin panel and you should now be able to see updates are pending.  You need to start with the FTL update.  To do this, return to your SSH session.  As I mentioned I am working with serial over USB, but you can enable SSH over network if you so desire.  One more service for a network heavy component, so choose of your own accord in concern to security to conveinence.
On that SSH console, run:

pihole -up

Wait for the updater to get and deploy the new FTL version.  You will likely also be treated to the Web Interface and Pi-Hole version also being to current revisions.  Great!  Almost updated and running live AdBlocking again.
Still on your console, seeing the update completed you want to turn back on the main network connection we disabled for updating.

sudo ifconfig eth0 up

Overviewing network setup above:
Main Internet router will be your DNS server on the Pi-Hole device.  Manually set client DNS or change your DHCP server to set client DNS to the static address of your Pi-Hole install. (192.168.0.1 default-ish router)  Check your current IP config to get details if you do not know current network base configuration.
On the Pi-Hole install, set the primary network adapter to an address in that subnet (say 192.168.0.10)  Make sure DHCP server /or/ router will not also try to assign that address in it’s pool.  The Pi-Hole DNS primary will be set to your local router (as above default-ish router 192.168.0.1)

I hope to have avoided huge gaps or inflected confusion in this thread. Jolly adblocking.  Even if you like making money from it, you have to know it is a vulnerable vector and kind of a shaky market.  I’m not here to tell you what to do, I’m sharing details to help block them on places that run them without respect to visitors.

Migration and downtime

Heads up the site may be down, as I’m flipping hosts.

I have to re-upload stuff, so it will be a little bit before I change my dns info to the new host.  Email will be in limbo for a little bit, so by odd chance you are trying to drop me a line, hit me on twitter, my DMs are open (until I get sick of it)

Updates

If you are looking for new post content, you want to browse the forums.  I have to wrangle up a better rss plugin since I push content from the forums to this front page.

Some projects and security chat, a little gaming and some hardware reviews / usage are some of what has been up since November of 2016.  It is also starting to get warmer here locally, so I can look forward to reading some books outside.

Greets to the visitors

Greets on this post-election Fall season.  Hopefully computering doesn’t become a full out crime in this new presidency.  Honestly it seems like a silly joke, but it’s not like either candidate was really a good runner.  That’s about all I have to say about that stuff.  Just keep your eyes open.

I have some equipment I’d like to write some brief reviews and feedback about.  Just for grins I can tell you, not to upgrade the firmware on a Samsung TV by renaming a folder and BIOS .bin.  The TV does not do checksum verification and you may very well brick that tv, despite the firmware being linked on their support page for that model.

I still play some games, but if you read the forums, you can see my cynicism of most titles and genres has kicked in.  I did dig the Doom 2016 release even despite the arcadey enemy to clear an area mechanic.  Level exploration was fun.  I am looking forward to Watch Dogs 2 since the 1st game and the whole camera hopping dynamic was pretty enjoyable to me.  I also have ARK: Survival Evolved installed, but to be honest, it’s so I can chill on servers with some old friends.  I occasionally jump onto a chat server, but most of the time I’m on some projects, watching something to relax or reading up some wild books.

Wrapping up, I turned off forum registrations completely.  Most all of them were spam accounts.  Also a security reminder, avoid wordpress plugins.  I had fun the other week cleaning up embedded php reverse shells, thanks to a popular rss import plugin.  I think the adage is “if it’s a popular plugin, it is also likely to be exploitable”.  Check your web servers, because most every host I seem to encounter is reactive security instead of proactive.  So in other words, if you don’t bring up an issue, things will keep getting popped and scripts will be running amok.

Jolly November 🙂

Forensic Talk Free Slides

Hello!  I was able to do a fire talk @ Drexel CCI in the Rush building last night.  It was fresh to get feedback from people, sharing my presentation and getting to see everyone else present and to chat with people.

If you would like some slides about the use of dd, sha256sum and exiftool, you are welcome to the slides. :)
For fun, you can run exiftool on this ppt, exported from LibreOffice.