Jul 3, 2024

fail2ban whitelisting an IP address

From a terminal:

sudo ls -l /etc/fail2ban/jail.conf

sudo nano jail.conf

Add the IP address to whitelist to the ignoreip = <your_ip_address>

sudo systemctl restart fail2ban

Sep 7, 2022

fail2ban unban command

fail2ban-client -i
then in interactive mode type read the status of a jail:
status sshd
you'll get:
Status for the jail: ssh
|- Filter
|  |- Currently failed: 0
|  |- Total failed: 3
|  `- File list:    /var/log/auth.log
`- Actions
   |- Currently banned: 1
   |- Total banned: 2
   `- Banned IP list:   192.168.0.100
then type in fail2ban interactive mode:
set sshd unbanip 192.168.0.100
you'll get:
192.168.0.100
it means no longer 192.168.0.100 in ban list.

Nov 28, 2020

Keto Resources

Introduction to low carb:

Carbohydrate Restriction-Induced Elevations in LDL-Cholesterol and Atherosclerosis: The KETO Trial

Dr. Stephen Phinney on Nutritional Ketosis and Ketogenic Diets (Part 1) Watch Part 2 and 3 as well:

History of Cholesterol and it's influence - David Diamond- Demonization and Deception in Cholesterol Research

Additional data points:

Dr. David Diamond - 'An Assessment of Cardiovascular Risks of a Low Carbohydrate, High Fat Diet'

Dr. Z interviews researcher Dave Feldman on his research into lipoprotein and their effects on the human body:

Journal article based off of 9,570 people tested to see if replacing a diet of Saturated Fat with Vegetable Oil rich in Linoleic Acid would reduce coronary heart disease and death. It decreased cholesterol but increased death--authors conclusion: this was due to the negative oxidative effects on lipoprotein from the consumption of Vegetable Oil.

Journal article discussing the Sugar industry's demonization of fat during the 1950's. The industry singled out fat and cholesterol as the dietary causes of CHD and downplayed evidence that sucrose consumption was also a risk factor. This alone caused decades of issues for American dietary education.

Statins for Primary Prevention The Debate Is Intense, but the Data Are Weak

Conflict of Interest in Seminal Hepatitis C Virus and Cholesterol Management Guidelines


 


Oct 11, 2019

Fixed: Dell iDRAC6 SMTP Email Alert Settings

Goal: get email notifications sent from a Dell Poweredge with iDRAC6 when a server issue occurs.

Problem: "Email not sent." is the message displayed after clicking Send Test Email.

Solution: 
  1. iDRAC Settings > Network/Security > Enter your DNS Domain Name (ex. yourdomain.com)
  2. iDRAC Settings > Network/Security > Set DNS Servers (this is so external SMTP domains can be translated)
  3. Apply
  4. System > Alerts > Click Enabled for Enable Platform Event Filter Alerts
  5. Apply
  6. System > Alerts > Email Alert Settings > Enter destination email and Email Description
  7. System > Alerts > Email Alert Settings > Enter in either your internal email server or external email relay. iDRAC 6 does work with external email relays outside of your organization.
  8. Apply
  9. System > Alerts > Email Alert Settings > Click Send to Test E-Mail
A successful email will be sent:

Subject: Alert from iDRAC

Message: [DELL IDRAC WARNING]
Message: TEST PAGE
Event: Email paging test to user.
Date: 10/11/2019
Time: 13:41
Severity: Info/Normal

Jun 28, 2019

Fixed: Jira server.xml special characters error

Issue:
When starting up Jira, an error is displayed blocking the startup. The error says server.xml has an issue with special characters then directs the admin to go https://confluence.atlassian.com/jirakb/changing-server-xml-to-handle-requests-with-special-characters-958453799.html.

Server setup:

Self-signed certificate for https
Https Port 8443

Here is the server.xml file that worked for me. I inserted at all Connector lines: relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
<?xml version="1.0" encoding="UTF-8"?><!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
--><Server port="8005" shutdown="SHUTDOWN">
    <Listener className="org.apache.catalina.startup.VersionLoggerListener"/>
    <Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/>
    <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
    <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
    <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>

    <Service name="Catalina">
    <Connector acceptCount="100" bindOnInit="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8080" protocol="HTTP/1.1" redirectPort="8443" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`&quot;&lt;&gt;" useBodyEncodingForURI="true"/>
        <!--
         ==============================================================================================================
         DEFAULT - Direct connector with no proxy for unproxied access to Jira.

         If using a http/https proxy, comment out this connector.
         ==============================================================================================================
        -->

        <!-- Relaxing chars because of JRASERVER-67974 -->
        

        <!--
         ==============================================================================================================
         HTTP - Proxying Jira via Apache or Nginx over HTTP

         If you're proxying traffic to Jira over HTTP, uncomment the below connector and comment out the others.
         Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.

         See the following for more information:

            Apache - https://confluence.atlassian.com/x/4xQLM
            nginx  - https://confluence.atlassian.com/x/DAFmGQ
         ==============================================================================================================
        -->

        <!--
        <Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
                   maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
                   maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
                   acceptCount="100" disableUploadTimeout="true" bindOnInit="false" scheme="http"
                   proxyName="<subdomain>.<domain>.com" proxyPort="80"/>

        -->
        <!--
         ==============================================================================================================
         HTTPS - Proxying Jira via Apache or Nginx over HTTPS

         If you're proxying traffic to Jira over HTTPS, uncomment the below connector and comment out the others.
         Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.

         See the following for more information:

            Apache - https://confluence.atlassian.com/x/PTT3MQ
            nginx  - https://confluence.atlassian.com/x/DAFmGQ
         ==============================================================================================================
        -->

        <!--
        <Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
                   maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
                   maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
                   acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"
                   proxyName="<subdomain>.<domain>.com" proxyPort="443"/>
        -->

        <!--
         ==============================================================================================================
         AJP - Proxying Jira via Apache over HTTP or HTTPS

         If you're proxying traffic to Jira using the AJP protocol, uncomment the following connector line
         See the following for more information:

            Apache - https://confluence.atlassian.com/x/QiJ9MQ
         ==============================================================================================================
        -->

        <!--
        <Connector port="8009" URIEncoding="UTF-8" enableLookups="false" protocol="AJP/1.3"/>
        -->

        <Engine defaultHost="localhost" name="Catalina">
            <Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true">

                <Context docBase="${catalina.home}/atlassian-jira" path="" reloadable="false" useHttpOnly="true">
                    <Resource auth="Container" factory="org.objectweb.jotm.UserTransactionFactory" jotm.timeout="60" name="UserTransaction" type="javax.transaction.UserTransaction"/>
                    <Manager pathname=""/>
                    <JarScanner scanManifest="false"/>
                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="120"/>
                </Context>
            </Host>
                    <Valve className="org.apache.catalina.valves.AccessLogValve" pattern="%a %{jira.request.id}r %{jira.request.username}r %t &quot;%m %U%q %H&quot; %s %b %D &quot;%{Referer}i&quot; &quot;%{User-Agent}i&quot; &quot;%{jira.request.assession.id}r&quot;"/>
 </Engine>
        <Connector relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;" SSLEnabled="true" acceptCount="100" clientAuth="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" keyAlias="jira" keystoreFile="/opt/atlassian/jira/jira.jks" keystorePass="2102#Commerce#Drive" keystoreType="JKS" maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true" sslProtocol="TLS" useBodyEncodingForURI="true"/></Service>
</Server>

Mar 14, 2019

Tesla Factory Tours Requirements

Posting this to help other owners book a Tesla factory tour.

From Tesla:

Thank you for contacting Tesla Factory Tours!  We can’t wait to show you our ground breaking facility and how we make our revolutionary vehicles.  Due to the overwhelming amount of tour requests we receive, our team will respond to you within the next 48 business hours.  Our schedule fills up 2 to 4 weeks in advance so unfortunately, last minute requests cannot be accommodated.

If you are a Tesla owner, please provide us with your reservation number or VIN for us to reference your account.

Thank you and we look forward to your visit.

Tesla Tours

  • We host factory tours for Tesla owners Monday-Friday promptly at 10am, 11am, 3pm, and 4pm, excluding major holidays
  • Tours last approximately 60 minutes
  • All minors must be accompanied by an adult
  • No toddlers or infants (0 – 36 months old) permitted on the tour
  • We allocate 4 seats per owner group, and the registered Tesla owner must be present with their guests for the tour
  • We are flexible with larger immediate families; it is our policy to not split up families or leave some members behind
  • We cannot reserve tours more than three months in advance
  • We suggest booking at least 2-4 weeks in advance to ensure you get a seat on a tour
  • Tesla owners may book one tour per calendar year
Tour Guidelines:
  • Required dress code: closed-toe shoes, long pants, and a shirt with sleeves (short sleeves are ok)
  • Government issued ID is required for all guests 18+ upon check-in
  • Tours start promptly on time, and last approximately one hour
  • We are unable to accommodate late arrivals
  • The registered Tesla owner must be present with guests
  • No photo or video allowed inside the factory
  • All minors must be accompanied by an adult
  • No toddlers or infants (0 – 36 months old) permitted on the tour
  • Your tour experience is subject to change depending on factory developments and its production schedule.
  • This includes but is not limited to: tour route, tour duration and activity within the factory
 

Nov 28, 2018

How to: Installing Pi-hole on the Raspberry Pi w/CLI and SSH



This tutorial will build a Pi-hole server running on a Raspberry Pi 3. Pi-hole enables network-wide adblocking. Pi-hole is your own personal DNS Server and will not only protect your network from ads, but also from malicious websites, all the while improving page load performance. You will be able to access the Pi-hole via a web interface, and also manage the Raspberry Pi unit via SSH.

Hardware Required:

  • Raspberry Pi 3
  • 4GB+ microSD card
  • Ethernet
  • Monitor connected via HDMI
  • Keyboard

Step 1: Getting the Raspberry Pi up and running


Download RASPBIAN STRETCH LITE  https://www.raspberrypi.org/downloads/raspbian/

Unzip the image

Download Etcher https://github.com/balena-io/etcher/releases/download/v1.4.8/balenaEtcher-Setup-1.4.8-x64.exe

Flash the image to the microSD card (use a 4GB card or larger)

Connect keyboard and monitor and power to Raspberry Pi

Boot up

https://www.raspberrypi.org/documentation/linux/usage/users.md
Log in using

pi
passwd

Change password using: passwd

ifconfig
Write down the MAC address

If possible, assign the Raspberry Pi a static IP from within your router/firewall

Reset the Raspberry Pi so that the device gets assigned the new IP address from the router/firewall

ifconfig
confirm the IP is correct

Step 2: Installing Pi-hole

https://github.com/pi-hole/pi-hole/#one-step-automated-install

From Raspberry Pi's CLI, enter the following commands:
wget -O basic-install.sh 
https://install.pi-hole.net
sudo bash basic-install.sh

This will bring up the GUI to install Pi-hole. Use all of the default recommended settings.

Write down the password that is generated. This will be used to log into the web admin interface.


Step 3: Enabling SSH


https://www.raspberrypi.org/documentation/remote-access/ssh/

From Raspberry Pi's CLI:

Enter sudo raspi-config in a terminal window
Select Interfacing Options
Navigate to and select SSH
Choose Yes
Select Ok
Choose Finish
Alternatively, use systemctl to start the service

sudo systemctl enable ssh
sudo systemctl start ssh

Step 4: Configuring Pi-hole from web admin interface


Go to another computer/device connected to the same network

Open a browser

Visit the IP address of the Pi Hole device
Begin configuring Pi-hole.

Step 5: Set up Router's DNS settings to point to Pi-hole

Log into your Router
Change the DNS to point to the IP address of Pi-hole

Reboot all client machines to update their DNS server


Please consider making a donation to Pi-hole to support the development: https://www.patreon.com/pihole