Chris Johnson

We are in the process of moving from the image above to the image below.

At least in terms of what the infrastructure looks like.

Today I decommissioned an EdgeRouter 4 which features a “fanless router with a four-core, 1 GHz MIPS64 processor, 3 1Gbit RJ45 ports, and 1G SFP port.”

When they say “MIPS64” you can think of it as being in the same class as an ARM processor. Not a problem for what it is.

The issue was that there are only 1Gb interfaces. That and I’ve come to hate the configuration language.

This has been replaced with a pfSense router running on a TopTon “thing.” I call it a thing because it is from China and intended to be rebranded. It doesn’t have a real SKU.

It is based on an N100 with 4 cores and 8 threads. 2 2.5Gb Ethernet ports, 2 10Gb SFP+ ports. It can be upgraded and has multiple extras.

Besides the hardware, this is an entirely different animal in terms of what it can do. It is first, and foremost, a firewall. Everything else it does is above and beyond.

It is running NTP with a USB GPS unit attached. It runs DHCP, DNS, HAProxy, OSPF and a few other packages. The IDS/IPS system is running in notify mode at this time. That will be changed to full functionality very shortly.

So what’s the issue? The issue is that everything changed.

On the side, as I was replacing the router, I jiggled one of the Ceph servers. Jiggling it caused it to use just a few watts more, and the power supply gave out. It is a non-standard power supply, so it will be a day or two before the replacement arrives.

When I went to plug the fiber in, the fiber was too short. This required moving slack from the other end of the fiber back towards the router to have enough length where it was needed.

Having done this, plugging in the fiber gave me a dark result. I did a bit of diagnostic testing, isolated the issue to that one piece of fiber. I ran spare fiber to a different switch that was on the correct subnet, flashy lights.

Turns out that I had to degrade the fiber from the other router to work with the EdgeRouter 4. Once I took that off, the port did light off. But that was a few steps down the road.

Now the issue is that all the Wi-Fi access points have gone dark. Seems that they are not happy. This required reinstalling the control software and moving them from the old control software instance to the new one. Once that was done, I could see the error message from the access point complaining about a bad DHCP server.

After fighting this for far too long, I finally figured out that the pseudo Cisco like router was not forwarding DHCP packets within the same VLAN. I could not make it work. So I disabled the DHCP server on the new router/firewall and moved it back to the Cisco like router. Finally, Wi-Fi for the phones and everything seems to be working.

At which point I can’t log into the Vine of Liberty.

I can see the pages, I can’t log into the admin side. It is timing out.

3 hours later, I figured out that there was a bad DNS setting on the servers. The software reaches out to an external site for multiple reasons. The DNS lookup was taking so long that the connection was dropping.

I think this is an issue that I have just resolved.

But there’s more.

Even after I got the DNS cleaned up, many servers couldn’t touch base with the external monitoring servers. Why?

Routing all looked good, until things hit the firewall. Then it stopped.

Checking the rules, everything looks good. Checking from my box, everything works. It is only these servers.

Was it routing? Nope, that was working fine.

That was one thing that just worked. When I turned down the old router, the new router distributed routing information correctly and took over instantly.

So the issue is that pfSense “just works.” That is, there are default configurations that do the right thing out of the box.

One of those things is outbound firewall rules.

Anything on the LAN network is properly filtered and works.

But what is the definition of the LAN network? It is the subnet directly connected to the LAN interface(s).

Because I knew that I would need to be able to access the routers if routing goes wrong, my computer has a direct connection to the LAN Network attached to the routers. The Wi-Fi access points live in on the same subnet. So everything for my machine and the wireless devices “just worked”

The rest of the servers are on isolating subnets. That are part of the building LAN but they are not part of the “LAN Network”.

I know this, I defined an alias that contains all the building networks.

Once I added that to the firewall rules, it just worked.

Tomorrow’s tasks include more DHCP fights and moving away from Traefik. Which means making better use of the Ingress network.

Allyson is a published author. I am a published author. She works at writing. I was told to write, I did, they published it.

When I decided to keep GunFreeZone.net alive, I tried to post multiple times per day. I quickly burned out. Today I have a schedule of once per day, with extras when it is important and not an echo.

In the course of a normal day, I will read around 400 pages of text. Some of it I skim, some of it I have to read carefully, and some of it is for fun. I will also write 3000 to 5000 words, some of that is code, most of it is in English.

To be blunt, I spend more time reading and writing than just about anything else in my life.

Writer’s block is an excuse for an amateur. If you are expected to write, you write, you don’t get to say, “I don’t feel it today.”

If you are getting “writer’s block”, you are writing as a hobby. Allyson talks about this in her writing blogs and groups.

The next part of writing is making sure you are writing for more than yourself. If you are writing for yourself, you should be writing for yourself six months from now.

Every evening, I sit down, and I write for the blog. Occasionally, it is easy. Usually, it is work. Then there are days when it is just plain difficult.

I want to babble about the cheap soldering station I just picked up. Claims to be good. Has a 4.5-star rating. I had to crank it to 800F before it would melt solder, and I’m not sure if I got good connections.

Boring.

I’m in the process of getting rid of Traefik, a “load balancer”. I would rather not have left Apache, I did. I went to nginx, I still don’t understand it as well as I do Apache, but it is my preferred web server. Nginx can work as a load balancer, but it isn’t really.

So I have: Traefik, Nginx, Apache, HaProxy, and whatever it is that pfSense used for “load balancing”.

It isn’t uncommon to have a path that hits firewall, HaProxy, Traefik, nginx or Apache. Boring.

There are dozens of court cases that are interesting to me.

If they are heard in a district court where they obey the rule of law and follow the instructions set for them, they will get yanked into the Circuit Court so fast your head won’t stop spinning. If the case is in the circuit court, then the argument will be a repeat of what has already been said.

Boring.

At this point, the only interesting cases are those that will be heard by the Supreme Court this year.

Current events? By the time my article is published I’m already 12 hours behind of the news cycle.

Still, I write about things. There is more than a little filler these days. There are articles where I go far too deep in technical babble.

So to all of you that read our blog, thank you for hanging with us.

If you have something you want to say, PLEASE submit it. It would give me a day off.

Senator Warren is using misleading language to make her base angry at the rich. Never mind that she has become wealth from being a Senator.

Social Security is supposed to be “forced” savings. The government decided that we could not be trusted with our own retirement funds.

Instead, they took money from us, during our earning years, put it in a big pot, where it would “earn” money over our lifetime of labor.

Of course, that turned out to be a lie. The investment the social security fund made was in US Government Bonds. That is, the government “borrowed” the money, promising to pay it back with interest.

To pay it back, they need to tax The People more. So the piggy bank is empty, but we pretend it holds massive assets.

She then picked a DDS. Why? Because a DDS makes more than $176,000/year. Better stated, he has more than $176k taxable income.

Why is that number important? That is the social security tax cap.

Social Security was set up to take care of the “little” people. The wealthy were left to find for themselves.

We all “know” that the amount we get back from Social Security is based on the amount we paid in. The more we paid, the more we get back.

That means that the person who made $40k per year over the course of their labor should get back something “near” $40k per year. A person who earned an average of $100k? They should get back around $100k per year.

The reality is that you get back less and the money you get back is worth less than when you put it in, and several other things. But that is the general idea.

But, if you are making over $176k/year, the government doesn’t think you should be getting back that amount. Instead, it is up to you to plan your retirement.

What she is saying is that she wants him to pay in much more than he will get out.

One other thing to remember, US taxes are on income. If you have money sitting in the bank, you don’t pay taxes on it. Instead, you pay taxes on the money you take out.

Elon paid over $11 Billion dollars in taxes for 2023. He’ll pay more this year. He has paid more in taxes than any other single human in the history of the world.

And this fork – tongued devil wants him to pay more, so she can spend it.

This is the type of case we want the Supreme Court to slap down.

The district judge’s analysis is based on a twisted view of Heller as affirmed by Bruen.

In Heller, the Court said that weapons that are most useful in military service, or at least that’s how the district court quoted it.

Ok, a bit more context, but how did the district court interpret this?

Heller specifically contemplated that weapons most useful in military service fall outside of Second Amendment protection.

This is good wordsmithing. That word “contemplated” doesn’t say that weapons most useful to military services are outside or inside the protections of the Second Amendment. It just means they discussed it. Factually, this is the only place they mention “useful” to the military or in military service.

In other words, the court gave far too much weight to what was not said.

But why is this even a question?

It is because the inferior courts can’t stop messing things up. Of going rogue.

The question is if the plain text of the Second Amendment is implicated. The district court even agrees that it is.

The district court slaps down the state for claiming that magazines are not arms as defined for purposes of the Second Amendment.

Having equivalently answered the question “Is the plain text of the Second Amendment implicated?”, the district court then goes on to claim that is not the first part of Heller.

Instead, the district court argues that the plaintiffs (good guys) have to prove that they are in common use for lawful purposes of self-defense AND that they are not most useful for military service.

If the Supreme Court issues an opinion in Ocean State Tactical, then this is a done deal. Magazine bans are gone. This case will evaporate.

If the Supreme Court doesn’t issue an opinion in Ocean State Tactical, then we can hope they strike down Maryland’s “assault weapon” ban in Snope.

Regardless, I still get upset when I read the twisted arguments of these rogue inferior courts.

John of www.GunsSaveLife.com was kind enough to post a link back to us and to quote The Game is On! SCOTUS update

He expressed a bit of skepticism.

John is skeptical because nobody knows what is going to happen in Supreme Court conferences.
It is all “reading the tea leaves”.

The black box which is Supreme Court conferences has visible inputs. Status of the case, briefings on the case, circuit split, time after the last Supreme Court opinion on the subject and a few others.

For output, we have “Denied”, “Denied with statement”, “Granted”, “relisted” and “rescheduled”.

Why the justices decide on which output is a guess. Some people are good at those guesses. Mark Smith has a good record. I don’t have a record to stand on. We know historically that “rescheduling” happens when the justices want to see multiple cases at the same time. We know that under Roberts, cases that are relisted are almost always granted cert. and those that are not have some procedural issue with them, not merits issues.

Cases that are denied Cert generally have nothing said about them. Think of it as spending 30 minutes trying to convince your parents to do something, and at the end of that they say “no”. That’s how most denial of cert goes. Nobody cares when cert is granted. It is going to happen.

When one or more justices feels strongly that cert should have been granted, they will write a statement to go along with the order list. Occasionally, a justice will write a statement explaining to the petitioner why cert was denied so that they can address the issue.

We saw several statements from Justice Thomas on why they were not granting cert on Second Amendment challenges that were in an interlocutory state.

There is a light at the end of this tunnel. I think that I might have the new router up and running tomorrow. I’ll be turning down two servers. Many good things happening.

As of January 6th, we are on deck for THREE Second Amendment cases to be evaluated by the Supreme Court.

On January 10th, the justices will discuss all three cases, Ocean State Tactical, Snope, and Gray.

On the following Monday, or Tuesday, they will issue their orders.

The Court can:

• Grant Cert.
• Deny Cert.
• Relist the case

.

While it would be wonderful to have them just grant cert in all three cases, the more likely event will be that the cases will be relisted.

In the Roberts’ court, this is the standard for cases where the justices have agreed to hear the case, but Roberts wants to make sure there are no issues hiding in the case history.

We can expect two to four relisting before they finally decide yes or no.

At that time, we will know what the schedule will be. If the cases will be combined, or if they will all be heard on the same day.

We are on track to have a major Second Amendment opinion issued by the Supreme Court around the end of June.

I have hundreds of dollars worth of GPS equipment. Not counting the cell phones we all carry with us.

I wanted to try to create a Stratum 0 NTP clock.

The last time I attempted this, I used a Garmin handheld GPS. Time to sync was in minutes and while the power draw as trivial, by the standards of the day, it would still burn through AA batteries.

Because you, kind readers, told me that there were cheap options, I went looking.

What I found was a GPS module that is about an inch square. For $15 I could have one delivered. It comes with a header containing VCC, GND, TXD, RXD, and PPS. I figured I could solder in the provided header then run them to a GPIO that has an attached UART.

Well, the darn things showed up a day early, and I didn’t really want to do any soldering. I plugged it in via the USB port, put it in the window. A few minutes later, it had a hard lock.

After installing gpsd and configuring, chrony I now have a system that is locked at less than 1ms accuracy, NOT using the PPS option.

That will be next week’s project. Getting that PPS signal to the motherboard.

If I had a Raspberry Pi with a good interface, not wifi, I can see that this would make a darn nice little timekeeper.

For the most part, I’ve stopped writing or reporting on “mass shootings”. They happen. My initial takes are normally wrong. The information that we are fed is designed to tell a story. I hate being a conspiracy guy.

My biggest error, so far, has been my initial analysis of the Trump shooting.

Having said that, it is difficult not to have questions when something stinks.

Part of critical thinking is to ask questions. To verify answers. To put answers to the test.

Example: We had a breaker pop on Friday. I knew what the cause was instantly, the wife was running her space heater.

When I got to the living room, she’s sitting on the sofa. Within seconds, I determined that she had left the heater on, even after she left the room.

Wife and Ally are telling me that it couldn’t be the fault of the heater because it had been running for a while and hadn’t blown the circuit.

Yeah, that was before we had that extra bit of draw on the circuit from the wife turning on the TV and side table light and other loads.

They used critical thinking to eliminate the heater. I used more knowledge to rule the heater in.

That circuit is rated at 1650 watts. The heater, in low mode, draws 750 watts. The lights left on, the misc. stuff plugged into the walls, the bathroom light and fan easily reaches 300 watts. My computer has a 750 watt power supply in it. The switch and other “stuff” plugged into the same circuit. All of that is a significant load. Thus, popped breaker.

While rated at 1650 watts, those circuits will actually run for a bit over that limit until they pop.

When you look at a fact set, you have to evaluate all the parts to be able to reach a logical conclusion. Upon reaching that conclusion, you still need to have an open mind for more data that might change your analysis.

Security Analysis

Doing a security analysis of a location or situation has risk. I’m reminded of a sales analysis I did and provided to our sales manager for Cray.

The short of the analysis was that they were asking for millions of dollars from the client for a drive system which they could buy from other sources for under $100 thousand. I gave him this analysis so that he would have the ability to answer these types of questions before they were asked of him.

The sales manager reported me for “attempting to sabotage the sale”. I listened and reported back to my chain of command. The customer didn’t need me to tell them what their options were, they already knew.

Security analyses are like that. Telling a potential target of an observed weakness is more likely to get you in trouble and harassed than it is to get the institution to budge.

I’ve gamed out some options against institutional targets. I don’t ever talk about those analyses because I do not want something to happen to those targets and me becoming a person of interest.

Even the language I use would get me in trouble. I learned it from working for the military. Everything we analyzed was a “target”. It didn’t matter whether it was a T-90 from Russia or a Leopard II from Germany or an XM-1 from the US. They are all targets.

Most people don’t get it. So I don’t use those terms.

Questions

A veteran from the US Special Forces has decided to do “bad things.” He is going to detonate a bomb to cause damage to a Trump Hotel.

For some reason, he decides to take his passport with him on this mission.

The heat from the detonation is so intense, his weapons melt. Likely just the plastic furniture, but his passport and IDs survive.

What protected those IDs from the heat?

He rented a Tesla truck to do this in. What advantages does a Tesla truck have over an Econvan?

With extensive training on IEDs and making explosives, his device was pretty much a dud. What was the explosive used? Why didn’t he use a real explosive?

See TM 31–210 (HQ Department of the Army, 1969) pages 7 through 72 contains extensive information on primary and secondary explosives from field expedient sources.

Pages 194 through 223 cover making Fuses, detonators, and delay mechanisms.

A revised version was released in 2007.

So SF dude, who has been trained in all of this, messes up a simple bomb?

This man was likely highly trained in how to perform one man operations that were extremely successful. Why did he forget so much of his training?

Finally, why did he choose to use a Desert Eagle in 50 cal to off himself?

My wife read my article on passwords and “got it”. Which is nice. I was attempting to explain how password crackers use rule sets to modify input dictionaries to create more guesses from a single word list.

I decided to see how much things have advanced. To say I was shocked would be an understatement.

In 2013, the game “Battlefield” was hacked and the entire password database was captured.

This is not the major security threat you might instantly leap to, but it is bad.

Stealing Passwords

I worked in the Systems Group at my University. We were tasked with all software maintenance, installations, upgrades, and in house improvements to the operating system.

The systems group had taken the original manufacturer’s operating system and extended it to the point where it was no longer the same operating system. Having done this, we gave back all the code we had written to the manufacturer, who incorporated what they liked into their next release.

We had developed a long term backup plan. This plan was three tiered. We took daily backups of the entire file system. This was a rolling tape backup. There were 30 days of daily backups performed before the first tape was overwritten.

We also performed weekly backups. There were 52 weeks of weekly backups. So a total of 82 backup sets.

In addition to this, we did end of term backups. These were done just after the term ended. These tapes were kept.

What this meant was that if your file were to live for at least 24 hours, you would be able to recover to any particular day in the past 5 weeks of your file.

If your file were to exist over a weekend, you could recover that file to how it was on the weekend it was dumped for the past year. And if your file were to exist over the term break, it would exist for the lifetime of the storage. 9 track tapes now being dead, I’m not sure what the University did to preserve those old tapes.

In addition to these backups, we took a separate backup of the “password” file once a day. There were 30+ days of password file backups.

That is the setup. The actual story:

We used to give tours of the machine room. The operators enjoyed bragging about the quality of our backup system.

One of these tours, a little monster took one of the password backup tapes and put it in his backpack. He walked out of the machine room with that tape. Nobody noticed the missing tape for the next 30 days.

Said monster took that tape over to the engineering department, where they had their own 9 track tape drives. He read in the file.

He was presented with 10s of thousands of clear text passwords.

This had financial implications because we sold computer time.

We changed our policy to always encrypt the password file before it was written to tape. I have no idea if that encryption standard was any better than Sunday comic page ciphers.

No more Plain Text Passwords

The number of times somebody in a movie has gotten the idiot to give them somebody else’s password is astronomical. The truth is that most passwords are stored in an “encrypted” format. We don’t have access to your password.

We can reset your password, but we can’t tell you what it is because that isn’t recorded.

At the university, they were still storing passwords in plain text. They only encrypted the password when it was written to tape.

Modern systems store that password in an encrypted format. The old method was what is called “descrypt”.

The first two characters of the encrypted password is the “salt” and the rest is the DES hash of the password. This is NOT the same as encrypting your password with a secret and then being able to decrypt it with that same secret. Instead, we use your password to encrypt a given, known, piece of text. The encrypted result is what is stored.

When you provide your password, we encrypt the same text string with your password. If the resulting text matches what we have stored, you have proven you know the password.

Here are a couple of hashed passwords: SD2PFyBHY1oUY, q5M9nJsU/JSwI, sTd5NrAIMrisU, 8MbLuguRAeo92, $1$OcbNKu2y$l9faj.aCWodfonXiSlgnV0, $1$hh765lOJ$lrZ4jkCtUkG3qPBuFJQ/2., $5$2W0fdlfY.a/iXErF$xbzHcX8CfPc89vJkxsiC/BjDmqxI20Yk.Vj9OLL/6e2, and $5$HxfQ9B30d8GdmyPo$J6FWaeGKSez2cLbw3cktvaYgPvsTFaXdMzYp4yDcQjD.

These are all hashes of the same password, “hello world!”

Slow Them Down

Storing passwords in plain text is stupid. But computers are faster than you think. Thus, we want to slow down the speed at which computers can make guesses.

We do this by using a salt.

Consider the situation where you had 74,577,451,608 guesses you wanted to try. If you were to create the hash for each of those guesses, it might take you a bit of time. In the end, you would have them all. Now it is only seconds to look up the hash in a database/file and get the plaintext password used to generate that hash.

To fight this, we use the salt. The salt modifies the hashing process such that for any given password, there are many possible hashes to represent that password.

As shown above, even when using the same “hashing algorithm” we got many results.

This is to slow the guessing of passwords down.

And the results

In 2013, the game “battlefield” was cracked. They escaped with around a 1/4 million password hashes. These are not clear text, you can’t just type them into an account and get in, they are still “protected”.

I used a starting source of 184,000 known passwords. To this, I added an American and a British word list. I didn’t bother to get name lists for a total of 282,000 unique test words.

In the simplest case, with no salt applied, that is 184,000 * 282,000 different combinations to test.

In 2 minutes and 50 seconds, on my medium GPU and medium CPU, we tested 74,577,451,608 different passwords against 282,546 password hashes.

We were able to guess 7.30% of the passwords, or, 30943 passwords.

That is more than enough to make money.

And you can see how bad they can be.