Often get asked which Cyber Security courses are worth doing. Well there is an absolute plethora of different courses available to suit relevant backgrounds. A colleague found this and it look pretty useful
Alexa+ – Alexa on Steriods with AI
Amazon are adding new powers existing Alexas over the coming weeks and months.
More details here
Question is how much privacy will be sacrificed for the enhanced functionality. Scant detail on the original product launch blog.
Domain Name Mismatch – Your site is insecure
I don’t know if Apple, and Google upped the ante, or I had not noticed before, or the SSL tools on the server had not kept updated, but I started getting warnings that my site was not secure. Letsencrypt has done a pretty good job for the last 5 years so I was confused as to why suddenly now , the browsers no longer liked up. Even harder now that MS Edge do not let you easily view the full cert.
A quick test at SSLlabs confirmed that the SSL for farcorfe.org.uk was all ok, but the sub-domain of www.farcorfe.org,uk was the actual issue. The SSL cert had not been validated for the www redirect.
Some quick Googling found this page – https://stackoverflow.com/questions/41097696/letsencrypt-certificate-for-www-and-non-www-domain with the required Certbot commands to add the www to the cert and a restart of Apache got the issue fixed.
New (old) Hardware coming along
Inherited a second hand PC that was too good in terms of size and much quieter than current server, so currently in the process of installing another copy of FreeBSD ready to migrate content across.
Hardest task so far is getting to the original drive bay to remove the existing HDD so I can properly mount the new SSD in its place, rather than just floating in the case.
Expect to see Farcorfe up and down over the new few weeks as I continue its migration.
VHD, HyperV and goodbye to heavy iron
The time had finally come to retire my Win10 workhorse. A Dell 4 core Tower PC that had originally come installed with MS Vista, then upgraded thru Win 7 and then finally Win10. Sporting 2 Optical drives, when back in the day , cloning CD’s where the rage, and then upgraded with a DVD Writer for backups was still possible to a single disc before our iCloud and OneDrives exploded with photographs or huge downloadable only games.
The graphics card had been updated several times to keep pace with games, but became less regular as I had less time for gaming and the memory maxed out at 4Gb, the max allowable for the motherboard.
I had tried several times to P2V the OS so I could dispense with the Tower, the full metal construction meant it was deadweight to move around to connect up to the TV, Ethernet and mice/keyboard ever time I needed to access some older programs to achieve a task. In my desire to be modern, I had used Disk2VHD several times to create a VHDX file, only for HyperV on my new Win11 workhorse to cry foul and refused to run.
A quick rummage of some old PC Pro back issues on the P2V process and sticking with the older plain VHD format brought forth a bootable image and then I was finally able to strip the heavy iron beast of its SSDs, Memory, Graphic Card, Multimedia Card adapter and Optical drives for potential reuse (More likely to sit in a box for another 10 years before I accept I won’t ever use them again)
I now have a usable Win10 image of the older apps and utilities I still occasionally need and one less physical device sitting around.
Just to add to the melee of updates, while the P2V process was happening I decided to resurrect an old Netgear Managed switch to permanently cable up some of the PCs kicking around, so I did not have to keep moving my trailing ethernet cable around. Seemed a good idea at the time, but they had been previously used and fixed on a different subnet and needed a laptop on the same IP range as them to re-configure. My DHCP server hands outs 192.168.1.x ids, they had been configured for 192.168.0.x. so I needed to set a manual configuration so the laptop could see both the Switch and the Gateway so it could manage updating the switch.
The Win10 IP manual configuration process was a royal PITA as instead of a usual subnet mask it just wanted the subnet mask value. eg. 16 oppose to 255.255.254.0 but was not very clear, just kept throwing errors messages to check the IP addresses submitted. Once the current subnet value had been submitted it all worked hunky-dory and I was also able to update the device Ip, name and firmware so its is now recognised on the home lan properly.
Upgrade complete. 13 >> 14.2
I was very wary about the jump to 14 due to the change in Openssl from 1.1 to 3.0 and the pain that might entail. Also the deprecation of portsnap and getting used to Git was just something I did not have time for.
As I have created a new mirror site , see earlier post, I finally decided to bite the bullet over the festive break and did the freebsd-update upgrade option to 14.2, skipping out 14.0 and 14.1 in the process.
I was a little daunted and it failed to automatically upgrade everything to openssl 3.0 and although built the kernel and rebooted nicely, user land was still doggedly sticking to 1.1. I tried tinkering with make.conf in /etc with various default entries for openssl , but in the end removing the ssl version and just ssl=openssl and then making the usr/ports/openssl allowed 3.0 to install side by side with 1.1 thereby not breaking SSH or anything else until I was able to rebuild all of user land port by port. I was then able to complete freebsd-update install and now have another stable freebsd server for testing and training purposes.
Now I only need to fire this box up when I need Samba to move files around the network or download stuff off YouTube or run a Clamav as a 2nd pass for AV scanning and when I have time to dabble some more with FreeBSD.
New Home / New Start
After 7 years faithful service, its about time to retire the 2nd incarnation of my home based server. This one has gone thru about 7 different FreeBSD builds and despite various fun and games regarding loss of disk space, which turned out to be the large ZFS snapshots taken every time FreeBSD had a major upgrade its performed tirelessly.
I will keep the M58 on as backup, but no longer needed to keep my feet warm running under my desk 24/7 and reduce my household electric bill a little.
Its also time to start house-hunting again after 3 happy years in the flat, but its time to move on, so also not needing to find a cubby hole in a new house with Cat6 , power and ventilation is also one less worry. Its probably means I won’t have as much to post about as keeping the server regularly patched and upgrade has been how I have self taught myself most of my Unix/Linux experience, but does mean I don’t need to worry if an upgrade fails and work late into the night to rebuild it any more.
A mirror site is now up at https://www.hollybob.co.uk/
Disk space solved – ZFS snapshots – DRAFT
Finally resolved the diminishing lack of free disk space for future FreeBSD updates. It seems that since version xx.x each upgrade as made a ZFS snapshot taking 1-3Gb each for each successive version. As the hardware has been running since 2017 that’s an awful lot of major and point revision snapshots.
DU and DF hid those successive snapshots and I was blaming my ever expanding OneDrive offline sync for taking excessive amounts of disk space even though I was convinced I had move the sync folder to the slave disk some time ago.
As I have never needed to roll back a ZFS snapshot I had never needed to explore what amount of space they took, or even how to display their usage, even less so how to delete them. Necessity being the mother of all invention, or least the need for a proper Google session I finally found the commands and confidence to delete 12 previous incarnations of FreeBSD and give me back the free disk I need to apply the next edition of FreeBSD.
Treadmill Bashing – What speed for what time
I usually know what time I am capable of running a 5km on the treadmill, but there seems to be no easy way to program the machines at the gym for that target. So here is my shortened pace calculator for guide km/h to head my target time.
| 5k | 10k | Kilometers Per Hour | Minutes Per Kilometers |
| 00:37:30 | 01:15:00 | 8.00kph | 07:30 |
| 00:35:17 | 01:10:35 | 8.50kph | 07:04 |
| 00:33:20 | 01:06:40 | 9.00kph | 06:40 |
| 00:31:34 | 01:03:09 | 9.50kph | 06:19 |
| 00:30:00 | 01:00:00 | 10.00kph | 06:00 |
| 00:28:34 | 00:57:08 | 10.50kph | 05:43 |
| 00:27:16 | 00:54:32 | 11.00kph | 05:27 |
| 00:26:05 | 00:52:10 | 11.50kph | 05:13 |
| 00:25:00 | 00:50:00 | 12.00kph | 05:00 |
| 00:24:00 | 00:48:00 | 12.50kph | 04:48 |
| 00:23:04 | 00:46:09 | 13.00kph | 04:37 |
| 00:22:13 | 00:44:26 | 13.50kph | 04:26 |
| 00:21:25 | 00:42:51 | 14.00kph | 04:17 |
| 00:20:41 | 00:41:22 | 14.50kph | 04:08 |
| 00:20:00 | 00:40:00 | 15.00kph | 04:00 |
| 00:19:21 | 00:38:42 | 15.50kph | 03:52 |
| 00:18:45 | 00:37:30 | 16.00kph | 03:45 |
| 00:17:38 | 00:35:17 | 17.00kph | 03:32 |
| 00:16:40 | 00:33:20 | 18.00kph | 03:20 |
| 00:15:47 | 00:31:34 | 19.00kph | 03:10 |
| 00:14:59 | 00:29:59 | 20.00kph | 03:00 |
Rebuilding server
updates are quite slow as found some new hardware to migrate the existing server onto, but work has been quite busy so finding the time to set aside an evening or two to migrate all the config over and rebuild is a challenge.