I had a client with a huge list of hostnames that they needed to convert to IP addresses so they could scan them. That’s common. I used to have a Windows batch file to convert a list of hostnames to a list of IP addresses, so I dug it out of my archives. This isn’t like a ping sweep; they knew the machine names but their tool needed IPs.
I used the file to resolve lists of machines so I could load them into a centralized logging or vulnerability management system. This client had the same need and nobody there had a similar tool. So I shared mine with them. And I present it here so I won’t lose it again, and if you need it, you can use it too.
Consumer routers drive security professionals like me crazy. I’m happy to say I finally found a router that doesn’t drive me nuts. I want you to buy an Asus RT-AC66U. I’m going to tell you why, and I’m going to tell you how to configure it. Here’s how to set up an Asus RT-AC66U and how to optimize an Asus RT-AC66U.
I get a lot of questions about the DD-WRT firewall. There’s a lot of talk out there that goes deep into theory and advanced firewall usage, but what if you just want to know how to set up your firewall to protect your network and open up a few ports?
Here’s how to set that up.
Note: If you have multiple DD-WRT boxes running as access points like I do, only the one directly plugged into the Internet needs to be configured this way. Disable the SPI firewall on your internal access points.
Aug 2016 update: Back in 2015, some kind of spam bot wormed its way into my site. I quickly cleaned it up, then decoded the attack and posted details here. Not long after, the spambot started directing traffic to this post, because it contains enough of the magic words, I guess. Only instead of serving up spam, it’s serving up my analysis. I’d rather you read this than spam, so I’ve left this page up.
On to the original post…
A few minutes ago I received an alert that some files had changed on my site (thanks to All-In-One WP Security). But I hadn’t changed anything and WordPress hadn’t updated itself.
Last week, the show formerly known as Pauldotcom featured the creator of Iguardian, a dead-simple Internet security device. It’s a tiny computer a little larger than a pack of gum that you can plug inline between your router and your modem for extra protection. Basically it does what most people think a router does.
If you want to know what it actually does, read on. Read more
My baby at work is a centralized logging tool. That means my system has to touch every other system in this large company’s large network, which is kind of cool. Not many projects deal with that many different things, and I’m seeing some things I haven’t seen since college–and never expected to see in the real world, actually.
A week or two ago, we had some trouble pulling the logs in from a highly specialized system. That happens. Unix is easy, Windows is almost as easy–yes, the world of logging is a little bit upside down–but the one-off systems that don’t fit into neat categories take a lot longer to bring into the fold.
The problem was that the user account my tool uses kept getting locked out. Read more
Every once in a great while, I have to answer a question like what version of Windows a range of servers is running. If the number of servers is very small, you can just connect to them with a Terminal Services client and note what comes up. But sometimes that’s impractical. Right now I’m working someplace that has 8,000 servers, more or less. I’m not going to check 8,000 servers manually. I’m just not.
Here’s a more elegant, much faster way to go about getting that information.