everybody knows about IPv6 „2001:db8“ – but about the IPv4 pendants? Documentation Address Blocks The blocks 192.0.2.0/24 (TEST-NET-1) 198.51.100.0/24 (TEST-NET-2), 203.0.113.0/24 (TEST-NET-3) are provided for use in documentation. https://datatracker.ietf.org/doc/html/rfc5737Read More →
The „refreshenv“-CMD/Powershell-Command updates all Environment-Variables e.g. after installing a new software package.Read More →
Both Protocols are absolutely useless for all common use-cases, but enabled – just „providing“ potential security issues. Disable like this:Read More →
I prefer accessing VMs using SSH or RDP directly. Sometimes, the IP-Address of the VM isn’t reachable, or protocols for remoteaccess need to be disabled for security reasons. In these cases, if an IP-connection to the ESXi-Server is available this could be an option to use the ESXi hypervisor as VNC-Server to provide access to VM keyboard, video, mouse… Three VM advanced Configuration Parameters need to be set: „password“ is optional, but mRemoteNG as VNC-Client doesn’t work without password set.Read More →
No „do you really want to leave“ windows any more, how nice is that!? https://romanisthere.github.io Read More →
Don’t delete the content of „c:\windows\ccmcache\“ manually with the File-Explorer: it is managed by „Windows System Center Configuration Manager (SCCM)“. You need „local Administrator“ access to your computer. Let SCCM to cleanup it’s cache for you: 1) open the „Control Panel“ 2) select „Configuration Manager“ 3) go to „Cache“-Tab 4) click „Delete Files“ Wait a second and the CCM-Cache is empty.Read More →
While the „old“ SCAv1 built a virtual fence around all virtual processors („Intra VM Security Boundary“), SCAv2 lets processors of one virtual machine (VM) to run within a „common fence“ („Inter VM Security Boundary“) which balances security and performance for most workloads. See https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/performance/scheduler-options-vsphere67u2-perf.pdf for performance analysis. Configure Verify Configure SCAv1Read More →
Comments are greyed out by default, nobody should read them 😉 I don’t want to think about the comment-quality of the Atom-Sourcecode, just kidding 😉 To change the comment-colour to a fresh and visible green: open the file (as administrator) c:\>notepad c:\Users\<username>\.atom\styles.less atom-text-editor::shadow { .punctuation.comment, .comment, .link.hyperlink { color: #88ff88; } }Read More →
Background My WIFI is bound to my Internet-Router and it is seperated from my home-office by an routed stateful-firewall. Some WIFI devices (for example my printer) need access to this home-office ip-range. Pi-Hole DHCP Service The DHCP-Service of my pi-hole server usually offers just dhcp-option #3 – the default-gateway. Disable DHCP-Option 3 (Default Gatway) The pi-hole Web-GUI doesn’t allow to specify additional dhcp-options, so first disable offering the default-gateway-option: which is not allowed (my opinion: a bug since this is no feature) Stop here and use another dhcp-service? Use the „Router-Option“ as fallback for „old“ clients Fortunately RFC3442 („The Classless Static Route Option for DynamicRead More →
Disclaimer I don’t think, „hiding“ a webserver behind a non-standard TCP-Port is a security feature („security by obscurity“) but on the other hand restricting access to non-standard Ports seems to not increase the personal security measure, it just wastes time of anybody who needs to access such a service – and – it’s absolutely allowed to run a web-server on any port which isn’t used by another service 😉 Solution (if you (think, you) know what you’re doing) As always Add as „String“ if it’s missing: Add the Service you want to acccessRead More →