Looking at logs…

Looking at LogsI have recently had cause to pay a little more attention to the logs generated by my home firewall. While I use SARG for the day-to-day analysis, I needed a quick and easy command to fire at my squid logs to see what a particular device had been up to. This entry is by no means an exhaustive list, but it will serve as a handy reminder to me as to what I did to pull the data I needed to look at.
Continue reading “Looking at logs…”

pfSense: SARG Reports (v2.2.6 Update)

This post follows on from my (surprisingly popular) article “pfSense: SARG Reports Not Showing

After an update to v2.2.6-RELEASE I had re-inherited the same

Error: Could not find report index file.
Check and save sarg settings and try to force sarg schedule.

error.

On jumping onto the firewall via SSH, it appears that, at some point the sarg-reports directory under /usr/pbi/sarg-amd64/local/ had been turned into a symbolic link (this may have happened via the reinstallation of packages following the update).

As such, any attempts to link /usr/local/sarg-reports to /usr/pbi/sarg-amd64/local/sarg-reports would result in;

/usr/local/sarg-reports: Too many levels of symbolic links.

Continue reading “pfSense: SARG Reports (v2.2.6 Update)”

Grabbing Video (back) from YouTube

Image Credit: Neuroventilator / Flickr
Image Credit: Neuroventilator / Flickr

Usual Disclaimers Apply: This guide should not be used to subvert copyright restrictions. Responsibility falls to the user to ensure they are not breaking the laws of the country in which they reside or breaching any restrictions placed on content published in, or on infrastructure where other jurisdictions and/or terms of service may apply. Ignorance is no defense*, if you don’t like the regulations as they stand, exercise your democratic rights and propose a solution for change. Continue reading “Grabbing Video (back) from YouTube”

CentOS 7 – CLI to GUI

CentOS7I’ve been playing with a few VMs as I try to figure out a new infrastructure for our office, and as part of this I’ve taken a particular shine to CentOS as a minimal build for my virtual servers. I then decided I wanted to get a few sandbox environments running with desktop software and, well.. that’s where the fun began!

After about twelvety-zillion restores from snapshots and reading, and forum trawling, and more restores, I think I’ve come up with a winning way to turn a humble CentOS 7 minimal build, booting to the lonely command prompt, into a bastion of desktoppy goodness. Hopefully this will be of use to someone else out there, if not – it will serve and a handy reminder to me as to what I did to get things running.

Continue reading “CentOS 7 – CLI to GUI”

pfSense: SARG Reports not showing

Image: Error: Could not find report index file. Check and save sarg settings and try to force sarg schedule.
Error: Could not find report index file.
Check and save sarg settings and try to force sarg schedule.

This appears to be a somewhat common problem with the more recent pfSense installations, when SARG reports are accessed ({Status} > {Sarg Reports} > [View Report] Tab) the UI responds with:

Error: Could not find report index file.
Check and save sarg settings and try to force sarg schedule.

Edit: 02/01/2016 – After an update to v2.2.6-RELEASE I had re-inherited the same error, this time however, it was caused by symbolic link weirdness – See the fix here.

Some users have reported that changing options in the [General] tab, saving, then forcing a schedule has resolved this issue, I have not been so lucky, so the following is what I needed to do to fix things.

Continue reading “pfSense: SARG Reports not showing”

PASSWORD MANAGERS, CRYPTOGRAPHY, AND TRUST

So, a friend* of mine asked me yesterday, (following my posting of an article), what I thought of a particular password manager – I obviously wanted to answer her question. I then decided that since I was in for a penny, I might as well be in for a pound and here we are, (hopefully) fixing my response, and posting it in a more readable format.
The status post that launched a thousand words...
The status post that launched a thousand words…

TLDR; No. I don’t especially like the look of it. You have to trust a company who is making money out of (hoping) their product is secure. I personally like KeePass ( http://keepass.info ) which works on all my devices and, coupled with a internet sync service (that also leaves you comfortable with the level of security offered), works on all my devices.

Continue reading “PASSWORD MANAGERS, CRYPTOGRAPHY, AND TRUST”

UPnP – Why I don’t allow it on my Home Network

The UPnP protocol has a long standing history of security problems, not the least of which being that it allows unauthenticated devices to connect to and through your home network.

TLDR; UPnP is a flawed protocol which has been leveraged numerous times to conduct widespread attacks via large numbers of insecure devices. Do not enable UPnP on your network. Or do, but understand the potential consequences of your decision.

The rest of what follows is a rant/opinion/soapbox based on a number of years of experience in the real world of IT Security and Risk Analysis, and the cumulative research on the subject that goes with such. Continue reading “UPnP – Why I don’t allow it on my Home Network”

Managing Behaviour & Technology – A Night with NEAL

Managing Technology
Image Credit: IBoomMedia/Flickr CC: by-nc-sa

I’ve just arrived back from an evening session on “Managing Technology and Behaviour @ Home” run by Andrew Cowie, Heather Eccles and Alan Curtis from NEAL (Northern Education Access Loop).

I surprised myself by enjoying the session, it wasn’t that I personally learned anything technical, it was all about the presentation of the material which was simply outstanding.


Continue reading “Managing Behaviour & Technology – A Night with NEAL”

Tweaking the Home Network – pfSense Firewall [Part 3: Monitoring Your Network]

Monitoring the NetworkNow that pfSense is connecting through your home LAN and serving addresses to the ‘Teenage Subnet’, we need to do some further tweaking to make sure we can keep our semi-hostile network safe as well as keeping an eye on our network traffic usage and what our users are accessing.

Continue reading “Tweaking the Home Network – pfSense Firewall [Part 3: Monitoring Your Network]”