Get your Web-Browser under control: Remove PopUp-Windows
2021-10-11
No „do you really want to leave“ windows any more, how nice is that!? https://romanisthere.github.io Read More →
Windows CCM Cache eats diskspace
2021-09-23
Don’t delete the content of „c:\windows\ccmcache\“ manually with the File-Explorer: it is managed by „Windows System Center Configuration Manager (SCCM)“. You need „local Administrator“ access to your computer. Let SCCM to cleanup it’s cache for you: 1) open the „Control Panel“ 2) select „Configuration Manager“ 3) go to „Cache“-Tab 4) click „Delete Files“ Wait a second and the CCM-Cache is empty.Read More →
ESXi 6.7u2 and later – SCAv2 (Side Channel aware Scheduler v2)
2021-09-21
While the „old“ SCAv1 built a virtual fence around all virtual processors („Intra VM Security Boundary“), SCAv2 lets processors of one virtual machine (VM) to run within a „common fence“ („Inter VM Security Boundary“) which balances security and performance for most workloads. See https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/performance/scheduler-options-vsphere67u2-perf.pdf for performance analysis. Configure Verify Configure SCAv1Read More →
Atom Texteditor: Highlight Comments
2021-09-14
Comments are greyed out by default, nobody should read them 😉 I don’t want to think about the comment-quality of the Atom-Sourcecode, just kidding 😉 To change the comment-colour to a fresh and visible green: open the file (as administrator) c:\>notepad c:\Users\<username>\.atom\styles.less atom-text-editor::shadow { .punctuation.comment, .comment, .link.hyperlink { color: #88ff88; } }Read More →
Pi-Hole DHCP-Server: Offer static ip-routes
2021-05-22
Background My WIFI is bound to my Internet-Router and it is seperated from my home-office by an routed stateful-firewall. Some WIFI devices (for example my printer) need access to this home-office ip-range. Pi-Hole DHCP Service The DHCP-Service of my pi-hole server usually offers just dhcp-option #3 – the default-gateway. Disable DHCP-Option 3 (Default Gatway) The pi-hole Web-GUI doesn’t allow to specify additional dhcp-options, so first disable offering the default-gateway-option: which is not allowed (my opinion: a bug since this is no feature) Stop here and use another dhcp-service? Use the „Router-Option“ as fallback for „old“ clients Fortunately RFC3442 („The Classless Static Route Option for DynamicRead More →
Firefox: Allow Restricted TCP-Ports
2021-05-03
Disclaimer I don’t think, „hiding“ a webserver behind a non-standard TCP-Port is a security feature („security by obscurity“) but on the other hand restricting access to non-standard Ports seems to not increase the personal security measure, it just wastes time of anybody who needs to access such a service – and – it’s absolutely allowed to run a web-server on any port which isn’t used by another service 😉 Solution (if you (think, you) know what you’re doing) As always Add as „String“ if it’s missing: Add the Service you want to acccessRead More →
OTP (One-Time-Passwords) and KeePass: no Plugins required
2021-03-28
Plugins might bring additional features or ease the usage. But if someone is happy with „Auto-Type“ or „copy&paste“-Passwords from KeePass into a VPN-Client-GUI for example: works out of the box no need to add anything to KeePass Entry.Password: {TIMEOTP} Placeholder just place the String {TIMEOTP} before or behind – like the VPN-Server is configured – your (fixed) User-Password. {TIMEOTP} acts as a placeholder it will get replaced by your constantly changing (in my setup 6-digit) token. Advanced The generator needs some parameters to calculate the correct values, of course Advanced: String Fields Add a String Field: Field Name: TimeOtp-Secret-Base32 seems to be the most commonRead More →
Firefox: „Certificate Viewer“ – How to disable
2021-02-03
Firefox 70 added a new „Certificate Viewer“ feature which moves the „Window“-based GUI to a „Web-Page“-View. different look no new features missing features Export Certificate So this is no „new feature“ but a „modification of an existing feature“ – with less features. Reenable the former full featuresetRead More →
Firefox: Don’t ignore the Windows Enterprise-CA Store
2021-02-02
Not a new Feature for Windows, to use an enterprise CA to create server certificates. And Firefox added the possibility to trust those certificates ages ago – but still you’ll get an TLS-error-message (in German „Kein Verbindungsversuch unternommen: Mögliches Sicherheitsproblem“). This is no Security-Problem, it’s just a problem of using stupid defaults causing people to waste their time and providing no little level of security, since a CA operated on my own is much more trustworthy than public CAs which firefox trusts blindly. Solution Open about:config and changeRead More →
Annoying Firefox-Defaults to be changed
2021-01-23
The Firefox-Developers know best what’s good for their users, so they hide a bunch of Settings in about:config so it’s hard to find them. Some of them I change in every Firefox installation: ask me if i want to download MP4-Files, disable the build-in Media-Player media.play-stand-alone = false use the DNS, not Google – if I enter a single word as URL keyword.enabled = false stop asking me if I really want to leave a page dom.disable_beforeunload := true stop autocompletion in the URL-Bar browser.urlbar.autocomplete.enabled = false browser.fixup.alternate.enabled = false browser.fixup.alternate.prefix = (empty) browser.fixup.alternate.suffix = (empty) accessibility.typeaheadfind.flashBar 0 browser.fixup.alternate.suffix prod.localbrowser.fixup.domainwhitelist.wiki trueRead More →