NAT – Jupiter Broadcasting

Back in the Freedom Dimension | LINUX Unplugged 398

Wes Payne — Tue, 23 Mar 2021 17:30:00 +0000

Show Notes: linuxunplugged.com/398

The post Back in the Freedom Dimension | LINUX Unplugged 398 first appeared on Jupiter Broadcasting.

The BSD Hyperbole | BSD Now 332

Wes Payne — Thu, 09 Jan 2020 05:00:00 +0000

Show Notes/Links: https://www.bsdnow.tv/332

The post The BSD Hyperbole | BSD Now 332 first appeared on Jupiter Broadcasting.

Origins | Ask Noah 1

chris — Tue, 04 Apr 2017 09:53:33 +0000

RSS Feeds:

MP3 Feed | HD Video Feed | iTunes Feed

Become a supporter on Patreon:

— Show Notes: —

— The Cliff Notes —

Unifi UAP AC Pro

Deploy the UniFi AC Pro AP indoors or outdoors, in wireless networks requiring maximum performance. Sporting a weatherproof design, the UniFi AC Pro AP features simultaneous, dual-band, 3×3 MIMO technology and convenient 802.3af PoE/802.3at PoE+ compatibility.

Symetrix 528e Voice Processor

The 528Eis a complete, self-contained voice processor that performs six separate functions: microphone preamplification, de-essing (sibilance removal), compression/limiting, downward expansion, parametric EQ, and voice symmetry alignment. All six processors may be used simultaneously. Although we call the 528E Features:Works with any microphone (or line input)Enhances vocal intelligibility Increases perceived loudness and “presence”Great for voices as well as instruments and effects Reduces off-mic noise Reliable, proven design

Private Internet Access Tested in Court

While many VPN providers say they do not log their users’ activities in order to protect anonymity, it’s not often their claims get tested in the wild. However, a criminal complaint filed by the FBI this week notes that a subpoena sent to Private Internet Access resulted in no useful data being revealed about a suspected hoaxer.

— Noobs Corner —

Get in touch – let us know if you’d be interested in a comprehensive video guide “Getting Started with Linux! Email us today asknoah@jupiterbroadcasting.com

— Stay In Touch —

Find all the resources for this show on the Ask Noah Dashboard

Ask Noah Dashboard

Need more help than a radio show can offer? Altispeed provides commerical IT services and they’re excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show!

Altispeed Technologies

Contact Noah

asknoah [at] jupiterbroadcasting.com

— Twitter —

The post Origins | Ask Noah 1 first appeared on Jupiter Broadcasting.

One NAT to Rule Them | LINUX Unplugged 153

chris — Tue, 12 Jul 2016 20:33:48 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Chris discovers he’s being snooped on by his ISP, we discuss some Linux friendly solutions solve the situation. Is Linux Mint 18 really the best Linux distro every? Or should Ubuntu 16.04 be getting more of the credit?

Plus our chat with a Matrix.org developer, Solus goes rolling, Unity on Windows & building a long-term financially sustainable open source product.

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

Show Notes:

Follow Up / Catch Up

Linux Mint 18: The best desktop — period | ZDNet

I’ve been using Linux desktops since the leading desktop front-end was Bash. Things have changed in those 25 years. Today, the best Linux desktop is the latest version of Linux Mint: Linux Mint 18 Sarah with the Cinnamon 3.0 interface.

Linux Mint 18 reviews roundup | InfoWorld

Latest Vivaldi Browser Snapshot Improves Tab Hibernation on GNU/Linux Distros

“Good news for Linux users! You can now hibernate tabs while the browser is running,” said Magnus Peter Langeland. “Choose Hibernate Tab to hibernate the selected tab or Hibernate Background Tabs to hibernate all other tabs in the window. Oh and remember, you cannot hibernate a tab while you are viewing its contents.”

ICSI Netalyzr — Command-line Client

Debug your Internet.

Any good Linux friendly VPN providers?

3G and 4G LTE Cell Coverage Map – OpenSignal

DigitalOcean

DigitalOcean: SSD Cloud Server, VPS Server, Simple Cloud Hosting

You Can Now Run Ubuntu Linux with the Unity Desktop on Top of Windows 10 – Updated

After doing all sorts of tricks in the CompizConfig Settings Manager (CSSM) GUI configuration tool for Compiz, and using a combination of VcXsrv and XLaunch, two applications for configuring and setting up a Windows X server, he has managed to run Ubuntu 14.04.4 LTS with the Unity desktop environment on top of Windows 10.

Linux’s AV Stack Adding Awesome Features

Beamforming in PulseAudio | Arun Raghavan

Beamforming as a concept is used in various aspects of signal processing including radio waves, but I’m going to be talking about it only as applied to audio. The basic idea is that if you have a number of microphones (a mic array) in some known arrangement, it is possible to “point” or steer the array in a particular direction, so sounds coming from that direction are made louder, while sounds from other directions are rendered softer (attenuated).

Practically speaking, it should be easy to see the value of this on a laptop, for example, where you might want to focus a mic array to point in front of the laptop, where the user probably is, and suppress sounds that might be coming from other locations. You can see an example of this in the webcam below. Notice the grilles on either side of the camera — there is a microphone behind each of these.

Introducing GStreamer VR Plug-ins and SPHVR – Lubosz’s Blog

Pronounced sphere, SPHVR is a python video player using gst-plugins-vr. Currently it is capable of opening a URL of an equirectangular mapped spherical video.

CopperheadOS – Secure Android

CopperheadOS currently supports the Nexus 5, Nexus 9, Nexus 5X and Nexus 6P.

TING

Ting – mobile that makes sense

Nylas N1

Nylas Pro

But right now, Nylas N1 is also free as in free beer, and that’s a problem. Due to its popularity, the API traffic for N1 users has dramatically eclipsed the combined volume of all other apps built on the Nylas Cloud APIs. We already sync several hundred terabytes of data for our users and are adding tens of thousands of new users each month. It’s costing us real dollars.

Does anyone here use Nylas?

Dekko Is Shaping Up Nicely for Desktop Convergence

Dekko developer Dan Chapman shared some images of a new, converged Dekko for the desktop on Google+, under the title “An all new Dekko is coming!”.

Linux Academy

Linux Academy | Linux and AWS Online Training

What’s Going on with Matrix.org?

Ruma – A Matrix homeserver written in Rust.

Matrix is an open specification for an online communication protocol. It includes all the features you’d expect from a modern chat platform including instant messaging, group chats, audio and video calls, searchable message history, synchronization across all your devices, and end-to-end encryption. Matrix is federated, so no single company controls the system or your data. You can use an existing server you trust or run your own, and the servers synchronize messages seamlessly. Learn more in the Introduction to Matrix.

Say Hello To Vector! — Medium

This week, we’re officially launching Vector, a forward-looking open source collaboration app, and the very first production-ready application built on top of the Matrix open standard. In fact Vector Web has been around for a bit, growing and being polished with the help of a passionate community of pioneers and they’ve done a great job of supporting us with useful feedback! And now the mobile apps are out! So today Vector is ready to be shared more widely as a proper beta.

Interview with Matrix Dev

Support Jupiter Broadcasting on Patreon

The post One NAT to Rule Them | LINUX Unplugged 153 first appeared on Jupiter Broadcasting.

Bait and Phish | TechSNAP 181

chris — Thu, 25 Sep 2014 11:21:20 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

We’ll tell you about a major German hack that lasted 12 years, and struck over 300 business. Plus researchers discover a nasty Android bug that impacts over 70% of users.

Then it’s a great big batch of your networking questions, our answers & much much more!

Thanks to:

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Operation Harkonnen, a 12 year long intrusion to over 300 businesses

“From 2002 a German cybercrime network performed numerous targeted penetrations to over 300 organizations, including tier one commercial companies, government institutions, research laboratories and critical infrastructure facilities in the German speaking countries. The attackers planted Trojans in specific workstations in the organizations, gained access to sensitive confidential documents and information and silently exfiltrating them to the organizations who ordered the attack”
“Once embedded in the system the files started to send data from the target computer to an external domain. The analysis revealed the domain was registered by a UK company, with the exact address and contact details of 833 other companies, most of which are already dissolved”
“The British relatively tolerant requirements to purchasing SSL security certificates were exploited by the network to create pseudo legitimate Internet service names and to use them to camouflage their fraudulent activity”
Specifically, it is quite easy to establish a new company in England
It is estimated that the attackers spent as much as $150,000 establishing fake companies, and arming them with domains and SSL certificates in order to make their spear-phishing campaign appear more legitimate
“The discovery happened at a leading, 30 year old, 300 employees’ German organization that holds extremely sensitive information with a strategic value to many adverse organizations and countries. The organizational network contains 5 domains with complex architecture of multiple network segments and sites, connected through VPN.“
Additional Coverage: TheHackerNews

Researcher finds same-origin-policy bypass for Android browser, allows attacker to read your browser tabs

Android versions before 4.4 (75% of all current Android phones) are vulnerable
CVE-2014-6041, and was disclosed on September 1, 2014 by Rafay Baloch on his blog.
By malforming a javascript: URL handler with a prepended null byte, an attacker can avoid the Android Open Source Platform (AOSP) Browser’s Same-Origin Policy (SOP) browser security control.
What this means is, any arbitrary website (say, one controlled by a spammer or a spy) can peek into the contents of any other web page.
The attacker could scrape your e-mail data and see what your browser sees.
Or snag a copy of your session cookie and hijack your session completely, and read and write webmail on your behalf.
As part of its attempts to gain more control over Android, Google has discontinued the AOSP Browser.
Android Browser used to be the default browser on Google, but this changed in Android 4.2, when Google switched to Chrome.
The core parts of Android Browser were still used to power embedded Web view controls within applications, this changed in Android 4.4, when it switched to a Chromium-based browser engine.
Users of Android 4.0 and up can avoid much of the exposure by switching to Chrome, Firefox, or Opera, none of which should use the broken code.
Update: Google has offered the following statement:

We have reviewed this report and Android users running Chrome as their browser, or those who are on Android 4.4+ are not affected. For earlier versions of Android, we have already released patches (1, 2) to AOSP.

Feedback:

Round Up:

The post Bait and Phish | TechSNAP 181 first appeared on Jupiter Broadcasting.

Exaggerated Cybercrime | TechSNAP 54

chris — Thu, 19 Apr 2012 16:47:21 +0000

We bust some Cybercrime propaganda, give you the scoop on a fresh openSSL vulnerability, and answer a common audience question.

All that and much more, on this week’s TechhSNAP!

Thanks to:

GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Limited time offer: $5.99 .coms, up to 5 domains! just use our code 599com7

Want to save money on your entire order? Use our code spring7 and save 15%!

Direct Download Links:

Support the Show:

Purchase anything at Amazon.com
Purchase anything at Think Geek using this link
Purchase anything at Newegg using this link
Contribute directly on our donation page or check out our advertising options and reach millions of amazing people!
Grab our Chrome Extension and auto-tag your shopping session for us!

Show Notes:

OpenSSL Vulnerability

Two developers from the Google Security Team found a flaw in OpenSSL and contributed the fix
The flaw affects all versions of OpenSSL before 1.0.1a, 1.0.0i or 0.9.8v
Official Announcement
Full Disclosure
The vulnerability is in the way OpenSSL handles DER encoded data, which can cause a heap overflow and memory corruption
CVE Entry

US Unhappy With Australians Storing Data On Australian Shores

The US trade representatives specifically took issue with statements by the Australian Department of Defence, which has been making negative comments about various cloud providers based outside of Australia, implying that “hosting data overseas, including in the United States, by definition entails greater risk and unduly exposes consumers to their data being scrutinized by foreign governments.”
The issues first arose when the AU government started considering storing data in the cloud
The privacy commissioner raised many concerns about the security of the data in foriegn hands, and also the governments inability to legislate against foreign service providers
More coverage
*

Cybercrime massively over reported, statistics totally unrealistic
Some reports claim that losses due to cybercrime could be as much as $1 Trillion US Dollars
Most cybercrime estimates are based on surveys of consumers and companies, and are very unreliable
Normal statistical polling for opinion questions, such as seen with political polling works well, however the same method does not work for questions related to a value, because there are no negative values to cancel out the statistical outliers when then get extrapolated resulting in a large upward bias
In a 2006 survey of identity theft by the Federal Trade Commission, two respondents gave answers that, when extrapolated to the entire population, would have added $37 billion to the estimate, dwarfing that of all other respondents combined
Numbers are also exaggerated by the same pool of gullible and unprotected users being repeatedly targeted, which leads to diminishing returns, however the unreliable statistical models do not take this into consideration

Feedback:

Q: Simon asks about running multiple servers behind a single IP address

NAT may be the best answer, especially if you need NAT anyway for the 3 servers to connect out to the internet in the first place
You can forward the traffic using something like ‘balance’ or ‘HAProxy’, however the disadvantage to this over NAT is that the internal machines will see the source IP as the LAN IP of the internet facing machine, whereas with NAT they will see the original source IP address
For web traffic HTTP (80) and HTTPS (443), you can use nginx, and apache mod_rpaf to pass the original source IP to the internal apache server(s)
FreeBSD’s IPFW firewall has the ‘forward’ command, however this does not rewrite the headers of the packet, so the server that receives the forwarded packet needs to know what to do with it

War Story:

Mike sends in his own IBM war story:

After hearing so many war stories from the Other Other Alan, I decided to add one of my own IBM war stories.
I’ve been a contract employee from IBM since 1997. Early in 2000 I and 4 other guys were assigned to a new Network Operations Outsourcing Center. The basic idea was that we four would perform network operations for customers, small/medium businesses external to IBM. Our first customer was a textile company with facilities scattered across the continental US from Georgia to California. IBM sales sold the company a package of software, hardware and services which included IBM Tivoli and Netview monitoring that we were to use to do our monitoring and maintenance of their network.

So, as was always the case back then IBM had specialists who would go out in the field and perform installs and configuration for the customer (in this case us) and then we would be responsible for maintaining it. The initial install took nearly a week with a couple of days of training. Now imagine all the oohs and ahs as all this was running on three HUGE IBM Netfinity 5500 Quad PIII Beasts running Windows NT server and the technicians were explaining all the bells and whistles including event correlation and intelligent discovery. Two days after they left, the database crashed. Well we couldn’t be down with no method of monitoring the customer’s systems. So we took an old copy of “What’s up Gold” and installed it on the only spare hardware we had, a Thinkpad 765. So, as IBM repeatedly sent out technicians to fix one thing or another with the Tivoli environment, or the Oracle database from Hell, we chugged on for an entire year monitoring 40 odd NT servers and an equal amount of network hardware…from a little old pentium 166 laptop, while untold thousands of dollars worth of software and hardware sat almost unused until it was disassembled at the end of the contract.

Round-UP:

The post Exaggerated Cybercrime | TechSNAP 54 first appeared on Jupiter Broadcasting.

NASA Hacked 5,400 Times? | TechSNAP 47

chris — Thu, 01 Mar 2012 20:20:13 +0000

NASA loses the keys to the International Space Station, Microsoft can’t figure out what day it is, and I laugh myself to tears over the lack of security at Stratfor

All that and more, on this week’s TechSNAP!

Thanks to:

GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Super special savings for TechSNAP viewers only. Get a .co domain for only $7.99 (regular $29.99, previously $17.99). Use the GoDaddy Promo Code cofeb8 before the end of March to secure your own .co domain name for the same price as a .com.

Private Registration use code: march8

Pick your code and save:
cofeb8: .co domain for $7.99
techsnap7: $7.99 .com
techsnap10: 10% off
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans

Direct Download Links:

Subscribe via RSS and iTunes:

Show Notes:

NASA laptop stolen, contained control algorithms for the International Space Station

In 2010 and 2011 NASA reported 5,408 computer security incidents ranging from the installation of malware on a computer, through the theft of devices and cyber attacks suspected to be from foreign intelligence agencies.
47 incidents were identified as Advance Persistent Threat attacks, and of these, 13 were successful in compromising the agency’s computer systems
In an example of such an incident, attackers from Chinese-based IP addresses gained full access to a number of key JPL systems giving them the ability to:
Modify, copy or delete sensitive files
Add, modify or delete user accounts for mission critical systems
Upload hacking tools (keyloggers, rootkits) to steal user credentials and thereby compromise other NASA systems
Modify or corrupt the system logs to conceal their actions
Some of the breaches have resulted in the unauthorized release of Personally Identifiable Information, the disclosure of sensitive export-controlled data and 3rd party intellectual property
Inspector General Testimony before Congress re: IT Security
Discovery News Coverage

Windows Azure suffers worldwide outage

The Microsoft Azure Cloud service was down for most of the day on February 29th
The Service Management system was down for over 9 hours
Azure Data Sync was down form 2012–02–29 08:00 through 2012–03–01 03:00 UTC
Microsoft says that the outage appears to have been caused by a leap year bug
“28 February, 2012 at 5:45 PM PST Windows Azure operations became aware of an issue impacting the compute service in a number of regions,”
“While final root cause analysis is in progress, this issue appears to be due to a time calculation that was incorrect for the leap year.”
Microsoft Azure Service Dashboard
The outage also effected the UK Government’s ‘G-Cloud’ CloudStore
TechWeek Europe Coverage
Slashdot Coverage – Outage – Root Cause
PCWorld – Previous Microsoft problems with Leap Years

Wikileaks releases the data stolen in the StratFor compromise

Feedback:

Q: Robert Bishop Writes: Can I Secure my network with multiple NAT routers to isolate a system?

War Story:

This is a war story with a difference, as it didn’t involve some crazy user doing some bat shit crazy thing with their computer. It was simply a call to one of the tech support agents where the user wanted to know the following:

“What is the exact chemical composition of the battery in the Thinkpad 760 XD?”
“What are the recommended disposal procedures for said battery?”
“Can you tell me what would happen to the battery if it ruptured in a vacuum environment?”
“If the battery were to overheat, how volatile would the liquid effluent be?”

I doubt the user could have even gotten the questions out and taken a breath before the agent put them on hold and ran for help. The agent walked over to the second level support area rather than call as per procedure. After a good five minutes of talking, nobody could really answer the questions and worse, we couldn’t figure out what part of the company might actually have those answers.

As with all good tech support strategies we decided a two pronged approach – the agent would get back on with the user and stall for time while the rest of us would frantically hunt down any possible source of information that could help. We told the agent to ask why the user needed such detailed information and if it was a weak answer to push for a callback to buy even more time.

Some twenty minutes later the agent came back over to us with some interesting details on what was going on. It was all a misunderstanding. The user was supposed to call some private support number at IBM and not the public number. Our enterprising young agent did pull a fast one and offer to transfer the user to the number directly. The user provided the number and the agent promptly connected the call, then hit mute and stayed on the line. An American accent answered, the user responded and provided an account code upon request.

The tech on the private number acknowledged that the user was calling from NASA – Blackhawk Technologies Subsidiary. Apparently the shuttle program had 4 of those laptops on each mission – 1 primary and 3 redundant backups just in case. Suddenly the tricky questions all made sense. And eavesdropping can kill curiosity can never be a bad thing, right?

Round Up:

Black March 2012
Cyberattack by Anonymous on the Vatican reveals insights
Anonymous members arrested after Interpol investigation
EFF releases browser plugin to help detect bogus SSL certificates
Verisign seizes .com domain registered via foreign Registrar on behalf of US Authorities. » blog2.easydns.org
Schmidt: UN treaty a ‘disaster’ for the internet
50% of Data Center Outages caused by vendors and non-data center staff
[Hall of Shame] Stratfor – Submitted by manwich2000 for using the password “stratfor” and getting hacked by Anonymous.

The post NASA Hacked 5,400 Times? | TechSNAP 47 first appeared on Jupiter Broadcasting.