Is enabling SMB Signing on your NetApp a non-disruptive change?

We received the following alert from our ActiveIQ Unified Management Appliance (and a similiar one in ActiveIQ / AutoSupport): Alert from Active IQ Unified Manager: Advisory ID: NTAP-20160412-0001 You can find more details here: https://security.netapp.com/advisory/ntap-20160412-0001/ After reviewing it, fixing it seemed like a straight forward change but I wanted to know, is enabling SMB signing … Read more

How to use CIRA Canadian Shield with a Pi-Hole and DoH

CIRA (Canadian Internet Registration Authority) has recently launched a new DNS service called the “Canadian Shield” which is basically a DNS service similar to OpenDNS or Cloudflares 1.1.1.1 for Canadians, by Canadians. CIRA offers three levels of protection depending on how safe you want to be: Private: DNS resolution service that keeps your DNS data … Read more

How to perform an offline audit of your Active Directory NTLM hashes

It’s read-only Friday so I decided to perform a offline audit of our Active Directory passwords. I found this great tool: https://gitlab.com/chelmzy/five-minute-password-audit which in turn is a fork of this tool: https://github.com/DGG-IT/Match-ADHashes What I’m going to write here is mostly a repeat of these two Gitrepos with a few tweaks and corrections. To perform this … Read more

Accessing a Pi-Hole behind an Apache reverse proxy

Update 2019-09-15: Finally got around to looking into this and it turns out all I had to change was “ProxyPreserveHost Off” to “ProxyPreserveHost  On” to get things working. I’ve updated the original post to reflect the changes. I also didn’t note in my original host that I purposely restricted access to the apache virtual host … Read more

Specter/Meltdown performance impact on my Lenovo T450S

Did some quick benchmarks tonight with the mitigation’s enabled and disabled. I’m losing over 10% performance on a Broadwell i5-5300U   Enabled:   Disabled: If you want to try yourself here is how you can disable the mitigation’s. Run the following from Command Prompt or PowerShell. Make sure you ‘Run as Administrator’. reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session … Read more