Tweaking the Home Network – pfSense Firewall [Part 3: Monitoring Your Network]

Monitoring the NetworkNow that pfSense is connecting through your home LAN and serving addresses to the ‘Teenage Subnet’, we need to do some further tweaking to make sure we can keep our semi-hostile network safe as well as keeping an eye on our network traffic usage and what our users are accessing.

Continue reading

Credential Security …again

So, with another major collection of user credentials being uncovered (and reported in the mainstream media), there is a slight increase in interest in people, their data, and the credentials they use.

Don't put all your (credential) eggs into one basket
Don’t put all your (credential) eggs into one basket

It’s anyone’s guess as to how long this breach will remain in the news cycle, so I thought I’d throw out an article quickly as New Zealand is currently in the throws of pre-election posturing and I imagine some political hopeful will say something controversial and the media will swing away to cover that within the next day.

For those who may not yet have caught up with the news (or those reading this in the future and wondering which massive credential theft I’m referring to), this is the uncovering of the work done by ‘Cyber Vor’ who managed to snare around 1.2 billion (yes, with a B) unique user credentials.

Continue reading

Tweaking the Home Network – pfSense Firewall [Part 2: Initial Configuration]

Initial Configuration (via Web Browser)

In the previous article, we set up (at least) two network interfaces. The first, facing the Internet (the WAN) and the second facing the internal network (the LAN).

In our instance, our WAN interface will simply pass traffic onto our existing internal network, where it is subject to existing rules and management, while the LAN interface will become the first node of our new ‘Teenage Subnet’ through which our older boys (and possibly their friends) will access the network resources (including access to the Internet).

The new network: Users are seperated into subnets

So, anyway, we have a machine happily whirring away running pfSense and two interfaces configured, the WAN and the LAN. Now we need to connect up and get things configured.

Continue reading

Tweaking the Home Network – pfSense Firewall [Part 1: Installation]

070523-F-9059M-226So, now we have teenagers, I’ve realised a need to create a little more separation within our home network. The intent of this is to give them a segment of the network where they can connect their wireless devices, use the internet and allow their friends to also connect their devices when they visit.

With freedom comes responsibility, so we also want to be able to enforce limits on the hours of use, conserve bandwidth, and attempt to protect them from malware and viruses.

Future enhancements may include traffic reporting, content filtering – but for now we want to get them off the core network, and onto their own segment.

Continue reading

When USB goes bad…

Image Credit: Jenn Durfey / Flickr (CC: by) So, I decided to give running a linux distro *solely* from a USB 3.0 flash drive… the install itself was fairly simple and painless, the pain only started on the reboot.

The drive failed, and I was dropped to the rather unfriendly >initfs prompt.

I tried a few things, from fixing the failed superblocks

dumpe2fs /dev/sdc1 | grep superblock
fsck -b [ALTERNATE SUPERBLOCK # e.g. 32768] /dev/sdc1

…to  trying to repair the file system

sudo fsck -fp /dev/sdc1

…and even forcing the filesystem ‘read only’ state back to read-write.

hdparm -r0 /dev/sdc

At which point I was 2 beers into the problem and getting a little… impatient. The last link however gave me two other possibilities:

  1. The drive itself may be faulty (it’s apparently somewhat common for poor soldering to cause this ‘read-only’ condition)
  2. Run a utility from the drive manufacturer to low-level format the drive and start again (waay too easy, and a WINDOWS based until – it would be like admitting defeat!)

I considered adding a third beer to the problem solving mix, then decided that it’d just be easier to go with option 2… a quick search later and I was on the Apacer support site and 337kb away from solving the problem.

Apacer Repair ToolWell, almost. Trying the ‘format’ option didn’t work (bad partition table / read-only state and all) so, ‘Restore’ it was, and.. we’re away! Low-level formatted, and ready to retry the install.

<burp> :)

Linux for Kids

My best mate dropped over on the weekend and left me an ancient Sony Vaio that he’d acquired for his 7-year-old daughter.

Doudou LinuxAfter shooting the breeze over the beer, we got to talking about his daughters computer use. Essentially he (and she) just wanted “something she can use and have for her own” – he’d already been supplied with a Live CD of Doudou Linux which she’d been booting from, yet due to the failing hard drive in the near fossilized Vaio, the machine was taking far too long to start-up – by which time her attention span was exceeded.

Continue reading

This is water

A bit of a deviation from my standard fare of techy news and opinion, but I’m bundling this under “Community & Social” – I think it fits well.


This video gave me pause for thought…
It’s a well produced, visually engaging excerpt from an address to graduates in 2005 by novelist David Foster Wallace. Sadly, this man took his own life in 2008 after struggling with depression for many years.

Watch this. Listen to the message. See if you can use it in your life.

The full address can be found here:

Hat Tip to my former colleague Curtis – thank you for sharing.

Standing on the Wall

Image Credit: US Army / Flickr (CC: by)Today I was discussing the recent work by the New Zealand Police in bring a number of people up on charges for their part in an international pedophile ring. While I’ll save you from the details (you can do your own reading using this article as a starting point), some of the alleged offenses are pretty horrific. Suffice it to say, the conversation quickly turned to how soul-destroying it must be for the OCEANZ team and organisations such as ECPAT. Continue reading

Path of Exile – Crowdsourcing Funds

Image Credit: Grinding Gears (Path of Exile) - Supporters pack Kiwi (in game pet)The very excellent MMO “Path of Exile” by Kiwi game developer Grinding Gear Games has managed to raise US$2.5 million (yes that’s million, little finger to the corner of your mouth Dr Evil styles…) through crowd-sourcing future development funds from the online gaming community.

This is not the first success they’ve had with funding via the web but, as an indicator – the climbing value of funding is testament to the belief their community has in the work they are doing with the game.

A personal HUGE congratulations goes out from my keyboard to the Grinding Gear team, it’s awesome to see New Zealand companies doing so well on the world stage without resorting to filling paddocks with cows. :)

Technology and Recreation – a recipie for AWESOME

For gadget geeks like myself, there’s always been an opportunity to mix technology with what we do when AFK (away from keyboard).

My first heart monitor watch *had* to be imported because no one in this country was selling the IR receiver (connecting through a DB9 (serial) cable no less.. for the more normal, serial cables were “how things were done” before the simplicity of USB arrived). Continue reading

Technology, Open Thinking, Community & Education…