General Blather

I started tinkering with my mail server configuration, and while looking at some of the "can I encourage TLS?" bits I found MTA-STS and learned that there's a whole DNS-based authentication thing I never knew about. more »

For both protecting my systems and playing with what's out there, I incorporate Crowdsec into my system's intrusion detection and prevention. For other reasons, I updated one of my servers to the latest Ubuntu (not LTS), and an update to Crowdsec balked. more »

I noted in a different blog post some concerns I had where my intrusion detection had a gap caused by log aggregation. Specifically, my Docker web containers forward their logs to a Splunk server for collection and possible analysis later, which means… more »

Hot on the heels of the v2.15.0 fix came a v2.16.0 fix, which removed the core of the vulnerability, taking away a feature that was probably not used correctly, if ever used. more »

A meaty exploit was discovered and shared on 9 December. more »

I needed to check something in my router's web UI, which happens every once in a while. I was denied because of an expired SSL certificate! more »

I accidentally (really, sometimes my iPad and I disagree between tap and drag...really sucks in games) clicked on some click-bait insurance comparison thing. I bought into the lie of simple checks. I knew better. more »