Red Faction

I’m putting a front page post up from tOucan’s post a few months ago.  He is playing on PS4 and presumably PC as well.  Jump in the thread and suggest times you would like to meet up for some games.

Front page back up

I rolled back to WordPress.  Largely for the sake of prior post content and not needing to manually redesign the wheel from scratch.

Here’s hoping it can be viable without add-on plugins installed.  I will back fill some forum posts of interest, since the host migration and rollback from this summer.

15 years

If you check the whois for the site, you may notice it has been around now for 15 years.  If you have old links, they may and should very well still work.

Heart of the site is the forums but I still have content write ups buried away from clickable links.  Most of those are ported PHPNuke or straight up html pages.

Happy 15th to the site!  Thanks to old school visitors and new ones too.

Here are a few oldies.

ATI 9700 vs Nvidia 6800LE graphic card review.
Coldstone’s GTA Vice City Mod Pack.
t0ucan’s Cookies 4 CuBa story.
Ancient forum archive restored <-+ This is where most of the old reviews came from, when I launched the site on PHPNuke, having admin’d the House Of +PLuS+ running the same platform back in 2002-ish.

I have some info from an old Vidomi dvd encoder guide, but that is ancient and kind of useless, compared to using mencoder to convert ripped VOB files to AVI, then merging them.  The Vidomi app was glitchy, at best.
Mencoder bash syntax below for conversation’s sake.

cd /media/user/SourceDisk/Vobs/Cosmos_Disc01/FullDisc/DVD_VIDEO/VIDEO_TS
mencoder 'VTS_01_1.VOB' -ovc xvid -xvidencopts bitrate=1800 -o 'Cosmos_Disc01 1 of 5.avi' -oac mp3lame -lameopts abr:br=192 -sid 1000
mencoder 'VTS_01_2.VOB' -ovc xvid -xvidencopts bitrate=1800 -o 'Cosmos_Disc01 2 of 5.avi' -oac mp3lame -lameopts abr:br=192 -sid 1000
mencoder 'VTS_01_3.VOB' -ovc xvid -xvidencopts bitrate=1800 -o 'Cosmos_Disc01 3 of 5.avi' -oac mp3lame -lameopts abr:br=192 -sid 1000
mencoder 'VTS_01_4.VOB' -ovc xvid -xvidencopts bitrate=1800 -o 'Cosmos_Disc01 4 of 5.avi' -oac mp3lame -lameopts abr:br=192 -sid 1000
mencoder 'VTS_01_5.VOB' -ovc xvid -xvidencopts bitrate=1800 -o 'Cosmos_Disc01 5 of 5.avi' -oac mp3lame -lameopts abr:br=192 -sid 1000
mencoder -oac copy -ovc copy 'Cosmos_Disc01 1 of 5.avi' 'Cosmos_Disc01 2 of 5.avi' 'Cosmos_Disc01 3 of 5.avi' 'Cosmos_Disc01 4 of 5.avi' 'Cosmos_Disc01 5 of 5.avi' -o '/media/user/OutputDisk/Vobs/Cosmos_Disc01.avi'

Pi-Hole config guide

Pi Rasperry Pi-Hole config quide:
Howdy and welcome to another thread.  I have a history of not being a fan of advertisements and do not run those banners on this site.  Besides a security concern, I think advertisement gets really creepy online.
Pi-Hole is an Operating System with dns capabilties and use of adblocking lists.  The added benefit of the request being denied even without plugin-based web browsing, is pretty handy.

Before you install, be sure if you are using a RaspberryPi or whatever device, that your user password is one of your own.  You do not want to go default with your LAN traffic.  If you wanna log a fun time, you can use one of these for short-term logging a little CTF monitoring style.  Logs are configured to purge after a few days on your standard Pi-Hole install. Please be sure to update your OS image with latest patches via said package manager.  In my case I set the primary network connection to a static address.  I have the service connection IP address details to use the actual router as DNS server.  Since all your other network DNS will be set to the fixed IP Address you bound to your Pi-Hole installed device.
SSH is likely disabled.  I like to administer my SSH session by serial to usb in the case of my Raspberry Pi installs.

Follow the install guide and advisory on their site about the bash | pipe install.  Quick comes at a trade off when you do not review the install process part for part.  If you go for the easy install and read the disclaimer, you can run the single line install:

curl -sSL https://install.pi-hole.net | bash

This thread is for administering and keeping yours updated, as with my configuration I ran into update issues using just the one connection.  Details ahead cover enabling a second connection to fetch updates, since you will have the primary network connection with a set IP address that handles DNS requests handed off from your router / main DNS device on your network.

To do updates to the OS and Pi-Hole local web services device / OS, I disable the service network connection to resolve conflicts of web requests to get out locally.  All the LAN clients will be fine getting pages.  In this case, I suspect the localhost calls in the Pi-Hole logs relate to my network layout and the device being bound to serve back to itself.  When logged into the [deviceIP]/admin configuration page I would also get failures to resolve list update servers.

Having plugged in a second USB NIC or using Wireless as an update connection, I ran the following commands to handle my network adapters.  Turning off the static address service NIC. In most cases likely eth0 as shown below

sudo ifconfig eth0 down

Do some pings and the like to see they should now resolve.  Do your updates etc for the OS.  In my case, Raspbian on a Pi 3.

Once those finish, load up the Web Admin panel for your Pi-hole install. Get your ip address for the active network connection with:

ifconfig

Connect to that IP address in a web browser and add ‘/admin’ into the address bar at the end of the IP Address without the quotes around the path.

Login with your admin password to the admin panel and you should now be able to see updates are pending.  You need to start with the FTL update.  To do this, return to your SSH session.  As I mentioned I am working with serial over USB, but you can enable SSH over network if you so desire.  One more service for a network heavy component, so choose of your own accord in concern to security to conveinence.
On that SSH console, run:

pihole -up

Wait for the updater to get and deploy the new FTL version.  You will likely also be treated to the Web Interface and Pi-Hole version also being to current revisions.  Great!  Almost updated and running live AdBlocking again.
Still on your console, seeing the update completed you want to turn back on the main network connection we disabled for updating.

sudo ifconfig eth0 up

Overviewing network setup above:
Main Internet router will be your DNS server on the Pi-Hole device.  Manually set client DNS or change your DHCP server to set client DNS to the static address of your Pi-Hole install. (192.168.0.1 default-ish router)  Check your current IP config to get details if you do not know current network base configuration.
On the Pi-Hole install, set the primary network adapter to an address in that subnet (say 192.168.0.10)  Make sure DHCP server /or/ router will not also try to assign that address in it’s pool.  The Pi-Hole DNS primary will be set to your local router (as above default-ish router 192.168.0.1)

I hope to have avoided huge gaps or inflected confusion in this thread. Jolly adblocking.  Even if you like making money from it, you have to know it is a vulnerable vector and kind of a shaky market.  I’m not here to tell you what to do, I’m sharing details to help block them on places that run them without respect to visitors.

Migration and downtime

Heads up the site may be down, as I’m flipping hosts.

I have to re-upload stuff, so it will be a little bit before I change my dns info to the new host.  Email will be in limbo for a little bit, so by odd chance you are trying to drop me a line, hit me on twitter, my DMs are open (until I get sick of it)

Updates

If you are looking for new post content, you want to browse the forums.  I have to wrangle up a better rss plugin since I push content from the forums to this front page.

Some projects and security chat, a little gaming and some hardware reviews / usage are some of what has been up since November of 2016.  It is also starting to get warmer here locally, so I can look forward to reading some books outside.

Greets to the visitors

Greets on this post-election Fall season.  Hopefully computering doesn’t become a full out crime in this new presidency.  Honestly it seems like a silly joke, but it’s not like either candidate was really a good runner.  That’s about all I have to say about that stuff.  Just keep your eyes open.

I have some equipment I’d like to write some brief reviews and feedback about.  Just for grins I can tell you, not to upgrade the firmware on a Samsung TV by renaming a folder and BIOS .bin.  The TV does not do checksum verification and you may very well brick that tv, despite the firmware being linked on their support page for that model.

I still play some games, but if you read the forums, you can see my cynicism of most titles and genres has kicked in.  I did dig the Doom 2016 release even despite the arcadey enemy to clear an area mechanic.  Level exploration was fun.  I am looking forward to Watch Dogs 2 since the 1st game and the whole camera hopping dynamic was pretty enjoyable to me.  I also have ARK: Survival Evolved installed, but to be honest, it’s so I can chill on servers with some old friends.  I occasionally jump onto a chat server, but most of the time I’m on some projects, watching something to relax or reading up some wild books.

Wrapping up, I turned off forum registrations completely.  Most all of them were spam accounts.  Also a security reminder, avoid wordpress plugins.  I had fun the other week cleaning up embedded php reverse shells, thanks to a popular rss import plugin.  I think the adage is “if it’s a popular plugin, it is also likely to be exploitable”.  Check your web servers, because most every host I seem to encounter is reactive security instead of proactive.  So in other words, if you don’t bring up an issue, things will keep getting popped and scripts will be running amok.

Jolly November 🙂

Forensic Talk Free Slides

Hello!  I was able to do a fire talk @ Drexel CCI in the Rush building last night.  It was fresh to get feedback from people, sharing my presentation and getting to see everyone else present and to chat with people.

If you would like some slides about the use of dd, sha256sum and exiftool, you are welcome to the slides. :)
For fun, you can run exiftool on this ppt, exported from LibreOffice.

Lost in vernacular

I always get lost in the ‘I versus We’ wording in respect to interviews and tests.  Yeah I work with people but conveying that in a blind-date manner of dialog, is really difficult.  As a person who is used to working in a team setting to split task load, yet also focused on accomplishing things… trying to draw this divide is difficult.
 

Being personal here, I tend to be a quiet person initially in social situations.  Listening to dialog and finding the gateway of actual conversation points and not just empty filler or overt bragging is difficult.  I also would consider myself a high anxiety individual.  I completely understand that handling pressure is a desired trait and I can handle that.  However (particularly in uptime / service / it disciplines) I think it is unhealthy to pretend that those roles are not high-stress.  Even if your systems are on point and everything is running fine, you have the likelihood of the unexpected issue, how to find the fault and get things back in shape, while also knowing what the actual fault condition was, to resolve it.  We can call that the fault of an inquisitive mindset.  Sure, why not.

If you read this far, let me take a pause.  In public spaces it feels like the bravado of ‘I have all these things in check and know these platforms’ is a bit daunting.  When meeting people I want to let them talk and share experiences and add to the conversation by any relevant experiences or opinions I may have.  I have a scatter-brained thought pattern where an immediate result does not always come up, as upon being asked a question, I draw it out in my head and / or on paper.  When trying to recall past things, it can be daunting and lead to self doubt of your abilities, until being able to step back, plot out the thoughts visually, then laugh at the ease to resolve, simply because of wording gaps or how someone else is presenting the challenge.

Personal relationships are important and do not instantly form on their own.  Social dialog is tricky because lots of good dialog depends on your ability to know your target group and their language.  Using like wording to convey the core resolutions and verbal queues of how you access something is in a fault state, is pretty huge.  Especially if you are doing after-hours support with a team and want to briefly say:
“Hey.  That site was sideways broken with this bullshit going on here.  I did some stuff to mitigate the issue for now, but I have these logs and copies of bad transactions that something we made did not account for.  We can jam that out in the morning, but TL;DR fault condition happened, is working now but here are some details we should look into to avoid this later on”.

If this post serves any purpose, I hope it is to invite more people into conversations and bring more inclusion.  Especially when people are stressed out, trying to meet more people, on the blind introductions, can be really exhausting.  This comes from someone who had people who I came to consider friends and family from old workplace teams to say something like:
“I had no idea what the hell you were saying at first, but shortly after I got your reference points and enjoyed the way you worded concepts and processes.”
As most of my friends also say, “I learned Pico-nese”.  My dialog tends to adapt words based on who I am around and by reading facial responses of people I talk to, for that sense of “Am I verbally making sense or just talking out loud without the middle-logic being spoken, that I consider a constant known in my head”.

I will end my inflection rant there.  This post is more an observation on social interactions and less of my phishing for interviews.  Some people like tests and bars of entry, others like conversations and a progression flow of personal and technical dialog.  Rating score systems also can be viewed as completely asinine to some people (namely, me) because a 1 to 10 point scale does not really factor into the HUGE gap between perceived “Pro” to “Expert” tier ratings.  Same for novice ratings, really.  If doing something very difficult, successfully, but fairly unoften, likely may not gauge on your personal proficiencies, due to not being able to readily recall the process or entire scope of effect.  90% knowledge is great, but that final 10% is massively higher a gap that the basis of information needed, to hit that end-point 100% comfort gap.  Kind of like leveling a character in an MMO.

Someday I should contemplate the notion of hiring an editor for speaking with people by text, but that feels really cheap.  I would vastly be happier saying something that was viewed as wrong, than to be silent then be stricken by the very issue I tried to verbalize.  Lucky for that, this is why drawing, whiteboards, analogies, dank memes, test environments and other visual aids exist.

To condense this sea of opinions and observations: It is difficult to give merit to perceptions different than your own.  Even on a latent level, I feel the interview and particularly tech scene, has unspoken escape clauses that shoehorn persons into being dismissed.  I could ramble on for days on how that seems to be more of a global societal fault too.  If you find yourself glued to a trigger word, try to pause and ask for elaboration on the context.  Once again, scratching at the internal thought process, and perceived constants that you (or who you are talking to) may not have qualified enough.

Writing technical documentation is one thing, then there is trying to illustrate a mood or opinion.  I’m here to widen the conversation.  Especially since some of the most inspiring and ingenious people I know, tend to have no such opinion of themselves.  I’m here to learn and try to get some laughs and grins added into the process.
Otherwise, it can just feel like watching the clock tick.

Warm welcome

I just wanted to thank all the visitors of FTB. Especially the :ninjawub: crew.

Be sure to stagger your password use across sites, because in the security realm pretty much anywhere large has some member database floating it around. So it seems anyways.
Even those really old accounts. That only factors in the known user passwords obtained and reversed. Reading the continuation of the security era is intense and enjoyable, to see how deep it goes.

I recently moved and it is going well. Since I am unpacked, I am trying to relax more and enjoy exploration and more focused tinkering. I always have been a large hardware and how-to fan. Seasonal greetings, no matter what calendar you index time with. :yar: