Upgrading to Windows 10 Pro

Submitted by tarvid on Mon, 08/14/2017 - 13:40

We missed the "free" upgrade window (some people have managed to upgrade without paying). I did catch the upgrade for my "banking machine" but when I picked up a used box for the living room, the license was dubious. I had other machines on line so I could download the ISO from Microsoft. I have some exposure and wanted a "legal" license key. Fortunately, these are available on line from places like KeyStoreOnline for $30. If  you want to avoid the task of downloading and burning an ISO they also sell a bootable image on USB for $20.

Internet in your neighborhood (and Cell too)

Submitted by tarvid on Sat, 08/12/2017 - 08:33

Broadband users usually deploy a wireless router to connect phones, tablets, laptops and a myriad of other devices. By default these routers broadcast an SSID (service set identifier).  A popular scanner WiGLE (Wireless Geographic Logging Engine) is available for Android (Google Play) but not Apple (ask them).  People using WiGLE have logged over 5,000,000,000 observations of over 360,000,000 networks and almost 800,000 cell towers.

The Russians were here

Submitted by tarvid on Thu, 06/01/2017 - 13:22

A little while back,  one of our web clients was hacked. I cleaned up but apparently missed a payload.  I found a few connections from 146.185.254.36 which is actually in Ukraine but the domain is layershift.ru. I removed the payload but may bomb the site anyway.

The moral is "there is no moral".

Autopsy of a laptop.

Submitted by tarvid on Wed, 05/10/2017 - 12:12

I found a fairly new but damaged HP 2-in-1 in the dumpster. The screen was smashed, the case bent and the prospects of repair dim. 2-in-1s are really tablets which plug into a base with keyboard. Hoping for salvage, I pried open the base, removed dozens of screws and finally realized the good stuff was in the tablet part. No screws so I started in one corner and pried the screen and motherboard from its case. More screws and I found memory and CPU were soldered onto the motherboard. The hard disk is an M.2 2280 SSD which I did extract along with the Wifi card.

Galax outage 2017-5-10

Submitted by tarvid on Wed, 05/10/2017 - 12:01

Monitors in Prague and Fairfax said helen went down around 12:20AM. Symptoms were perplexing. Web server was down, mail server was up. Power distribution system was unreachable so I could not bounce power remotely. Comcast said they could not reset my router remotely. TWR said they could reach my router but got no response.

Raymond's phone was out of order to I had him pick up a new phone, pick up the key from the Crossroads and go to the NOC.  Everything looked normal but since Comcast said the Cisco router needed to be reset, Raymond bounced power. Everything came back up.

User account on helen.ls.net hacked.

Submitted by tarvid on Fri, 03/10/2017 - 11:41

I backup all user files from "helen" nightly. I found a suspect file in one directory. It came from a hacked Microsoft IIS server in Indonesia. That doesn't mean the culprit is Indonesian merely that a server in Indonesia was compromised by someone somewhere. Both Google and Microsoft rated the IP as "safe". 

I archived the file and changed the user password. The goal is to end password logins and replace them with "public keys". That is going to be disruptive - think repeal and replace.

DOS Attack from Bulgaria

Submitted by tarvid on Wed, 02/15/2017 - 09:55

Web server down for a few minutes yesterday around 10:45. Found several attacks on mail and web server. The attacks came from a Windows Remote Desktop Server in Bulgaria with no other ports open.

It is likely the Bulgarian server was compromised and the culprit could have been anywhere. There is a black market in compromised IPs (Internet Protocol addresses) which can be bought for a few pennies each.

After a restart of the web server, the attacker disappeared and normal service resumed. 

Software defined radios

Submitted by tarvid on Sat, 02/11/2017 - 09:47

The US Military switched to SDR (software defined radio) in the 200x period. The US television industry went digital over the same period. Realtek, the company that makes the Ethernet and audio chips used in most computers, came out with DVB-T chips (the decoders in your TV set). When the price dropped below $20, I bought the NooElec NESDR mini 2 kit for $20. This one has MCX socket and the v.3 has SMA which is probably a better choice.

Oops!

Submitted by tarvid on Wed, 02/08/2017 - 08:54

There are certain things which are risky to do. One of them is playing with fire(walls). I was trying to forward some traffic for my current tech (risky behavior #2) when I lost contact with the router for the TWR network.

Of course, the prudent thing to do is make a backup which I had done. But if you can't get to the device you are attempting to restore, you are in deep doo-doo.