WWWalker's Disaster Recovery

Links

My Site: Remote Network Support | Embedded | Health | Defence | Agribusiness | Mobile | Terms and Conditions | data integration | Mobile | Groupware | China | GDPR Compliance | Publishing | Library Consulting | Finance

Coronavirus: COVID-19 Mitigation

Be flexible. Start another venture or part of your business. I changed my business several times over the years in what services I offered to stay in business otherwise I would have gone under. Setup remote working so you can work anywhere. Work from home to cut costs. Backup to cloud so if computers die you have a backup to go back to later. Work over internet instead of face to face with customers are willing to do that.

To be prepared for government lockdown of businesses to prevent spread of Coronavirus (COVID-19), businesses need to:

Backups

Disaster Recovery Plan

Every business requires a disaster recovery plan. We can assist you with setting this up and maintaining it to make sure you have your system restored in good time.

We have survived a number of disasters in our computer systems ranging from disc crashes to monitors failing. You need a backup strategy and several copies scattered all over the place to ensure survival. Redundancy is very important. These days this is called cloud computing where files are stored on the Web and do not require the local PC to be as protected. If the PC crashes, a new PC is bought and the work continued using the system on the Web.

Many sites and small businesses now backup their entire system remotely to enable them to recover from disaster or loss in their main site.

Incremental Backup

What's an Incremental Backup? Ask Leo! 3/21

Difference between full backup, incremental backup and differential backup:

External Disk Drives Not Responding

In January 2017, I bought an HDD all in one docking station on eBay for 2 external hard drives that no longer responded due to interface cards failing. I got drives out of external drive chassises then loaded them one at a time into docking station and read them OK via USB on PC! This saved 7 years of backups being lost!

NAS

In October 2019, we are starting to use Synology NAS. It is used for backup, FTP, Web hosting etc and can be used via Android and iOS mobile apps to access media such as music or videos over internet.

Getting Started With Synology

First-time NAS Installation & Setup Guide | Synology

In December 2020, NETGEAR ReadyNAS became NAS storage.

In March 2011, we were going to do remote backup using NETGEAR ReadyNAS but by October 2017 we had done nothing and will cease supporting NETGEAR due to PowerShift Partner site going down indefinitely and NETGEAR staff moving to USA and Australian staff changing.

Cloud

Backup and restore of EC2 instances on Amazon Web Services can be done via snapshots.

In February 2017, Cloudflare had massive data breach to all sites using them as DNS servers (domain cloudflare.com). Domain registry needs to have password reset.

In January 2017, we migrated our Website hosting from Linux hosting to Amazon Web Services EC2 Linux instance. This involved backing up site and mail and using Amazon Web Services S3 to migrate to an EC2 instance. We then used third party DNS to delegate the site.

Instead in June 2012, we did backup and restore to Amazon Web Services S3 storage in the Cloud to move a huge mailbox from one hosting site to another. This is a very quick and easy way of moving large amounts of data for small business applications such as hosting, email or backup files. We did this again in November 2012. In June 2013, 12 month free tier ran out and I am now paying a small amount per gigabyte per month till I backup all data to a local drive on my laptop.

In February-March 2012, Symantec Netbackup and EMC MozyPro cloud-based backup services are being offered which we can setup for small business clients to give them extra flexibility and robustness in these tough economic times. A server can be rebuilt on a physical or virtual server from a backup stored in the cloud.

NAS can be used for remote backup akin to Dropbox.

Find Lost Mobile

In February 2019 I discovered if Windows Phone is lost, go to account.microsoft.com and select device then click 'find device'. This only works in IE not Firefox. It also assumes phone is registered with Microsoft before it is lost. Last known location of phone is shown on map.

iOS and Android phones also have similar find lost phone feature.

Windows Phone location is updated every so often and this is logged with Microsoft so phone can be tracked down to nearest location.

I had to backtrack and find Windows Phone manually as I was using Firefox and account.microsoft.com did not show me location. Later I discovered only IE worked for finding phone on map.

I rang phone using Skype but person nearby did not answer it so it went to voicemail. It is impossible to get round people problems like this.

Only Windows 10 has 'fine my device' feature not Windows 7. With Windows 7 use account.microsoft.com.

Mobile Backups

Cloud

In January 2012, we also imported contacts from another phone's SIM to a Nokia MeeGo phone.

We used Nokia Account to backup contacts from Nokia MeeGo to Web and then restore them from Web to Nokia MeeGo when phone was flashed. We also imported the contact CSV file into a private Web database.

We will also import contacts from another phone via Bluetooth.

We downloaded lost apps from Nokia Store.

SMS messages were not backed up so were lost when the Nokia 6230 was lost. Backup at Nokia Care did not work on the old Nokia 6230's SMS messages but on everything else - phone numbers, images, audio files, video files.

Migrate Phone Numbers to New Phone

In September 2018, my Samsung Galaxy Pocket Neo power button stopped working so I moved the micro-SIM to a Windows Phone 8.0 Nokia Lumia 820. I then imported contacts from Microsoft Outlook Live account by logging into Microsoft Hotmail/Live account and synchronising. Google Contacts also had contacts which would be imported manually as Google Account won't login due to security issues. I upgraded from Windows Phone 8.0 to 8.1 (600MB 35 mins) but that model won't upgrade to Windows 10 Mobile and may apps won't work so I used browser or another app. I transcribed data from car app to spreadsheet before crash. I lost SMS messages and notepad notes. I needed to export them using Samsung Smart Switch Windows tool and Android app and USB cable or WiFi before crash. Samsung also had Samsung Members app for Android for support I did not know about till after the crash.

In November 2018, after I had restored Samsung Cloud to Samsung Galaxy Note II, I found Smart Switch does not backup contacts only messages and other data from new phone to PC. I used dr.fone to backup the contacts and messages etc on phone to PC but it only works direct to phone. No data is available to be exported into CSV etc.

In June 2014, my N950 died so I had to export phone numbers from account.nokia.com as CSV and convert them to VCF with a Windows tool and import them into a Samsung Android phone. Some of the phone numbers were not imported, just the person's name.

Samsung Cloud Contacts

In November 2018, I got a Samsung Galaxy Note II which I did a factory reset on by holding volume up (left), bottom button and power button (right) simultaneously. I then setup Google and Samsung accounts on new device and restored contacts and messages using WiFi.

Reset Samsung Galaxy Note N7105 (Hard Reset)

On September 2018, my Samsung Galaxy Pocket Neo Android phone died. Only way to restore contacts backup on new phone was by buying another Samsung device and sycing as Samsung has a monopoly on data backed up to Samsung Cloud.

On 27 October 2018, Samsung Cloud terms changed so that backups will be deleted if not used for more than 12 months. So I have to buy a Samsung device to sync my contacts from old phone or they will be lost.

I should have exported contacts from Android before this hell of being trapped with Samsung Cloud occurred.

Android backup does not backup contacts only app settings.

Nokia N950 Backup

The Nokia N950 froze up and said 'too frequent boots - reflash device' when I tried to boot the phone when the battery was nearly flat and had inadequate power to boot. I ignored the message and powered up using power switch and the device luckily booted. I then backed up images and audio recordings via developer SDK. I plan on writing an FTP tool that will allow users to backup their phone's images, video, audio, phone numbers and SMS to an FTP site of their choosing via USB, SD Card, wifi or 3G. A Linux single user mode needs to be setup so a Nokia support person or developer can boot and rescue important files before reformatting and reinstalling the system. Too much vital information is stored on a smartphone and proper backups need to be setup or the phone will lose vital data if it crashes with a disaster recovery plan.

On Nokia N950, I did Settings / Sync and Backup / Backup and then FTPed the Backup files to the PC or select 'use as mass storage device' when USB is plugged into phone. Go to Accounts / Nokia / Synchronise to backup contacts to account.nokia.com. To enter changed password, go to Store / Download an item.

In March 2012, the Optus SIM card died so I had to get a replacement and restore contacts to SIM from Optus Backup, Nokia Account and Nokia N950 contacts.

Optus SIM Backup Down 2 months

In March 2012, I replaced my Optus SIM card.

Optus SIM Backup was down for 2 months with no end in sight.

I got Optus to email me the last backup as HTML table which I converted to CSV using app. I later imported it into MySQL for safe keeping.

New Optus SIMs do not have SIM Backup plus I would not rely on it but would use Nokia Account if you have a Nokia phone to backup and restore via the Internet over 3G as it is more reliable.

Nokia/Windows Phone Contacts

On 24/5/15, Nokia Account was replaced by Microsoft Account. Only Microsoft Hotmail Outlook Live contacts can be synced to Windows Phone not Samsung or Google.

Windows Backups (Macrium)

Migration from Windows 7 to Windows 10

In March 2021, I backed up a Windows 7 desktop to an external drive using Macrium Reflect then mounted the image and used it to restore and transfer files to new Windows 10 desktop. This was a life saver as it was much quicker than using LAN or WiFi due to gigabytes of data involved. I had to move Macrium Reflect on Windows 7 after backup to Windows 10 to do restore.

Before I did the restore to the new Windows 10 desktop, I had to wait till Windows 10 had done all its updates first which took about 4 hours which was a very long time compared to Windows 7.

Windows 10 has a much richer interface so I had to find where everything was in Windows 10 after being used to Windows 7 simpler layout.

Corrupted Restore

In May 2018, a contact had not tested their restore of Windows XP backup of Kasperksy and restore failed causing BSOD (Windows to crash on boot).

They tried safe mode but that did not work and did not want to do a new installation of Windows losing all their software and data.

Windows registry and c:\windows\system32 files had to be patched or restored or last known configuration used to get system to boot again.

Macrium

In March 2012, I tried several times to use Windows 7 backup tool to backup a laptop but it was so slow and unclear which files were backed up or whether the backup job had failed and where the image was stored.

In the end I did a quick, successful backup using Macrium Reflect which was clearer to select partitions to backup and easier to restore from an image using a network drive.

In June 2015, Macrium Reflect 5.3 64 bit worked OK in Windows 8.1. I had to deactivate license from previous crashed Windows 7 laptop to use it on Windows 8.1 laptop.

In September 2019, Macrium 5.3 can be upgraded to version 7. Windows 10 has partition problems with version 5 which were fixed in version 6 and 7.

ResourceMate Library Catalogue Restored from Backup

From 2008 onwards, I used ResourceMate on Windows laptop to catalogue 3500 items of my father's theological library to edit a book by him "Enriching Australia through educating indigenous people" by S Preston Walker still not out in 2018 10 years after starting due to lack of resources.

In October 2018, when I opened ResourceMate after months of not using it, I discovered all the data in the catalogue had gone so I restored the database from a ResourceMate backup file and got back 4087 items.

This saved me years of work. Thank goodness I backed up the catalogue to hard drive when closing the application.

I plan on upgrading from ResourceMate 3.0 Regular to Essentials in 2019 to ensure the database is still readable by new versions of software.

App Data Backups: Desktop Reminder 2

In October 2020, I loaded Desktop Reminder 2 on Windows 7 after it closed with index error to database due to reboot while it was running and found no data was loaded losing 6 months of task calendar and completion information.

I opened tasks.dr2 file in its folder and all the tasks reloaded.

I also discovered Desktop Reminder 2 was doing daily backups when used in its folder and could have used restore function to recover the data from backups.

Desktop Reminder 2 has a restore function from backups.

Also Desktop Reminder 2 should be closed before reboot to avoid data corruption or needing to reload data or restore data from backups.

MSP

If hosting or remote service is provided by an MSP, customer then only pays a monthly fee for maintenance, backup and security.

WordPress Plugin Crash

In July 2022, I had to disable plugins and turn off auto update for WP-Crontrol plugin that broke WordPress because Composer was not setup.

WordPress Backup to Cloud

In May 2021, I setup backup to cloud of WordPress site using plugin.

Security

Bigpond Email Whitelisting: Reverse DNS for AWS EC2 Server or Suspected Spammer

Reverse DNS for AWS EC2 Server

In April 2020, my email to Bigpond bounced because my server was on Amazon Web Services EC2 and they wanted me to whitelist my domain. My domain is clean. In end I sent the email to my sister on Bigpond via gmail which did not bounce as Telstra thinks gmail has enough cred but not my AWS server. Spammers have ruined AWS's credibility in Telstra's eyes.

Bigpond First Attempt

Bigpond blocks my emails to my sister because I use AWS EC2 for hosting for my mail server and they won't whitelist my domain. Telstra blames everyone on AWS with being a spammer. My domain is clean but Telstra forces me to use gmail so their system doesn't block me as a spammer which I am not. Evil Telstra. I have chosen not to email any more Bigpond customers ever except through gmail.

Because Bigpond is so big they get away with poor policies and force everyone onto gmail instead of letting people run their own servers like I do. It is for dummies.

Telstra is in the Dark Ages.

Bigpond Second Attempt

As I received a 554 error for bounced email sent to Bigpond, PTR Reverse DNS record needed to be setup for mail.wwwalker.com.au email server hosted on AWS EC2 instance. This was done via my DNS third party server (PTR record) and AWS (reverse DNS record).

In mean time till DNS is fixed for my domain, I have to forward emails to Bigpond users via Gmail or the emails will sit in mailq on Postfix on my mail server and timeout again.

Email postmaster at bigpond from gmail for whitelisting of IP address as email from wwwalker.com.au will bounce again after sitting several days in mail queue!

After 4 or 5 days of mail in mailq, deferred mail was delivered as Telstra whitelisted my domain on AWS EC2 so no more emails to Bigpond from my server will bounce!

Bigpond Suspected Spammer

In April 2020, email from my domain is bounced by Bigpond with 558 5.7.1 error suspected spammer. I emailed postmaster at bigpond to resolve this. I used gmail to email those Bigpond emails. Telstra call centre did not know what to do.

I decided not to email anyone on Bigpond any more from my domain unless they get another email address, e.g. gmail, because it marks my emails as spam and bounces them. I don't like using gmail.

I hate Bigpond. Telstra was very difficult to get to solve this problem.

Problem mail server: extmail.bigpond.com

Telstra Bigpond whitelisted my IP address.

Third Party Mail Server

The only way round this is to use a third party mail server like AWS SES where every email address has to be verified by region and forget using my own email server even though it is set up properly. This is such a waste of a server. The system has conspired to force all small IT people to outsource their IT to a bigger company.

Hotmail bouncing because domain was treated as spammer

An email to a hotmail address bounced because I had not set DNS SPF TXT record for my domain to "-all" (hard fail) on my DNS server so I set the SPF to have setting "-all". This stops others spoofing emails from my domain if they are using a different IP address.

SPF hardfail did not work but email to hotmail.com still bounced with same error 550 5.7.1 so I contacted Microsoft Outlook Postmaster via Microsoft Support request form to sort bounced email out.

Microsoft wanted me to enroll in Outlook.com Smart Network Data Service (SNDS) and Junk Mail Reporting Program to track anyone using my domain to spam. They would not unblock my domain for sending emails to hotmail so I had to use gmail again. Big companies are trying to eradicate any small operator and force all users to use big companies for email.

I use Gmail to email these domains so my email does not bounce:

Office 365 Exchange Server Bounced Email

In June 2025, email to 365community.org bounced with 550.5.4.1 recipient address rejected access denied. I could not email that person because their mail forward failed or my private domain was not whitelisted in their system. Same happened if I used gmail.com to email above so it is problem with routing or mail server.

In June 2021, email to Couriers Please bounced with 550 5.7.1 SMTP error. I need my domain whitelisted but could not get person at call centre to understand me so gave up and only use phone or their online form to communicate with them as they are non-technical and very hard to deal with.

Australian Parliament House Email Server Whitelisting Failure

In October 2019, my email to Australian Parliament House to local MP Terry Young was never delivered unless I used gmail again because my domain was not whitelisted and was hosted on Amazon Web Services. I spent hours setting up DMARC, SPF and DKIM on my domain DNS and Linux mail server but still email was not delivered to MP's email unless I used gmail not my personal server on AWS.

Spammers attempt to send 30000 or more emails per day via my server but I have blocked their IP address so none are sent.

Google Postmaster Domain Verification for Spam

In February 2022, email from my domain was bounced wrongly as spam by Gmail. So I registered my domain with Google Postmaster and verified it using TXT in DNS record. This is very similar to SPF and DKIM in proving authenticity of email from domain.

Mailing List Bouncing

In March 2022, person with long mailing list had emails bounced by 54 mail servers because servers wrongly detected it as spam because they used their standard gmail account to send the emails. They used another email address to send link to Google Drive. There is so much confusion because they use 3 emails to avoid being blocked as spammers - 1 gmail and 2 private mail server email addresses. Gmail is blocked if they email a PDF attachment but private email server email addresses are not blocked if they just email link to Google Drive not a PDF attachment. Instead of fixing problem of attachments and email addresses being blocked, they just multiply private mail server email addresses and email links not attachments and do not setup a mailing list on a proper server but use their own email account to email out a mailing list. It is a shambles.

Sender should use a consistent email address to send emails so receiver can find old emails via email address in intray. Otherwise they have to search on all alternative emails for sender or hunt on time and date in intray and search line by line which is quite frustrating.

Having sender and receiver email addresses being different for same person is very confusing just for sake of 2 people sharing gmail email.

mailchimp commercial server is OK for mailing lists as their servers are whitelisted. Also GNU Mailman is a good mailing list program for Linux, UNIX or MacOSX servers.

Tracking Email Delivery

In February 2021, tracking email delivery to my mail server helped me discover I had been blocking legitimate email which had kept retrying to send mail to me. I removed those firewall rules and email delivery was OK again. I kept logs of firewall rules and found my mistake of blocking wrong IP addresses which led to bounced inbound emails.

Before that I redirected email from my domain to gmail for a month to debug the problem of bounced emails to my mail server.

The following video helped me troubleshoot and track email delivery problems from firewall and cPanel email delivery logs.

How To Troubleshoot Email Delivery Issues - very useful tips re using tracking email delivery on cPanel

Mimecast Email Blocking

In April 2021, I found in my mail server log that email to university was greylisted with SMTP 451 Internal resource temporarily unavailable error which required mail server to retry. This technique is used to prevent spam. My mail server IP address had to be whitelisted so emails would go through and get a reply. It looks like Outlook Mimecast plugin was used to block incoming emails. I had to use Twitter to communicate with university till mail server was whitelisted.

What is GreyListing and do I need it? 12/20

In July 2020, email could no longer be forwarded from site to university mail server due to lack of SPF on forwarded email but was bounced with SMTP 550 SPF Sender Invalid - envelope rejected error. So we had to create separate mailboxes for that site.

May 2017 Technical Webinar: Email Security with Mimecast 5/17

Postfix receiving email with sender Domain not known error

In March 2023, when receiving email from UNSW CSE with internal domain and email address as sender to my Postfix server with domain checking for sender to stop spam, I got 120 retries every hour with SMTP 450 4.1.8 error. UNSW did not use FQDN for their email address.

I added an account and local domain to my Linux server running Postfix to match the incoming email so it was valid and whitelisted it in check_sender_access using /etc/postfix/sender_access and the email was received. This took me 2 days to work out.

Email with no DKIM header marked as spam by Gmail

In August-September 2023, email from my domain to Gmail was put in spam folder of brother and purged after 30 days because he didn't look in spam folder. I re-sent the email from my domain to Gmail and it went into his spam folder, he found it with my help, unblocked it and moved it to intray.

I configured opendkim to add DKIM header to emails when sending email via SMTP via Postfix on my mail server. Gmail now receives email with DKIM header and it is not treated as spam and purged. I had to check DNS of domain and find selector for DKIM record to setup opendkim to add DKIM header to outbound emails.

Outbound email goes through SMTP. Originally this was not configured to add DKIM header to outbound emails on my mail server using my domain but later was configured to add DKIM header.

Inbound email goes through IMAP and had been checking DKIM via opendkim to my mail server.

Phishing

In March 2020, a recruiter on LinkedIn emailed me re a consulting role with a link to a link to a page for more information that looked very like Microsoft OneDrive login but I could not login with my normal login as password did not work. I then worked out the recruiter was fake and was harvesting my login by copying Microsoft Live login and had sucked me in via phishing email from LinkedIn. I then reset my Microsoft Live password.

I studied phishing countermeasures MOOC via CSU IT Masters in 2018 which helped me pick this sneaky attack.

SSL for Android email

In July 2022, my email client on Android stopped working because certificate on my mail server was invalid or expired. I checked mail.log and there were errors re "dh key too small". I had to change openssl setting to enable email to be received any more from server on Android. Server had 128 bit key and Android used 256 bit key so key was too short for DH and failed. Dovecot used SSL certificate which was affected by openssl encryption.

Encryption - Email and Web

In July 2022, we changed setup of mail server for openssl as Android could not login due to short key.

In September 2019, we setup our mail server to use TLS.

In November 2018, we setup our Linux server to use SSL encryption via certificate.

Linux Attacks

Bitcoin Blackmail

In March 2019, I received blackmail emails wanting payment in Bitcoin. They had allegedly hacked my email or had a video feed via non-existent Webcam and wanted payment. This is exploitation.

Bitcoin is perfect vehicle for fraud and exploitation worldwide by hackers of digital assets like email or Websites or Webcam or phone cams as it gets round anti-money laundering protection of banks.

Bitcoin can be tracked to receiver.

Data breaches, that feed this exploitation frenzy, need to be prevented by better IT security.

Data Breach at PageUp People

In May 2018, PageUp People, a recruiting agency portal, had a data breach by hacker gaining access. Red Cross, UQ, Coles Careers, Telstra, Queensland Rail etc used PageUp for recruitment services.

People who had their identity hacked can gain help from IDcare who handle identity and cybersecurity issues for people.

Those whose account has been hacked need to change their password.

Spam Assassin (Email Filtering)

In January 2016, we configured Spam Assassin and account level filtering to move spam into Trash based on Spam-Score threshold. Before that spam was mixed up in the main email inbox and took hours to delete or remove. It mostly gets it right, otherwise the reader can rescue any misclassified spam and move them back to the inbox.

Facebook Security

In March 2022, a friend was hacked on Facebook in Malawi Africa. People should setup 2-factor authentication on Facebook and other sites using Microsoft Authenticator or Google Authenticator apps. Then when person logs in from new browser or IP address site will prompt for password as well as a constantly changing 6 digit code obtained from the relevant Authenticator app. This will stop hackers getting in. They should also change their password every month or so on Facebook.

In March 2022, a friend who did not check his friends' IDs on Facbook led to fake user befriending me via that friend and trying to con me. I unfriended them. I then got friend to unfriend them who was letting them all in.

In September 2014, I was locked out of my Facebook account and I had to provide ID to get back in when I added as a friend a fake entry for Australian Cane Farmers Association. That fake entry was deleted by Facebook.

In 2012 or so, my login on Facebook was infected by a virus when someone from Orange City Council I was a friend of on Facebook shared a post that made out I was swearing at all in my group when I clicked a link on the post that had reverse meaning to what the link did. I unfriended that person to stop this.

Malware Removal

In March 2021, Microsoft Exchange server Web access was hacked due to static cryptographic keys. Microsoft mitigation did rewrite on IIS of URL that was being attacked so bots could not login till full patch was applied.

In December 2020, SolarWinds Orion was infected by SUNBURST malware worldwide. SolarWinds changed all its CAs.

In May 2013, a Windows 7 was infected with MIXI.DJ browser plugin when I installed CrossFont (converts Mac fonts to Windows fonts), so I uninstalled it and several games and removed it from add-ons, search engines and default page in Firefox and Internet Explorer.

In April 2012, our Windows 7 laptop was infected by Security Shield malware which blocked all apps including browsers, delete and rename and made the PC run very slow. Safe mode and using a Linux PC were ways to download an antivirus or antimalware to remove it. We tried PC Tools Spyware Doctor with Antivirus, AVG, Windows Defender and finally Malwarebytes Anti-Malware.

Malwarebytes Anti-Malware full scan is very slow, taking 7 hours for 500,000 files. AVG did the same in 2 hours.

Microsoft Security Essentials detected Rogue:Win32/Winwebsec so I let it remove it.

The first video is better but the second video has info about http://live.sysinternals.com/procexp.exe for seeing and killing processes running when task manager is blocked.

Meltdown and Spectre CPU speculative execution cache reading bug

In 3 January 2018, Intel CPU had bug that cache in kernel could be read by user so passwords and security keys could be sniffed. Operating systems have been patched including Windows, Linux, MacOSX, Android and iOS. This is a very esoteric bug. Older hardware is not affected. CPU speculated on result of if statements in logic and executed and stored results in cache which someone reading through memory could find via side-channel (internal memory).

Patches brick CPUs.

Antivirus can block fix so check status.

Easy explanation of Meltdown and Spectre

Harder explanation of Meltdown and Spectre

WannaCry Attack

Around 15/5/17, WannaCrypt Ransomware worm attacked 200,000 Windows servers in 150 countries through security exploit and brought them down. Servers had to be patched and rebooted.

Botnets

A detailed look into the Mozi P2P IoT botnet 12/20

Botnets use P2P (peer to peer) networking to distribute themselves using routers and IoT devices with poor authentication controls.

These vulnerable devices need to have their firmware upgraded urgently to close the security holes. Firmware upgrades are available from the manufacturers' websites e.g. Netgear, D-Link, Huawei, Realtek.

In December 2020, Mozi botnet attacks appeared in my Linux server Web logs as devices trying to get botnet software downloaded from remote host to router with poor authentication controls they are attacking and run malware remotely using RCE or Remote Code Evaluation which distributes itself to even more vulnerable devices in a massive network of nodes.

See NETGEAR Product Security for router vulnerability alerts and patches or upgrades.

RFID Card Scanners

In December 2023, because I walked too close to a Translink Smartticket machine it scanned my debit card and charged it $10 without my permission so I had to call Translink to have it reversed which will take 10 business days.

Use a RFID blocker card holder to shield cards from RFID so ticket machines or thieves cannot suddenly take funds without permission.

Queensland Camera Traffic Fines

In December 2023, I was fined heavily for carrying a mobile phone to use Google Maps while driving on Western Freeway Mt Coot-tha. There were no traffic signs warning drivers of massive fines for carrying mobile phone while driving.

I bought a Brisbane Gregory's street directory (paper book) and stopped using mobile in car for Google Maps to avoid massive traffic fines.

CrowdStrike global outage on Windows Servers

CrowdStrike IT Outage Explained by a Windows Developer - Dave's Garage - 7/2024

Dave's tweet re bad bug in kernel driver of CrowdStrike 7/24

Web-Based Systems

reCAPTCHA for protecting Web forms from spammers

In April 2017, I upgraded to Google Recaptcha v.2! It took me 2 or 3 hours to work out syntax! Recaptcha now uses JSON and Javascript as well as PHP.

We removed Sweetcaptcha because it has been infected with ad links.

Installing Google reCAPTCHA on Web site forms to prevent bots trashing the email system is also done by us. Contact us for an example. No more bots get through now.

Data Integration of Financials with Web Portals

In October 2010, we moved our bookkeeping to a private Web portal rather than rely on old PCs and managing upgrading Windows. We do bulk uploads of records to Web and report for tax purposes and business accounts using the Web instead of PC software making us more agile and flexible and not forcing us to come back to Orange to do accounts.

Cloud computing is where the user uses applications loaded from the Internet. The data is stored offsite, perfect for mobile applications or disaster/recover options for small businesses with small IT budgets and pay by the month modes.

Monitoring

In February 2012, we provided Web-based email-to-SMS alerts for ourselves or customers on a 24/7 basis using our own online scripts that monitor emails for specific criteria. Later we will use Nagios when have more resources. We also examine standard logs and deduct the best way of repairing the security breach or restoring the system to a safe restore point from backups.

Mailing List Archive Backups

In February 2012, we are working to recover a 1980s style system Lyris ListManager mailing list after the server was rebooted and only part of the list archive was restored from backups. Later we may migrate it to Mailman. As the original was lost, I found a copy of a personal flat file Eudora mail archive, munged it with Python, Ruby, PHP and flex and am migrating it to another Website. Others converted an HTML archive of earlier years to Word and uploaded it to box.com and Google Docs as redundancy.

System Upgrades

Windows

Windows 7 upgrade to Windows 10

In February 2020, I need to upgrade Windows 7 to Windows 10:

Windows Update not working on Windows 7

In January 2017, I installed new client for Windows Update on Windows 7 and installed over 200 updates. Before that no updates were done as the client was faulty.

Windows Upgrades and Cloud Computing

Office 365

Your email, Microsoft Office, Exchange and Sharepoint can be migrated to Office 365 by us. We are qualified administrators of Office 365. We did this in June 2016 in Caboolture for a Windows 10 laptop customer and migrated their email and address book from Outlook .pst file.

Mobile Support

In September 2018, I upgraded Windows Phone 8 to 8.1 but could not upgrade to Windows Mobile 10 due to my Nokia Lumia 820 not being supported.

PC Support

As Windows XP support expired on 8 Apr 2014, we are able to migrate Windows XP, 7 or 8.1 to a Windows 10 or into the Cloud. No more virus updates or patches will be available after that date so the system is vulnerable. This will require wizards and backups to be run and software and data migration from old applications to those that will run on Windows 8.1.

In July 2015, we upgraded to Windows 10 including installing drivers for biometrics and Web camera from earlier versions of Windows.

In April and August 2012, we upgraded Windows XP systems to Windows 7 including a backup. In January 2014, we upgraded a laptop from Windows 7 to Windows 8.

Microsoft Money is obsolete and only runs on Windows XP. Data from financial information needs to be exported and imported into software that is supported either on the desktop or into Cloud software like we did.

Other common jobs are rebuilding PCs with Windows XP, Vista, 7, 8 and 10, Linux or FreeBSD.

Examples:

Linux

Linux Debian Long Term Support (LTS)

In June 2018, Linux Debian 8 Jessie was end of life and Apache was crashing intermittently, so as per Debian Long Term Support (LTS), I added LTS repositories and joined email list for LTS upgrades.

Virtualization

To save hardware, we can create virtual machines to run your applications. This allows us to run Linux and Windows on top of each other. We did this on limited hardware in Brisbane to enable us to test software running on FreeBSD, SuSE Linux and Fedora Linux all on a Windows XP Pro PC without having to install them on separate partitions. This is heaven for a sysop with a limited budget.

This flexibility improves agility and produces quick disaster recovery. This is what they had to do after September 11, 2001 in USA - move their staff to another location and rebuild servers from backups to survive using minimal hardware and working over the Internet from remote locations. Many sites or small businesses worldwide now backup to a remote server for a monthly fee per Gigabyte. This is now called cloud computing.

Using virtualization, snapshots of various operating systems like Unix, Linux, FreeBSD, Mac OS X and Windows can be saved and then reloaded on a totally different operating system allowing for very quick response should the hardware fail or a system be overrun with viruses or spambots due to lax security.

Common virtualization software includes VirtualBox, VMware, Xen or HyperV.

This can also be done via Docker and Kubernetes.

Testing

This is ideal for setting up various work or test machines without having to purchase many pieces of hardware to run them on.

If the customer provides us with a support ticket with configuration information in it to reproduce a bug, we can login to our own virtual server and reproduce the errors without having to go near their server and deploy a fix for the problem from our inhouse resources.

If the customer does not have enough modern PCs to run test machines, we can install VMware and load a virtual operating system image to test systems at low cost and high efficiency and enable us to get on with the job despite a lack of dedicated hardware on the customer's premises. We have done this onsite in Brisbane when we were doing technical support for a small company and just could not get a spare PC to test systems on to achieve our objectives. VMware virtual images are a great way to get around these hardware limitations often foisted upon us to save money by the customer.

As usual it is easier to spend our own time and money doing virtualization than waiting for ages for the customer to spend money then ending up doing it for them for free just to get a job done on time and make money. This seems to be how small businesses avoid paying any money - they put financial pressure on suppliers and in the end they donate equipment or time to get a job going rather than have it fold due to the customer avoiding investing in equipment and training. The tradeoff is we own the technology and bring our own tools to the job to avoid delays so the customer owns nothing and just gets a service.

As of March 2012, Veritas Backup Exec 2012 now supports VMware and Hyper-V so only one backup for multiple Windows or Linux Virtual Machines on a host is required.

Tools

VMware is mostly about setting up virtual machines in data centres. We do not use it much inhouse except for setting up a test machine. They are into 1000s of seats (licenses) per customer (enterprises) not little guys like me who have may be 1 or 2 licenses. They are a greedy big company. I do not recommend VMware for small businesses only medium to large enterprises. Apart from their free VMware player, everything else they sell is over $10,000 USD per licence.

VMware has several open source divisions: Springsource (Cloud Java beans platform), RabbitMQ (messaging), Zimbra (groupware) and Tanzu (Kubernetes) which is of value to me as an opensource developer. I went to a course in Brisbane in 2011 with Queensland JVM on Springsource and RabbitMQ.

We recommend opensource virtualization products like Xen Project.

VDI is Virtual Desktop Infrastructure so the user can run their desktop on a virtual server not their own PC. Microsoft, VMware and Citrix support this.

Around 2014, we looked at Docker containers to run instances of operating systems.

NBN compatible VDSL2 modems

On 6 June 2024, my NBN connection died using ZTE H268A modem. I tried to find another NBN compatible modem but NBN had a very difficult to understand ITU standard for modems to meet to be compatible so one had to believe statement that modem was compatible on retailers' sites like Officeworks or use trial and error and return it to try another one if that modem didn't work.

Communications Infrastructure Disaster

In November 2012, Southern Grampians Shire Council was cut off for 2 weeks when Telstra Warrnambool Exchange burnt down. This is a lesson on having backup plans that are tested.

Due to excess data on Optus and Vodafone mobile networks being very dear at $10/GB, in November 2015, I setup TPG broadband at my home office to combat this excess data charges.

NBN cuts copper about 6 months after it comes to an area. Caboolture will be cut off in September 2016 so all people must switch to NBN or mobile for communications.

Email Mailbox Full

In August 2019, to connect with customer via email to try and get some violin lessons going, I had to help them receive email from me which was being blocked because their mailbox was full without their knowledge. They also wanted to know if I got their emails but I hadn't because their mailbox was full so no email could be received or sent. This required checking for pending emails from me to them in my mail queue of my mail server. They had to delete the excess emails so my email could be received and I could receive their email. Once they had cleaned up their mailbox I was able to receive an email with one large image of several megabytes and they received two test emails from me. It was quite a saga over several days.

Message Size Too Big

In March 2021, I detected in my mail.log via pflogsumm Perl tool that someone had emailed me an email that was too big for my mail server's message size limit so was bounced with SMTP error message:

My Postfix mail server has a message size limit of 10MB and if the email received is over that limit it will be bounced.

I had to use domain of sender, whois and ABN to find who was emailing me such a large file.

Instead of emailing a large email, sender should:

Mail server is a very slow file server so alternative ways need to be found to send large files.

I think person was emailing me many PDFs which exceeded 10MB maximum message size instead of fixing broken links on their Website to PDFs. All they had to do was fix broken links not send a very large email with PDFs in it that bounced and caused all sorts of problems sorting out bounced email. I could also have found out information re market research in job market elsewhere via Google instead of trying to get PDFs from site with broken links.

Many untrained people use email like a sledge hammer to send anything and everything causing all sorts of size issues when size is too big. All they needed was some WordPress skills on how to fix broken links then login to admin console and fix them in 2 minutes rather than bundle all the PDFs up that had broken links to them on the Website and email them as a very large email that bounced and caused hell for the receiver.

Devops

see also Groupware and Devops

Devops is a crossover between development and operations.

We have skills in:

We once for a client in Sydney successfully setup and ran a large import/merge job of 1 million rows of CSV patent record data from many jurisdictions and formats into MySQL database using PHP to setup a batch pipeline of C jobs using MySQL C API on our own Linux server, a form of Devops.

VoIP Call Blocking, Voicemail and Call Forwarding

VoIP allows user to have personal PABX.

In August 2022, I rang Exetel re blocking scam callers to my NBN VoIP landline phone. I had the number of the scam caller from my Uniden DECT phone. I could not block calls on the Uniden DECT 1105 was it was too simple. ZTE modem did not allow me to block calls.

I learned from Exetel call centre tech support that I could login to Exetel user console and setup call blocking, voicemail and call forwarding:

Having voicemail setup on my VoIP landline number was good because before it was setup people rang and could not leave message so wondered why I did not get call. With voicemail the recordings were emailed to me on my mobile or a SMS was sent to alert me to ring voicemail from home phone when I got home.

Call forwarding to my mobile would be good when I was away from home for a period of time.

Square pairing and NFC Tap to Pay with Samsung Galaxy A15

Square is a mobile payment system I first used in June 2023 with Square card reader and Android phone (Huawei Y5 2019). That phone was replaced in August 2024 due to 3G closure with Samsung Galaxy A15.

In May 2025, I had no luck pairing Samsung Galaxy A15 to Square Card Reader 2nd generation again after battery went flat, device disconnected and was recharged with USB cable, and tried using Square orange dots flashing and Android Bluetooth on to connect but failing. However pairing workaround I discovered by trial and error is below. ** is new method.

Another option is Tap to Pay via NFC on Android Samsung Galaxy A15 phone in Square app:

Another option when Square card reader will not connect via Bluetooth to Android is to enter credit card or debit card number manually via Square app.

Another option when Square card reader will not connect via Bluetooth to Android is to take cash.

If there are several Square card readers in same area, know 4 digit code at end of Bluetooth ID for your Square card reader so you connect to correct Square card reader.

In April 2025, I had no luck connecting Samsung Galaxy A15 to Square Card Reader 2nd generation but with help of AI on Google Search:

21/5/25 this does not work so use above

In February 2025, after finding Square card reader had error message "reader damaged", I got a new Square card reader with warranty claim then got Square card reader to connect to Samsung Galaxy A15:

23/4/25 this does not work so use above

It is tricky to pair the Square card reader to Samsung Galaxy A15. In Square app there is spinning wheel and no pairing. In Bluetooth it is possible to pair but only if Square is powered up with orange dots from scratch not while it is flashing orange dots.

This is undocumented feature as Square compatiblity list does not list Samsung Galaxy A15 but it should as I have managed to pair Square card reader wtih Samsung Galaxy A15 with above method.

New step requires Square to be powered off (red dots) then restarted with green dots then flashing orange dots.

Skype End of Life, Replace with Microsoft Teams

Since Skype is closing, download conversations and files in JSON format which is hard to read. It can be manually imported conversation by conversation into Microsoft Teams. Data will remain till January 2026.

Use JSON viewer like: JSONviewer. Copy and paste contents of messages.json into jsonviewer then expand all then walk through branches of JSON. There are many JSON viewers on internet.

In Outlook which replaces Bigpond email below, click on video and it will use Chrome to use Microsoft Teams with Webcam and computer speaker as in Firefox speaker is not detected due to browser incompatiblity. All Skype contacts and conversations are migrated by Microsoft into Microsoft Teams as Microsoft owns both Skype and Teams. There are Microsoft Teams apps also in Windows or Android. Other contact in Skype must use Microsoft Teams to connect via Microsoft Teams so customers are migrated to Microsoft Teams and Skype is closed down. Data migrates to new software.

So between Skype and Bigpond end of life, customer is moved 100% to Microsoft software of Teams and Outlook or Microsoft 365. Once customer is on Microsoft 365, they use spreadsheet, word processor, powerpoint, database, Outlook email, Teams all on same platform so totally on Microsoft.

There are alternatives to Microsoft like Amazon Web Services, Google Gmail, Yahoo Mail, Facebook Messenger (video), Zoom (video), BBB (BigBlueButton) (video), or one's own mail, database and Web server with own domain.

Bigpond end, migration to Outlook or Microsoft 365

According to church, bigpond.com is closing their email addresses and they are migrating to outlook.com for their email with a new email address.

There is option to use Microsoft 365 for email.

I would recommend if your use bigpond.com for email to get a new email address and email it to contacts when you get it so they know what it is.

I guess there would be a way of downloading emails before email address at bigpond.com is closed using POP and Thunderbird software for example.

Contact Us

Get in touch if you need help rebuilding, upgrading, recovering, backing up, virtualization of your system or protecting of Web forms from bots. We have experience with Windows and Linux both local and remote backup to disk, flash drive or tape and to the Web.

We have experience with gigabytes of backups.

Links

Created: 28 June 2007 23:10
Last Updated: 1 Jun 2025 23:00

WWWalker Web Development Pty Ltd