Scanner

Between 1939 and 1945, Allied planes dropped 3.4 million tons of bombs on Axis powers.

This document takes a look at MeshCentral Router, a Windows application that performs TCP and UDP port mapping from a local machine to any remote computer through a MeshCentral servers. This document should allow the user to Internet relay traffic through NAT routers and firewalls.

FreeBSD can play not only one but three firewalls. Networking is complicated by itself and firewalls can be complex too. So when they mix together your brain may collapse. Pick up one and then learn how the networks function and later how to manipulate the firewall.  One of those three firewalls in FreeBSD is IPFW. The minimal configuration for IPFW is the one written on this article. Don’t think of this firewall as a dumb, too simple firewall solution. Mac OS X, for example, uses it and puts a nice interface in the System Settings so any noob can use it. Although nowadays it’s using another firewall PFCTL I guess it’s from the OpenBSD, it has had IPFW for many years as the default firewall. And quite frankly it has served many users pretty well.

We will edit the main os configuration file with nano.

As always under FreeBSD the /etc/rc.conf file is the one in charge to activate OS level features as well as some other important software. Type this command to set the firewall configuration into the right file:

sudo nano /etc/rc.conf

Now edit the rules so they look as follows.

firewall_enable="YES"
firewall_quiet="YES"
firewall_type="workstation"
firewall_myservices="22 80 443 10000"
firewall_allowservices="any"
firewall_logdeny="YES"

Now you must start up the service in order for the firewall to start working. Type the following order at the terminal prompt.

sudo service ipfw onestart

The numbers appearing in the line firewall_myservices=”22 80…” are the ports the firewall leaves open. The rest of the ports to your server or workstation will remain closed.

The opened ones are the basic to run a web server. Port number 22 is used for remote connections through SSH (secure shell). The number 80 is used by the HTTP protocol and since we are setting up a web server this is mandatory. Something similar happens with the port number 443 but this is the one for the https, which is the http protocol surrounded by an TLS encryption so no one can read the content in it.

Fail2ban is a complementary tool to your firewall. It works by scanning log files and bans IPs which present suspicious activity such as failed logins. It is compatible with many UNIX-like systems and is a security tool to have in your arsenal. It can filter not only ssh logins, but other services too, for example CMS web sites as WordPress or Drupal, repositories such as your own GitLab, and even your Postfix (or other) mail server.

Intrusion prevention framework that bans malicious IPs.

Overview

Fail2ban is an intrusion prevention system written in Python that protects Linux and Unix web servers from brute-force attacks by monitoring log files and banning IP addresses that show suspicious activity. Originally developed by Cyril Jaquier in 2004, fail2ban works by parsing log files through regular expressions, identifying patterns that indicate malicious behavior like repeated failed login attempts, and automatically creating firewall rules to block offending IP addresses for specified time periods.

If the modern Settings UI is broken (sometimes seen after feature updates), the classic Date and Time dialog still works.

• Press Win + R, type timedate.cpl and press Enter.

When the Settings UI is unavailable, Windows provides command‑line tools to set or inspect time zone entries.
Key commands:

• Check current time zone: tzutil /g
• List available time zones: tzutil /l
• Set a time zone: tzutil /s "Time Zone Name" (the Windows time zone string, e.g., "Pacific Standard Time").

what does the service actually do?

Duck DNS is a free service which will point a DNS (sub domains of duckdns.org) to an IP of your choice

age is a simple, modern and secure file encryption tool, format, and Go library.

It features small explicit keys, post-quantum support, no config options, and UNIX-style composability.

Record and share your terminal sessions, the simple way.
Forget screen recording apps and blurry video.
Experience a lightweight, text-based approach to terminal recording.

asciinema [as-kee-nuh-muh] is a free and open source solution for recording terminal sessions and sharing them on the web.

Get things from one computer to another, safely.

This package provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. The two endpoints are identified by using identical "wormhole codes": in general, the sending machine generates and displays the code, which must then be typed into the receiving machine.

The codes are short and human-pronounceable, using a phonetically-distinct wordlist. The receiving side offers tab-completion on the codewords, so usually only a few characters must be typed. Wormhole codes are single-use and do not need to be memorized.

For complete documentation, please see https://magic-wormhole.readthedocs.io or the docs/ subdirectory.

Cryptography engineers have been tearing their hair out over PGP’s deficiencies for (literally) decades. When other kinds of engineers get wind of this, they’re shocked. PGP is bad? Why do people keep telling me to use PGP? The answer is that they shouldn’t be telling you that, because PGP is bad and needs to go away.

There are, as you’re about to see, lots of problems with PGP. Fortunately, if you’re not morbidly curious, there’s a simple meta-problem with it: it was designed in the 1990s, before serious modern cryptography. No competent crypto engineer would design a system that looked like PGP today, nor tolerate most of its defects in any other design. Serious cryptographers have largely given up on PGP and don’t spend much time publishing on it anymore (with a notable exception). Well-understood problems in PGP have gone unaddressed for over a decade because of this.

Two quick notes: first, we wrote this for engineers, not lawyers and activists. Second: “PGP” can mean a bunch of things, from the OpenPGP standard to its reference implementation in GnuPG. We use the term “PGP” to cover all of these things. //

If we’ve learned 3 important things about cryptography design in the last 20 years, at least 2 of them are that negotiation and compatibility are evil. The flaws in cryptosystems tend to appear in the joinery, not the lumber, and expansive crypto compatibility increases the amount of joinery. Modern protocols like TLS 1.3 are jettisoning backwards compatibility with things like RSA, not adding it. New systems support just a single suite of primitives, and a simple version number. If one of those primitives fails, you bump the version and chuck the old protocol all at once.

If we’re unlucky, and people are still using PGP 20 years from now, PGP will be the only reason any code anywhere includes CAST5. We can’t say this more clearly or often enough: you can have backwards compatibility with the 1990s or you can have sound cryptography; you can’t have both. //

This isn’t going to get fixed. To make actually secure email, you’d have to tunnel another protocol over email (you’d still be conceding traffic analysis attacks). At that point, why bother pretending?

Encrypting email is asking for a calamity. Recommending email encryption to at-risk users is malpractice. Anyone who tells you it’s secure to communicate over PGP-encrypted email is putting their weird preferences ahead of your safety.

Get started with Bitwarden through bite-sized courses. Whether you're deploying Bitwarden to your entire organization, setting it up for your family, or just getting started as an individual, these courses have you covered.

Vaultwarden is a lightweight, open-source reimplementation of the Bitwarden server written in Rust. It is fully compatible with all official Bitwarden clients (browser extensions, desktop apps, iOS, Android) and runs on hardware as modest as a Raspberry Pi using under 50 MB of RAM. This guide covers everything: what Vaultwarden is and how it compares to Bitwarden and 1Password, Docker installation, why HTTPS is mandatory and how to solve it without a domain using Localtonet, the correct way to generate the ADMIN_TOKEN with Argon2, how to disable open registration, connecting Bitwarden clients, a complete backup strategy, Fail2Ban brute-force protection, and a dedicated Raspberry Pi section.

Browser extension

1. Edit the vault item for which you want to generate TOTPs.
2. Select  TOTP, which will scan the authenticator QR code from the current webpage. The full QR code must be visible on-screen.
   Browser extension TOTP scan
3. Tap Save once the code has been entered to begin generating TOTPs.

The morality, psychology, and science of ethical child-raising

eBooks
Read the full version of Peaceful Parenting in ePub, Mobi, or PDF

NO TIME??
Read the condensed version of Peaceful Parenting in ePub, Mobi, or PDF

The dimensions of a shipping container are based on standards that ensure there are no issues during shipping. ISO sets the standard for shipping container dimensions.

• General-purpose containers are 8.5 feet (2.59m) high and 8 feet (2.43m) wide. They come in two lengths; 20 feet (6.06m) and 40 feet (12.2m).
  • A 40ft high-cube shipping container or extra tall shipping containers are available at 9.5 feet (2.89m).
• 10 feet (2.99m) and 8 feet (2.43m) ISO containers are also available.

ISO 1496-1 originally set the shipping container stacking weight limit at 192,000 kg (423,288 lbs) across the four corner posts. A 2005 revision increased the rated capacity to 213,360 kg (470,400 lbs) for new-build containers. Both figures assume a 1.8G dynamic acceleration factor, meaning the container is rated to hold that load even under the rolling, pitching, and heaving forces of ocean transit. On stable ground, the effective safety margin is even larger. //

A two-high stack of empty containers presents roughly 320 square feet of windward surface area on the long side. At 90 mph wind speed, that surface generates approximately 4,100 lbs of lateral force. Without twist-locks anchoring the upper container, friction alone between the flat steel surfaces will not hold.

Saturday, April 25th, the day this was written, is the 125th anniversary of New York being the first state to require automobile owners to register their vehicles with the state.

That's right. Today is the 125th birthday of everyone's favorite government institution: The Department of Motor Vehicles, or DMV. //

New York's first plates were homemade, bearing only the owner's initials without any numbers. It was Massachusetts that actually issued its first license plates in 1903." //

In fact, the late adoption by the United States leads to one of the few examples of France being in first place in anything that didn't involve snails or surrendering to Germany.

We highly recommend the use of an email server (SMTP) because we could allow MeshCentral to verify user account’s email address by sending a confirmation request to the user to complete the account registration and for password recovery, should a user forget account password as illustrated below