Turns out, reading the manual in full is handy. If you’re wondering why your Segway Ninebot Kickscooter MAX is beeping constantly, it’s because you have to activate it.
Open the app, connect via Bluetooth and then click the little gear icon. Click “Activate” and then hit yes. It should make one more long beep and shut up after that.
They also limit the speed on the device until you’ve activated it, which makes sense, I guess?
[Read More]Yesterday I had a solar system and storage battery installed into my house. As part of that, inspired by Jon Oxer’s great SuperHouse series, I had the electrician install some high current relays for me to control the hot water system.
My plan has two intended control options:
K3 is a Finder “Digital Astro Time Switch” with NFC connection support (12.81.8.230.0000).
This Comic from the Google Comic Factory is a great “starter” introduction to machine learning, its applications and methods. Well worth a read!
Xavier Mertens’ new post on the ISC Blog about blocking DNS over HTTPS with BIND RPZ was posted today, and it provides some really useful and actionable information on how to do it. BIND RPZs are a very useful tool for whole-of-network security actions.
And before you reach for your angry typing keyboard, yes - DoH is a great idea - until you want to be able to take the skills and tools of your corporate security team to secure them and respond to threats and incidents. :)
[Read More]I uploaded a bunch of files to an s3 bucket, then needed to update the permissions.
aws s3 ls --profile <profile> --recursive s3://<bucket> | awk '{print $NF}' \
| xargs -I{} -n1 aws s3api put-object-acl --profile <profile> --acl public-read --bucket <bucket> --key {}
There’s two replacements in the above code you need to make:
~/.aws/credentialsThere’s a better explanation here, in the AWS support documentation
[Read More]I was writing MicroPython to a new ESP32 board I got, and it was acting weird… looping the following over and over:
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
Turns out, if I’d read the documentation instead of just doing the same thing I’d been doing on the ESP8266’s, I’d have known I need to write it starting at 0x1000 instead of 0x0000.
I’ve got a server with a web site which sits behind Cloudflare, so I have a daily script in root’s cron that grabs the current list of Cloudflare IPs and updates the ufw config so only Cloudflare can get to apache2. It’s a wordpress site so I’m a little scared of idiots doing idiot things.
Ever since I ran it, for some reason it throws an error ERROR: problem running sysctl when it runs ufw status verbose. It’s always worked when I run it manually, and doesn’t seem to cause issues - especially since it’s only a final check step. The errors have been bugging me and I’ve got a few seconds at PyConAU2019 so I thought I’d do some more searching.
While doing some threat hunting I found a server reaching out to pastebin (this was over an hour):
src_ip=<ip> url=hxxp://pastebin[.]com/raw/<snip> count=34
It wasn’t a long running process, but it certainly happened a lot. The paste content was 127.0.0.1:80, which looked like a typical CNC control message. netstat wasn’t doing it, so lsof to the rescue!
I ran this on the server:
sudo watch -n1 lsof -n -i:80 -i:8080 -r1 -sTCP:^LISTEN | grep -v <ip>:http | tee -a ~/pastebin-find.txt
Here’s what the options mean:
[Read More]Have you upgraded to v14 and Active Directory/LDAP auth to the appliance admin stopped working?
Try running this:
tmsh modify auth ldap system-auth check-roles-group enabled
save sys config
Seems that there was a change in how group enumeration happens, and this fix sorts it. You don’t need to reboot or anything, it just works.
[Read More]A pretty cool and easy to follow article on configuring filebeat to monitor your Ubuntu/CentOS boxes from Burnham Forensics is pretty cool.
Though, I do have to question any article from a security professional that includes the following line:
Elevate to sudo if not done so already:
sudo su
… let alone in an article about logging! :)
[Read More]