28 October 2022, 14:49 UTCOpenSSL - silent all these years...
Were you enjoying the OpenSSL relatively quiet reprieve since Heartbleed?
https://isc.sans.edu/forums/diary/Upcoming+Critical+OpenSSL+Vulnerability+What+will+be+Affected/29192
Probably time to clear your schedule on Monday and Tuesday (or heck just clear the weekend) 10/29/2022 - 11/1/2022
The OpenSSL 3.0.x versions should be updated/patched - OpenSSL 1.1.1 need not apply
Happy fall patching season to you all!
26 October 2022, 20:52 UTCSlow queries after importing an older MySQL dump to MariaDB?
The problem might be a big table (many rows) but 0 Cardinality...
use dbname; show index in tablename; | Table... | Cardinality | | tablename| 0 |
Fix the table(s):
use dbname; ANALYZE TABLE tablename;
Alteratively:
mysqlcheck -a dbname show index in tablename; | Table... | Cardinality | | tablename| 12345 |
4 October 2022, 16:34 UTCClown school SMTP
Mistakes were made...
Subject: SendGrid Incident - Mail Processing Delays - 3 October 2022 MAIL PROCESSING DELAYS Incident status: Monitoring Our engineers identified the problem and implemented a mitigation, but unfortunately, some of the delayed emails were lost during the process and could not be resent. Customers affected may notice that emails expected to be sent were processed or deferred but no further information about the status of the emails will be available.
27 September 2022, 15:42 UTCDon't take a data leak
In the cloud.
It will rain down on others. And they won't appreciate it.
26 September 2022, 22:02 UTCssh rsa got you down? (Unable to negotiate with X.y.Z.1 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss) - i.e. sorry I can't do that Dave?
Chuck this in your ~/.ssh/config :
Host X.y.Z.1
User da-user
PubkeyAcceptedAlgorithms +ssh-rsa
HostkeyAlgorithms +ssh-rsa
31 August 2022, 21:34 UTCCan't connect using mysqlsh as the mysql root user?
Did you want to run the update checker and get stopped dead?
mysqlsh --mysql -u root -h localhost -P 3306 --database=somedatabase MySQL Error 1698 (28000): Access denied for user 'root'@'localhost'
If your root user is using an auth type other than "mysql_native_password",
You might have better luck adding a user with the correct PRIV and auth user type.
Hint: If you use Debian / Ubuntu, you can use the debian-sys-maint user
Search for debian-sys-maint for info on where to find the password for that user / reset it.
Plow ahead with:
util.checkForServerUpgrade();
9 August 2022, 20:53 UTCEmail - magic of the elders?
Quite a few 2fa systems using email out there these days.
Too bad the ticket system requires a successful login to create a ticket
in order to let them know their 2fa email delivery is not working.
It is a sad state of affairs when running an MTA confounds a company.
At least there is comfort in knowing the status page can deliver the "we know it is frustrating but we are working on it" message.
22 May 2022, 1:34 UTCXfinity - I can't believe it's not internet access!
When you feel the need to simulate a shared dialup connection,
there is always Xfinity to the rescue.
13 April 2022, 19:54 UTCDNS CNAME record conflicts with other types
If you have a CNAME for a subdomain, this will block the other records for that same subdomain.
E.G. subdomain.domain.tld TXT blaaaaaaablaaaaaaaaaaa subdomain.domain.dlt CNAME some.domain.other
A query for the TXT record will only return the CNAME as it short circuits the lookup - just like at the case for a bare domain CNAME record.
Reference: https://www.rfc-editor.org/rfc/rfc1034 If a CNAME RR is present at a node, no other data should be present; this ensures that the data for a canonical name and its aliases cannot be different. This rule also insures that a cached CNAME can be used without checking with an authoritative server for other RR types.
But as always, in the case of "should" in an RFC, you might find odd behavior based on your implementation, but it would probably
be better if the semantics of handing off the queries to the alias domain remain intact.
6 December 2021, 15:46 UTCDo you git it?
Spot for my dabbling in yet another version system (damn I am getting old)
Where is this crap checked in?
git remote -v origin user@somehost:projdir/projname.git (fetch) origin user@somehost:projdir/projname.git (push)
4 October 2021, 19:12 UTCgetaddrinfo(whois.registrarsafe.com): Temporary failure in name resolution
30 August 2021, 16:04 UTCThe internet is a hostile place...
11 May 2021, 14:54 UTCDist upgrade and still getting nagware?
21 April 2021, 19:29 UTCMoving old LAMP's around and hitting errors?
30 March 2021, 22:44 UTCMigration of Concrete5 stuff (and Laravel) to newer servers
2 March 2021, 19:39 UTCPython easy convert ip_ntoa using the ipaddress module
12 January 2021, 14:16 UTCDashboards.
4 January 2021, 17:56 UTCDigitalOcean, snapshots and restores.
16 December 2020, 20:49 UTCShorten it up Google.
14 December 2020, 16:19 UTCGreat timing idiots Re: Solarigate / SUNBURST and firing Chris Krebs.
18 November 2020, 21:06 UTCNetwork Policy Server logging - Windows Server 2016 dyslexia
17 July 2020, 15:19 UTCRemember, one programs stderr is...
17 July 2020, 14:27 UTCIf you run a mail server...
2 July 2020, 16:53 UTCStupid vm stuff
5 May 2020, 17:31 UTCPoor form - logging stack traces without context
29 April 2020, 16:09 UTCPros are just amateurs who know how to gracefully recover from their mistakes.
16 March 2020, 22:13 UTCCovid-19 spread - remarkable!
5 February 2020, 5:44 UTCThink
22 January 2020, 18:42 UTCMicro$oft - have not been able to use the "$" for a bit there!
20 January 2020, 22:38 UTCCollection of codes for later