Ramblings of a Unix Geek

I've been doing this for a long time... I ramble!

Explaining technology as a story - DHCP

When people ask me something technical, I frequently find it useful to tell the basics as a story or an analogy. Obviously all these stories have limitations to how accurate they can get, but it’s surprising how well it gets people to understand what you mean. So this post is part of a series of “explaining technology as a story” DHCP For a machine to be able to talk over IP it, naturally, needs an IP address.

Explaining technology as a story - DNS

When people ask me something technical, I frequently find it useful to tell the basics as a story or an analogy. Obviously all these stories have limitations to how accurate they can get, but it’s surprising how well it gets people to understand what you mean. So this post is part of a series of “explaining technology as a story” DNS The internet basically runs on numbers (either IPv4 or IPv6).

Explaining technology as a story - Routing

When people ask me something technical, I frequently find it useful to tell the basics as a story or an analogy. Obviously all these stories have limitations to how accurate they can get, but it’s surprising how well it gets people to understand what you mean. So this post is part of a series of “explaining technology as a story” Routing Far too frequently there are internet routing issues. Sometimes it gets bad that a large fraction of people can’t work (e.

Summary of my current Home Automation Setup

I was asked to describe the stuff I use for my not-so-smart home and how it fits together. This was originally an email, but I figure other people might find it interesting This is as complete as I can think! The goal, where possible, is to have everything under local control and not dependent on the cloud. Setup may require cloud… Lights Philips hue bulbs where possible (including the mirror light)

Making a doorbell semi-smart

If you’re anything like me then you sometimes miss the doorbell ringing. It may be because you’re engrossed in a movie and the doorbell sound doesn’t register. Or you might be (in these COVID times) in a make shift home-office with the door closed and an air-con blasting out. Or you may even be out of home. Can we add some home-automation smarts to a dumb doorbell? How does a doorbell work?

Digital Safe version 2

Previously I modified a cheap electric safe to work with an Arduino, because the original controller board had failed. But because my build skills aren’t the best, I kept getting serial port issues, and more than once needed to get to the emergency key to open the safe. At the same time someone asked me if the same design would work with one of the real cheap ($30) safes on Amazon.

Using RSA and ECDSA on Apache with CentOS / RedHat

Previously I described a relatively modern set of TLS settings that would give an A+ score on SSLtest. This was based purely on an RSA certificate. There exist another type of certificate, based on Elliptical Curve cryptography. You may see this referenced as ECC or, for web sites, ECDSA. An ECDSA certificate is smaller than an RSA cert (eg a 256bit ECDSA cert is roughly the equivalent of a 3072bit RSA one).

Data Loss Prevention (DLP)

Working in Cyber Security I’m frequently reminded that the reason we do all the things we do is, ultimately, to protect the data. After all, apps are there to process data, servers (and clouds) are there to run apps and store data. So the whole of cyber security is there to protect the data. It may be Identity and Access Management (restrict access to data to those people who should have access to it).

More modern TLS settings

Back in 2016 I documented how to get an A+ TLS score. With minor changes this still works. But times have changed. In particular older versions of TLS aren’t good; at a very least you must support nothing less than TLS1.2. Consequences of limiting to TLS 1.2 or better If you set your server to deny anything less than TLS 1.2 then sites like SSLlab tell us that older clients can no longer connect.

It was OK before; why is it broke now?

As I was rebuilding my network I came across a problem. In my basement I had previous run a cable from my core switch around the room to the other side, where I had a small 100baseT switch to handle the equipment on that table. I’d also run another cable across the ceiling to the back of the house, where I had the Powerline network. Everything seemed to be working fine, and it had been doing so for years.