I’ve noticed a new phenomenon in recent times where a user of a certain product, be it a nas, a switch, a ip camera, wireless ap, or anything else really, posts up questioning why X device is making X number of repeated DNS requests.  Just shut the hell up, seriously. This is normal behavior, it’s how DNS works. The device makes a request and the caching DNS server replies with the answer. This is how DNS has always worked, but these dim bulbs have been given a light in the window to the inner workings of DNS and have suddenly crapped their diapers about it. Also, the thought of offloading a critical network service like DNS to a $30 device is horrifying to me.  But then again, like I said, Pi-hole users are the worst.

I don’t know why political messages get excluded from Do Not Call Registry penalties, but it’s a bunch of crap. Not only are these calls unwanted and obnoxious, but there is no way to stop them! You can’t block them as they use different numbers every call, and you can’t unsubscribe from them because there is no list, they have your number, and they’re calling it no matter what.
And now… NOW they’re Text Spamming people! So far this elections season, I have received 3 separate spam SMS messages from political candidates. So now not only are they making unwanted calls, but they’re making unwanted texts too. I’ve had psycho-ex’s less clingy than these shady campaigns.
So far, I’ve got:
1 message for Jon Ebel (D)
2 messages for Erik Jones (D)
So, at least I know 2 candidates who will NOT be receiving my vote this fall. Keep it up guys, you’re helping me narrow down my list! 😀

Taking on a new client is a fairly normal occurrence most of the time. It usually goes decently smooth, getting domain and hardware passwords transferred over, sharing knowledge collected over time, making notes of any gotchya’s or unique issues with a client. Every once in a while though taking over a client leads to a complete horror of horrors in discovering how many things were done wrong and what a dangerous position the previous company had left their now former client in.
I’ve been doing this for a decade now and I thought I’d seen it all, but a recent case has proved to me to never underestimate the ability of someone to royally hose things up.
The original reason we were called in was because they had complained of their server freezing up. They had called their IT people 2 weeks ago and they kept getting put off. They were tired of their server freezing so they called us in. What did we find on arrival? A failing hard drive. Something that could have taken down their entire business, and the former IT company put it off for who knows whatever reason?! The good news was the disk was in a raid array, so they had some redundancy, but the failing disk was still causing the server to hang quite frequently. So, we replaced that and rebuilt the array.
The next issue we discovered during array maintenance, and that was a completely dead battery on the controller. So, we replaced the battery.
Next up, the server wasn’t even on a UPS. It was plugged in to the “surge” side (not the battery side) of a UPS, and the UPS wasn’t even big enough to handle the server anyway. So, we got them an appropriately sized UPS.
So, what if the array had died? What if they had lost power and ended up with corruption from a dead array battery and absent UPS? Well, they could have restored from backups, right? HAHAHA! No, no they couldn’t have. The “cloud” backup they were being charged from their previous company wasn’t even backing up any shared files. All of the business’s proprietary data would’ve been GONE. Their cloud backup was only configured to back up the “Program Files” directory, which would’ve been god damn useless in a disaster recovery situation.
While we’re on the subject of billing for services not being provided, we also found that they were getting charged for website hosting. The problem? Their IT company wasn’t hosting their website. They were hosted at another provider in town. The ONLY service their IT company was hosting was public DNS for their site, yet they were billing them at full website price. Nice little scam they had going there, don’t you think?
I wish I could tell you the horrors stopped here, but they don’t.

Read More

Well, it is 2016 and my Linksys E2000 router that I’ve been using since 2010 and running DD-WRT on was still in use.  It was still a fine router for what I was using it for, but it is starting to show its age.  For one, it didn’t support dual band Wifi (2.4ghz and 5ghz).  A month or so ago I decided to replace the Wifi functionality part of it with a Ubiquiti Unifi AC-AP-Pro to get better coverage and better wireless speeds, both of which were accomplished.  I’ve been pretty impressed with it and Ubiquiti’s controller software that I was becoming interested in some of their other products.  As a coincidence, my local Fiber-to-the-Home ISP announced that they will be rolling out Gigabit fiber access.  Previously, you could only get up to 250mbit.  I was on the 50mbit package, but for the Gig rollout, they’re running a promotion where you can lock in to the Gigabit speeds for as long as you have service with them for only $10/more a month than I was paying for the 50mbit fiber.  So, 20x the bandwidth for $10 more a month is a no-brainer for me.  This meant I had to upgrade my router though.  My Linksys E2000 running DD-WRT was only capable of about 60mbit throughput on the WAN interface due to its aging CPU.  I was already pushing it close with my 50mbit net, but Gigabit would be far too much for it to handle.  So I did some research and ended up selecting the Ubiquiti EdgeRouter Lite.  These are powerful little machines that run Ubiquiti’s EdgeMax OS which is a customized fork of the linux Vyatta routing software suite.  It seemed to have the best bang for the buck features, it was from Ubiqiuiti which I was already interested in and have one of their products, and most importantly it can push FULL gigabit line speed through the WAN!

Read More

Thanks to the Let’s Encrypt project you can now browse my website in glorious https using the free Let’s Encrypt certificate.  It was fairly simply to get the certificate issued and set up the automatic renewal job on the web server.  Let’s Encrypt is providing an interesting service to the masses by making basic https (TLS) encryption free and easily accessible.  In years past SSL certificates would cost hundreds of dollars.  That has changed in recent years with basic certificates coming down to just $5.  But, for sites like this one that I run for fun and don’t make money off of, even $5 seemed like an unnecessary cost and hassle.  Well, Let’s Encrypt virtually eliminates both of those two final barriers.  By providing free certificates issued through their script, there is practically no reason to NOT be running https on your site now.  Thanks Let’s Encrypt 🙂

Seriously, it is 2015 now.  Every big service provider should be supporting some form of 2-factor authentication.  Google is a prime example of the right way to implement this, and everyone should be following their lead.  This weekend I had an email account I hadn’t used in over a year get its password cracked.  The bot then pulled my extremely outdated online address book and sent spam links out to them all.  Fantastic!  So, I changed the password and deleted all of the contacts out of the address book.  Had this provider (cough… AOL …cough) had a 2FA implementation this would have NEVER been able to happen.  Their service wouldn’t have been used to send out spam, and I wouldn’t look like a doofus with an apparently weak password on that old account.

I’ll also add, if you have a service like Google and you’re NOT using 2FA, you need to go set that shit up right now.  It makes your account nearly IMPOSSIBLE to get in to unless the hacker also has your physical device (usually your phone with an app, I recommend Authenticator Plus) to access your account.  Knowing your login name and password alone would never get them in.

Wondering if a service you use supports 2FA or now?  Well, check out this nifty website: https://twofactorauth.org/

Google has FINALLY fixed all of the issues with Lollipop.  Too bad it did take a whole system update to a new version of Android to get there, but alas, WE ARE THERE!  The awful memory management issues I originally complained about are completely resolved at last.  In addition, the new Doze feature which puts the phone in to a super deep sleep when idle for a while has made a tremendous impact on standby battery life.  I’ve picked up my phone 6 hours after setting it down and seen maybe 1-2% battery loss.  This is a stark improvement as any previous version of android would’ve easily given a 5-10% loss in the same time period.  The added little tweaks like FINALLY being able to show battery percentage in the pull down shade is nice, and the new permissions system will eventually be nice too.  I say eventually because no app can really use it until the devs release an update for their app targeting the new Marshmallow API level.  But it’s finally here, and as more and more apps incorporate it, things will just be better and better.  Now if Google could just pull its head out of its ass and put Qi charging back in the 2016 Nexus phone(s)…

Android 5.0 Lollipop came out back in mid November 2014.  So, it has been out a couple months as of the writing of this.  There are a lot of really annoying bugs in Lollipop like caller ID pictures just refusing to show up, silent mode completely broken, horrible navigation icons, and lock screen no longer locking the phone.

But the worst thing about Lollipop is the CONSTANT memory leakage.  I have a Nexus 5 and this shit is out of control and Google hasn’t done shit all to fix it yet.  Pre-Lolliflop, my Android devices could quite easily obtain MONTHS of uptime, and reboots were usually just to due something like updating the recovery image or something.  In Lolliflop, something is leaking memory at the system level so severely that the phone can’t even make it 2 weeks with out getting so low on useable ram that even the damn keyboard will open, so you have to restart your phone if you even want to just be able to text people again.

Check this out:

Read More