Anybody who runs an internet-facing webserver has seen their fair share of spammy scanners in the logs. It varies server to server, but some of mine get up to 15,000 scans per day. Almost all of these are harmless network mappers, but they still annoy me. Many are compromised hosts or belong to hackers & organized crime rings. While it’s possible to create false positives, it’s probably safe to block all of these.
Similar to another post about WAN latency, this is a simple system to automate periodic internet speed tests. The two main components are speedtest-cli and ElasticSearch. These were chosen because I already had both set up and running, along with all the visualization and analytical software. To get a basic POC set up, just install ElasticSearch and Kibana with Docker. Once the node/cluster is running, the ‘speedtest client’ server can be set up.
This is a simple, ‘quick and dirty’ way to measure network latency over long periods of time. The only ‘complicated’ part is setting up InfluxDB, but I imagine that many folks already have it set up. To get started, check the official documentation. Network latency will be measured with the good old ping command, then formatted with generic Unix tools. Then, statistics are stored using the influxdb write endpoint using the line protocol format.
I recently started using a TP-Link C7 router to host a guest network at my house. I typically avoid consumer/prosumer gear for my network, sticking to either whitebox (homemade) or older enterprise gear. Alas, the price was right ($0). Every time I do encounter one of these devices I always manage to find something fun and interesting to poke… Bad SSH server First red flag was the sshd server running on this router.
Over the years, I’ve chewed through quite a few different routers, firewalls, even virtual appliances to connect my home network to the internet. Though most of these provided positive experiences, all of them had at least one point of friction, sometimes to the point of being a dealbreaker. PFSense is a great platform, but has terrible ethics. Sophos is proprietary and has an awful CLI. Untangle feels more like an ad than a product.
I don’t like Microsoft NPS. That’s not to say that it’s a very convenient server role, which it absolutely is, or that it doesn’t have a place, which it sort of does. It’s just that it’s almost always, in my own opinion, a better idea to go with another option. So what’s wrong with using NPS? Requires a full windows license. Personally, I have an aversion to throwing away money, even if it’s somebody else’s money.
No, I would not like to say hello, Cortana. Nothing is as monotonous, boring, and brain-numbingly automatable as installing Windows, installing applications, joining a domain, and clicking all the right boxes in all the right places. And it’s even worse in the latest versions of Windows 10, where we’re greeted by the condescending robot voice of Halo’s deceptive antagonist artificial intelligence during the OOBE setup phase. I’ve taken a particular liking to MDT, Microsoft’s solution to the absolute eye-glazing snorefest of configuring a new workstation or server.
Deploying MSI installers with group policy is super neat and super handy…. Most of the time. Sometimes, though, you need a bit more than just the default options when pushing out packages, and for those of us that don’t have a wheelbarrow full of money to burn on System Center there are two ways to do this: Use a GP Preference Item to distribute a configuration file to managed systems Create a transform set to apply to the MSI installer file While the first approach at first seems more straightforward, it does lead to the inevitable “GPO Spaghetti” once packages are added and removed.
Everybody and their aunt has a NAS at home, but what about something with a bit more pizzazz? How about if I build a system out of standard, off the shelf, ‘surplus sale’ gear and spin it into a really neat storage appliance? The Gear At Fanshawe College, the ‘Asset Sale’ is a proud tradition. IT students line up around the block to get good deals on retired and scratch-and-dent electronics.