Clik here to view.
Happy birthday UDP!
Today it’s the 40th birthday of UDP. Or more precise: 40 years after [WayBack] RFC 768 – User Datagram Protocol got submitted. It is still used a lot today, so be sure to read more background on...
View ArticleSome postfix notes
Postfix has documentation on primary MX and secondary MX, but not on tertiary MX. If the primary MX is down, you have a series of secondary MX and tertiary MX that configured the same way, MX DNS...
View ArticleClik here to view.
Indy10, TIdSMTP, how to get protocol log?
Indy is great, but not well documented so: [WayBack] Indy10, TIdSMTP, how to get protocol log? I try to get log from SMTP communication, like this (copy from wiki): {code} S: 220 smtp.example.com ESMTP...
View ArticleClik here to view.
🔎Julia Evans🔍 on Twitter: “ssh tips… “
Great work by [WayBack] Julia Evans on Twitter: “ssh tips… “ [WayBack] ssh tips JPG Via: [WayBack] Jeroen Pluimers auf Twitter: “Use the ssh-copy-id script (comes with ssh) or use...
View ArticleClik here to view.
🔎Julia Evans🔍 on Twitter: “ngrep: grep your network!… “
[WayBack] Julia Evans auf Twitter: “ngrep: grep your network!… “ So this taught me a new tool and other new things: ngrep – Wikipedia ngrep is similar to tcpdump, but it has the ability to look for a...
View ArticlePostfix TLS Support
For my link archive: [WayBack] Postfix TLS Support Topics covered in this section: Server-side certificate and private key configuration Server-side forward-secrecy configuration Server-side TLS...
View ArticleClik here to view.
JSONPlaceholder – Fake online REST API for developers
A great way for testing REST JSON calls is using the [WayBack] JSONPlaceholder – Fake online REST API for developers: Fake Online REST API for Testing and Prototyping Serving ~200M requests per month...
View Articleemail file decoding: Encode/Decode Quoted Printable – Webatic
For my link archive: [WayBack] Encode/Decode Quoted Printable – Webatic. It did a splendid job at decoding email files in MIME format Quoted-printable. –jeroen
View ArticleClik here to view.
Many http headers via 🔎Julia Evans🔍 on Twitter: “some security headers… “
An image on CORS will follow; likely more on related topics too. [WayBack] Julia Evans on Twitter: “some security headers… “ about: Content-Security-Policy (CSP) Referrer-Policy...
View ArticleFilezilla: figuring out the cause of “Connection timed out after 20 seconds...
On one of my Raspberry Pi boxes, somehow I could not access files over SFTP (SSH File Transfer Protocol) via FileZilla. I would consistently get this error: "Connection timed out after 20 seconds of...
View ArticleFirefox: disable DNS over HTTPS (which they call TTR)
There are many reasons to disable DNS over HTTPS (DoH), of which enough are discussed in the links below. Disabling DoH always talks about setting TTR (the abbreviation Mozilla uses for it) to 5 (like...
View ArticleClik here to view.
autossh on Windows from a service: automatically starting a tunnel no matter...
There is an autossh binary for Windows available on GitHub: [WayBack] GitHub – jazzl0ver/autossh: Windows binary for autossh v1.4c. Combined with NSSM (which for instance you can install through...
View ArticleOn my list of things to try: Amazon SES for outbound/inbound email handling
[WayBack] Amazon Simple Email Service (Amazon SES) [WayBack] Amazon SES IP addresses | AWS Messaging & Targeting Blog [WayBack] Send an Email Through Amazon SES Using SMTP – Amazon Simple Email...
View ArticleAuto connect SSH without autossh?
Hopefully an example ssh config will follow. [WayBack] Jeroen Pluimers on Twitter: “Would you mind sharing a trimmed down version of your ~/.ssh/config file? The bits from your posts are a bit...
View ArticleWindows chocolatey Wireshark install: ensure you install nmap too, so you...
Wireshark is indispensable when doing network communications development or DevOps. This is my choco-install-network-tools.bat batch file to install Wireshark and the pcap dependency which nmap...
View ArticleFor my link archive: DNS over https
DNS over HTTPS For my link archive: DNS over HTTPS – Wikipedia / Public recursive name server – Wikipedia [WayBack] RFC 8484 – DNS Queries over HTTPS (DoH) [WayBack] DNS Queries over HTTPS [WayBack]...
View ArticleClik here to view.
Tricks used by software developers to https://127.0.0.1
Long interesting thread at [WayBack] Thread by @sleevi_: “@SwiftOnSecurity So, some history: It used to be folks would get certs for “localhost”, just like they would from “webmail”, despite no CA e...
View ArticleMost network protocols are TCP based, so be aware ping uses ICMP and...
Interesting thread: [WayBack] SwiftOnSecurity sur Twitter : “I had this issue in my prev company network. QoS will drop ICMP and you’ll chase your tail. If you want to find out if a network service...
View ArticleChocolatey: when upgrades or installs keep insisting the hash has changed,...
A while ago, I bumped into problems updating UltraVNC through Chocolatey. It is similar to issues with other packages I have seen in the past: sha256 hash mismatches of which the reported mismatch...
View ArticleClik here to view.
The spookback localghost address to resolve 👻
“Spooky dev environment hack: add 127.0.0.1 xn--9q8h to /etc/hosts and then all your dev servers can be accessed at http://👻 It’s localghost!” Via: [WayBack] Ryan Freebern on Twitter: “Spooky dev...
View ArticleClik here to view.
5 days before the Let’s Encrypt’s Root Certificate is expiring!
Only 5 days left to take a close look at both your web-clients (including back-end clients!) and servers to prevent potential Let’s Encrypt mayhem. Last week, [Wayback] Scott Helme published about...
View ArticleGitHub – proxykit/ProxyKit: A toolkit to create code-first HTTP reverse...
Interesting: [Archive.is] GitHub – proxykit/ProxyKit: A toolkit to create code-first HTTP reverse proxies on ASP.NET Core: Having built proxies many times before, I felt it is time to make a package....
View ArticleClik here to view.
One of the Let’s Encrypt’s Root Certificates expired today (and their...
Last weekend I published 5 days before the Let’s Encrypt’s Root Certificate is expiring! It basically was a post trying to amplify the [Wayback/Archive.is] Let’s Encrypt’s Root Certificate is expiring!...
View ArticleClik here to view.
Solved: ‘Answering Yes to “You have an older version of PackageManagement...
From a while back: [Archive.is] Jeroen Wiert Pluimers on Twitter: ‘Answering Yes to “You have an older version of PackageManagement known to cause issues with the PowerShell extension. Would you like...
View ArticleThe browser wars that started on iOS (forcing Safari) and Android (forcing...
iOS has forced Safari to be the only web browser since forever, so Google started to use the googlechrome: scheme to force Chrome as browser on it a while ago Android has forced Chrome to be the only...
View ArticleClik here to view.
Filippo Valsorda on Twitter: “whoami.filippo.io , the SSH server that knows...
[Archive.is] Filippo Valsorda on Twitter: “whoami.filippo.io , the SSH server that knows who you are, got some newly refreshed intel! Try it out! $ ssh whoami.filippo.io “ The server itself has some...
View ArticleWindows: unblocking SMB/NetBIOS/CIFS/File-and-Printer-sharing traffic from...
If you enable File and Printer sharing on Windows, by default the firewall only enables it on private networks for the local subnet as remote address (for domain networks, it allows “Any”) as seen on...
View ArticleSome links on SMTP tar-pit to lessen SPAM
Some links for my archive; note that pure tar-pits by now are also hampering large email sender services like SendGrid, Mailgun and Amazon SES. So the below links are for educational and historic...
View ArticleClik here to view.
🔎Julia Evans🔍 on Twitter: “ten questions about UDP”
From a while back, but still relevant when you learn all your life: [Archive.is] Julia Evans on Twitter: “ten questions about UDP: “ [WayBack] UDP questions Hello! Here are some questions &...
View ArticleClik here to view.
Random User Generator | Home
Cool tool for when you ever need random users to test a system [Wayback] Random User Generator | Home: Random user generator is a FREE API for generating placeholder user information. Get profile...
View ArticleSome scripts and tips for easing the maintenance of a postfix based SMTP system
A few scripts and tips I found Googling around. Deleting queued messages by regular expression pattern I have seen the below delete-from-mailq.pl script numerous time, usually without any attribution...
View ArticleClik here to view.
GitHub – TimeToogo/tunshell: Remote shell into ephemeral environments 🐚 🦀
Cool: [Wayback/Archive.is] GitHub – TimeToogo/tunshell: Remote shell into ephemeral environments Via: [Archive.is] Jan Schaumann on Twitter: “This looks neat: on-demand remote shell into ephemeral...
View ArticleWhich SMTP Port Should I Use? Learn Ports 25, 465, & 587 (and unofficial port...
When trying to deliver mail, it is important to know which protocols and ports you can use. On smtp, smtp-submission, smtps (ports 25, 587 and 465) and unofficial port 2525 (which Maingun maps to...
View ArticleSome links on Chrome not prompting to save passwords (when Firefox and Safari...
For quite some time now, Chrome (think years) refuses to prompt for saving passwords whereas Firefox and Safari do prompt and save them, even for site types that it used to save passwords for in the...
View ArticleBash functions to encode and decode the ‘Basic’ HTTP Authentication Scheme
IoT devices still often use the ‘Basic’ HTTP Authentication Scheme for authorisation, see [Wayback] RFC7617: The ‘Basic’ HTTP Authentication Scheme (RFC ) and [Wayback] RFC2617: HTTP Authentication:...
View ArticleClik here to view.
Not sure why: graph.windows.net is missing a security certificate retraction...
Got this on two Dutch Windows machines, not sure why yet: Missing information on security certificate retraction Certificate path is OK –jeroen
View ArticleCryptosense Discovery
This is cool: [Wayback] Cryptosense Discovery: Free tool that discovers security configuration errors in SSH and TLS servers and explains how to fix them. Supports STARTTLS and can also scan HTTPS,...
View ArticleClik here to view.
Setting up a GitHub project so it is served over https as a github.io and a...
Some links that helped me getting this working: 2018: [Wayback] How to use lets Encrypt SSL with github pages with custom subdomain | by Hojjat Ali Mohammadi | Medium 2018: [Wayback/Archive.is] Setting...
View Articlecapitaltg/thea: Certificate Checker and https://certchecker.app site
[Wayback/Archive.is] capitaltg/thea: Certificate Checker Certificate Checker provides an easy-to-use solution to check certificates, certificate chains, and TLS configurations. To run Certificate...
View ArticleClik here to view.
Setting up a GitLab project so it is served over https as a gitlab.io and a...
Last week, I posted about Setting up a GitHub project so it is served over https as a custom github.io subdomain. Today it’s the equivalent, but on GitLab. Why GitLab? Two major reasons: unlike GitHub:...
View ArticleFilezilla SFTP: figuring out the cause of “Connection timed out after 20...
Last year, I wrote about Filezilla: figuring out the cause of “Connection timed out after 20 seconds of inactivity” about sftp connection problems. The solution there was to exclude part of bashrc with...
View ArticleClik here to view.
OpenSSH scp has defaulted to the SFTP protocol for some 9 months now
Since I will be bitten by this someday, here the september 2021 observation that [Wayback] By default, scp(1) now uses SFTP protocol. The original scp/rcp protocol remains available via the -O flag. It...
View ArticleGetting your public IP address from the command-line when http and https are...
Years ago, I wrote Getting your public IP address from the command-line. All methods were http based, so were very easy to execute using cURL. But then in autumn 2021, Chris Bensen wrote this cool...
View ArticleInstalling Windows OpenSSH from the command-line on Windows 10 and 11
While writing On my reading list: Windows Console and PTY, I found out that OpenSSH had become available as an optional Windows feature. It was in [Wayback/Archive.is] Windows Command-Line: Introducing...
View ArticleClik here to view.
Some resources on CORS proxies
Having my background before the web-development era, and having lived mostly in back-ends or client-server front-ends, I sometimes need to really dig into things in order to understand them better....
View ArticleClik here to view.
Different ways for installing Windows features on the command line – Peter...
If course you can configure Windows Optional Features using the GUI as for instance explained at [Wayback/Archive] How to manage Windows 10’s many ‘optional features | Windows Central. However, I...
View ArticleLooking for maintainer(s) for fritzcap (Python project that captures calls...
Given my health uncertainty, I am looking for maintainers for the fritzcap project (it captures calls from a Fritz!Box modem/router and is written in Python). History The fritzcap project was...
View ArticleClik here to view.
5 days after the exploit publication of snowcra5h/CVE-2023-38408: Remote Code...
TL;DR is at the bottom (; 5 days ago this exploit development got published: [Wayback/Archive] snowcra5h/CVE-2023-38408: CVE-2023-38408 Remote Code Execution in OpenSSH’s forwarded ssh-agent. It is...
View ArticleEmail Handling and vBulletin Cloud – vBulletin Community Forum
For my link archive: [Wayback/Archive] Email Handling and vBulletin Cloud – vBulletin Community Forum. Asking your end users to white list your email address and the Sendgrid IP (167.89.58.99) can help...
View ArticleSome threadreaderapp URLs
For my link archive so I can better automate archiving Tweet threads using bookmarklets written in JavaScript: https://twitter.com/ThomasDamsko/status/1499996661535367169...
View Article