Open Source on Mars
Received a badge from GitHub's Open Source on Mars initiative :-)
Top 21 Security Experts to follow on Twitter in 2021
From the article on Security Boulevard.
- Rafay Baloch
- Troy Hunt
- Kevin Mitnick
- Rachel Tobac
- Mikko Hyppönen
- Katie Moussouris
- Bruce Schneier
- Brian Krebs
- Jeremiah Grossman
- Eugene Kaspersky
- Dan Lohemann
- Steve Morgan
- Tyler Cohen Wood
- Graham Cluley
- Theresa Payton
- Shira Rubinoff
- Eva Galperin
- Marcus J. Carey
- Jayson E Street
- Paul Asadoorian
- Adam K. Levin
security.txt
This website now also serves a security.txt file which is a standardized way of making security contact information available. (Wikipedia)
The file is available in two locations /security.txt (the classic location) and /.well-known/security.txt (the standard location following RFC8615).
To easily add the file on all my domains, I'm using the following nginx config snippet.
location /security.txt {
add_header Content-Type 'text/plain';
add_header Cache-Control 'no-cache, no-store, must-revalidate';
add_header Pragma 'no-cache';
add_header Expires '0';
add_header Vary '*';
return 200 "Contact: mailto:andreas+security.txt@jaggi.info\nExpires: Tue, 19 Jan 2038 03:14:07 +0000\nEncryption: http://andreas-jaggi.ch/A3A54203.asc\n";
}
location /.well-known/security.txt {
add_header Content-Type 'text/plain';
add_header Cache-Control 'no-cache, no-store, must-revalidate';
add_header Pragma 'no-cache';
add_header Expires '0';
add_header Vary '*';
return 200 "Contact: mailto:andreas+security.txt@jaggi.info\nExpires: Tue, 19 Jan 2038 03:14:07 +0000\nEncryption: http://andreas-jaggi.ch/A3A54203.asc\n";
}
This snippet is stored in a dedicated file (/etc/nginx/conf_includes/securitytxt) and is included in the various server config blocks like this:
server {
server_name example.com;
include /etc/nginx/conf_includes/securitytxt;
location / {
# rest of website
}
}
Fixing 'snmpd[19784]: error on subcontainer 'ia_addr' insert (-1)' messages
The default configuration of snmpd on Debian has debug level logging enabled and thus we end up with a constant flood of these messages in /var/log/syslog
snmpd[19784]: error on subcontainer 'ia_addr' insert (-1)
The fix is to lower the logging level, which can be accomplished like this on systems with systemd:
cp /lib/systemd/system/snmpd.service /etc/systemd/system/snmpd.service sed -i 's/Lsd/LS6d/' /etc/systemd/system/snmpd.service systemctl daemon-reload systemctl restart snmpd
On systems without systemd, the logging level is set by the init script (unless explicitly configured in /etc/default/snmpd), and can be changed like this:
sed -i 's/Lsd/LS6d/g' /etc/default/snmpd sed -i 's/Lsd/LS6d/g' /etc/init.d/snmpd service snmpd restart
Embracing the future with SolNet
This was the initial state of my new SolNet fibre connection:
As I am a proponent of IPv6 this made me very happy, but unfortunately about 20% of my daily websites only offer legacy Internet (which later on I got working as well).
Prozentrechnen ist schwer
TrueWealth hat's nicht so mit Prozentrechnen:
