Category: security

  • Some work on a VyOS image with Let’s Encrypt certs

    I put some packages together this weekend. It’s been a while since I’ve debuilt anything officially. libffi-platypus-perl libalien-base-perl libalien-ffi-perl libffi-checklib-perl libshell-config-generate-perl libshell-guess-perl The plan is to build a binding to the libgnutls.so.30 API. The certtool CSR (REQ) generation interface does not allow me to create a CRL with “not critical” attributes set on purposes. Maybe […]

  • LLC-Technologies-Collier/Demo-SCCC-Byte-AngularJS

    Hello dear readers and attendees, This is the post that I will be/ will have been referencing during my presentation to the Seattle Central Community College’s Byte club on Thursday, December 10th at 1500-1630. I will begin with a bit of an autobio and find out what kind of students we have in attendance. Please […]

  • Some statistics from the router at the cabin

    sip0 is a GRE tunnel between the router and the colo box in Seattle, the payload of which is encapsulated as ipsec traffic before being transmitted over the Ubiquity equipment to the switch that the CenturyLink DSL modem attaches to. I don’t get centurylink easter eggs in my search results when I use this interface. […]

  • False Positive

    Since a bit before my birthday this year, I have been uncertain where I left my notary seal. I have been trying to stay positive about the situation, but I must admit that I spent an unhealthy amount of time obsessing about its location and whether it has been used in my absence. The last […]

  • Trip Report: UW signing-party

    Dear Debian Users, I met last night with a friend from many years ago and a number of students of cryptography. I was disappointed to see the prevalence of black hat, anti-government hackers at the event. I was hoping that civilized humanity had come to agree that using cryptography for deception, harm to others and […]

  • MySQL Meet-up 20141208

    I had an enjoyable time last night at Twitter with local MySQL DBAs and developers. We had an attendee who has no experience with SQL or programming at all. She is interested in organizing her collection of recipes and had heard a rumor that MySQL was a good tool to use for this task. She […]

  • Long Term Stable – 2014.04 @ 20141204T080801

    It’s been one of those nights: cjac@ubuntu0:/data/apps/prod$ sudo apt-get upgrade Reading package lists… Done Building dependency tree Reading state information… Done Calculating upgrade… Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. cjac@ubuntu0:/data/apps/prod$ sudo apt-get dist-upgrade Reading package lists… Done Building dependency tree Reading state information… Done Calculating upgrade… Done 0 […]

  • This is getting serious.

    I might have to visit the HP on which I recently upgraded the iLO firmware… Maybe it would be good if the family visited Seattle. cjac@foxtrot:~$ ps auwx | grep ‘ping ad0.colliertech.o’ cjac 8411 0.0 0.0 10692 920 pts/8 S+ Apr25 0:32 ping ad0.colliertech.org cjac@foxtrot:~$ ping ad0.colliertech.org PING ad0.colliertech.org (208.115.126.68) 56(84) bytes of data. 64 […]

  • OpenVPN configs with inline data

    I’ve been issuing a lot of x.509 certs and OpenVPN user configurations lately, and I came across something that has reduced the complexity quite a bit. It seems that OpenVPN configuration files can now include data inline. So rather than generating and distributing the following for each user: a configuration file a chain of CA […]

  • I’m back on the internet 6 it seems.

    cjac@foxtrot:/usr/src/deb/strongswan-5.1.0$ ping6 -c 5 google.com | tail -3 — google.com ping statistics — 5 packets transmitted, 5 received, 0% packet loss, time 4004ms rtt min/avg/max/mdev = 65.235/74.957/103.039/14.122 ms go go gadget ipsec