PC Tech Thread

No, but it makes windows which is what causes the problems. Boot camp is just a fancy name for a partition and an installer creation tool. Maybe if my windows 10 was registered it wouldn't have had an issue with updates...

fucking thing will sit there pretending to search for new updates

Happened to me on my laptop, also on two others. It's annoying as fuck.
A friend told me about these update packs (don't know of any english sites but here is the german one I used).
Set up correctly it installs updates / reboots / continues to install updates etc. by itself.
Oh, and it also updates the update.
: ]

I want to build something like a little PC/rasperberry/whatever, which I can put between ADSL/modem and my router to capture ALL the traffic in both directions.
I need something intelligent or configurable as don't have time to sit watch wireshark.

Any apps in either Linux or windows people can suggest?
cheers

All the traffic, including SSL?

@Emyr very good point and yes if possible. Is that a MITM to proxy all SSL traffic?

.

Avoiding software recommendations (basically you'll be running tcpdump on a bridge device with some kind of wrapper I guess), here's a bit of hardware that should be able to keep up. Not the cheapest, but I think it's pretty neat.

https://pcengines.ch/apu2.htm

@rhowe, thanks that's an interesting little bit of kit. I especially like the term 'network plumbing' and agreed I'll probably end up with a dump and having to sift through it. Maybe an app to sift and sort is best.
I've got an old HP 7800 USDT I was gonna use at least to get it working as proof of concept but long term some that's at 'network plumbing' sounds ideal.

Cheers

Need a bog standard gigabit switch, 8 port for contingency. Anything against something as cheap and cheerful as this?

Alternatively there's a netgear one for £30 but I've no idea whether the extra cash gets me any significant benefits.

Switches are so simple as hardware it is ridiculous.

You can go cheap, it is fine.

Only pay more for smart switches, i.e. stuff with controllers and software and that can be remotely configured (like this: https://www.ubnt.com/accessories/toughswitch/ ).

But unless you're going for a software defined network (where you can remotely see what is happening, and remotely disable a port on a switch, etc)... then hey, cheap is cheerful :)

Really odd issue here, one I've not seen before.

Office internet is throwing a DNS error for the website I'm meant to be updating. Thought it might have been the DDoS attack on Friday, but still getting it now. Can connect from home internet, and on my phone, and the hosting company have said its fine their end.

Have reset the router to no avail. No idea what to do after that, can't even think what the problem might be?

Check no-one hard-coded it anywhere like the /etc/hosts file or equivalent.

Also, check what DNS servers are being used by the company... switch it to use 8.8.8.8 and 8.8.4.4 if you can.

Also... your work may be IPv6 whilst your home and phone may be IPv4. It's possible the site is misconfigured on IPv6, try checking IPv4 DNS resolution from the office.

If all of this is whoosh... ask someone.

It's happening on my home laptop, so its not the etc/hosts file, I think. But doing a ns lookup suggests it might be being redirected to the file server, so I guess will have to gripe at the IT people.
Have updated IPv4 and 6 to google's DNS settings anyhow.

Ta for your help

Edit: huh, turns out updating DNS settings has sorted it. Presumably that overrules whatever else was sending it to the fileserver

If anyone is interested I'm selling an sweet HTPC / Steam streaming setup Inc. HDTV and 2.1 Speakers

https://www.lfgss.com/conversations/294962/

a MITM to proxy all SSL traffic?

Please don't.

Some apps will check that the certificate's chain of trust matches expectations, so they'll break. Also, if you do this, you make it a lot harder if the connection between the server and your MITM proxy has been MITM'd too.

Is that a MITM to proxy all SSL traffic?

Wouldn't work on LFGSS.

We use HSTS to force SSL, we do certificate pinning, the DNS uses DNSSEC.

A decade ago that proposal would work, but now you'd find parts of the internet broken and with each day more parts would break. The very thing you propose is in essence what state level surveillance did at times, and also what advertisers try and do... the internet is building defences against this.

You can capture packets to your hearts content, but it will all be encrypted and your chances of decrypting are low. You can MITM too, but you will break a lot of stuff when the chain of security breakage is detected.

@Velocio @emyr, ta for the input. To put it into context I want, at least, to be able to browse logged traffic that's going out of my house AND read it if I wish. I imagine it will broadly fall into two catergories. Stuff that stops working but I know I want to use (lfgss and personal banking etc, webmail etc) and I therefore have to put up with it being encrypted/exlcuded from proxy. The second catergory is stuff that breaks and I don't care about AND previously didn't know about. It's this catergory I care about, i.e. whats potentially leaking from my machine. I'm with NTL and I get so little from the logs that it's laughable!
Maybe I'm complicating it too much and I should just use IP to check where the traffic's going and bump it but I think I must be able to inspect more stuff than I can at present, which is zero.
Cheers

I suspect you can get most of your answers a different way.

DNS.

DNS is the one part that isn't encrypted, and you could use Wireshark and filter the logging to only port 53 UDP.

It's enough to identify all resolved domain names, which would reveal all destinations.

This is what I did when I setup my own VPN and wanted to block advertising on my mobile device. I knew that the adblocking lists out there were desktop targetted, so I logged the DNS requests and looked just at those, which revealed a whole slew of destinations I didn't want to talk to.

@Velocio, cheers for that and sounds like a good plan. I need to get into the position where my wireshark/tcpdump machine can see the traffic first though. Cheers

DNSMasq is your friend.

http://www.thekelleys.org.uk/dnsmasq/doc.html

Configure it to be your DNS server, change your routers DNS to use it, and add logging: http://www.linuxquestions.org/questions/arch-29/where-can-i-look-to-see-where-dnsmasq-is-logging-queries-4175531370/

BTW... this is where my support stops.

I don't mind pointing people in the right direction... but I don't want to become user support for whatever arcane configuration you end up creating :)

@Velocio, If I have issues can I have your mobile number please? :-)
Cheers I appreciate your expertise and time, I owe you a beer if our paths cross.

Windows touch screen laptop / tablet combo things. Is there a clear winner?

It would be used for SOHO type stuff, so performance not a major criterion (although it would be useful - to me at least, maybe not to the primary user - if Steam games could be played on it).

SOHO type stuff

So long as you use incognito browsing, you should be fine

I thought the Surface Book took the crown.

But then... everything seems pricey nowadays.