Chrome Destroys URLs in the Location Line

Problem: current Chrome browsers cut URl parts and hide the correct URL. https://www.derstandard.at/ is shown as derstandard.at. This is simply wrong from the technical point of view. And it might even be dangerous for some URLs form a security standpoint. Solution: there is an option to disable this bug:chrome://flags/#omnibox-ui-hide-steady-state-url-trivial-subdomains Update: oogle ropped his ption. The …

Continue reading ‘Chrome Destroys URLs in the Location Line’ »

APT sources list

Problem: when debian goes from “testing” to “stable” to “oldstable” the package sources change. eg. jessie-updates are remove, same happened to jessie-backports The current file /etc/apt/sources.list for jessie (currently oldstable) could look like this deb http://ftp.debian.org/debian/ jessie main contrib non-freedeb http://security.debian.org/ jessie/updates main contrib non-free

Configure WLAN Statically in Debian/Linux

If you want to configure WLAN settings on a Linux machine statically you can use the normal /etc/network/interfaces configuration method of Debian. For WPA-PSK you can use this 3 steps: Install the “wpasupplicant” package Generate a psk line with “wpa_passphrase” and copy the hex string after “psk=” root@server:~# wpa_passphrase WLANNAME# reading passphrase from stdinthepasswordnetwork={ ssid=”WLANNAME” …

Continue reading ‘Configure WLAN Statically in Debian/Linux’ »

Debugging Akamai

Akamai just works, … most of the time. But sometimes you have to check what’s going on, and Akamai gives you a handy tool for this. There is an HTTP request header that tells Akamai to respond with some internal information. Pragma: akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-check-cacheable, akamai-x-get-cache-key, akamai-x-get-ssl-client-session-id, akamai-x-get-true-cache-key, akamai-x-get-request-id With this request header Akamai includes …

Continue reading ‘Debugging Akamai’ »

MikroTik Automatic IPSec Failover

Problem: Mikrotik allows only one ipsec policy per network-to-network pair. If you want to have redundant tunnels between two locations with two upstreams you cannot configure ipsec redundancy on Mikrotik because one ipsec policy is always marked as “invalid” by the OS. Solution: I made a Mikrotik script that checks the status and reachabilty of …

Continue reading ‘MikroTik Automatic IPSec Failover’ »

FortiGate HA Synchronization Fail

Problem: Two FortiGate firewall show “not synchonized” in the HA status. Discussion: the problem with this is, that FortiGate does not show why it fails. I found no log file with a reasonable error message. So I tried to synchronize the config myself, which is exactly what should NOT be necessary when using HA synchronization. Solution: When an …

Continue reading ‘FortiGate HA Synchronization Fail’ »

My Contact was Shared with Facebook

Facebook gives a list of companies who run Facebook ads, and sent my contact information (tel, email) to Facebook. This list for my account lists some obvious companies, some companies I never heard of, and some companies who really should never have forwarded my contact information to Facebook! Look up your own list by: Click …

Continue reading ‘My Contact was Shared with Facebook’ »

Annoyances While Setting Up FortiGate 100E

After unboxing and starting two Fortigate 100E firewalls the following things failed. Fortinet should really work on QA I think: When starting the Webgui for the first time the box asks to register or login to activate the box. I tried to register and the box asks so many questions, doesn’t Fortinet know GDPR ? …

Continue reading ‘Annoyances While Setting Up FortiGate 100E’ »