WWWalker's Disaster Recovery

Links

My Site: Remote Network Support | Embedded | Health | Defence | Agribusiness | Mobile | Terms and Conditions | data integration | Mobile | Groupware | China | GDPR Compliance | Publishing | Library Consulting | Finance

• Coronavirus: COVID-19 Mitigation
• Backups
  • Disaster Recovery Plan
  • Incremental Backup
  • External Drives
  • NAS
  • Cloud
  • Find Lost Mobile
  • Mobile Backups (Samsung Cloud Contacts)
  • Windows Backups (Macrium)
  • ResourceMate Library Catalogue Restored from Backup
  • App Data Backups: Desktop Reminder 2
  • MSP
  • WordPress Plugin Crash
  • WordPress Backup to Cloud
• Security
  • Bigpond Email Whitelisting: Reverse DNS for AWS EC2 Server or Suspected Spammer
  • Hotmail bouncing because domain was treated as spammer
  • Office 365 Exchange Server Bounced Email
  • Google Postmaster Domain Verification for Spam
  • Mailing List Bouncing
  • Tracking Email Delivery
  • Mimecast Email Blocking
  • Postfix receiving email with sender Domain not known error
  • Email with no DKIM header marked as spam by Gmail
  • Phishing
  • SSL for Android email
  • Encryption - Email and Web
  • Linux Attacks
  • Bitcoin Blackmail
  • Data Breach
  • Spam Assassin
  • Facebook Security
  • Malware Removal
  • Meltdown and Spectre
  • WannaCry Attack
  • Botnets
  • RFID Card Scanners
  • Queensland Camera Traffic Fines
  • CrowdStrike Global Outage on Windows Servers
  • Multi-Factor Authentication (2FA/MFA)
• Web-Based Systems
  • reCAPTCHA
  • Data Integration
  • Monitoring
  • Mailing List Archive Backups
• System Upgrades
  • Windows
    • Windows 7 upgrade to Windows 10
    • Windows Update not working on Windows 7
  • Linux
• Virtualization
  • Testing
  • Tools
• NBN compatible VDSL2 modems
• Communications Infrastructure
• Email Mailbox Full
• Message Size Too Big
• Devops
• VoIP Call Blocking, Voicemail and Call Forwarding
• Square Pairing to Samsung Galaxy A15

Coronavirus: COVID-19 Mitigation

• What the governments are offering businesses in COVID-19-related measures 3/20
• 10 tips for small businesses wanting to work from home 3/20

Be flexible. Start another venture or part of your business. I changed my business several times over the years in what services I offered to stay in business otherwise I would have gone under. Setup remote working so you can work anywhere. Work from home to cut costs. Backup to cloud so if computers die you have a backup to go back to later. Work over internet instead of face to face with customers are willing to do that.

To be prepared for government lockdown of businesses to prevent spread of Coronavirus (COVID-19), businesses need to:

• perform staff health checks and have staffing replacement strategy in case someone gets ill and is quarantined
• work from home or remotely with desktop or laptop or phone or tablet or Website or cloud or SaaS apps
• virtualization of PC desktop into cloud so you can run your PC desktop anywhere
• migrate services to cloud for easy access anywhere instead of using only on premise equipment for servers or desktops
• backup data on servers, computers, phones and tablets to cloud or offsite
• manage cashflow, debt repayments and tax payments with Centrelink, ATO, state governments, banks and landlords

Backups

Disaster Recovery Plan

Every business requires a disaster recovery plan. We can assist you with setting this up and maintaining it to make sure you have your system restored in good time.

We have survived a number of disasters in our computer systems ranging from disc crashes to monitors failing. You need a backup strategy and several copies scattered all over the place to ensure survival. Redundancy is very important. These days this is called cloud computing where files are stored on the Web and do not require the local PC to be as protected. If the PC crashes, a new PC is bought and the work continued using the system on the Web.

Many sites and small businesses now backup their entire system remotely to enable them to recover from disaster or loss in their main site.

Incremental Backup

What's an Incremental Backup? Ask Leo! 3/21

Difference between full backup, incremental backup and differential backup:

• full backup - all files
• incremental backup - only changes since last backup whether full or incremental
• differential backup - only changes since last full backup

External Disk Drives Not Responding

In January 2017, I bought an HDD all in one docking station on eBay for 2 external hard drives that no longer responded due to interface cards failing. I got drives out of external drive chassises then loaded them one at a time into docking station and read them OK via USB on PC! This saved 7 years of backups being lost!

NAS

In October 2019, we are starting to use Synology NAS. It is used for backup, FTP, Web hosting etc and can be used via Android and iOS mobile apps to access media such as music or videos over internet.

Getting Started With Synology

First-time NAS Installation & Setup Guide | Synology

In December 2020, NETGEAR ReadyNAS became NAS storage.

In March 2011, we were going to do remote backup using NETGEAR ReadyNAS but by October 2017 we had done nothing and will cease supporting NETGEAR due to PowerShift Partner site going down indefinitely and NETGEAR staff moving to USA and Australian staff changing.

Cloud

Backup and restore of EC2 instances on Amazon Web Services can be done via snapshots.

In February 2017, Cloudflare had massive data breach to all sites using them as DNS servers (domain cloudflare.com). Domain registry needs to have password reset.

In January 2017, we migrated our Website hosting from Linux hosting to Amazon Web Services EC2 Linux instance. This involved backing up site and mail and using Amazon Web Services S3 to migrate to an EC2 instance. We then used third party DNS to delegate the site.

Instead in June 2012, we did backup and restore to Amazon Web Services S3 storage in the Cloud to move a huge mailbox from one hosting site to another. This is a very quick and easy way of moving large amounts of data for small business applications such as hosting, email or backup files. We did this again in November 2012. In June 2013, 12 month free tier ran out and I am now paying a small amount per gigabyte per month till I backup all data to a local drive on my laptop.

In February-March 2012, Symantec Netbackup and EMC MozyPro cloud-based backup services are being offered which we can setup for small business clients to give them extra flexibility and robustness in these tough economic times. A server can be rebuilt on a physical or virtual server from a backup stored in the cloud.

NAS can be used for remote backup akin to Dropbox.

Find Lost Mobile

• Find and lock lost Windows device

In February 2019 I discovered if Windows Phone is lost, go to account.microsoft.com and select device then click 'find device'. This only works in IE not Firefox. It also assumes phone is registered with Microsoft before it is lost. Last known location of phone is shown on map.

iOS and Android phones also have similar find lost phone feature.

Windows Phone location is updated every so often and this is logged with Microsoft so phone can be tracked down to nearest location.

I had to backtrack and find Windows Phone manually as I was using Firefox and account.microsoft.com did not show me location. Later I discovered only IE worked for finding phone on map.

I rang phone using Skype but person nearby did not answer it so it went to voicemail. It is impossible to get round people problems like this.

Only Windows 10 has 'fine my device' feature not Windows 7. With Windows 7 use account.microsoft.com.

Mobile Backups

Cloud

In January 2012, we also imported contacts from another phone's SIM to a Nokia MeeGo phone.

We used Nokia Account to backup contacts from Nokia MeeGo to Web and then restore them from Web to Nokia MeeGo when phone was flashed. We also imported the contact CSV file into a private Web database.

We will also import contacts from another phone via Bluetooth.

We downloaded lost apps from Nokia Store.

SMS messages were not backed up so were lost when the Nokia 6230 was lost. Backup at Nokia Care did not work on the old Nokia 6230's SMS messages but on everything else - phone numbers, images, audio files, video files.

Migrate Phone Numbers to New Phone

In September 2018, my Samsung Galaxy Pocket Neo power button stopped working so I moved the micro-SIM to a Windows Phone 8.0 Nokia Lumia 820. I then imported contacts from Microsoft Outlook Live account by logging into Microsoft Hotmail/Live account and synchronising. Google Contacts also had contacts which would be imported manually as Google Account won't login due to security issues. I upgraded from Windows Phone 8.0 to 8.1 (600MB 35 mins) but that model won't upgrade to Windows 10 Mobile and may apps won't work so I used browser or another app. I transcribed data from car app to spreadsheet before crash. I lost SMS messages and notepad notes. I needed to export them using Samsung Smart Switch Windows tool and Android app and USB cable or WiFi before crash. Samsung also had Samsung Members app for Android for support I did not know about till after the crash.

In November 2018, after I had restored Samsung Cloud to Samsung Galaxy Note II, I found Smart Switch does not backup contacts only messages and other data from new phone to PC. I used dr.fone to backup the contacts and messages etc on phone to PC but it only works direct to phone. No data is available to be exported into CSV etc.

In June 2014, my N950 died so I had to export phone numbers from account.nokia.com as CSV and convert them to VCF with a Windows tool and import them into a Samsung Android phone. Some of the phone numbers were not imported, just the person's name.

Samsung Cloud Contacts

• Samsung Cloud Backup Terms
• "To protect personal information and procure resources necessary for use of the services, we have added Paragraph 9 to Article 3 to state that data regarding customers who do not use the Samsung Cloud services for a long period of time (i.e., 12 months) will be deleted and Paragraph 10 to Article 3 to further state that backed-up user data which has been unused for a long period of time (i.e., 12 months) will be deleted."

In November 2018, I got a Samsung Galaxy Note II which I did a factory reset on by holding volume up (left), bottom button and power button (right) simultaneously. I then setup Google and Samsung accounts on new device and restored contacts and messages using WiFi.

Reset Samsung Galaxy Note N7105 (Hard Reset)

On September 2018, my Samsung Galaxy Pocket Neo Android phone died. Only way to restore contacts backup on new phone was by buying another Samsung device and sycing as Samsung has a monopoly on data backed up to Samsung Cloud.

On 27 October 2018, Samsung Cloud terms changed so that backups will be deleted if not used for more than 12 months. So I have to buy a Samsung device to sync my contacts from old phone or they will be lost.

I should have exported contacts from Android before this hell of being trapped with Samsung Cloud occurred.

Android backup does not backup contacts only app settings.

Nokia N950 Backup

The Nokia N950 froze up and said 'too frequent boots - reflash device' when I tried to boot the phone when the battery was nearly flat and had inadequate power to boot. I ignored the message and powered up using power switch and the device luckily booted. I then backed up images and audio recordings via developer SDK. I plan on writing an FTP tool that will allow users to backup their phone's images, video, audio, phone numbers and SMS to an FTP site of their choosing via USB, SD Card, wifi or 3G. A Linux single user mode needs to be setup so a Nokia support person or developer can boot and rescue important files before reformatting and reinstalling the system. Too much vital information is stored on a smartphone and proper backups need to be setup or the phone will lose vital data if it crashes with a disaster recovery plan.

On Nokia N950, I did Settings / Sync and Backup / Backup and then FTPed the Backup files to the PC or select 'use as mass storage device' when USB is plugged into phone. Go to Accounts / Nokia / Synchronise to backup contacts to account.nokia.com. To enter changed password, go to Store / Download an item.

In March 2012, the Optus SIM card died so I had to get a replacement and restore contacts to SIM from Optus Backup, Nokia Account and Nokia N950 contacts.

Optus SIM Backup Down 2 months

In March 2012, I replaced my Optus SIM card.

Optus SIM Backup was down for 2 months with no end in sight.

I got Optus to email me the last backup as HTML table which I converted to CSV using app. I later imported it into MySQL for safe keeping.

New Optus SIMs do not have SIM Backup plus I would not rely on it but would use Nokia Account if you have a Nokia phone to backup and restore via the Internet over 3G as it is more reliable.

Nokia/Windows Phone Contacts

On 24/5/15, Nokia Account was replaced by Microsoft Account. Only Microsoft Hotmail Outlook Live contacts can be synced to Windows Phone not Samsung or Google.

Windows Backups (Macrium)

Migration from Windows 7 to Windows 10

In March 2021, I backed up a Windows 7 desktop to an external drive using Macrium Reflect then mounted the image and used it to restore and transfer files to new Windows 10 desktop. This was a life saver as it was much quicker than using LAN or WiFi due to gigabytes of data involved. I had to move Macrium Reflect on Windows 7 after backup to Windows 10 to do restore.

Before I did the restore to the new Windows 10 desktop, I had to wait till Windows 10 had done all its updates first which took about 4 hours which was a very long time compared to Windows 7.

Windows 10 has a much richer interface so I had to find where everything was in Windows 10 after being used to Windows 7 simpler layout.

Corrupted Restore

In May 2018, a contact had not tested their restore of Windows XP backup of Kasperksy and restore failed causing BSOD (Windows to crash on boot).

They tried safe mode but that did not work and did not want to do a new installation of Windows losing all their software and data.

Windows registry and c:\windows\system32 files had to be patched or restored or last known configuration used to get system to boot again.

Macrium

In March 2012, I tried several times to use Windows 7 backup tool to backup a laptop but it was so slow and unclear which files were backed up or whether the backup job had failed and where the image was stored.

In the end I did a quick, successful backup using Macrium Reflect which was clearer to select partitions to backup and easier to restore from an image using a network drive.

In June 2015, Macrium Reflect 5.3 64 bit worked OK in Windows 8.1. I had to deactivate license from previous crashed Windows 7 laptop to use it on Windows 8.1 laptop.

In September 2019, Macrium 5.3 can be upgraded to version 7. Windows 10 has partition problems with version 5 which were fixed in version 6 and 7.

ResourceMate Library Catalogue Restored from Backup

From 2008 onwards, I used ResourceMate on Windows laptop to catalogue 3500 items of my father's theological library to edit a book by him "Enriching Australia through educating indigenous people" by S Preston Walker still not out in 2018 10 years after starting due to lack of resources.

In October 2018, when I opened ResourceMate after months of not using it, I discovered all the data in the catalogue had gone so I restored the database from a ResourceMate backup file and got back 4087 items.

This saved me years of work. Thank goodness I backed up the catalogue to hard drive when closing the application.

I plan on upgrading from ResourceMate 3.0 Regular to Essentials in 2019 to ensure the database is still readable by new versions of software.

App Data Backups: Desktop Reminder 2

In October 2020, I loaded Desktop Reminder 2 on Windows 7 after it closed with index error to database due to reboot while it was running and found no data was loaded losing 6 months of task calendar and completion information.

I opened tasks.dr2 file in its folder and all the tasks reloaded.

I also discovered Desktop Reminder 2 was doing daily backups when used in its folder and could have used restore function to recover the data from backups.

Desktop Reminder 2 has a restore function from backups.

Also Desktop Reminder 2 should be closed before reboot to avoid data corruption or needing to reload data or restore data from backups.

MSP

If hosting or remote service is provided by an MSP, customer then only pays a monthly fee for maintenance, backup and security.

WordPress Plugin Crash

In July 2022, I had to disable plugins and turn off auto update for WP-Crontrol plugin that broke WordPress because Composer was not setup.

WordPress Backup to Cloud

In May 2021, I setup backup to cloud of WordPress site using plugin.

Security

Bigpond Email Whitelisting: Reverse DNS for AWS EC2 Server or Suspected Spammer

• mail servers
  • Postfix mail server on Linux
    • uses spamhaus.org to reject spam domains not DMARC
    • Documentation for system admin not end user
      • Postfix Configuration Parameters for system admin not end user
    • complicated and tedious mail server to setup
    • several books on Postfix as system admin
      • Postfix: The Definitive Guide: A Secure and Easy-to-Use MTA for UNIX by Kyle D Dent
      • Postfix by Richard Blum
  • AWS SES alternative third party email service
• suspected spammer
  • Message content rejected due to suspected spam. IB703 (archive)
  • Message content rejected due to suspected spam IB703 howto report this to Bigpond to get it rectified (archive)
  • Suspected Spam rejection 558 5.7.1 (archive)
  • Crowdsupport retirement Telstra retired crowdsupport 2/22, now new categories of support to search through for answers
• email rejected because email server is hosted on AWS EC2
  • Reverse DNS Naming Conventions, Check Dynamic Address Spam Auditor Blog - useful
  • Message content rejected due to suspected spam IB703 Telstra Crowdsupport 7/17 (archive)
  • Bigpond.com is blocking emails from my EC2 server - postmaster address is not responsive Telstra Crowdsupport 4/20 (archive)
  • Reverse DNS lookup
  • DNS lookup tools - Curlie list (very good)
• Email spoofing

Reverse DNS for AWS EC2 Server

In April 2020, my email to Bigpond bounced because my server was on Amazon Web Services EC2 and they wanted me to whitelist my domain. My domain is clean. In end I sent the email to my sister on Bigpond via gmail which did not bounce as Telstra thinks gmail has enough cred but not my AWS server. Spammers have ruined AWS's credibility in Telstra's eyes.

Bigpond First Attempt

Bigpond blocks my emails to my sister because I use AWS EC2 for hosting for my mail server and they won't whitelist my domain. Telstra blames everyone on AWS with being a spammer. My domain is clean but Telstra forces me to use gmail so their system doesn't block me as a spammer which I am not. Evil Telstra. I have chosen not to email any more Bigpond customers ever except through gmail.

Because Bigpond is so big they get away with poor policies and force everyone onto gmail instead of letting people run their own servers like I do. It is for dummies.

• I emailed postmaster at Bigpond but got no reply re whitelisting of my domain and IP address so am forced to use gmail to get through their blocking of my IP address of my server.
• Their call centre has 20 min queue due to COVID-19 so is understaffed instead of working from home. They don't have call back so I have to sit in queue to get through.
• Their app for support and chat only works on Android and Apple and I only have a Windows Phone.
• Their chat bot goes in circles and does not fix anything re email being blocked. There are no live chat agents.
• Their Crowdsupport forum answer (archive) does not fix anything as I email the right email address for postmaster and forward the error message with request for my domain and IP address to be whitelisted but nothing happens as they are overloaded or slack.

Telstra is in the Dark Ages.

Bigpond Second Attempt

As I received a 554 error for bounced email sent to Bigpond, PTR Reverse DNS record needed to be setup for mail.wwwalker.com.au email server hosted on AWS EC2 instance. This was done via my DNS third party server (PTR record) and AWS (reverse DNS record).

In mean time till DNS is fixed for my domain, I have to forward emails to Bigpond users via Gmail or the emails will sit in mailq on Postfix on my mail server and timeout again.

Email postmaster at bigpond from gmail for whitelisting of IP address as email from wwwalker.com.au will bounce again after sitting several days in mail queue!

After 4 or 5 days of mail in mailq, deferred mail was delivered as Telstra whitelisted my domain on AWS EC2 so no more emails to Bigpond from my server will bounce!

Bigpond Suspected Spammer

In April 2020, email from my domain is bounced by Bigpond with 558 5.7.1 error suspected spammer. I emailed postmaster at bigpond to resolve this. I used gmail to email those Bigpond emails. Telstra call centre did not know what to do.

I decided not to email anyone on Bigpond any more from my domain unless they get another email address, e.g. gmail, because it marks my emails as spam and bounces them. I don't like using gmail.

I hate Bigpond. Telstra was very difficult to get to solve this problem.

Problem mail server: extmail.bigpond.com

Telstra Bigpond whitelisted my IP address.

Third Party Mail Server

The only way round this is to use a third party mail server like AWS SES where every email address has to be verified by region and forget using my own email server even though it is set up properly. This is such a waste of a server. The system has conspired to force all small IT people to outsource their IT to a bigger company.

Hotmail bouncing because domain was treated as spammer

• Troubleshooting SMTP errors - Outlook
• How to create an SPF TXT record? - "all" setting
• Troubleshooting Outlook
• Services for Senders and ISPs Outlook
• Microsoft new support request form
• Microsoft anti-spam policies and guidelines
• Outlook.com Smart Network Data Service (SNDS)/Junk Mail Reporting Program

An email to a hotmail address bounced because I had not set DNS SPF TXT record for my domain to "-all" (hard fail) on my DNS server so I set the SPF to have setting "-all". This stops others spoofing emails from my domain if they are using a different IP address.

SPF hardfail did not work but email to hotmail.com still bounced with same error 550 5.7.1 so I contacted Microsoft Outlook Postmaster via Microsoft Support request form to sort bounced email out.

Microsoft wanted me to enroll in Outlook.com Smart Network Data Service (SNDS) and Junk Mail Reporting Program to track anyone using my domain to spam. They would not unblock my domain for sending emails to hotmail so I had to use gmail again. Big companies are trying to eradicate any small operator and force all users to use big companies for email.

I use Gmail to email these domains so my email does not bounce:

• bigpond.com
• hotmail.com

Office 365 Exchange Server Bounced Email

• "550 5.7.1 Message rejected due to content restrictions" when you send email to external recipients in Exchange Online Protection
• Fix email delivery issues for error code 550 5.7.1 in Exchange Online

In June 2021, email to Couriers Please bounced with 550 5.7.1 SMTP error. I need my domain whitelisted but could not get person at call centre to understand me so gave up and only use phone or their online form to communicate with them as they are non-technical and very hard to deal with.

Australian Parliament House Email Server Whitelisting Failure

In October 2019, my email to Australian Parliament House to local MP Terry Young was never delivered unless I used gmail again because my domain was not whitelisted and was hosted on Amazon Web Services. I spent hours setting up DMARC, SPF and DKIM on my domain DNS and Linux mail server but still email was not delivered to MP's email unless I used gmail not my personal server on AWS.

Spammers attempt to send 30000 or more emails per day via my server but I have blocked their IP address so none are sent.

Google Postmaster Domain Verification for Spam

In February 2022, email from my domain was bounced wrongly as spam by Gmail. So I registered my domain with Google Postmaster and verified it using TXT in DNS record. This is very similar to SPF and DKIM in proving authenticity of email from domain.

Mailing List Bouncing

In March 2022, person with long mailing list had emails bounced by 54 mail servers because servers wrongly detected it as spam because they used their standard gmail account to send the emails. They used another email address to send link to Google Drive. There is so much confusion because they use 3 emails to avoid being blocked as spammers - 1 gmail and 2 private mail server email addresses. Gmail is blocked if they email a PDF attachment but private email server email addresses are not blocked if they just email link to Google Drive not a PDF attachment. Instead of fixing problem of attachments and email addresses being blocked, they just multiply private mail server email addresses and email links not attachments and do not setup a mailing list on a proper server but use their own email account to email out a mailing list. It is a shambles.

Sender should use a consistent email address to send emails so receiver can find old emails via email address in intray. Otherwise they have to search on all alternative emails for sender or hunt on time and date in intray and search line by line which is quite frustrating.

Having sender and receiver email addresses being different for same person is very confusing just for sake of 2 people sharing gmail email.

mailchimp commercial server is OK for mailing lists as their servers are whitelisted. Also GNU Mailman is a good mailing list program for Linux, UNIX or MacOSX servers.

Tracking Email Delivery

In February 2021, tracking email delivery to my mail server helped me discover I had been blocking legitimate email which had kept retrying to send mail to me. I removed those firewall rules and email delivery was OK again. I kept logs of firewall rules and found my mistake of blocking wrong IP addresses which led to bounced inbound emails.

Before that I redirected email from my domain to gmail for a month to debug the problem of bounced emails to my mail server.

The following video helped me troubleshoot and track email delivery problems from firewall and cPanel email delivery logs.

How To Troubleshoot Email Delivery Issues - very useful tips re using tracking email delivery on cPanel

Mimecast Email Blocking

• Mimecast SMTP Error Codes
• Mimecast email security gateway that acts as a spam filter of inbound and outbound email

In April 2021, I found in my mail server log that email to university was greylisted with SMTP 451 Internal resource temporarily unavailable error which required mail server to retry. This technique is used to prevent spam. My mail server IP address had to be whitelisted so emails would go through and get a reply. It looks like Outlook Mimecast plugin was used to block incoming emails. I had to use Twitter to communicate with university till mail server was whitelisted.

What is GreyListing and do I need it? 12/20

In July 2020, email could no longer be forwarded from site to university mail server due to lack of SPF on forwarded email but was bounced with SMTP 550 SPF Sender Invalid - envelope rejected error. So we had to create separate mailboxes for that site.

May 2017 Technical Webinar: Email Security with Mimecast 5/17

Postfix receiving email with sender Domain not known error

In March 2023, when receiving email from UNSW CSE with internal domain and email address as sender to my Postfix server with domain checking for sender to stop spam, I got 120 retries every hour with SMTP 450 4.1.8 error. UNSW did not use FQDN for their email address.

I added an account and local domain to my Linux server running Postfix to match the incoming email so it was valid and whitelisted it in check_sender_access using /etc/postfix/sender_access and the email was received. This took me 2 days to work out.

Email with no DKIM header marked as spam by Gmail

• How to Configure DKIM (OpenDKIM) with Postfix 10/21
• Troubleshooting for senders with email delivery issues 9/23 Google
• Gmail spam and authentication 9/23 Google DKIM, SPF, DMARC
• opendkim DKIM server

In August-September 2023, email from my domain to Gmail was put in spam folder of brother and purged after 30 days because he didn't look in spam folder. I re-sent the email from my domain to Gmail and it went into his spam folder, he found it with my help, unblocked it and moved it to intray.

I configured opendkim to add DKIM header to emails when sending email via SMTP via Postfix on my mail server. Gmail now receives email with DKIM header and it is not treated as spam and purged. I had to check DNS of domain and find selector for DKIM record to setup opendkim to add DKIM header to outbound emails.

Outbound email goes through SMTP. Originally this was not configured to add DKIM header to outbound emails on my mail server using my domain but later was configured to add DKIM header.

Inbound email goes through IMAP and had been checking DKIM via opendkim to my mail server.

Phishing

In March 2020, a recruiter on LinkedIn emailed me re a consulting role with a link to a link to a page for more information that looked very like Microsoft OneDrive login but I could not login with my normal login as password did not work. I then worked out the recruiter was fake and was harvesting my login by copying Microsoft Live login and had sucked me in via phishing email from LinkedIn. I then reset my Microsoft Live password.

I studied phishing countermeasures MOOC via CSU IT Masters in 2018 which helped me pick this sneaky attack.

SSL for Android email

• Heads up-Let's Encrypt and Dovecot - using openssl to debug encryption errors
• What could cause "dh key too small" error? - openssl setting

In July 2022, my email client on Android stopped working because certificate on my mail server was invalid or expired. I checked mail.log and there were errors re "dh key too small". I had to change openssl setting to enable email to be received any more from server on Android. Server had 128 bit key and Android used 256 bit key so key was too short for DH and failed. Dovecot used SSL certificate which was affected by openssl encryption.

Encryption - Email and Web

In July 2022, we changed setup of mail server for openssl as Android could not login due to short key.

In September 2019, we setup our mail server to use TLS.

In November 2018, we setup our Linux server to use SSL encryption via certificate.

Linux Attacks

• hardening of Linux server
• detect and block bots attacking server in logs
• DDoS mitigation
• firewall
  • What is SYN Flood Attack? Detection & Prevention in Linux - DDOS attacks using SYN and not responding so filling up connections 11/19
  • 
    MicroNugget: Preventing TCP Syn-Flood Attacks
  • fail2ban - block constant attacks on site via Web server or ssh or postfix or dovecot (mail) or SASL 8/19
  • iptables firewall
    • attacks from Bulgaria, Vietnam, Netherlands, Iran, India, Brazil, Turkey, Russia
• Varnish HTTP Cache
  • to mitigate DDoS incoming attacks crashing server every hour for over 6 hours 12/19
• ssh login
• Apache
  • Modsecurity - Apache module
    • OWASP (Open Web Application Security Project) - security scripts on Apache
• SpamAssassin - filters emails and rates for spam level

Bitcoin Blackmail

• AML (Anti-Money Laundering)
• Anti-Money Laundering and Counter-Terrorism Financing Act 2006 Australian Govt

In March 2019, I received blackmail emails wanting payment in Bitcoin. They had allegedly hacked my email or had a video feed via non-existent Webcam and wanted payment. This is exploitation.

Bitcoin is perfect vehicle for fraud and exploitation worldwide by hackers of digital assets like email or Websites or Webcam or phone cams as it gets round anti-money laundering protection of banks.

Bitcoin can be tracked to receiver.

Data breaches, that feed this exploitation frenzy, need to be prevented by better IT security.

Data Breach at PageUp People

• Unauthorized activity on IT system - PageUp 5/18

In May 2018, PageUp People, a recruiting agency portal, had a data breach by hacker gaining access. Red Cross, UQ, Coles Careers, Telstra, Queensland Rail etc used PageUp for recruitment services.

People who had their identity hacked can gain help from IDcare who handle identity and cybersecurity issues for people.

Those whose account has been hacked need to change their password.

Spam Assassin (Email Filtering)

In January 2016, we configured Spam Assassin and account level filtering to move spam into Trash based on Spam-Score threshold. Before that spam was mixed up in the main email inbox and took hours to delete or remove. It mostly gets it right, otherwise the reader can rescue any misclassified spam and move them back to the inbox.

Facebook Security

• see also 2FA/MFA

In March 2022, a friend was hacked on Facebook in Malawi Africa. People should setup 2-factor authentication on Facebook and other sites using Microsoft Authenticator or Google Authenticator apps. Then when person logs in from new browser or IP address site will prompt for password as well as a constantly changing 6 digit code obtained from the relevant Authenticator app. This will stop hackers getting in. They should also change their password every month or so on Facebook.

In March 2022, a friend who did not check his friends' IDs on Facbook led to fake user befriending me via that friend and trying to con me. I unfriended them. I then got friend to unfriend them who was letting them all in.

In September 2014, I was locked out of my Facebook account and I had to provide ID to get back in when I added as a friend a fake entry for Australian Cane Farmers Association. That fake entry was deleted by Facebook.

In 2012 or so, my login on Facebook was infected by a virus when someone from Orange City Council I was a friend of on Facebook shared a post that made out I was swearing at all in my group when I clicked a link on the post that had reverse meaning to what the link did. I unfriended that person to stop this.

Malware Removal

• Kaspersky Labs (antivirus)
• Immunet Antivirus (ClamAV)
• Remove Mixi DJ Toolbar
• Malwarebytes Premium (Windows)
• Windows Defender
• Microsoft Security Essentials
• AVG
• RKill - kills malware processes
• http://live.sysinternals.com/procexp.exe - process explorer
• Windows System Restore in Control Panel - restore to backup before malware entered e.g. 30tab.com in browsers on Windows 7 PC in 14/12/17
• Using Windows System Restore
• SolarWinds
  • SolarWinds Orion Vulnerability 1/21 - SonicWall firewall updates
  • Massive Supply-Chain Attack Targets SolarWinds Orion Platform 12/20 SonicWall
• Microsoft Exchange Zero Day Exploit
  • Hafnium Chinese group attacking Microsoft Exchange servers 3/21
  • New nation-state cyberattacks Hafnium attacking Microsoft Exchange Servers 3/21
  • 30,000 Exchange Servers affected
  • probing "owa" in Apache logs (Web access to Exchange)
  • remote code execution
  • Exchange Server security patch warning: Apply now before more hackers exploit the vulnerabilities 3/21
  • Microsoft forgot to rotate their cryptographic keys 3/21
  • Compromise of Microsoft Exchange Server Joint Cybersecurity Advisory - US Govt/FBI 3/21
  • solution:
    • patch server or
      • Microsoft tool provides automated Exchange threat mitigation 3/21
      • Powershell script does rewrite on IIS for attack URL
      • Security scripts: Exchange On-premises Mitigation Tool (EOMT) - This script contains mitigations to help address the following vulnerabilities. CVE-2021-26855 3/21
      • On-Premise Exchange Server Vulnerabilities Resource Center Microsoft Security Response Center - 16 Mar 2021
        • vulnerabilities: CVE-2021-26855, CVE-2021-26857, CVE-2021-27065 & CVE-2021-26858
    • migrate from Microsoft Exchange to Postfix mail server and Dovecot IMAP server for authentication on Linux
• Purple Fox malware evolves to propagate across Windows machines 3/21
  • Windows Servers
  • SMB port 445
• REvil ransomware criminals demand US$70m for 'universal decryptor' 7/21
  • Kaseya MSP software hacked with ransomware so all its customers are infected
  • Kaseya security alerts re attack 7/21
  • restore from backup to remove encryption
  • disconnect computer from MSP to stop further attacks
• Log4j2/Log4Shell Zero Day Exploit 12/21
  • vulnerability CVE-2021-44228
  • Apache Log4j Security Vulnerabilities
  • Log4Shell zero day exploit of Log4j2
  • Log4j cyber security flaw that has online experts fearing the worst 12/21
  • Critical remote code execution vulnerability found in Apache Log4j2 library 12/21
  • upgrade if < version 2.15.0
  • Java software
  • Java logging open source software from Apache
  • uses JNDI and LDAP to lookup resources on a server running Java and perform remote code execution
  • bots are attacking servers to do remote code execution on server via jndi vulnerability of Log4j2
  • bots install cryptomining software and viruses on servers via this vulnerability

In March 2021, Microsoft Exchange server Web access was hacked due to static cryptographic keys. Microsoft mitigation did rewrite on IIS of URL that was being attacked so bots could not login till full patch was applied.

In December 2020, SolarWinds Orion was infected by SUNBURST malware worldwide. SolarWinds changed all its CAs.

In May 2013, a Windows 7 was infected with MIXI.DJ browser plugin when I installed CrossFont (converts Mac fonts to Windows fonts), so I uninstalled it and several games and removed it from add-ons, search engines and default page in Firefox and Internet Explorer.

In April 2012, our Windows 7 laptop was infected by Security Shield malware which blocked all apps including browsers, delete and rename and made the PC run very slow. Safe mode and using a Linux PC were ways to download an antivirus or antimalware to remove it. We tried PC Tools Spyware Doctor with Antivirus, AVG, Windows Defender and finally Malwarebytes Anti-Malware.

Malwarebytes Anti-Malware full scan is very slow, taking 7 hours for 500,000 files. AVG did the same in 2 hours.

Microsoft Security Essentials detected Rogue:Win32/Winwebsec so I let it remove it.

The first video is better but the second video has info about http://live.sysinternals.com/procexp.exe for seeing and killing processes running when task manager is blocked.

Meltdown and Spectre CPU speculative execution cache reading bug

• Windows Update on Windows 7 crashes PC KB4284826 6/18
  • this crashed my Windows 7 Dell Optiplex 380 PC and it had to be restored to earlier restore point after several reboots
  • patch for Specture on old hardware crashed PC and it would not boot
  • Microsoft promises a correction of this update
  • Go to Control Panel | Programs | Installed Updates to uninstall this bad patch
  • InSpectre free tool to see if Intel CPU is liable to Spectre and Meltdown bug
  • Here's the Status of Meltdown and Spectre Mitigations in Windows 6/18 list of Spectre and Meltdown Windows Updates and their side-effects
  • Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
• Intel pledges better transparency about Meltdown debacle 1/18 patches for CPUs under 5 years old then older processors
• CPU-Z test tool identify and benchmark CPU
• Microsoft's Spectre fix bricks PCs with older AMD CPUs 1/18
• Google promises Spectre fix that won't slow PCs 1/18
• Data centre storage performance hurt by Meltdown-Spectre patches 1/18
• Meltdown and Spectre fix will slow down machines 1/18
• Red Hat dumps Spectre CPU patches that brick servers 1/18
• Intel releases Meltdown microcodes for thousands of processors - Linux 1/18

In 3 January 2018, Intel CPU had bug that cache in kernel could be read by user so passwords and security keys could be sniffed. Operating systems have been patched including Windows, Linux, MacOSX, Android and iOS. This is a very esoteric bug. Older hardware is not affected. CPU speculated on result of if statements in logic and executed and stored results in cache which someone reading through memory could find via side-channel (internal memory).

Patches brick CPUs.

Antivirus can block fix so check status.

Easy explanation of Meltdown and Spectre

Harder explanation of Meltdown and Spectre

WannaCry Attack

Around 15/5/17, WannaCrypt Ransomware worm attacked 200,000 Windows servers in 150 countries through security exploit and brought them down. Servers had to be patched and rebooted.

• WannaCry aka WannaCrypt
• WannaCry ransomware attack 5/17
• What to do if you've been hacked 5/17
• Report attack to Australian Cyber Security Group (Australian Signals Directorate) ex ACORN
• Reuters report on WannaCrypt attack 5/17
• WannaCrypt is Malware so use Malwarebytes to remove it
  • WanaCrypt0r ransomware hits it big just before the weekend 5/17
  • ShadowBrokers fail to collect 1M bitcoins and releases stolen information from NSA hacking tools 4/17 which caused WannaCrypt hack
  • ShadowBrokers releases more stolen information from NSA (Snowden Wikileaks) 4/17 which caused WannaCrypt hack
• HTTPS Everywhere browser plugin to use SSL on all links so man-in-middle attack will not work
• Sangfor anti-malware network monitoring

Botnets

• Embedded - IoT devices
• Health - IoT devices
• Defence
• Agribusiness
• Mobile

A detailed look into the Mozi P2P IoT botnet 12/20

Botnets use P2P (peer to peer) networking to distribute themselves using routers and IoT devices with poor authentication controls.

These vulnerable devices need to have their firmware upgraded urgently to close the security holes. Firmware upgrades are available from the manufacturers' websites e.g. Netgear, D-Link, Huawei, Realtek.

In December 2020, Mozi botnet attacks appeared in my Linux server Web logs as devices trying to get botnet software downloaded from remote host to router with poor authentication controls they are attacking and run malware remotely using RCE or Remote Code Evaluation which distributes itself to even more vulnerable devices in a massive network of nodes.

See NETGEAR Product Security for router vulnerability alerts and patches or upgrades.

RFID Card Scanners

• RFID blocker card holder

In December 2023, because I walked too close to a Translink Smartticket machine it scanned my debit card and charged it $10 without my permission so I had to call Translink to have it reversed which will take 10 business days.

Use a RFID blocker card holder to shield cards from RFID so ticket machines or thieves cannot suddenly take funds without permission.

Queensland Camera Traffic Fines

• Brisbane Gregory's street directory Big W

In December 2023, I was fined heavily for carrying a mobile phone to use Google Maps while driving on Western Freeway Mt Coot-tha. There were no traffic signs warning drivers of massive fines for carrying mobile phone while driving.

I bought a Brisbane Gregory's street directory (paper book) and stopped using mobile in car for Google Maps to avoid massive traffic fines.

CrowdStrike global outage on Windows Servers

• news
  • worldwide outage of Windows Servers on premises or in the cloud because of Falcon update that failed
  • Global outage caused by a 'defect' in a 'single content update', CrowdStrike says 19 Jul 2024
  • Here's what we know about CrowdStrike, the company potentially to blame for a global tech outage 19 Jul 2024
  • Global IT outage: Computer havoc caused by CrowdStrike outage could take days to fix - as it happened 19 Jul 2024
  • Australians have been hit by a worldwide tech outage. Here's what we know 19 Jul 2024
  • affected:
    • hospitals
    • GPs
    • supermarkets
    • airlines
    • offices
    • Office 365 users
    • whoever has a Windows Server and uses CrowdStrike cybersecurity software on premise or in the cloud e.g. AWS Windows instance or Azure Windows instance
• Remediation and Guidance Hub: Channel File 291 Incident 6 Aug 2024
• Faulty CrowdStrike update takes out Windows machines worldwide 19 Jul 2024
• Statement on Falcon Content Update for Windows Hosts 19 Jul 2024:

  Details
  
      Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor.
      Windows hosts which have not been impacted do not require any action as the problematic channel file has been reverted.
      Windows hosts which are brought online after 0527 UTC will also not be impacted
      Hosts running Windows 7/2008 R2 are not impacted
      This issue is not impacting Mac- or Linux-based hosts
      Channel file "C-00000291*.sys" with timestamp of 0527 UTC or later is the reverted (good) version.
      Channel file "C-00000291*.sys" with timestamp of 0409 UTC is the problematic version.
  
  Current Action
  
      CrowdStrike Engineering has identified a content deployment related to this issue and reverted those changes.
      If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to workaround this issue:
  
  Workaround Steps for individual hosts:
  
      Reboot the host to give it an opportunity to download the reverted channel file. If the host crashes again, then:
          Boot Windows into Safe Mode or the Windows Recovery Environment
              NOTE: Putting the host on a wired network (as opposed to WiFi) and using Safe Mode with Networking can help remediation.
          Navigate to the %WINDIR%\System32\drivers\CrowdStrike directory
          Locate the file matching "C-00000291*.sys", and delete it.
          Boot the host normally.
  
          Note: Bitlocker-encrypted hosts may require a recovery key. 
  
  Workaround Steps for public cloud or similar environment including virtual:
  Option 1:
  
      Detach the operating system disk volume from the impacted virtual server
      Create a snapshot or backup of the disk volume before proceeding further as a precaution against unintended changes
      Attach/mount the volume to to a new virtual server
      Navigate to the %WINDIR%\System32\drivers\CrowdStrike directory
      Locate the file matching "C-00000291*.sys", and delete it.
      Detach the volume from the new virtual server
      Reattach the fixed volume to the impacted virtual server
  
  Option 2:
  
      Roll back to a snapshot before 0409 UTC.
  
  AWS-specific documentation:
  
      To attach an EBS volume to an instance
      Detach an Amazon EBS volume from an instance
  
  Azure environments:
  
      Please see this Microsoft article
  
  Bitlocker recovery-related KBs:
  
      BitLocker recovery in Microsoft Azure
      BitLocker recovery in Microsoft environments using SCCM
      BitLocker recovery in Microsoft environments using Active Directory and GPOs
      BitLocker recovery in Microsoft environments using Ivanti Endpoint Manager
  

• Microsoft Cloud Status
• Windows Server has to boot to revert to previous safe update
• uninstall CrowdStrike
• install alternative to CrowdStrike
• disable automatic Windows Updates
• restore previous safe update of Windows
• restore from backup

CrowdStrike IT Outage Explained by a Windows Developer - Dave's Garage - 7/2024

Dave's tweet re bad bug in kernel driver of CrowdStrike 7/24

Web-Based Systems

reCAPTCHA for protecting Web forms from spammers

In April 2017, I upgraded to Google Recaptcha v.2! It took me 2 or 3 hours to work out syntax! Recaptcha now uses JSON and Javascript as well as PHP.

We removed Sweetcaptcha because it has been infected with ad links.

Installing Google reCAPTCHA on Web site forms to prevent bots trashing the email system is also done by us. Contact us for an example. No more bots get through now.

Data Integration of Financials with Web Portals

In October 2010, we moved our bookkeeping to a private Web portal rather than rely on old PCs and managing upgrading Windows. We do bulk uploads of records to Web and report for tax purposes and business accounts using the Web instead of PC software making us more agile and flexible and not forcing us to come back to Orange to do accounts.

Cloud computing is where the user uses applications loaded from the Internet. The data is stored offsite, perfect for mobile applications or disaster/recover options for small businesses with small IT budgets and pay by the month modes.

Monitoring

In February 2012, we provided Web-based email-to-SMS alerts for ourselves or customers on a 24/7 basis using our own online scripts that monitor emails for specific criteria. Later we will use Nagios when have more resources. We also examine standard logs and deduct the best way of repairing the security breach or restoring the system to a safe restore point from backups.

Mailing List Archive Backups

In February 2012, we are working to recover a 1980s style system Lyris ListManager mailing list after the server was rebooted and only part of the list archive was restored from backups. Later we may migrate it to Mailman. As the original was lost, I found a copy of a personal flat file Eudora mail archive, munged it with Python, Ruby, PHP and flex and am migrating it to another Website. Others converted an HTML archive of earlier years to Word and uploaded it to box.com and Google Docs as redundancy.

System Upgrades

Windows

• Windows 11 24H2 update failed to install with error 0x800701e3 (disk error) 5 Dec 2024
  • 7 hours to download
  • 2 hours to install
  • system was nearly bricked
  • IPX seeking for IPv4
  • 0xc0000185 BSOD
  • 2 hours to repair disk and revert 24H2 update install
  • How can I create a bootable usb of windows 11 and use it?
    • Windows 11 USB Boot Disk
    • to be used if system becomes unbootable after Windows 24H2 update install failed
  • Windows 11 deactivated after 24h2 update - may happen
• Windows Lifecycle Fact Sheet end of life dates when support and Windows Updates stop
• Windows 7 Wikipedia end of life 14 Jan 2020
  • This free Windows 10 upgrade offer still works. Here's why -- and how to get it 9/19
  • Windows 7 end of life support information - backup and migrate to Windows 10 machine
• Windows 8 Wikipedia end of life 10 Jan 2023
• Windows 10 Wikipedia end of life 14 Oct 2025
• Windows Phone 8.1 end of life 11 Jul 2017
  • Windows 10 Phone Mobile upgrade - certain Lumia phones not all
  • Support options for Nokia, Lumia, and feature phone devices - Windows Phone 8.1 Store Shutdown Dec 16, 2019

Windows 7 upgrade to Windows 10

In February 2020, I need to upgrade Windows 7 to Windows 10:

• upgrade Windows 7
  • disk image using Macrium Reflect
  • get NBN connected (156 carriers to choose from)
  • get external drive or blank DVD to burn ISO
  • download ISO files for upgrade using NBN
• migrate to Windows 10
  • get second hand Windows 10 computer from eBay
  • migrate files from Windows 7 to Windows 10 over ethernet or disk chassis using USB

Windows Update not working on Windows 7

In January 2017, I installed new client for Windows Update on Windows 7 and installed over 200 updates. Before that no updates were done as the client was faulty.

Windows Upgrades and Cloud Computing

Office 365

Your email, Microsoft Office, Exchange and Sharepoint can be migrated to Office 365 by us. We are qualified administrators of Office 365. We did this in June 2016 in Caboolture for a Windows 10 laptop customer and migrated their email and address book from Outlook .pst file.

Mobile Support

In September 2018, I upgraded Windows Phone 8 to 8.1 but could not upgrade to Windows Mobile 10 due to my Nokia Lumia 820 not being supported.

PC Support

As Windows XP support expired on 8 Apr 2014, we are able to migrate Windows XP, 7 or 8.1 to a Windows 10 or into the Cloud. No more virus updates or patches will be available after that date so the system is vulnerable. This will require wizards and backups to be run and software and data migration from old applications to those that will run on Windows 8.1.

In July 2015, we upgraded to Windows 10 including installing drivers for biometrics and Web camera from earlier versions of Windows.

In April and August 2012, we upgraded Windows XP systems to Windows 7 including a backup. In January 2014, we upgraded a laptop from Windows 7 to Windows 8.

Microsoft Money is obsolete and only runs on Windows XP. Data from financial information needs to be exported and imported into software that is supported either on the desktop or into Cloud software like we did.

Other common jobs are rebuilding PCs with Windows XP, Vista, 7, 8 and 10, Linux or FreeBSD.

Examples:

• upgrade Windows 8.1 to Windows 10
• upgrade non-geniuine Windows XP Pro to Windows 7, setting up an ADSL/Wifi hotspot, transferring email to Thunderbird, backing up partitions to a 1TB external drive and stopping line dropping out
• reverting from Windows Vista to Windows XP for InDesign to work to speed again with Dell quad-speed processor, not be a dog;
• upgrade Windows 98 to Windows XP including setting up a wireless ADSL2+ router for a small business.

Linux

Linux Debian Long Term Support (LTS)

In June 2018, Linux Debian 8 Jessie was end of life and Apache was crashing intermittently, so as per Debian Long Term Support (LTS), I added LTS repositories and joined email list for LTS upgrades.

Virtualization

To save hardware, we can create virtual machines to run your applications. This allows us to run Linux and Windows on top of each other. We did this on limited hardware in Brisbane to enable us to test software running on FreeBSD, SuSE Linux and Fedora Linux all on a Windows XP Pro PC without having to install them on separate partitions. This is heaven for a sysop with a limited budget.

This flexibility improves agility and produces quick disaster recovery. This is what they had to do after September 11, 2001 in USA - move their staff to another location and rebuild servers from backups to survive using minimal hardware and working over the Internet from remote locations. Many sites or small businesses worldwide now backup to a remote server for a monthly fee per Gigabyte. This is now called cloud computing.

Using virtualization, snapshots of various operating systems like Unix, Linux, FreeBSD, Mac OS X and Windows can be saved and then reloaded on a totally different operating system allowing for very quick response should the hardware fail or a system be overrun with viruses or spambots due to lax security.

Common virtualization software includes VirtualBox, VMware, Xen or HyperV.

This can also be done via Docker and Kubernetes.

Testing

This is ideal for setting up various work or test machines without having to purchase many pieces of hardware to run them on.

If the customer provides us with a support ticket with configuration information in it to reproduce a bug, we can login to our own virtual server and reproduce the errors without having to go near their server and deploy a fix for the problem from our inhouse resources.

If the customer does not have enough modern PCs to run test machines, we can install VMware and load a virtual operating system image to test systems at low cost and high efficiency and enable us to get on with the job despite a lack of dedicated hardware on the customer's premises. We have done this onsite in Brisbane when we were doing technical support for a small company and just could not get a spare PC to test systems on to achieve our objectives. VMware virtual images are a great way to get around these hardware limitations often foisted upon us to save money by the customer.

As usual it is easier to spend our own time and money doing virtualization than waiting for ages for the customer to spend money then ending up doing it for them for free just to get a job done on time and make money. This seems to be how small businesses avoid paying any money - they put financial pressure on suppliers and in the end they donate equipment or time to get a job going rather than have it fold due to the customer avoiding investing in equipment and training. The tradeoff is we own the technology and bring our own tools to the job to avoid delays so the customer owns nothing and just gets a service.

As of March 2012, Veritas Backup Exec 2012 now supports VMware and Hyper-V so only one backup for multiple Windows or Linux Virtual Machines on a host is required.

Tools

VMware is mostly about setting up virtual machines in data centres. We do not use it much inhouse except for setting up a test machine. They are into 1000s of seats (licenses) per customer (enterprises) not little guys like me who have may be 1 or 2 licenses. They are a greedy big company. I do not recommend VMware for small businesses only medium to large enterprises. Apart from their free VMware player, everything else they sell is over $10,000 USD per licence.

VMware has several open source divisions: Springsource (Cloud Java beans platform), RabbitMQ (messaging), Zimbra (groupware) and Tanzu (Kubernetes) which is of value to me as an opensource developer. I went to a course in Brisbane in 2011 with Queensland JVM on Springsource and RabbitMQ.

We recommend opensource virtualization products like Xen Project.

VDI is Virtual Desktop Infrastructure so the user can run their desktop on a virtual server not their own PC. Microsoft, VMware and Citrix support this.

Around 2014, we looked at Docker containers to run instances of operating systems.

NBN compatible VDSL2 modems

On 6 June 2024, my NBN connection died using ZTE H268A modem. I tried to find another NBN compatible modem but NBN had a very difficult to understand ITU standard for modems to meet to be compatible so one had to believe statement that modem was compatible on retailers' sites like Officeworks or use trial and error and return it to try another one if that modem didn't work.

• NBN modem compatibility documentation which is very difficult to understand unless person is an electrical engineer
  • VDSL2
  • Modems that are incompatible with the NBN FTTN and FTTB networks
  • NBN Network Interface Specification UNI-DSL full of jargon in ITU standards
• modes of delivery of NBN

  • acronym	meaning	speed	connection to modem
    FTTN	fibre to the node	slower	phone line
    FTTC	fibre to the curb	faster	phone line
    FTTH	fibre to the home	faster	phone line
    FTTB	fibre to the building	faster	phone line
    FTTP	fibre to the premises	much faster	ethernet cable and socket in wall

  • Comparing FTTH to FTTP, FTTN, FTTC, and FTTB: Which is Right for You?
• trial and error - believe retailer that modem is compatible and try it and if it fails return it and try another until a working modem is found
• modems that appear NBN compatible:
  • D-Link DSL245GE AC1200 - reliable

Communications Infrastructure Disaster

In November 2012, Southern Grampians Shire Council was cut off for 2 weeks when Telstra Warrnambool Exchange burnt down. This is a lesson on having backup plans that are tested.

Due to excess data on Optus and Vodafone mobile networks being very dear at $10/GB, in November 2015, I setup TPG broadband at my home office to combat this excess data charges.

NBN cuts copper about 6 months after it comes to an area. Caboolture will be cut off in September 2016 so all people must switch to NBN or mobile for communications.

• Council IT Dept tells of major failures after Telstra fire 26/3/13
• Telstra exchange fire cost $408,000 a day 25/3/13
• Working on the Warrnambool Exchange [after the fire] 29/11/12

Email Mailbox Full

In August 2019, to connect with customer via email to try and get some violin lessons going, I had to help them receive email from me which was being blocked because their mailbox was full without their knowledge. They also wanted to know if I got their emails but I hadn't because their mailbox was full so no email could be received or sent. This required checking for pending emails from me to them in my mail queue of my mail server. They had to delete the excess emails so my email could be received and I could receive their email. Once they had cleaned up their mailbox I was able to receive an email with one large image of several megabytes and they received two test emails from me. It was quite a saga over several days.

Message Size Too Big

• pflogsumm Perl script that is used to give statistics and error messages on mail.log of Postfix mail server
• 6 Ways to Send Large Files as Email Attachments
• Limits for sending & getting mail Google

In March 2021, I detected in my mail.log via pflogsumm Perl tool that someone had emailed me an email that was too big for my mail server's message size limit so was bounced with SMTP error message:

• 552 5.3.4 Message size exceeds fixed limit

My Postfix mail server has a message size limit of 10MB and if the email received is over that limit it will be bounced.

I had to use domain of sender, whois and ABN to find who was emailing me such a large file.

Instead of emailing a large email, sender should:

• break it into several smaller emails and email a smaller file or
• upload the files to Dropbox.com or Google Drive or Cloud drive and email a link or
• compress file to get size under limit or
• reduce resolution of images or
• upload to file server or Web server or intranet or extranet and email a link to server to download it directly not via email
• correct broken links on Website

Mail server is a very slow file server so alternative ways need to be found to send large files.

I think person was emailing me many PDFs which exceeded 10MB maximum message size instead of fixing broken links on their Website to PDFs. All they had to do was fix broken links not send a very large email with PDFs in it that bounced and caused all sorts of problems sorting out bounced email. I could also have found out information re market research in job market elsewhere via Google instead of trying to get PDFs from site with broken links.

Many untrained people use email like a sledge hammer to send anything and everything causing all sorts of size issues when size is too big. All they needed was some WordPress skills on how to fix broken links then login to admin console and fix them in 2 minutes rather than bundle all the PDFs up that had broken links to them on the Website and email them as a very large email that bounced and caused hell for the receiver.

Devops

see also Groupware and Devops

Devops is a crossover between development and operations.

We have skills in:

• operations - AWS, Azure, Linux
• development - PHP, Perl, Python, C, bash, awk, sed

We once for a client in Sydney successfully setup and ran a large import/merge job of 1 million rows of CSV patent record data from many jurisdictions and formats into MySQL database using PHP to setup a batch pipeline of C jobs using MySQL C API on our own Linux server, a form of Devops.

VoIP Call Blocking, Voicemail and Call Forwarding

VoIP allows user to have personal PABX.

In August 2022, I rang Exetel re blocking scam callers to my NBN VoIP landline phone. I had the number of the scam caller from my Uniden DECT phone. I could not block calls on the Uniden DECT 1105 was it was too simple. ZTE modem did not allow me to block calls.

I learned from Exetel call centre tech support that I could login to Exetel user console and setup call blocking, voicemail and call forwarding:

• dashboard | home phone | manage | calls & voice settings
  • block calls
  • voicemail | email | SMS alerts
  • call forwarding (not with voicemail)

Having voicemail setup on my VoIP landline number was good because before it was setup people rang and could not leave message so wondered why I did not get call. With voicemail the recordings were emailed to me on my mobile or a SMS was sent to alert me to ring voicemail from home phone when I got home.

Call forwarding to my mobile would be good when I was away from home for a period of time.

Square pairing with Samsung Galaxy A15

Square is a mobile payment system I first used in June 2023 with Square card reader and Android phone (Huawei Y5 2019). That phone was replaced in August 2024 due to 3G closure with Samsung Galaxy A15.

In February 2025, after finding Square card reader had error message "reader damaged", I got a new Square card reader with warranty claim then got Square card reader to connect to Samsung Galaxy A15:

• let Square card reader stop having 4 orange dots flashing (wait about 5 mins)
• in Samsung, go to settings | Bluetooth
• power up Square card reader till 4 orange dots flash
• in Bluetooth area, pair once, pair twice (two requests)
• wait for updates of Square card reader
• attempt payment using Square card reader and Samsung Square app
• payment works

It is tricky to pair the Square card reader to Samsung Galaxy A15. In Square app there is spinning wheel and no pairing. In Bluetooth it is possible to pair but only if Square is powered up with orange dots from scratch not while it is flashing orange dots.

This is undocumented feature as Square compatiblity list does not list Samsung Galaxy A15 but it should as I have managed to pair Square card reader wtih Samsung Galaxy A15 with above method.

Contact Us

Get in touch if you need help rebuilding, upgrading, recovering, backing up, virtualization of your system or protecting of Web forms from bots. We have experience with Windows and Linux both local and remote backup to disk, flash drive or tape and to the Web.

We have experience with gigabytes of backups.

Links

• Mult-Factor Authentication (2FA/MFA)
  • to prevent hackers finding password and gaining access to site or server, as well as password login, a code is entered from or button is pressed on app to allow access to site or server
  • apps
    • Authy
    • Duo
    • Google Authenticator
    • Microsoft Authenticator
  • Facebook 2FA setup
  • In March 2022, Lapsus$ UK cyber gang attack using MFA:
    • Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal - 14M pounds 3/22
    • Hundreds of companies potentially hit by Okta hack 3/22
    • Microsoft Lapsus$ attack 3/22
    • Linux kernel leak via Lapsus$ attack 3/22
• botnets attack security vulnerabilities of IoT and routers with malware by Remote Code Execution (RCE)
  • Botnets
  • Mozi botnet attacks Netgear, D-Link, Huawei and Realtek SDK routers 12/20 authentication - like Gafgyt
  • Mozi, Another Botnet Using DHT 12/19 - like Gafgyt
  • Gafgyt Targeting Huawei and Asus Routers and Killing Off Rival IoT Botnets 12/19
  • Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities authentication
  • Netgear Product Security firmware upgrades
  • Huawei HG532 Series Router Remote Command Execution Analyzation 5/19 TPG wifi ADSL router
  • Security Notice - Statement on Remote Code Execution Vulnerability in Huawei HG532 Product 11/17
  • D-Link Australia & New Zealand Support Resources firmware upgrades
  • Remote Code Evaluation (Execution) (RCE) Vulnerability - used by botnets
  • Honeypot - Scanning and Targeting Devices & Services Mozi botnet
  • Botnets have been silently mass-scanning the internet for unsecured ENV files 11/20 - bots scanning websites for .env looking for passwords from developer tools
• Coronavirus shutdown support
  • What the governments are offering businesses in COVID-19-related measures 3/20
  • 10 tips for small businesses wanting to work from home 3/20
• backup
  • Backups Australian Cyber Security Centre 8/21
    • how to do backup on Windows, iPhone, MacOSX to cloud or external hard drive
    • prevent loss by doing regular backups
    • not new but many large businesses and SMEs avoid doing backups and suffer consequences from Ransomware attack or other data or device loss
  • World Backup Day
    • World Backup Day
    • What Better Time to Celebrate Information and Data than on World Backup Day - March 31, 2020
  • Broadcom
    • MegaRAID, optical, ethernet, mainframe, database
    • Broadcom Community Symantec Enterprise Community ex Symantec Connect
    • Symantec Security Center
    • CA Technologies
  • Veritas Backup Exec
  • Dell Technologies Data Protection - ex Dell EMC Data Protection
  • Macrium Reflect
  • Acronis Backup, Disaster Recovery and Storage Management
  • Veeam - cloud backup
  • Kasten - kubernetes cloud backup
• UPS (Uninterruptible Power Supply)
  • APC
• devops
  • Continuous Delivery Director - Broadcom Software CA DevOps
• browser
  • Is JavaScript enabled? - browser test
• cloud
  • Amazon Web Services
  • Microsoft Azure
  • Google Cloud
  • Docker
  • Kubernetes
• VM
  • Oracle VirtualBox
  • VMware

WWWalker Web Development Pty Ltd