WirelessPhreak

Unlock Netflix Hidden Genres: Complete Guide to Secret Codes (2024)

2024-10-25T21:41:00.002-07:00

Whats the Problem?

Everyone knows how difficult it is to find something to watch on streaming TV. You scroll and scroll to only see what Netflix thinks you want to see, you literally end up seeing the same 20 or 30 show and movies in every section of the Netflix app. But there is a secret weapon that may just save you some time and help you find something more interesting to watch.

How does it work ?

Once you've found the code for the category that you're searching, just put the code in your Netflix search field or you can replace the xx in this link https://netflix.com/browse/genre/xx with the code if you are viewing in your browser.

Movie Categories

Action & Adventure

1365 - Action & Adventure
43040 - Action comedies
1568 - Action sci-fi & fantasy
43048 - Action thrillers
7442 - Adventures
77232 - Asian action movies
46576 - Classic Action & Adventure
10118 - Comic book and superhero movies
9584 - Crime action & adventure
11828 - Foreign action & adventure
20541 - Hijacking movies
8985 - Martial arts movies
2125 - Military action & adventure
10702 - Spy action & adventure
7700 - Westerns

Anime

7424 - Anime
11881 - Adult animation
5507 - Animal tales
2729 - Anime Sci-Fi
2653 - Anime action
9302 - Anime comedies
452 - Anime dramas
11146 - Anime fantasy
3063 - Anime features
10695 - Anime horror
6721 - Anime series

Children & Family Movies

783 - Children & family movies
5507 - Animal tales
67673 - Disney
10659 - Education for kids
51056 - Family features
52843 - Kids Music
27346 - Kids' TV
10056 - Movies based on children's books
6796 - Movies for ages 0 to 2
6962 - Movies for ages 11 to 12
6218 - Movies for ages 2 to 4
5455 - Movies for ages 5 to 7
561 - Movies for ages 8 to 10
11177 - TV cartoons

Christmas

1527064 - British christmas children & family films
1721544 - Canadian christmas children & family films
1474017 - Christmas children & family films
1477206 - Christmas children & family films for ages 11 to 12
1477201 - Christmas children & family films for ages 5 to 7
1477204 - Christmas children & family films for ages 8 to 10
1476024 - Christmas children & family films from the 1990s
1527063 - European christmas children & family films
1394522 - Family-friendly christmas films
1475066 - Feel-good christmas children & family films
1475071 - Goofy christmas children & family films
1394527 - Romantic christmas films

Classic Movies

31574 - Classic Movies
47147 - Classic sci-fi & fantasy
46553 - Classic TV shows
46576 - Classic action & adventure
31694 - Classic comedies
29809 - Classic dramas
32392 - Classic musical comedy
31273 - Classic romantic movies
46588 - Classic thrillers
48744 - Classic war movies
47465 - Classic westerns
52858 - Epics
7687 - Film Noir
53310 - Silent Movies

Comedies

6548 - Comedies
9302 - Anime comedies
869 - Dark comedies
4426 - Foreign Comedies
89585 - Horror comedies
1402 - Late Night Comedies
26 - Mockumentaries
13335 - Musicals comedies
2700 - Political comedies
5475 - Romantic Comedies
4922 - Satires
9702 - Screwball Comedies
10256 - Slapstick comedies
5286 - Sports comedies
11559 - Stand-up Comedy
3519 - Teen Comedies

Documentaries

6839 - Documentaries
3652 - Biographical documentaries
9875 - Crime documentaries
5161 - Foreign documentaries
5349 - Historical documentaries
4006 - Military documentaries
90361 - Music & concert documentaries
7018 - Political documentaries
10005 - Religious documentaries
2595 - Science & nature documentaries
3675 - Social & cultural documentaries
2760 - Spirituality documentaries
180 - Sports documentaries
1159 - Travel & adventure documentaries

Dramas

5763 - Dramas
11 - Army dramas
3179 - Biographical dramas
6889 - Crime dramas
4961 - Dramas based on books
3653 - Dramas based on real life
500 - LGBT+ Dramas
6616 - Political Dramas
1255 - Romantic dramas
5012 - Showbiz dramas
3947 - Social issues dramas
7243 - Sports dramas

Foreign Movies

78367 - Foreign movies
3761 - African Movies
77232 - Asian action movies
5230 - Australian movies
262 - Belgian movies
10757 - British movies
3960 - Chinese movies
32473 - Classic Foreign Movies
10606 - Dutch movies
5254 - Eastern European movies
6485 - Foreign Sci-Fi & fantasy
11828 - Foreign action & adventure
4426 - Foreign comedies
5161 - Foreign documentaries
2150 - Foreign dramas
8243 - Foreign LGBTQ+ movies
8654 - Foreign horror movies
10306 - Foreign thrillers
58807 - French movies
58886 - German movies
61115 - Greek movies
10463 - Indian movies
58750 - Irish movies
8221 - Italian Movies
10398 - Japanese movies
5685 - Korean movies
1613 - Latin american movies
5875 - Middle Eastern movies
63782 - New Zealand movies
7153 - Romantic foreign movies
11567 - Russian movies
9292 - Scandinavian movies
9196 - Southeast Asian Movies
58741 - Spanish movies
434295 - Taiwanese movies
107570 - Thai Movies & TV
1133133 - Turkish movies

Horror Movies

8711 - Horror movies
10944 - Cult horror movies
45028 - Deep sea horror movies
8654 - Foreign horror movies
89585 - Horror comedy
947 - Monster movies
6998 - Satanic stories
8646 - Slasher and serial killer movies
42023 - Supernatural horror movies
52147 - Teen screams
75804 - Vampire horror movies
75930 - Werewolf horror movies
75405 - Zombie horror movies

Independent Movies

7077 - Independent movies
11079 - Experimental movies
11804 - Independent action & adventure
4195 - Independent comedies
384 - Independent dramas
3269 - Independent thrillers
9916 - Romantic independent movies

LGBTQ+

5977 - LGBTQ+
7120 - LGBTQ+ Comedies
4720 - LGBTQ+ Documentaries
500 - LGBTQ+ Dramas
65263 - LGBTQ+ TV Shows
3329 - Romantic LGBTQ+ Movies

Music

1701 - Music
32392 - Classic musicals
1105 - Country & western/folk
59433 - Disney musicals
10271 - Jazz & easy listening
52843 - Kids music
10741 - Latin music
13335 - Musicals
3278 - Rock & pop concerts
13573 - Showbiz musicals
55774 - Stage musicals
9472 - Urban & dance concerts
2856 - World music concerts

Others

34399 - All movies
29764 - Art House Movies
52858 - Epics
11079 - Experimental movies
52804 - Faith & spirituality movies
9744 - Fantasy movies
7687 - Film noir
31851 - Gangster movies
839338 - Only on Netflix
6998 - Satanic stories
4922 - Satires
11559 - Stand-up comedies

Romantic Movies

8883 - Romantic movies
31273 - Classic romantic movies
36103 - Quirky romance
5475 - Romantic comedies
1255 - Romantic dramas
502675 - Romantic favorites
7153 - Romantic foreign movies
9916 - Romantic independent movies
35800 - Steamy romantic movies

Sci-Fi & Fantasy

1492 - Sci-Fi & Fantasy
1568 - Action Sci-Fi & fantasy
3327 - Alien Sci-Fi
47147 - Classic Sci-Fi & fantasy
4734 - Cult Sci-Fi & fantasy
9744 - Fantasy movies
6485 - Foreign Sci-Fi & fantasy
6926 - Sci-Fi adventure
3916 - Sci-Fi dramas
1694 - Sci-Fi horror movies
11014 - Sci-Fi thrillers

Sports Movies

4370 - Sports movies
12339 - Baseball movies
12762 - Basketball movies
12443 - Boxing movies
12803 - Football movies
8985 - Martial arts movies
6695 - Martial arts, boxing & wrestling
12549 - Soccer movies
9327 - Sports & Fitness
5286 - Sports comedies
180 - Sports documentaries
7243 - Sports dramas

TV Shows

83 - TV Shows
52117 - British TV Shows
46553 - Classic TV shows
26146 - Crime TV shows
74652 - Cult TV shows
72436 - Food & travel
27346 - Kids' TV
67879 - Korean TV shows
25804 - Military TV shows
4814 - Miniseries
9833 - Reality TV
52780 - Science & nature
1372 - TV Sci-Fi & fantasy
10673 - TV action & adventure
10375 - TV comedies
10105 - TV documentaries
11714 - TV dramas
83059 - TV horror
4366 - TV mysteries

Teen TV Shows

60951 - Teen TV shows
3519 - Teen comedies
9299 - Teen dramas
52147 - Teen screams

Thrillers

8933 - Thrillers
43048 - Action thrillers
46588 - Classic thrillers
10499 - Crime thrillers
10306 - Foreign thrillers
31851 - Gangster movies
3269 - Independent thrillers
9994 - Mysteries
10504 - Political thrillers
5505 - Psychological thrillers
11014 - Sci-Fi thrillers
9147 - Spy thrillers
972 - Steamy thrillers
11140 - Supernatural thrillers

Ultimate Guide to Protecting Your Online Identity: Password Security, Two-Factor Authentication, and Credit Freezing

2024-08-13T19:37:00.000-07:00

With the many data breeches and most recently the 2.9billions records leaked from the National Public Data Breach its safe to assume your information is public. Safeguarding your personal information is more crucial than ever. With cyber threats evolving and becoming increasingly sophisticated, adopting these three simple security measures can make a significant difference in protecting your online identity. One of the most effective strategies is to avoid reusing passwords across multiple accounts. Similarly, enabling two-factor authentication (2FA) adds an essential layer of security, making unauthorized access far more challenging. Furthermore, freezing your credit reports can prevent identity thieves from opening new accounts in your name, offering you peace of mind and control over your financial information. By integrating these practices into your online security routine, you can substantially reduce the risk of identity theft and enhance your overall protection in the interconnected world we live in.

Don't Reuse Passwords:
- Explanation: Using the same password across multiple accounts poses a significant security risk. If one account is compromised, all other accounts with the same password become vulnerable. Cybercriminals often try to exploit this common practice to gain unauthorized access to various online services. By using unique and complex passwords for each account, you minimize the potential impact of a security breach.
Enable Two-Factor Authentication (2FA) on Accounts:
- Explanation: Two-factor authentication adds an extra layer of security by requiring users to provide a second form of identification in addition to their password. This could be a temporary code sent to your mobile device, a biometric scan, or a hardware token. Even if someone manages to obtain your password, they would still need the second factor to access your account. Enabling 2FA significantly reduces the risk of unauthorized access and enhances the overall security of your accounts.

Enhanced Security: 2FA adds an extra layer of security beyond just a username and password, requiring a second form of authentication such as a code sent to your phone or generated by an authentication app. This makes it significantly harder for attackers to gain unauthorized access to your accounts, even if they have your password.
Protection Against Password Theft: Even if your password is compromised through means such as phishing attacks or data breaches, 2FA can prevent unauthorized access because the attacker would also need access to your second factor of authentication (e.g., your phone).
Reduced Risk of Account Takeover: Account takeover (ATO) is a common cyber threat where attackers gain unauthorized access to user accounts. Enabling 2FA significantly reduces the risk of ATO because even if attackers obtain your password, they would still need the second factor to access your account.
Compliance Requirements: Some organizations, particularly in regulated industries such as finance and healthcare, may require users to enable 2FA as part of compliance measures to enhance security and protect sensitive information.
Prevention of Identity Theft: By adding an extra layer of authentication, 2FA helps prevent identity theft by ensuring that only authorized users can access your accounts, reducing the likelihood of fraudulent activities.
Peace of Mind: Knowing that your accounts are protected with an additional layer of security can provide peace of mind, especially considering the increasing prevalence of cyber threats and data breaches.
Support from Major Platforms: Many popular online services and platforms offer 2FA as an option, making it easy to implement and integrate into your security practices. This includes social media platforms, email services, online banking, and more.
Ease of Use: While adding an extra step to the login process, 2FA is relatively easy to set up and use. Once configured, it typically only requires a few seconds to enter the additional authentication code, providing a significant security benefit for minimal inconvenience.
Adoption of Advanced Authentication Methods: Beyond traditional SMS-based 2FA, many platforms support more secure authentication methods such as authenticator apps (e.g., Google Authenticator, Authy) or hardware tokens (e.g., YubiKey), further enhancing security.
Protection Across Multiple Devices: With 2FA, even if you access your accounts from multiple devices, each device can be set up to require the second factor of authentication, ensuring consistent security across all your devices.
Overall, enabling 2FA is a crucial step in safeguarding your online accounts and personal information against unauthorized access and cyber threats.

Freeze Credit Reporting Accounts:

Explanation: Freezing your credit reports prevents unauthorized individuals from opening new financial accounts or lines of credit in your name. When your credit is frozen, potential creditors can't access your credit report, making it challenging for identity thieves to apply for credit using your personal information. This is a proactive measure to protect your financial identity and prevent fraud. If you need to apply for new credit, you can temporarily lift the freeze using a unique PIN provided by the credit reporting agency.

Preventing Identity Theft: Freezing your credit makes it extremely difficult for identity thieves to open new accounts or lines of credit in your name. Since lenders typically check your credit report before approving new credit applications, a frozen credit report prevents unauthorized individuals from opening accounts using your identity.
Enhancing Security After a Data Breach: If your personal information has been compromised in a data breach (e.g., from a hacked website or company), freezing your credit can prevent cybercriminals from exploiting that data to open fraudulent accounts or loans in your name.
Protecting Against Unauthorized Inquiries: Freezing your credit prevents unauthorized parties from accessing your credit report, which can help prevent unauthorized credit inquiries. This can be particularly useful if you're not actively seeking new credit and want to minimize the risk of unauthorized activity.
Peace of Mind: Knowing that your credit accounts are frozen adds an extra layer of security and peace of mind. You can feel more confident that your financial information is protected, even if your personal data is compromised through a data breach or other means.
Control Over Access to Your Credit Report: When you freeze your credit, you have control over who can access your credit report. You can temporarily lift the freeze when you need to apply for new credit, then re-freeze it afterward, giving you greater control over who can view your credit information.
No Impact on Existing Accounts: Freezing your credit does not affect your existing credit accounts or credit score. You can continue to use your existing credit cards and loans as usual. The freeze only applies to new credit applications.
Cost-Effective Security Measure: In many cases, freezing your credit is a relatively inexpensive security measure. Depending on where you live, there may be nominal fees associated with placing or lifting a freeze, but the protection it provides can outweigh these costs.
Alternative to Credit Monitoring: While credit monitoring services can alert you to suspicious activity on your credit report, freezing your credit provides a more proactive and comprehensive form of protection. It prevents unauthorized access to your credit report altogether, rather than simply monitoring for potential fraud.
Legal Protection: In some jurisdictions, freezing your credit may provide legal protections in the event of identity theft or unauthorized credit activity. Check the laws in your area to understand the specific protections available to you.
Flexibility: You have the flexibility to freeze and unfreeze your credit at any time, allowing you to tailor your security measures to your individual needs and circumstances.

By incorporating these practices into your online habits, you can significantly reduce the risk of identity theft and enhance the security of your personal information. Additionally, staying informed about cybersecurity best practices and regularly updating your passwords further strengthens your defense against potential threats.

Top Online Resources to Immerse Yourself in Tiki Culture: From Cocktails to Decor

2024-08-12T22:57:00.000-07:00

Recently I have been re-reading Smugglers Cove and just finished the section that talks about online resources. So whether you're a seasoned tiki enthusiast or just beginning your journey, the internet is brimming with resources to help you explore this fascinating subculture. Here's a roundup of some of the best online resources to get you started.

1. Tiki Central

Website: tikicentral.com
Overview: A vibrant online community dedicated to tiki culture. It features forums where enthusiasts share ideas, recipes, DIY projects, and discuss tiki bars and events.

2. The Atomic Grog

Website: atomicgrog.com
Overview: A blog focusing on tiki cocktails, bar reviews, and news related to tiki culture. It also includes detailed recipes for classic and modern tiki drinks.

3. Tiki Drink Books

Recommendation: Books like Smuggler’s Cove: Exotic Cocktails, Rum, and the Cult of Tiki by Martin Cate and Tiki Pop: America Imagines Its Own Polynesian Paradise by Sven Kirsten offer both historical context and practical guides.

4. Instagram and Pinterest

Search Tags: Use tags like #tiki, #tikidrinks, #tikibar, and #tikiculture to find inspiration and connect with other tiki enthusiasts.

5. YouTube Channels

Example: The Educated Barfly and How to Drink regularly feature tiki cocktail recipes and techniques.
Overview: These channels offer video tutorials on how to make tiki drinks, often with historical context and modern twists.

6. Online Tiki Shops

Example: Tiki Farm and
Overview: These shops offer tiki mugs, decor, and other tiki-themed items, perfect for setting up your own tiki bar.

7. Reddit

Subreddit: r/Tiki
Overview: A community of tiki enthusiasts sharing photos, recipes, and tips. It’s a great place to ask questions and share your own creations.

8. Exotic Tiki Island Podcast

Website: exotictikiisland.com
Overview: A podcast that immerses listeners in the sounds and stories of tiki culture, featuring music, interviews, and tiki history.

9. Beachbum Berry's Tiki Resources

Website: beachbumberry.com
Overview: Jeff "Beachbum" Berry is a renowned tiki historian and cocktail expert. His site offers a wealth of knowledge on tiki drinks, history, and his books, such as Beachbum Berry’s Sippin’ Safari.

10. Tiki Magazine

Website: tikimagazine.com
Overview: A magazine dedicated to tiki culture, covering art, events, music, and tiki bars. It's a great resource for staying updated on the latest in the tiki scene.

11. Tiki-Tastic YouTube Channels

Example: Tiki with Ray
Overview: This channel offers a mix of tiki bar reviews, interviews with tiki experts, and tutorials on creating tiki decor and cocktails.

12. Facebook Groups

Examples: Tiki Oasis, Tiki Recipes and Culture, Sacramento Ohana
Overview: These groups provide a community space for sharing recipes, decor ideas, and event information related to tiki culture.

13. Tiki Oasis

Website: tikioasis.com
Overview: Tiki Oasis is the largest and longest-running tiki event in the world, featuring a mix of music, art, culture, and tiki enthusiasts. Their website provides event information, photos, and resources.

14. Tiki Cocktail Apps

Example: Total Tiki by Beachbum Berry
Overview: An app that provides recipes from Beachbum Berry's extensive collection of tiki drinks. It's perfect for anyone looking to mix up authentic tiki cocktails at home.

Whether you're looking to craft the perfect tiki cocktail, discover the history behind this vibrant subculture, or connect with a community of enthusiasts, these online resources offer everything you need. So, grab your favorite tiki mug, mix up a classic drink, and start exploring the rich world of tiki culture today!

How to Remove Affected Updates in CrowdStrike: Safe Mode Workaround

2024-07-19T10:39:00.000-07:00

This will be short and sweet, if you have privileges to boot your PC into safe mode you can follow the following steps to delete the affected update.

Crowd Strike Workaround Steps:

Boot Windows into Safe Mode or the Windows Recovery Environment
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
Locate the file matching “C-00000291*.sys”, and delete it.
Boot the host normally.

How to Configure GlobalProtect VPN for Intune MDM: Pre-Login Security Policies Explained

2024-05-08T15:34:00.000-07:00

**Disclamer: This is only a guide please work with Microsoft and or Palo Alto Networks if you have any concerns. **

GlobalProtect VPN can be deployed in different connection configurations. One of the most secure is the always-connected model. When 'always on' is configured, the GlobalProtect agent will force all traffic over the VPN tunnel, even when a user is not logged in. This ensures that all traffic from the device is inspected by a firewall and allows desktop support staff to manage the device. One downfall is that it complicates communications with MDM solutions.

MDM software runs all the time, even when users are not logged in. What this means is the software needs to be allowed to access MDM resources 24x7. In GlobalProtect, this is accomplished with a mechanism called pre-login security policies. Pre-login policies are security policies that allow devices authenticated with a machine certificate to connect to generally a more restricted set of resources. Once a user authenticates the VPN connection, it is promoted to a known-user state and corporate firewall policies are applied to the traffic.

What I want to focus on in this write-up is the pre-login security policies that allow Intune software to communicate with its required Microsoft cloud resources.

1. The first thing that needs to happen is to determine which endpoints the Intune client will need to communicate with. This can be accomplished by running a PowerShell command on an endpoint, which will output the endpoints you will need to configure in your firewall. Here is a link to the Microsoft documentation for running the PowerShell commands. https://tinyurl.com/MS-Intune-Doc

2. Once you receive the endpoints, you will need to create a custom URL category and two address object groups.

a. The URL category you need to create is for the *.manage.microsoft.com domain. Because this is a wildcard URL, you cannot create an FQDN object and will need to create a second security policy just for this.

b. You will need to create an Intune-FQDN address object group and add the FQDNs that were part of the above PowerShell output.

c. Lastly, you will need to create an Intune-Network address object group and add the network address objects that where generated in the above PowerShell output.

3. Configure security policies to utilize the address and URL categories you created above.

a. The first security policy you need to configure is one that leverages your custom URL category. You will also want to leverage the applicable App-IDs.

b. The second policy will use the same App-IDs but will restrict the destination to the two address objects you created earlier.

c. One thing I want to highlight is that in the user category, you see pre-login defined as the user. This is important as it ensures that certificate-authenticated devices can leverage these policies even though the users are not logged in.

Once these policies are configured, you will see Intune devices connect to your Intune console, and you will be able to utilize the core Intune services.

Streamline Your Container Management with Portainer CE and Nginx Proxy Manager: A Beginner's Guide

2023-06-07T15:03:00.000-07:00

Self hosting apps and building out your home lab!

I wanted to create this blog post not as a step-by-step guide but as a high-level outline and links to the resources you can use to build your container environment. I have wanted to get into containers and Docker for a while. I have played with Docker in the past and had not had much success. I could get stuff running but to be able to manage the health of my containers and easily deploy and destroy them was not intuitive for a dumb network guy like myself.

So I found a better way!

A friend of mine turned me on to Portainer CE and Nginx Proxy Manger, my world was turned upside down. Portainer and NPM streamline and simplifies container deployment and management to a level most anyone can understand. At a high level, Portainer is a universal container management tool that can work with both Docker and Kubernetes to make the deployment and management of containerized applications and services easier and more efficient.

The second piece that streamlines the home lab setup is Nginx Proxy Manager. This is a user Interface to the powerful Nginx web server. The NPM project has scripted many of the configurations you would have had to manually build out in the past and fronted it with a super intuitive user interface. NPM can even generate and manage your let's encrypt certificates. I can't say enough good things about NPM.

So what you need to get started

You will need a computer or even a Raspberry Pi (the Pi si a little under powered though). You can run Windows, Apple OS, or Linux. I used Linux there seems to be much more documentation running it in linux.
Own a domain name so you can manage and create your own DNS records.
Set up port forwarding on your home router to roward traffci to your new container server.
Allow port 443 access on your local firewall if you are running in a VPS or at home.
Install Docker link to install Docker. https://docs.docker.com/engine/install/ubuntu/
Install Portainer here is a link their really great install docs. https://docs.portainer.io/start/install-ce/server/docker/linux
Install Nignx Proxy Manager https://nginxproxymanager.com/setup/#running-the-app

Once this has all been build out you have the basic framework to deploy containerized applications at will.

High level diagram of what your environment will look like

Helpful Hint

When you deploy a container you need to add the container to the NGINX Proxy Manager Default network if you want the app to be fronted by NPM
When you configure NPM you need to use a fully qualified name that will route to your public IP that will in turn forward it to the server and then from NPM to the correct container.
You can define the container in the NPM config by the name portainer assigns it. You don't have to use the IP it was assigned.
NPM will perform port translation (your application can be presented on port 443 even though it listens on 8080.)
NPM will offload SSL and force SSL redirects for apps that don't know they are behind a proxy.

Some Self Hosted App Resources

https://www.reddit.com/r/selfhosted/

https://github.com/awesome-selfhosted/awesome-selfhosted

Lastly if your interested in an awesome Virtual Private Server (VPS) with unlimited bandwidth check out Frantech. They are super cheap and super reliable, and they have awesome customer service.

FYI this is an affiliate link so I will score a little cash if you buy. :)

FranTech

Why Log Everything? Benefits of SSH Session Logging for Troubleshooting and Security

2023-05-06T23:43:00.002-07:00

The question is “why log everything?”

Logging your local SSH sessions can provide valuable information for troubleshooting, record-keeping, security, and auditing purposes. It is recommended to enable session logging as part of your SSH client configuration. Logging can save your bacon, for instance when:

The telnet/SSH client buffer is full
Something goes wrong
You mistakenly close SecureCRT
You want to check what you have done

The original guide was posted on Ciscozine.com. It was such a good article I wanted to capture it here and add some Apple screenshots for everyone.

Below the steps to configure it:

1. Open the software.

2. On the top bar click “Options”then “Global Options”.

3. Select “Default Session”, click “Edit Default Settings…”; then select “Log File”.

There are many customization's:Log file name: where to save the log file.
Upon connect: text at the beginning of the file.
Upon disconnect: text at the end of the file.
On each line: text added on each line.

These fields accept several variables; a complete list is shown below:%H – hostname
%S – session name
%Y – four-digit year
%M – two-digit month
%D – two-digit day of the month
%h – two-digit hour
%m – two-digit minute
%s – two-digit seconds
%t – three-digit milliseconds
%% – percent (%)
%envvar% – environment variable (for instance %USERNAME%)

Note: These settings will be applied ONLY on new sessions!

4. If you would apply these settings on the current saved sessions click “File” on the top bar then “Connect…”. Select the devices or the group of devices, right click and select “Properties”. A new window will appear:

You can customize each field as you prefer. In my case, I have used the previous settings.

Below an example of a saved session:
19:19:58.965 $ Start recording Test_Switch (192.168.0.10) - 19:19:58
19:19:58.983 $ C
19:19:58.983 $ *
19:19:58.984 $ *
19:19:58.984 $ * Test_Switch
19:19:58.984 $ *
19:19:58.985 $
19:20:00.950 $ Username: Cisco
19:20:00.980 $ Password:
19:20:00.980 $
19:20:48.403 $ Test_Switch#sh ver
19:20:48.620 $ Cisco IOS Software, s72033_rp Software (s72033_rp-ADVENTERPRISEK9-M), Version 15.1(2)SY, RELEASE SOFTWARE (fc4) 19:20:48.620 $ Technical Support: http://www.cisco.com/techsupport
19:20:48.620 $ Copyright (c) 1986-2013 by Cisco Systems, Inc.
19:20:48.620 $ Compiled Wed 04-Sep-13 13:05 by prod_rel_team
19:20:48.620 $
19:20:48.621 $ ROM: System Bootstrap, Version 12.2(17r)SX7, RELEASE SOFTWARE (fc1)
19:20:48.621 $ 19:20:48.621 $ SW-6500-VSS uptime is 23 weeks, 2 hours, 8 minutes
19:20:48.621 $ Uptime for this control processor is 23 weeks, 2 hours, 0 minutes
19:20:48.621 $ System returned to ROM by reload at 12:16:02 UTC Fri May 23 2014 (SP by reload)
19:20:48.622 $ System restarted at 14:20:04 CST Fri May 23 2014
19:20:48.622 $ System image file is "sup-bootdisk:s72033-adventerprisek9-mz.151-2.SY.bin"
19:20:48.622 $ Last reload reason: Admin reload CLI
19:20:48.622 $
19:20:48.622 $
19:20:48.624 $
19:20:48.624 $ This product contains cryptographic features and is subject to United
19:20:48.625 $ States and local country laws governing import, export, transfer and
19:20:48.625 $ use. Delivery of Cisco cryptographic products does not imply
19:20:48.625 $ third-party authority to import, export, distribute or use encryption.
19:20:48.625 $ Importers, exporters, distributors and users are responsible for
19:20:48.626 $ compliance with U.S. and local country laws. By using this product you
19:20:48.626 $ agree to comply with applicable laws and regulations. If you are unable
19:20:48.626 $ to comply with U.S. and local laws, return this product immediately.
19:20:48.626 $
19:20:48.626 $ A summary of U.S. laws governing Cisco cryptographic products may be found at:
19:20:48.626 $ http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
19:20:48.626 $
19:20:48.627 $ If you require further assistance please contact us by sending email to
19:20:48.627 $ export@cisco.com.
19:20:48.627 $
19:20:48.627 $ cisco WS-C6509-E (R7000) processor (revision 1.6) with 983008K/65536K bytes of memory.
19:20:48.627 $ Processor board ID SMC17330086
19:20:48.957 $ SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache 19:20:48.958 $ Last reset from s/w reset
19:20:48.958 $ 12 Virtual Ethernet interfaces
19:20:48.958 $ 216 Gigabit Ethernet interfaces
19:20:48.958 $ 36 Ten Gigabit Ethernet interfaces
19:20:48.958 $ 1917K bytes of non-volatile configuration memory.
19:20:48.958 $ 19:20:48.959 $ 65536K bytes of Flash internal SIMM (Sector size 512K).
19:20:48.959 $ Configuration register is 0x2102
19:20:48.960 $ 19:20:59.632 $ Test_Switch#
19:22:23.284 $ Test_Switch#exit
19:22:23.585 $ Stop recording Test_Switch (192.168.0.10) - 19:22:23

As you can see, each line start with the time. The “$” is used for two reasons:If you import the log file in Excel or similar, you can use this symbol as a delimiter.
I use the “$” and not the “,” because in some configuration the “,” is present, so it would not be possible to use this symbol like a delimiter.

How to Make Hot Buttered Rum Batter | Classic Recipe & Smuggler's Cove Cocktail

2022-11-25T08:15:00.000-08:00

SC Hot Buttered Rum Batter

1 teaspoon freshly ground cinnamon
1 teaspoon freshly ground nutmeg
1 teaspoon freshly ground black pepper
3/4 teaspoon ground cloves
1/2 teaspoon ground allspice
1/2 teaspoon ground anise seed
2 cups salted butter
4 cups packed golden brown sugar
2 tablespoons Brer Rabbit Mild Molasses
1 teaspoon vanilla extract

Combine the spices in a small bowl and set aside. Melt the butter in a saucepan over low heat, add sugar and stir constantly. Add molasses and vanilla extract and stir. Finally, stir in the spice mixture. Continue to stir on lowest possible heat until all items mix thoroughly and butter does not create a separate layer, about 15 minutes. Let cool slightly and while still soft, pour batter into storage containers. Seal airtight after batter has cooled completely. It will keep until the expiration date of the butter used.

Now that you've done the hard work, make yourself a Smuggler's Cove Hot Buttered Rum by combining 3 barspoons of the above batter and 1 1/2 ounces of blended aged rum in an Irish Coffee glass, top with 6 ounces of hot water and stir. Serve with a cinnamon stick, but feel free to garnish with whipped cream and some freshly grated nutmeg if you so desire. I'm sure Martin, Rebecca, and the Trader wouldn't mind.

Home Made Butterbeer Recipe

2022-11-01T12:41:00.004-07:00

Ingredients

1 cup light or dark brown sugar
2 tablespoons water
6 tablespoon butter
1/2 teaspoon salt
1/2 teaspoon cider vinegar
3/4 cup heavy cream divided
1/2 teaspoon rum extract
4 bottles (12 oz. bottles) cream soda

Instructions

In a small saucepan over medium, combine the brown sugar and water. Bring to a gentle boil and cook, stirring often, until the mixture reads 240 F on a candy thermometer.
Stir in the butter, salt, vinegar and 1/4 heavy cream. Set aside to cool to room temperature.
Once the mixture has cooled, stir in the rum extract.
In a medium bowl, combine 2 tablespoons of the brown sugar mixture and the remaining 1/2 cup of heavy cream. Use an electric mixer to beat until just thickened, but not completely whipped, about 2 to 3 minutes.
To serve, divide the brown sugar mixture between 4 tall glasses (about 1/4 cup for each glass). Add 1/4 cup of cream soda to each glass, then stir to combine. Fill each glass nearly to the top with additional cream soda, then spoon the whipped topping over each.

Critical OpenSSL Vulnerability Announcement: What You Need to Know About Versions

2022-11-01T12:40:00.003-07:00

So Open SSL announced that they are going to release details of a Critical OpenSSL vulnerability that affects versions 3.0.0 to 3.0.6. There is rumbling that this vulnerability may be a major deal likened to the everyone's favorite CVE of 2014, heartbleed.

Open SSL will be releasing their patch/update Tuesday 1st November 2022 between 1300-1700 UTC

But unlike heartbleed this OpenSSL vulnerability might not have the same impact to security and network infrastructure that heartbleed had. So far most security and network infrastructure companies are looking ok. As you would expect many of these companies don't run the most bleeding edge versions of open source libraries for this very reason. Also many times stability and security take president over new features.

What I wanted to do is put links to OSS (Open Source Software) lists that are used in different vendors platforms. I started out hopeful but for many of the companies it is very difficult to find. I will post hem as i run across them.

Cisco - https://www.cisco.com/c/en/us/about/legal/open-source-documentation-responsive.html

Palo Alto Networks - https://docs.paloaltonetworks.com/oss-listings/pan-os-oss-listings

Juniper -

Fortinet -

Aruba -

Arista -

Extreme Networks -

Checkpoint -

F5 -

Citrix ADC -

Why Apple Watch and Apple Pay Are Essential for Your London Trip

2022-10-28T12:44:00.000-07:00

Are you planning a trip to London? If you're an apple user think about getting/bringing an apple watch before you go. We just got back from London and first off their public transit is bar non the best I have used. Between the underground and the buses in London, we were never more than a 5-minute walk to anything we wanted to see in London.

In addition to public transit, tap-to-pay is everywhere in the UK, even the village pub we ate in had a tap-to-pay terminal. I only had to unsheathe a credit card once the entire trip and, to be honest, it was probably a user error.

So back to setting up Apple Pay and the Watch....

First setting up apple pay is pretty straightforward if you haven't done it. On your phone, if you open the wallet app you will see a little + sign in the upper right corner if you touch on the plus symbol it will walk you through adding your credit card to apple pay. For traveling overseas make sure you add a card with no foreign transaction fees. Once the card is added you should make this card your default card so it will come up automatically when you double-click to bring up tap-to-pay.

Once your card is added you will want to go into your setting app under wallet and go to the express transit settings and select the credit card you just added. What this does is set up express transit to let you tap in and out of the UK underground with no need to download an app or buy an Oyster card.

For the apple watch, you will want to add the same card via the wallet app. Usually, the cards that have been configured on the phone will show up in the watch app, but you will need to verify the security code to authorize the watch to use those cards. Once the card is added you can go to the wallet settings in the watch app on your phone and configure a default card, you will also want to add the card you want to use for express transit. This will need to be configured on the watch through the watch application on your phone.

Now that it is configured how do I use my phone or apple watch for London transit?

On the Tube/Underground when you tap your phone or watch on the turn stall sensor (the yellow plastic disk) the gates will open and it will register at what station you entered. Once you get to your destination you will need to tap the sensor at the exit gates using the same device you used to enter the underground, each device is unique and will even work if there is no cell service. The TFL will determine where you tapped in and where you tapped out and will bill the card you had configured for express transit directly. It's as simple as that.

If you are planning a trip to the UK I would recommend setting up Apple Pay and especially the express transit if you are going to London. It was a major convenience and took my major concern about using public transit and threw it out the window.

Top Cisco Live 2022 Talks: SD-WAN, Wi-Fi 6E, Cloud Services, and More

2022-06-13T22:07:00.003-07:00

Cisco Live 2022 is in full effect in Las Vegas, They say there are 16k attendees in person this year but inn the Mandalay Bay Conference center it seems pretty empty. Not that I am complaining... I wanted to post up some of the slide decks of talks that looked interesting. I assume you can register online and see the same decks but I wanted to post them here so I can go back and have a place to see them later.

Cisco SD-WAN: Start Here - BRKENT-2108
Start your SD-WAN journey here, we will explain the platform architecture, the different components of the solution and how they interact with each other and secured the user to application traffic.

Architecting Next Generation Wireless Network with Catalyst Wi-Fi 6E Access Points - BRKEWN-2024
This session deep dives into the newly introduced Wi-Fi6E standard in 6GHz band.

Designing MPLS based IP VPNs - BRKMPL-2102
This session describes the implementation of IP Virtual Private Networks (IP VPNs) using MPLS.

Cisco IT's Journey to SASE for remote work - BRKCOC-2032
This session will discuss how Cisco IT is using some of Cisco's latest cloud security solutions, alongside SDWAN as a Service from Cisco Plus, to supply high performance and reliable remote worker and branch connectivity.

Cisco SD-WAN - The Usual Suspects - BRKENT-2183
In Cisco SD-WAN, establishing your WAN Edge routers as a part of the overlay is essential to building and operating a successful network.

Enabling Cloud Services at the Edge with App Hosting on Catalyst 9000 - BRKENS-1090
Did you know that you can run applications natively on Catalyst 9000 series platforms to enable Cloud services?

How to Securely Build a Product - BRKARC-2021
INTERACTIVE SESSION Security threats are very real today. Product security must be designed in from the start, not added as an afterthought.

Simple Leaf/Spine with a touch of TOR - Network Designs for the Modern Data Center - BRKDCN-2229
There are times when your Leaf/Spine network runs out of ports (even as it never should). No worries, there are ways how to scale further and no, we don't talk about FEX :-) Let us guide you through a Leaf/Spine network and an additional TOR (Top of Rack) layer.

7 Ways to Fail - on Wi-Fi 6(E) - BRKEWN-1742
It is all about how to do Wireless networks ‘wrong’ and if you understand why it’s wrong, it’s easier to do it right the next time.

High Density Wi-Fi Design, Deployment, and Optimization - BRKEWN-2087
This session will cover an array of detailed tips, tricks, and tools for configuring and optimizing High Density WiFi networks in today's most challenging environments, including valuable real-world insights on how the latest Cisco Catalyst Access Points, antennas, and Catalyst wireless controllers can be leveraged to deliver an optimized and reliable user experience.

Hierarchical SD-WAN Overview and Principles - BRKENT-2292
Hierarchical SD-WAN is a new foundational capability that underpins the journey to multi-cloud and SDCI. This major evolution of Cisco SD-WAN introduces new capabilities to support a truly scalable 2-level customer overlay, improve Cloud OnRamp for MultiCloud and expand Managed Service Providers solutions.

Advanced Troubleshooting of cat8k,asr1k, ISR and SD-WAN Edge Made Easy - BRKTRS-3475
In this session, we will explain the architecture of the Catalyst 8000, ASR1000 / ISR / CSR / XE SD-WAN Edge series and demonstrate forensic techniques for control plane and data plane. We will also see how common but complex feature such as SD-WAN Edge, crypto (IPsec), Zone Based Firewall and NAT can be troubleshot easily in practice.

TCP Middlebox Reflection Attacks: Mitigation Strategies for Palo Alto Firewalls and Other Network Devices

2022-05-10T16:03:00.007-07:00

There is a new flavor of protocol reflection attacks on the streets!

The TCP Middlebox reflection attack is the first reflection attack to utilize the TCP protocol. Traditionally the TCP protocol was not susceptible to spoofed source packets because of its state based nature (three way handshake). Researchers at University of Maryland and the University of Colorado discovered that many network devices, such as load balancers, proxies, and firewalls, could be susceptible to specifically-crafted packets that could generate amplified traffic (up to 65x) at a victim. These devices could be inherently susceptible to the spoofing because many of these devices have to contend with Asynchronous network traffic and out of order packets.

Akamai did a really great write up on what they saw and how they mitigated the attack. https://www.akamai.com/blog/security/tcp-middlebox-reflection

Shadow Server also has a write up. https://www.shadowserver.org/news/over-18-8-million-ips-vulnerable-to-middlebox-tcp-reflection-ddos-attacks/

So on to your firewalls:

The out of the box Palo Alto Firewalls do not appear to have any mitigation configured by default to protect against this attack. But its not the end of the world. Palo Alto and many other security vendors have low level TCP protection that basically normalizes TCP traffic and cuts out the flood attacks, malformed protocol attacks, etc., before they are even processed by your firewall. This minimizes impact on the device resources like CPU and memory for these types of attacks.

In the Palo Alto world this is called "Zone Protection Profiles". If you run BPA (Best Practice Assessment) - which you should - then the Zone Protection Profiles are often flagged if you don't have them configured.

The zone protection profile is pretty strait-forward to set up but, before you start, you need to do a little research and investigation into your device

You need to determine the maximum CPS or connections per second your device can handle. This is a list of devices and their specs on the Palo Alto Networks site. https://www.paloaltonetworks.com/products/product-selection
Next you will want capture some metrics around how many CPS your devices are seeing. https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/zone-protection-and-dos-protection/zone-defense/take-baseline-cps-measurements-for-setting-flood-thresholds/how-to-measure-cps
Next you will want to do a few calculations and configure your zone protection profile. https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/zone-protection-and-dos-protection/zone-defense/zone-protection-profiles

Here is the "Cool SH*T Props" to Palo Alto Networks...when you create a zone protection profile, by default under the Packet Based Protection > and > 'TCP Drop the TCP SYN with Data' and 'TCP SYN ACK with Data' are already checked. This means when you apply your newly configured zone protection profile to your security zone it will protect you from current Middlebox vulnerability by dropping any of the cleverly crafted SYN packets because they would be larger then 0 bytes.

Yeah!

So I wanted to post a little bonus. Here is a quick and easy flood protection calculator I threw together in google sheets, just add your average CPS.

Formula 1 Announces Las Vegas Grand Prix: What to Expect from Sin City’s High-Speed Street Race

2022-03-31T21:25:00.005-07:00

It's official! Formula 1 has announced their newest US Grand Prix in Sin City. I admit, I watched some Formula 1 in the late 90s but kind of fell out of following it...but since becoming a Covid hermit, and stumbling across Netflix's Drive to Survive, I am back in.

Thanks to Netflix's Drive to Survive and the dramatic conclusion to the 2021 season driver championship, Formula 1 has taken hold in the US and F1 is taking advantage of the increased popularity. Over the last few years there has been only 1 US GP at CODA in Austin, but the 2022 F1 calendar will be racing in Miami at the Miami International Autodrome for the first time.

Lets get down to what we came for: the Las Vegas GP...

The track is going to be a high-speed street course that races through the streets of Las Vegas and down the Strip. It will be 3.8 miles long and have an estimated top speed of 212 mph. With 14 corners, 3 straits, and 2 DRS zones the experts are predicting this is going to be low drag, high-speed course like Monza or Spa.

Race Circuit

The race dates have not officially been released, but the rumors are it will be the weekend after Thanksgiving. Also to take advantage of the venue, it will be a Saturday night race 10pm to midnight-ish... That time-frame makes sense because it would be early Sunday morning in Europe and afternoon in Asia and the Middle East. Also how spectacular will it look having those cars racing through all the sights and lights of Las Vegas at night?? Seriously this could be a spectacular race.

Prior to the race they will resurface all the roads that will be raced on to ensure they are smooth and ready for racing, and I cant imagine the amount of lighting and infrastructure they will need to build to accommodate the race. That would be an interesting documentary, behind the scenes of what it takes to put on the Las Vegas GP... Just Saying!

Formula 1 Live Las Vegas Announcement

There is not a lot of information about race specifics since we are still a ways out. I imagine people including myself might be booking rooms. But before you book - one word of warning - last time I looked hotels in Las Vegas do not allow the windows to be opened so if you were expecting to book a room over-looking the strip, it may not be what you where hoping for, but we will wait and see.

One thing is for sure, those of us who have been to Las Vegas and been on the strip know how epic the occasional Lambo or Ferarri sounds when they blaze by. I cant wait to hear 20 F1 cars tearing down the same road - it will be epic.

Driver Reactions about Las Vegas Race

Best guess course route

I wanted to provide some links to Las Vegas GP resources. Its pretty few and far between but I will add them as I come across them.

https://www.f1lasvegasgrandprix.com

https://joesaward.wordpress.com/2022/03/31/las-vegas-and-formula-1/

Decadent Adult Hot Chocolate with Malibu Rum and Kahlua

2022-01-29T21:31:00.001-08:00

Ingredients:

1 oz. Malibu rum
1/2 oz. Kahlua
1/2 oz. dark cocoa liquor
1 C hot chocolate
Whipped cream and chocolate shavings for topping if desired.

Directions:

Prepare hot chocolate as per your recipe. Add rum and Kahlua. Top with whipped cream and shavings if used.

Essential Items for Navigating the Pandemic: Face Masks, Hand Sanitizers, and More

2021-12-28T22:40:00.003-08:00

So we are going on year two of this Pandemic thing, and so far it looks like it might be here longer then we thought, That being said with the new normal it has changed what we carry with us when we have to leave the house. Below are a few of the items I have come across that have worked really well for me.

Face Masks: I have tried quite a few but a few masks and mask accessories have risen to the top.

My Number One mask so far I just purchased and I have to say it is comfortable and provides really good protection. It is the U mask, https://www.u-mask.eu . I found this mask because quite a few of the Formula 1 teams actually use them. Here is a link to their protection information https://www.u-mask.eu/certifications
My second favorite mask is a cloth mask that was a included with SF B-Sides conference. It has been my go to for almost the entire pandemic. With the addition of the next item on my list.
This has been a life saver for me and can turn a mediocre face mask into a great fitting comfortable face mask. Its the 4ocean face mask support frame, this thing is awesome and your purchase goes to an awesome charity removing plastic from our oceans.
Last but not least the good old fashion disposable masks. These masks have proven to be affective and are really comfortable. I am not a fan of one use masks but in a pinch.
Updated addition: I have been wearing a new mask from Cambridge Masks and I really like it. They are super comfortable and offer a lot of protection. check them out https://cambridgemask.com/ . Also here is a link to their protection information https://info.cambridgemask.com/hc/en-us/categories/360005482191-Certifications-

Hand Sanitizer

I purchased a case of alcohol hand sanitizer at the initial onset of the pandemic from Raff Distillery in San Francisco and I am still using it. It doesn't look like they are producing it any more but here is a link to their web site. https://raffdistillerie.com/handsanitizer.html
I also purchased reusable flat pocket sprayers that fit in your pocket and are discreet so you can carry them anywhere. I filled them with the alcohol based hand sanitizer above and a little Vitamin E and inessential oils for smell.
The travel size Purell hand sanitizers are the best if the spray just doesn't feel strong enough.
Lastly a small travel size Clorox wipes these are awesome to wipe down airline seats, hotel countertops, or pretty much any where sketchy.

I am become pretty comfortable with the new normal, in-fact I kind of like wearing face masks in public locations. It makes me feel covert.... In addition to the above I have a couple more things that I do that are probably not necessary but I do them anyway.

The first is when I fly or I am stuck in a crowded indoor location I like to wear my glasses. I don't need to wear my glasses all the time, but I feel like it might add a small additional layer of protection, and does not look as paranoid as the entire face shield.

Finally if I am traveling on the road or staying in a hotel or AirBNB I will bring a can of lysol to just spray and sanitize the general counter tops restrooms etc. I have a few friends that did this before there was such a thing as coronavirus but since the pandemic I have picked up the habit.

Remember Get Vaccinated, Stay Safe and be Compassionate, the first two are obvious but Compassion for our fellow human beings is really what is going to get us through this Pandemic and the Stressful times many are experiencing.

Thanks!

Enhanced Data Visualization Dashboard for Splunk: Integrating Palo Alto Networks NGFW

2021-11-10T13:27:00.002-08:00

Enhanced Data Visualization Dashboard using Splunk

I am a fan of Palo Alto Networks NGFW, especially the visibility it can give you in to your traffic. PAN does a pretty good job within their management tools of organizing and reporting on the data, but most of us also have large SIEMs or Logging solutions like Elastic's ELK stack. Splunk, exabeam, etc.

Splunk being one of the more popular SIEM and logging solutions, I created a PAN Threat Dashboard I wanted to share. If you have Splunk running in your environment and the Splunk Palo Alto Networks add-on installed all the pre-defined fields should work correctly. If not, you may need to tweak 1 or 2 fields in the dashboard to make it work. When you copy the code from my GitHub save it in a text editor and perform the following steps. It should be up and running in your environment in no time.

GitHub link: https://github.com/wirelessphreak/Palo-Alto-Networks-Threat-Dashboard-for-Splunk

You will need to identify your Palo Alto firewall host= fields (how Splunk identifies the device sending logs) to populate the field2 drop down menus.

Directions:

Log into Splunk and go to Search
Click on Dashboards and Create a new Dashboard
Once you have created your new dashboard go to edit and select source tab on the top
Clear out the default text in the dashboard and copy and paste the dashboard from GitHub.
Before you save the dashboard you will need to identify your Palo Alto firewall host= fields to populate the field2 drop down menus, I have space holders firewall-1, firewall-2, etc. configured currently

You should be good to go!

Speculation on the Facebook Outage: Was It a Major Security Incident or an Internal Error?

2021-10-04T15:05:00.004-07:00

The following is complete speculation but wanted to at least start a discussion around what could have happened at Facebook today.

I don't think it was an honest mistake that caused the Facebook outage. With DNS reported down BGP routing issues and reports that even internal networks are affected, this looks bigger than a single mistake. Facebook most certainly has complicated network segmentation and redundancy in place for there internal and external networks.

Also, the timing is very suspect since it is the day after the Facebook Whistleblower interview on 60 Minutes.

If this isn't the work of a disgruntled employee, it is some sophisticated shit, and they have been living rent-free in the Facebook network for a long time. They got all the bytes they need and decided to blow that shit up after the interview.

I hope Facebook shares the details of the outage. If it was indeed an internal error that caused the outage it may be an eye opener for other large platforms to learn from the mistake. If it was nefarious activities that caused this, it could be an epic learning opportunity for the Cyber security world.

Either way please share the outcome Facebook....

Soft and Chewy Chocolate Chip Cookies Recipe | Perfect Half-Batch for Two

2021-09-27T19:56:00.001-07:00

Soft and chewy chocolate chip cookies. I like all cookies but chewy warm chocolate chip cookies are my favorite. Since there is only two of us the recipe I posted is cut in half. Just double it if you want the full batch, the half batch will make about 1 1/2 dozen.

Ingredients

1 1/8 cup of all purpose flower
1/4 teaspoon of Baking Soda
1 stick of un-salted butter (room temperature)
1/4 cup of granulated sugar
1/2 cup of packed brown sugar
1/2 teaspoon of Kosher Salt
1 teaspoon of Vanilla Extract
1 large egg
1 cup of smi-sweet chocolate chips

Directions

Preheat oven to 350°F with racks in the upper and lower third positions.
In a small bowl, whisk together flour and baking soda; set aside.
In the bowl of a stand mixer fitted with the paddle attachment, beat butter and both sugars on medium speed until light and fluffy, about 3 minutes.
Add salt, vanilla, and eggs; mix to combine.
Reduce speed to low and gradually add flour mixture, mixing until just combined.
Mix in chocolate chips.

Preparing to Bake

Using a tablespoon measure, drop heaping portions of dough about 2 inches apart on baking sheets lined with parchment paper.

Baking

Bake until cookies are golden around the edges, but still soft in the center, 8 to 10 minutes.
Remove from oven, and let cool on baking sheet 1 to 2 minutes.
Transfer cookies to a wire rack and let cool completely. Store cookies in an airtight container at room temperature up to 1 week.

Changes in GlobalProtect Client Upgrade Behavior: Password Requirements and Recommendations

2021-08-25T14:11:00.003-07:00

Recently there has been a change in the behavior when a user tries to upgrade the GP client, they are challenged with the uninstall password if configured with one. Working with Palo Alto networks TAC they identified that during the upgrade the GP client package will uninstall the old version first before it will begin to install the new package. In GP client 5.2.4 and older the upgrade would complete even if uninstall with a password or disallow was enabled. This was identified as a software issue so in clients 5.2.5 and newer the ability to upgrade the client with uninstall option set to password or disallow was disabled.

In a nutshell with the new GP clients you will need to set the client setting to allow uninstall, if you want to utilize the Global Protect client upgrade process.

Clients 5.2.4 or older, following is the behavior:

If you are using GP version older than 5.2.4, the transparent upgrade should work where the user will have no interaction and they can upgrade even if the allow uninstalled is disallowed.

Starting with 5.2.5 or above, following is the behavior:

Allow User to Uninstall GlobalProtect App is set to Allow
Allow User to Upgrade GlobalProtect App as Allow with Prompt/Manually/Transparently. (In this case, the users will be able to upgrade transparently without any interaction and the passcode/password will not be allowed)

Allow User to Uninstall GlobalProtect App is set to Disallow
Allow User to Upgrade GlobalProtect App as Allow with Prompt/Manually/Transparently (This will be blocked)

Allow User to Uninstall GlobalProtect App is set to "Allow with password"
Allow User to Upgrade GlobalProtect App as Allow with Prompt/Manually/Transparently. ( In this case, the users will need to enter the uninstall password to complete the upgrade)

To allow the users to upgrade without providing them a password, you would need to use following.

Allow User to Uninstall GlobalProtect App is set to Allow
Allow User to Upgrade GlobalProtect App as Allow with Prompt/Manually/Transparently.”

My personal recommendation is to allow the client uninstall so you can leverage the GP client upgrade process. I feel the ability to upgrade the clients to ensure functionality and security is more important than blocking them from uninstalling the client. In addition we have tested with clients that are not Admins on the local machine and they were unable to uninstall the client from the windows software manager. So that is a win...

Perhaps the client upgrade functionality can also be managed with an mdm solution or with a software management tool like SCCM. But it will take some testing to find the best process that works for your environment.

Explore Disneyland in Minecraft: A Complete Guide to ImagineFun.net

2021-07-27T19:31:00.001-07:00

Experience the Magic is a tag line for the Imaginefun.net website and Minecraft server. To level set for all you folks out there like me that have heard of Minecraft but never played, Minecraft is often described as a ‘sandbox game’. This means that it’s a virtual land where users can create their worlds and experiences, using building blocks, resources discovered on the site, and their creativity, but that simple definition does not do justice for what the folks at ImagineFun have built. Masekegamer and SinxMC started the Minecraft Disneyland simulation in early 2018 and since then their team has grown to over 60 Imagineers, Developers, Builders, Managers, Park Coordinators, Cast Members, and even Tour Guides.

My first time logging in I was super overwhelmed and amazed all at the same time. Some of the controls were not intuitive for a Minecraft noob like myself, but I will try to cover that later. The graphics and the scale are second to none. The detail of every part of the park is meticulous even down to how many times a ride cue wraps. Just walking around Disneyland was jaw-dropping, but finding out there are actual functioning rides, that was a game-changing moment. Enough talk let's discuss how to connect to the servers so you can check it out for yourself.

So first off you want to check out the site https://imaginefun.net/. Once on the site navigate to the connect link at the top of the page. They did an excellent job producing a how-to video on setting up and connecting to their Minecraft server https://imaginefun.net/connect. It was straightforward even as a Minecraft noob, but once connected that is where it got a little dicey for me. I was using a mac, but for any PC or Mac using the java Minecraft client is pretty much the same.

Pro Tips:

Make sure from the Minecraft launcher you install Minecraft 12.2.2 this will give you the least buggy and smoothest experience.
Join their Discord server, ImagineFun is not just a game but has become a community. They have over 21,000 members on their Discord server. To be honest this is where I got most of my information about how to enjoy the game. The people are super nice and helpful. https://discord.gg/disneyland
Once you start feeling comfortable in the game check out the Support section on the discord server and start playing around with the mods and shaders to make Disneyland look even more real.
You will want to sync the Monecraft account you play with to the discord account you are using. You can do this by typing /syncdiscord and following the direction on the screen.
Different membership levels will allow you different perks.

Commands to Start Out:

/ or backslash. This command will get you into chat from chat you can invoke other commands that you will need to know.
/rp This downloads and enables the resource pack so you can see all the custom work the ImaginFun team has done to create the world.
/audio from within chat, you can type the word audio this will post a link in chat that you can click on. when you click on it a window will pop up in Minecraft to launch a browser or copy the link. Either one you choose will take you to a webpage that will serve park audio specific to your gameplay. It provides the audio on rides, and the ambient music for the different lands you walk through. The audio adds an immersive aspect to the Disneyland experience.
/warp This command will allow you to jump to a different land, rides, and shops throughout the park. As an example, you can type /warp fantasyland.
/rides Will present you a list of open rides you can warp to. Yes, the rides go down for maintenance just like the real Disneyland.
/shops This will present a list of shops you can warp to.
/server This will list the active servers that are up and running. If you are trying to catch up with a friend or want to be on a less crowded server this is where you can choose what sever you want to play on. Just as an FYI when you go to a new server you will need to reconnect to a new audio session using the /audio command.
/msg [player] or /pm [player] Allows you to send a message in-game to another player.
/tpa [player] Allows you to teleport to another player on the same server.
/trade [player] Allows you o trade items with another player.
/ignore Ignore a player obviously.
/vote This allows you to vote on multiple Minecraft ranking severs and you get coins.
/cointrade This command will allow you to convert your currency into different types.
/sb This command was a godsend I hated the floating server status window on the right site. This command toggles that on and off.

Play Mechanics:

So this was probably one of the simplest but most frustrating things to figure out, how to get on a dang ride. To get on a ride you will need to walk up to the loading platform. On most of the platforms, they will have a timer telling you how long it will take for the ride car to spawn/show up. Once the car shows up you walk up to where you want to sit and right-click the mouse. This will get you on the ride and start the ride audio.

If you want to get off the ride you can select the left shift button that will drop you off the ride and allow you to warp somewhere else.

There is so much more you can do on this server, I don't want to spoil all the fun. I suggest you join the Discord server to learn more about the ever-evolving game and community. Get your Disneyland fix, save a lot of cash, and tell Covid to kick rocks.

Have fun on the Happiest Minecraft server on the Planet.

Discover InfoCon.org: The Ultimate Archive of Hacking Convention Material

2021-05-04T22:36:00.002-07:00

InfoCon.org is a noncommercial community-supported website that hosts the largest archive of past hacking-related convention material on the planet. It amazing how extensive their collection of video, audio, hacker documentaries, wordlists, rainbow tables, podcasts, the content goes on and on.

You have to check it out for yourself, you can get lost hours, days even weeks there is so much content.

Check them out and show them some love.

https://infocon.org/

Defcon 2021: Hybrid Model, Mask Requirements, and New Changes Revealed

2021-04-18T23:31:00.002-07:00

**Update June 5th, 2021** There have been some questions about Defcon in person attendance and masks, especially as Las Vegas will have officially reopened completely. Dark tangent made it clear in a post on the Defcon Forums, “If a law forces us to allow people to not wear masks we would cancel the event” , if you want to read the entire conversation check it out here. https://forum.defcon.org/node/237012/page2#post237285

Dark Tangent, the founder and organizer of Defcon, just posted in the Defcon forums that the conference going to go hybrid this year. Here is a link to his post: https://forum.defcon.org/node/236655. DT admittedly says things are still fluid but they wanted to put out the information to help people make the decision if they are going to go virtually or in person. Now that the Goons are going to be yelling "space it out" instead of "squeeze it in" It's going to feel like Defcon in a parallel universe.

There will also be some unprecedented changes this year that I wanted to outline below. Again things might change but these where the highlights from DT's post. I will add the preregistration link on this post when they release it later this month.

Defcon will be held both online and in person.
To attend in person you are required to wear a mask and be vaccinated.
Defcon will have socially distance seating and tables, and the convention properties will have increased air circulation and filtering.
For the first time Defcon will have online pre-registration for the in-person conference. The registration platform has not been selected, but they are encouraging in person attendees to preregister by insuring they will get a physical conference badge. DT mentions that they need hard numbers of attendees to help them with planning the event.
They are going to order extra badges for those who show up with cash on-site, but if they guess wrong on quantity you may getting a paper badge, and if they are at capacity you could be turned away.
Defcon will be throwing only the Black and White ball, entertainment. and pool parties this year. They will not be planning or organizing smaller parties.
Defcon has asked everyone, villages included, to pre-record all talks. Should they have to go full virtual, they won’t have a last-minute disaster of trying to capture the talks. This way DEF CON can release talks on Twitch like last year.
Should you be in-person and want to give your talk live they can do that, or do Q&A, or remote Q&A. Pre-recording gives Defcon options and allows everyone to see the talks. Yes, DCTV will be happening so you can also watch in your hotel room.

DT also listed some of the assumptions they have been working with while trying to organize Defcon this year.

Almost no international attendees will attend in-person. The quarantine times and lower vaccination rates mean it is not very realistic, so we hope they will join us on-line instead.
That everyone in our demographic who is capable and wants a vaccination will have gotten one by the end of June.
Our in-person attendance will be ¼ to ½ normal, and people will be changing their minds on whether or not to attend right up to the last minute – and that includes people organizing contests, events, and villages.
Not all Goons will be there in-person, and many will help out by Gooning virtually.
While there will be fewer attendees there will also be fewer villages, contests, and events. It should all balance out so attendees don’t fee like there are a million things to do but not enough people to do them with.
There will be hybrid events, where you can participate in-person as well as virtually, but doing this for every event is unfortunately too demanding for many contest and village organizers.

I am pretty excited that Defcon will have hybrid model this year. Defcon for me over the last almost 20 years of attendance is something I look forward to every year. Like most people your last day after the con - when your hung over, hot, and reek of cigarette smoke - you have those brief thoughts that “maybe I’ll take next year off”. That only lasts a short time before your booking your hotel for next year.

Welcome back Defcon!

Resolving VDI Horizon Connection Issues Over ATT Wireless: Understanding the Challenges and Proposed Solutions

2020-12-30T22:20:00.002-08:00

Use Cases:

Since the COVID-19 pandemic, many companies have leveraged VDI Horizon infrastructure to accommodate their remote workers. Today remote users connect to VDI Horizon infrastructure over many different means home ISP connections, company-issued cellular devices/hotspots on multiple carriers, as well as personal devices. We have identified an issue with cellular devices traversing the ATT Wireless network connecting to VDI Horizon infrastructure.

The Architecture:

I wanted to simplify the VDI Horizons infrastructure discussion to just the pieces that are crucial to the issue. The relevant parts that come into play for user access to the Horizons environment is the VMWare Horizon client, hardware load balancers, and the UAG or User Access Gateway servers.

The Protocols:

VDI Horizons traffic is split between primary and secondary protocols. The primary protocol used for authentication is over HTTPS or port 443. Within the ATT wireless network, this traffic is sourced from the primary enterprise PAT address. After the VMware Horizon client has authenticated and established secure communication to one of the UAG appliances, one or more secondary connections are made from the Horizon client. These secondary connections can include:

• Blast Extreme display protocol (TCP 443 and UDP 8443). Note that UDP is optional with Blast.

• PCoIP display protocol (TCP 4172 and UDP 4172).

The secondary Horizon protocols must be routed to the same UAG appliance and from the same client IP address that the primary Horizon protocol was authenticated from. The UAG authorizes the secondary protocols based on the authenticated user session. The UAG will only forward traffic into the corporate data center on behalf of an authenticated user.

The Symptoms:

On the ATT Wireless network when a user's Horizon client connects to a virtual IP address it is load balanced to a UAG server and the session is authenticated. The IP address of the traffic is sourced and authenticated using the device’s IP address, this is true for all networks. When the Horizon client attempts to connect to the secondary protocol the traffic destined to the secondary protocol port, UDP 8443, or TCP or UDP 4172, is routed through a proxy within the ATT network. When the traffic is routed through the ATT proxy the source IP address of that traffic is different than the original device IP that was used to authenticate the user session and the VMware UAG server rejects the traffic. In some situations, the load-balanced traffic may even be sent to a different UAG server. This seems to be true for all users on the ATT Wireless network.

Moving toward a solution:

The first part of solving the problem is identifying the cause, and we believe that is done. Since the IP address of the primary and secondary protocols are different, the Horizons server rejects the traffic or perhaps never sees the traffic based on load balancing and persistence settings of the load balancer. ATT network engineers have been very helpful with troubleshooting and validating that our assumptions are accurate and are currently looking at solutions to solve the issue.

**Update** the ATT sales people that where interfacing with the ATT technical staff have informed us it is not possible to fix the issue. They are trying to sell us a cellular router that they say can be routed over an APN to solve the issue, instead of letting the technical folks fix the issue for us and potentially everyone else on the ATT wireless network.

What would we like to see:

We would like to see the secondary protocols included in the enterprise PAT and not routed through the proxy. If this was implemented, it could fix VDI Horizons across the entire ATT Wireless environment for everyone.

Comprehensive Guide to the SolarWinds SolarStorm Hack: Impact, Responses, and Resources

2020-12-17T12:39:00.016-08:00

So SolarStorm the SolarWinds supply chain hack... Yeah.... You might have heard about it?

SolarWinds supply chain was compromised. What that means is a trojanized version of a SolarWinds package was uploaded and distributed to their clients . The infected package contained malware named SUNBURST, and when clients installed the infected package it also installed the malware. The malware creates a backdoor to allow the bad actors to control the server, move laterally, and exfiltrate data. Basically what ever they want....

Updated Solarwinds Attack Lifecycle:

What should you do now:

As information starts to come out and the initial freak out calms down we are learning more about the impact of these exploits, and they are pretty huge. I wanted to gather a collection of information and vendor responses in one place to try to help fellow nerds have a resource of reliable information.

SolarWinds