Getting Email Headers From Outlook

Tuesday, 31. January 2023

Share

Why Nobody Cares About Network Neutrality.

Monday, 21. July 2014

Why nobody cares about Network Neutrality.

In the circles I run in, you can’t go 15 minutes into a conversation without someone bring up Network Neutrality. In my world, it’s a huge deal. And, in my world, there are people on both sides of the issue. If you don’t know what Network Neutrality is, then just pop open your favorite search engine, and type in ‘network neutrality’. You’ll find tons of articles and videos about the subject. All of them asking you to write your elected official, or sign a digital petition. The problem is, for the most part, no one really cares. Sure, there’s a small group of technology people that consider Network Neutrality as one of the most pressing issues of our age, but for the most part, regular folks aren’t getting the message. With so much info available about Network Neutrality from both sides of the issue, you would think people would be all over it.

Read more »

Share

Heartbleed – What you need to know.

Wednesday, 9. April 2014

Heartbleed – What is it? (for non geeks)

The Heartbleed bug was caused by a programming error in a software package called OpenSSL. This error had the potential of allowing bad people to attach to secure web and email servers, as well as services that rely on the TLS/SSL protocol, and steal the private encryption key off the servers. The TLS/SSL protocol is what puts the pretty little lock in the address bar in your browser. The private key is what the owners of the sites you go to are suppose to keep secret, and not share with anyone because if someone has it, they can decrypt the encrypted data traveling between your system and the server. THIS IS BAD…

Heartbleed – What is it? (for geeks)

The Heartbleed bug was caused by a programming error in the OpenSSL library that deals with TLS handshakes. A couple years back, a new RFC (rfc 6520) proposed a new extension to the TLS protocol that would allow a heartbeat to be exchanged between the client and server to reduce the number of re-negotiations during a TLS session. This all sounds good, and actually is a very beneficial to the protocol in general, but when it was implemented in OpenSSL, an error in the way the code was written allowed a request to grab a bunch of data without checking the boundaries of the data itself. This could allow someone to make a request crafted in a certain way that would cause OpenSSL to return 64k of protected memory data possibly containing the SSL private key of the server.

Read more »

Share

CryptoLocker ransom-ware becoming more prolific every day

Thursday, 7. November 2013

We have received reports that the CryptoLocker ransom-ware is becoming more prolific every day.

CryptoLocker ransom-ware is a malware program that when ran, will search all connected drives on your Windows PC, and then using strong public/private key encryption, proceeds to encrypt all of your data files it can find.

What it does:

Once it is done encrypting all the data files it can find, it will delete the private portion of the encryption key, and present the user with a popup. This popup informs the user that they have been infected and must pay $300 dollars via Bitcoin to receive the key to regain access to the data.

Read more »

Share

My Linux as an IPv6 dual stack Firewall Talk from SCaLE11x

Friday, 1. March 2013

My ‘Linux as an IPv6 dual stack Firewall’ Talk from SCaLE11x

 

— Stu

Share

HowTo Install the Base Package Set to Create a Debian Router.

Wednesday, 16. January 2013

HowTo Install the Base Package Set to Create a Debian Router.

 

— Stu

 

Share

Bare Bones Debian GNU/Linux Install HowTo

Saturday, 12. January 2013

Bare Bones Debian GNU/Linux Install HowTo:

 

 

— Stu

Share

Millions of LinkedIn Passwords Compromised

Wednesday, 13. June 2012

Millions of LinkedIn, E-Harmony, and Last.fm password hashes posted on message board.

Well, if we have learned anything from the past, if it can go wrong, it will… Although this has been downplayed by the companies involved,  there is no doubt in my mind that many people will be effected by this compromise. Once again, public networking sites storing user data on the internet, have failed to protect that data, and worse, have tried to hide the importance of this compromise. This is sad, but certainly is nothing new. We can take some comfort in the fact that these companies at least used sha1 hashing when storing the password data. Thing is, we don’t know what other information was compromised besides the passwords.

Read more »

Share

Open Source Groupware – SOGo

Monday, 1. August 2011

Open Source Groupware – The Clear Leader is SOGo:

Some of the early groups of articles I penned on this blog, were comparisons of Open Source Groupware projects. At that time, the only one I could really recommend was eGroupware. Although I still believe eGroupware is a valid contender for your Groupware server, I have discovered a project, that in my opinion is leaps and bounds ahead of the pack. The project is called SOGo.

Read more »

Share

And So, The End is Near… And We Face, The Final Curtain…

Thursday, 3. February 2011

The End of IPv4… The Adoption of IPv6… “The King is Dead!, Long Live the King!”

At a ceremony today, February 3, 2011, the last five /8s were delegated to RIRs. For most people, this has little meaning, but to us that make our livings from the IPv4 protocol, and who have spent countless years learning the tricks of the trade, this marks an end of an era.

As for me, I’m ready for the ‘big switch’ to IPv6. But I know many of my friends and colleagues that have procrastinated, claiming this day would never come, or are waiting for a vendor to swoop in and save the day. Well, to those I say, WAKE UP! The companies you work for, and the customers you service will be greatly effected by the IPv4 shortage and the logical adoption of IPv6. The day is at hand, and vendors stand to make their money by just selling the upgrades to their equipment to handle IPv6, so I don’t think a magic bullet is in the cards. As of now, the best solution for your company to look at is dual stack. In as short a time as a year, you could have customers that are unable to reach your web based services, or only able to connect at modem speeds to them, due to overloaded proxies. I strongly suggest you start working on this now, especially if you have outward facing services such as a web server or email server.

That’s it for now, I’m busy preparing for the Southern California Linux Expo. This year it will be held at the Hilton LAX on February 25-27, 2011. Look forward to seeing you all there!

— Stu

Share