Merry Christmas everyone.
Friday, December 25, 2020
Sunday, December 6, 2020
Sunday, October 25, 2020
www.pfsensefirewall.com
As you all know, White Rhino Security does all vendor firewalls. For our small office, budget related customers, we have been moving away from Sonicwall and are moving them to pfSense. We decided to make a pfSense blog page, with posts only related to pfSense and related items.
Find it here at www.pfsensefirewall.com
Friday, October 23, 2020
Tuesday, October 6, 2020
Monday, October 5, 2020
Firewall Migration: Fortinet To Cisco
It's a time consuming process, but manual moves of the configuration is just what you have to do. Even if there was a migration tool, I've never seen anything that worked really great.
Sunday, October 4, 2020
The Absurdity Of Macroevolution
Have you ever really given the myth of evolution any real thought? Think about these questions:
1. If we really did come from a single life form (a blob), are you saying that it somehow divided into two separate blobs at some point? Well, I have never seen that in my life, in anything. Yes, cells can within a single lifeform, but not become a separate life form.
2. And if you believe in evolution (macroevolution), are you saying that somehow, at exactly the same timeframe, that a male and a female miraculously evolved, two separate beings? Do you realized how many miracles would have had to take place to even get to this one particular miracle?
3. We know that species can not reproduce with other species or turn into other species. But you are saying that something can turn into another species? I have never seen that happen, nor has it ever been recorded throughout history as known evidence. Only changes within a species (microevolution). Macroevolution is just simply ridiculous.
4. And are you saying also that this whole existence began with a bang? That a small spec floating out there in something that already existed, blew up to create more than it even was before? I have never seen that happen in my life. If I take a water balloon and pop it, it doesn't become more water and balloon, let alone more elements.
I could go on and on with the questions that simply make this myth laughable. You may ask me something like "am I smarter than these scientists who think this stuff?". My answer is yes, I am smarter to not believe that nonsense. The only answer to all of this that makes any sense is that we have a God that created us and this whole thing we live in. And not only that, but that He loves us and wants to have a relationship with each and every one of us, which is through the action He took of restoring us, if we choose to believe in His Son Jesus (Yeshua). Don't you want to have a relationship with all of your kids?
Don't believe that nonsense that you are taught in school. Use your head and think about it.
Friday, October 2, 2020
Friday, September 25, 2020
Wednesday, September 23, 2020
Can You Ping To A Certain Port Number?
I had a phone conversation today with someone who said that they thought that they could ping to a certain port number. I was walking them through using telnet to see if a port was open, when that statement was made. Thats the quick way to see if a port is open, to just telnet to that port and see if you get a blinking light. Easy enough, but can you ping to a certain port at the destination end?
Quick answer, No. Here is why:
Notice above how there is not port number under layer 4 (Internet Control Message Protocol). You can see Im pinging 4.2.2.2. But you dont see any port number involved.
Now, lets look at a UDP packet:
At layer 4, you do see port numbers. Specifically a source and destination port number. Same for TCP, but not ICMP.
Always prove with a packet capture.
Saturday, September 19, 2020
Friday, August 28, 2020
MACsec project
I've been working on a project where the customer requires MACsec security across all ICX7450 switches, so that all communications are encrypted from switch to switch. This would help in preventing man in the middle attacks, etc. Security is important!
Saturday, August 15, 2020
Saturday, July 18, 2020
Monday, July 13, 2020
The Problem With Wireless
The problem with wireless is that anyone who knows how capture packets can capture your wireless packets. Whether that be your laptop in the coffee shop or your cell phone on a public WiFi.
Because I know this, I use the White Rhino Security VPN Service. Now this sounds like I'm advertising my own product, and I am. But only because I use it myself. I believe in it and it works.
Even right now, at the time of this post, I'm in a RV park using the public WiFi. However, I'm going through my VPN, and all my data traversing the internet is encrypted. So the people in the campsites next to me can't read my data at all, if they are capturing my data. That makes me happy.
Saturday, July 11, 2020
Twin Chickens
I was surprised to find that the first egg I broke open while getting ready for breakfast had two yokes (the two I'm pointing at). I guess these would have been twin chickens.
Wednesday, July 8, 2020
Thursday, July 2, 2020
PFSense And Brocade
For the small office, I still like the idea of the PFSense box by Netgate and a couple of Brocade switches.
Monday, June 22, 2020
Pfsense: DHCP And What It Won't Do
I always like to talk about what a firewall will do. But sometimes I have to talk about what a firewall won't do. Today, it's PFSense's day to get this kind of talk.
I have a lot of customers that run DHCP on the firewall. Right, wrong, or indifferent doesn't matter for this conversation. What does matter is that Pfsense will do DHCP for any directly connected network. What it won't do is DHCP for a non directly connected network. Is that a need for some people? Yes. Is that the firewalls job to do? It doesn't matter if that's what the customer wants. I personally wouldn't do it there, but in reality, it doesn't really matter. If the firewall goes down, you have bigger problems than DHCP.
So why doesn't PFSense do DHCP for non connected networks? I don't know the answer. What I do know is that other vendors, like Palo Alto and Sonicwall will do DHCP for non directly connected networks. It's not the end of the world, but just something to note.
I have a lot of customers that run DHCP on the firewall. Right, wrong, or indifferent doesn't matter for this conversation. What does matter is that Pfsense will do DHCP for any directly connected network. What it won't do is DHCP for a non directly connected network. Is that a need for some people? Yes. Is that the firewalls job to do? It doesn't matter if that's what the customer wants. I personally wouldn't do it there, but in reality, it doesn't really matter. If the firewall goes down, you have bigger problems than DHCP.
So why doesn't PFSense do DHCP for non connected networks? I don't know the answer. What I do know is that other vendors, like Palo Alto and Sonicwall will do DHCP for non directly connected networks. It's not the end of the world, but just something to note.
Sunday, June 21, 2020
Sunday Thought: Evidence for Jesus Outside the Bible
I like evidence. Especially when it comes to my faith. You see, you can have faith and evidence of that faith at the same time. I recently reread the below and just wanted to share with anyone interested.
The below writing is direct from Delve Christian Ministries. I can't recall when I got this, but it was online somewhere on their site. But credit goes to them for creating this material.
Evidence for Jesus Outside the Bible
Before we look at the evidence for Jesus outside of the Bible, it's important to pause for a moment
and examine how the books of the New Testament were chosen to be included. For the most part,
the books selected for inclusion into the Bible were those which were already widely circulated and
widely respected. There was very little debate at that time about most of the books, and there was
almost none about the Gospels. The four Gospels had already been in use for hundreds of years
by Christians everywhere. The process of selecting the New Testament was much less about
selecting which books to include, as it was about formally recognizing which books were already
widely accepted.
There were many other accounts of Jesus life which were never seriously considered for inclusion,
for by that time, it had already been recognized by most Christians everywhere that these books
lacked the authority and divine inspiration of scripture.
Other Gospel Accounts
This is important to note, for it is very frequently asked by non-Christians how it could be that only
four books were written about the life of such an important man. In fact, we know of dozens of
other books which have survived, and it's very likely that thousands of books were written about
Jesus in the first three centuries. The reason that almost everything we know comes from only four
books attests to the fact that the early Christians felt that these four books alone contained the
most vital information. All the other books did not survive simply because they were not as
important. In a very real sense, it was an example of 'survival of the fittest'. Those books which
had merit survived; those that did not were lost.
So, to begin, the first place we can look outside the Bible for corroborating evidence of Jesus' life
is to these extra-biblical gospels. There are dozens of these, mostly written between the second
and fourth century. Despite having titles such as 'The Gospel of Thomas', 'The Gospel Of Judas'
and the 'Gospel Of Phillip', these gospels were not written by any of Jesus' disciples, rather, they
are told from the perspective of that disciple, or are told by a descendant of that disciple.
From an historical, objective point of view, these books suffer from the same problem as the Bible
itself, which is whey were written by followers of Christ. What most people are looking for is
something objective, written by someone who was not a follower of Christ. For that we, look to
some early Jewish and Roman writings.
Josephus
Josephus was a 1st century Jewish historian born in AD 37 who wrote a comprehensive history of
the Jewish people near the end of 1st century. In this book, he recounts the stoning of James,
calling him 'the brother of Jesus, who was called Christ.' This passage is considered by most
historians and scholars to be authentic and is not generally in dispute. This an important piece of
evidence which tells us that someone name Jesus actually lived in the first century and that some
considered Him to be the Christ.
Josephus wrote another passage which is more controversial. He wrote:
About this time came Jesus, a wise man, if indeed it is appropriate to call him a man. For he was a
performer of paradoxical feats, a teacher of people who accept the unusual with pleasure, and he
won over many of the Jews and also many Greeks. He was the Christ. When Pilate, upon the
accusation of the first men amongst us, condemned him to be crucified, those who had formerly
loved him did not cease to follow him, for he appeared to them on the third day, living again, as the
divine prophets foretold, along with a myriad of other marvellous things concerning him. And the
tribe of the Christians, so named after him, has not disappeared to this day
There is still much debate over the authenticity of this passage. The current consensus is that
Josephus did write something about Jesus here, but that later edits were made by a follower of
Christ. The parts in bold italics are those parts which are commonly believed to be later edits, for
there is evidence that Josephus was not a follower of Christ and would not have characterized
Him in this way. The description of Jesus as a 'wise man' and and 'teacher' are more consistent
with Josephus' style and vocabulary found elsewhere in his work, and are probably the actual
descriptions he used.
Tacitus
The Roman Historian Tacitus wrote of Jesus (whom he refers to as 'Christus') and the spread of
Christianity throughout Rome in his work Annals, approximately AD 116. He wrote:
Consequently, to get rid of the report, Nero fastened the guilt and inflicted the most exquisite
tortures on a class hated for their abominations, called Christians by the populace. Christus, from
whom the name had its origin, suffered the extreme penalty during the reign of Tiberius at the
hands of one of our procurators, Pontius Pilatus, and a most mischievous superstition, thus
checked for the moment, again broke out not only in Judaea, the first source of the evil, but even
in Rome, where all things hideous and shameful from every part of the world find their centre and
become popular. Accordingly, an arrest was first made of all who pleaded guilty; then, upon their
information, an immense multitude was convicted, not so much of the crime of firing the city, as of
hatred against mankind. Mockery of every sort was added to their deaths. Covered with the skins of beasts, they were torn by dogs and perished, or were nailed to crosses, or were doomed to the
flames and burnt, to serve as a nightly illumination, when daylight had expired
There is a great deal of important information in this passage. First, it confirms the life and death of
Jesus in Judea but even more importantly, confirms that his death was by crucifixion. According to
Christian scholar Edwin Yamauchi, this is an important piece of evidence because death by
crucifixion was the 'most ignominious death' and reserved for the lowest and most worthless
criminals. By Tacitus' own admission, people continued to followed Jesus despite his ignominious
death and were prepared to follow him even to the penalty of their own death. This account of the
faithfulness of early Christians by an unsympathetic witness is powerful testimony of the life of
Jesus.
Pliny The Younger
We also get an account of the spread of Christianity from a Roman provincial governor named
Pliny the Younger in A.D. 112. Though he does not speak of Jesus directly, he does recount that
Christians in his province cause trouble because they worship Christ and not the Emperor.
They asserted, however, that the sum and substance of their fault or error had been that they were
accustomed to meet on a fixed day before dawn and sing responsively a hymn to Christ as to a
god, and to bind themselves by oath, not to some crime, but not to commit fraud, theft, or adultery,
not falsify their trust, nor to refuse to return a trust when called upon to do so. When this was over,
it was their custom to depart and to assemble again to partake of food-but ordinary and innocent
food. Even this, they affirmed, they had ceased to do after my edict by which, in accordance with
your instructions, I had forbidden political associations.
Talmud
Perhaps most controversial of all historical references is a possible reference to Jesus in the
Jewish Talmud. The passage speaks of someone who was 'hanged' because he 'practiced
sorcery' and 'enticed Israel to apostacy'. If this passage refers to Jesus, then it is an interesting
piece of evidence because it confirm Jesus' influence and that Jesus did perform miracles and
healing, though the Talmud attributes His power to sorcery rather than coming from God.
The below writing is direct from Delve Christian Ministries. I can't recall when I got this, but it was online somewhere on their site. But credit goes to them for creating this material.
Evidence for Jesus Outside the Bible
Before we look at the evidence for Jesus outside of the Bible, it's important to pause for a moment
and examine how the books of the New Testament were chosen to be included. For the most part,
the books selected for inclusion into the Bible were those which were already widely circulated and
widely respected. There was very little debate at that time about most of the books, and there was
almost none about the Gospels. The four Gospels had already been in use for hundreds of years
by Christians everywhere. The process of selecting the New Testament was much less about
selecting which books to include, as it was about formally recognizing which books were already
widely accepted.
There were many other accounts of Jesus life which were never seriously considered for inclusion,
for by that time, it had already been recognized by most Christians everywhere that these books
lacked the authority and divine inspiration of scripture.
Other Gospel Accounts
This is important to note, for it is very frequently asked by non-Christians how it could be that only
four books were written about the life of such an important man. In fact, we know of dozens of
other books which have survived, and it's very likely that thousands of books were written about
Jesus in the first three centuries. The reason that almost everything we know comes from only four
books attests to the fact that the early Christians felt that these four books alone contained the
most vital information. All the other books did not survive simply because they were not as
important. In a very real sense, it was an example of 'survival of the fittest'. Those books which
had merit survived; those that did not were lost.
So, to begin, the first place we can look outside the Bible for corroborating evidence of Jesus' life
is to these extra-biblical gospels. There are dozens of these, mostly written between the second
and fourth century. Despite having titles such as 'The Gospel of Thomas', 'The Gospel Of Judas'
and the 'Gospel Of Phillip', these gospels were not written by any of Jesus' disciples, rather, they
are told from the perspective of that disciple, or are told by a descendant of that disciple.
From an historical, objective point of view, these books suffer from the same problem as the Bible
itself, which is whey were written by followers of Christ. What most people are looking for is
something objective, written by someone who was not a follower of Christ. For that we, look to
some early Jewish and Roman writings.
Josephus
Josephus was a 1st century Jewish historian born in AD 37 who wrote a comprehensive history of
the Jewish people near the end of 1st century. In this book, he recounts the stoning of James,
calling him 'the brother of Jesus, who was called Christ.' This passage is considered by most
historians and scholars to be authentic and is not generally in dispute. This an important piece of
evidence which tells us that someone name Jesus actually lived in the first century and that some
considered Him to be the Christ.
Josephus wrote another passage which is more controversial. He wrote:
About this time came Jesus, a wise man, if indeed it is appropriate to call him a man. For he was a
performer of paradoxical feats, a teacher of people who accept the unusual with pleasure, and he
won over many of the Jews and also many Greeks. He was the Christ. When Pilate, upon the
accusation of the first men amongst us, condemned him to be crucified, those who had formerly
loved him did not cease to follow him, for he appeared to them on the third day, living again, as the
divine prophets foretold, along with a myriad of other marvellous things concerning him. And the
tribe of the Christians, so named after him, has not disappeared to this day
There is still much debate over the authenticity of this passage. The current consensus is that
Josephus did write something about Jesus here, but that later edits were made by a follower of
Christ. The parts in bold italics are those parts which are commonly believed to be later edits, for
there is evidence that Josephus was not a follower of Christ and would not have characterized
Him in this way. The description of Jesus as a 'wise man' and and 'teacher' are more consistent
with Josephus' style and vocabulary found elsewhere in his work, and are probably the actual
descriptions he used.
Tacitus
The Roman Historian Tacitus wrote of Jesus (whom he refers to as 'Christus') and the spread of
Christianity throughout Rome in his work Annals, approximately AD 116. He wrote:
Consequently, to get rid of the report, Nero fastened the guilt and inflicted the most exquisite
tortures on a class hated for their abominations, called Christians by the populace. Christus, from
whom the name had its origin, suffered the extreme penalty during the reign of Tiberius at the
hands of one of our procurators, Pontius Pilatus, and a most mischievous superstition, thus
checked for the moment, again broke out not only in Judaea, the first source of the evil, but even
in Rome, where all things hideous and shameful from every part of the world find their centre and
become popular. Accordingly, an arrest was first made of all who pleaded guilty; then, upon their
information, an immense multitude was convicted, not so much of the crime of firing the city, as of
hatred against mankind. Mockery of every sort was added to their deaths. Covered with the skins of beasts, they were torn by dogs and perished, or were nailed to crosses, or were doomed to the
flames and burnt, to serve as a nightly illumination, when daylight had expired
There is a great deal of important information in this passage. First, it confirms the life and death of
Jesus in Judea but even more importantly, confirms that his death was by crucifixion. According to
Christian scholar Edwin Yamauchi, this is an important piece of evidence because death by
crucifixion was the 'most ignominious death' and reserved for the lowest and most worthless
criminals. By Tacitus' own admission, people continued to followed Jesus despite his ignominious
death and were prepared to follow him even to the penalty of their own death. This account of the
faithfulness of early Christians by an unsympathetic witness is powerful testimony of the life of
Jesus.
Pliny The Younger
We also get an account of the spread of Christianity from a Roman provincial governor named
Pliny the Younger in A.D. 112. Though he does not speak of Jesus directly, he does recount that
Christians in his province cause trouble because they worship Christ and not the Emperor.
They asserted, however, that the sum and substance of their fault or error had been that they were
accustomed to meet on a fixed day before dawn and sing responsively a hymn to Christ as to a
god, and to bind themselves by oath, not to some crime, but not to commit fraud, theft, or adultery,
not falsify their trust, nor to refuse to return a trust when called upon to do so. When this was over,
it was their custom to depart and to assemble again to partake of food-but ordinary and innocent
food. Even this, they affirmed, they had ceased to do after my edict by which, in accordance with
your instructions, I had forbidden political associations.
Talmud
Perhaps most controversial of all historical references is a possible reference to Jesus in the
Jewish Talmud. The passage speaks of someone who was 'hanged' because he 'practiced
sorcery' and 'enticed Israel to apostacy'. If this passage refers to Jesus, then it is an interesting
piece of evidence because it confirm Jesus' influence and that Jesus did perform miracles and
healing, though the Talmud attributes His power to sorcery rather than coming from God.
Saturday, June 20, 2020
Thursday, June 18, 2020
PFSense: 1:1 NAT Configuration
Vendor documentation is really key to helping admins setup and configure, well, really anything. You can say that about firewall vendors, network vendors, server vendors, etc. One thing I always admired about Cisco was their documentation on how to configure different things. I still believe they are one of the best at documentation.
PFSense has some decent documentation, but not always the most clear documentation. 1:1 NAT'ing is one of those things to me. So I have outlined what you need to do for a 1:1 NAT'ing when you need access to an internal device from the Internet.
Now first, I hate when people go into these long paragraphs of how things are supposed to work. I just want the answer I'm looking for. But, one thing needs to be clarified here. 1:1 NAT and Port Forwarding are two different things. Port forwarding uses the IP address of the firewall interface to get to your internal traffic, via different ports you configure. 1:1 NAT uses an IP address on the same network as your WAN interface, but not the interface of the firewall itself. Clear?
Ok, so in most firewalls, you generally need a couple of things to make getting to an internal device from the Internet happen.
1. A NAT rule.
2. A firewall rule.
In Palo Alto, Cisco, Check Point, SonicWall, etc, that's all you need. However, in PFSense, there is one more thing you have to do to make this work. Its called a virtual IP (under Firewall --> Virtual IP). What you do with a virtual IP address is that you are telling the firewall that it needs to handle requests for an internal device you are trying to NAT to. If you don't, the firewall wont respond to ARP requests made on the WAN side. If you do add the virtual IP address that you want to use for the WAN IP address you want for your web server, etc, then it will respond to the ARP request and NAT your traffic through. I verified this with a packet capture, so you can be sure you do need this.
So for a PFSense 1:1 NAT, you need the following:
1. A NAT rule.
2. A firewall rule.
AND 3. A virtual IP address that is the same as your WAN side NAT that you configured in #1. (The subnet mask will be the same as your WAN interface subnet mask.)
Note that you can use this for port forwarding also.
PFSense has some decent documentation, but not always the most clear documentation. 1:1 NAT'ing is one of those things to me. So I have outlined what you need to do for a 1:1 NAT'ing when you need access to an internal device from the Internet.
Now first, I hate when people go into these long paragraphs of how things are supposed to work. I just want the answer I'm looking for. But, one thing needs to be clarified here. 1:1 NAT and Port Forwarding are two different things. Port forwarding uses the IP address of the firewall interface to get to your internal traffic, via different ports you configure. 1:1 NAT uses an IP address on the same network as your WAN interface, but not the interface of the firewall itself. Clear?
Ok, so in most firewalls, you generally need a couple of things to make getting to an internal device from the Internet happen.
1. A NAT rule.
2. A firewall rule.
In Palo Alto, Cisco, Check Point, SonicWall, etc, that's all you need. However, in PFSense, there is one more thing you have to do to make this work. Its called a virtual IP (under Firewall --> Virtual IP). What you do with a virtual IP address is that you are telling the firewall that it needs to handle requests for an internal device you are trying to NAT to. If you don't, the firewall wont respond to ARP requests made on the WAN side. If you do add the virtual IP address that you want to use for the WAN IP address you want for your web server, etc, then it will respond to the ARP request and NAT your traffic through. I verified this with a packet capture, so you can be sure you do need this.
So for a PFSense 1:1 NAT, you need the following:
1. A NAT rule.
2. A firewall rule.
AND 3. A virtual IP address that is the same as your WAN side NAT that you configured in #1. (The subnet mask will be the same as your WAN interface subnet mask.)
Note that you can use this for port forwarding also.
Wednesday, June 17, 2020
Palo Alto 820
Palo Alto has a really good firewall solution. These 820s are reasonably priced and work really well.
Tuesday, June 2, 2020
PBR (Policy Based Routing) And PFSense
I went to a customer site today where they had a Toshiba IP phone system that would not route but to only one destination (the default gateway). But the need was to have certain traffic go out one internet connection (smtp) and the voice traffic out the other. So, I put a Netgate SG-1100 in to do the PBR and it worked great. Doing PBR on PFSense was easy and made sense for this customer. And yes, it's setup with only the LAN port. It's all they needed.
Monday, June 1, 2020
Homesteading
If you like the idea of homesteading, my brother does some pretty cool videos on his family journey into it. They are starting fresh, learning as they go, with a lot of interesting experiences along the way. Check them out.
The Little Orchard Farm
The Little Orchard Farm
Sunday, May 31, 2020
The Messianic Miracles Of Messiah Yeshua
How did the Jews know what to look for in the coming Messiah? This is a good read: http://www.messianicassociation.org/ezine48-af-three-messianic-miracles.htm
Saturday, May 30, 2020
What Kind Of Joy
I like music. Especially from my teenage years. The link below is to a song that I really like and haven't heard in years, until recently. I hope you enjoy it as much as I do.
What Kind Of Joy
What Kind Of Joy
Wednesday, May 27, 2020
Tuesday, May 26, 2020
The Truth About Firewalls
I had someone comment about a statement I made about PFSense and Sonicwall. I said that PFSense was a better firewall than Sonicwall. They said that was a bold statement.
Well, if you look at the features and capability, it's just a simple fact. Dell doesn't like for me to say that. Well, I honestly don't care. If you don't like for me to tell the truth about your product, then make your product better. It's that simple.
Is PFSense a perfect firewall and the best there is on the firewall list? No. But if it has more security features than another firewall and performs well, it's definitely recommended over the lesser.
Tuesday, May 19, 2020
PFSense: PFBlockerNG
I've been working with PFBlockerNG for URL filtering quite a bit lately, and I have to say it works pretty good. What it does is that it blocks URLs (web filtering) based on DNS instead of a URL category. Yes, Squid does do URL categorization, but if you don't want to have to do anything on the client side for HTTPS inspection, then DNS filtering (so to speak) is a decent choice. I'm not saying its perfect, but I do like it enough to use it.
I wont put up a "how to", as there are plenty of those out there for doing what you need to do. Just know that I find it a good alternative to URL filtering.
I wont put up a "how to", as there are plenty of those out there for doing what you need to do. Just know that I find it a good alternative to URL filtering.
Saturday, May 16, 2020
Comments
My apologies for not responding to comments and posting them. Somehow, Google Blogger didn't notify me that comments were being put on the Network Fun blog. I just went through them all last night and posted them for the last year or so. I'll try to go back and answer the questions as I can. For some reason, Google Blogger took my email address out. I fixed it, so I should get these notifications again. Take good care everyone.
Thursday, May 14, 2020
Instagram: OnTheRoadInternet
My wife does an Instagram account for one of the travel firewall and VPN services that we offer at White Rhino. Her Instagram handle is ontheroadinternet (on the road internet) if you want to see some good photography.
Friday, May 8, 2020
Added A Couple More Domain Names
I picked up www.managedfirewallservice.com and www.thefirewallguy.com . It forwards to the White Rhino Security website. I may do something different with them in the future.
Wednesday, May 6, 2020
White Rhino Security And Firewall Proficiency
I was asked over the weekend what firewalls we are proficient in at White Rhino Security. So I thought if they wanted to know, maybe some of you in my audience would want to know. Let me list the firewalls that we know very well, in no specific order:
1. Palo Alto
2. Check Point
3. Cisco
4. Sonicwall
5. PFSense
6. Baracuda
7. Sophos
8. Meraki
9. Fortinet
10. Juniper
11. WatchGuard
1. Palo Alto
2. Check Point
3. Cisco
4. Sonicwall
5. PFSense
6. Baracuda
7. Sophos
8. Meraki
9. Fortinet
10. Juniper
11. WatchGuard
Monday, May 4, 2020
Home Projects: Poor Workmanship
I take pride in the work that I do. Its important to me to do a good job. So when I hire someone to do work for me, I expect the same.
Here in Santa Rosa Beach, it's hard to find good contractor help. I've been through so many plumbers that I decided to buy myself a PEX kit and do all my plumbing from now on. I'm in the process of redoing a guest bathroom, and I'm finding the same problem applies here also. I hired a guy to do the work and this has turned out the same way. He poured a concrete shower floor and when I tested the slope of the water towards the drain a few hours later, it didn't drain properly. The water just "ponded". So I tore out all of the concrete and found several other problems from his work. That's really frustrating. He would have finished it all and some of the problems I would have never known about until it was a big problem. Others, like the water ponding, I would have noticed and it would have been a nightmare to undo. Thankfully I was able to tear out the concrete before it was completely cured. It wasn't easy, but not as hard as it could have been. Below in the picture, you can see the areas that I tested where water stood.
Needless to say, my wife and I will be doing this project ourselves.
Here in Santa Rosa Beach, it's hard to find good contractor help. I've been through so many plumbers that I decided to buy myself a PEX kit and do all my plumbing from now on. I'm in the process of redoing a guest bathroom, and I'm finding the same problem applies here also. I hired a guy to do the work and this has turned out the same way. He poured a concrete shower floor and when I tested the slope of the water towards the drain a few hours later, it didn't drain properly. The water just "ponded". So I tore out all of the concrete and found several other problems from his work. That's really frustrating. He would have finished it all and some of the problems I would have never known about until it was a big problem. Others, like the water ponding, I would have noticed and it would have been a nightmare to undo. Thankfully I was able to tear out the concrete before it was completely cured. It wasn't easy, but not as hard as it could have been. Below in the picture, you can see the areas that I tested where water stood.
Needless to say, my wife and I will be doing this project ourselves.
Sunday, May 3, 2020
Saturday, May 2, 2020
Home Projects: Window Boxes
My wife and I worked on some window boxes last night. She is wanting to plant some flowers and have them hang under the window. So, we built some out of some wood we were using for a fence I'm building. This first try did OK I think. I'll get it up on the window today.
Thursday, April 30, 2020
More On Firewalls
If you have a firewall that will not do updateable objects (dynamic objects), then you probably have a base level firewall.
Tuesday, April 28, 2020
Firewalls And Features
I have been talking a lot lately about which firewalls I recommend to people and which ones I don't. Really for the low budget customer. I keep hearing people talk about why they like this firewall or like that one. It seems like two things come back most of the time: budget friendly firewalls and easily managed firewalls.
But what about features of a firewall? It's imperative that you have a feature rich firewall protecting your company. I think it's comparable to having a B B gun protecting your home. You feel free to do that. I'll go with the larger caliber myself. My point is that you have to select the appropriate firewall features for your company data. You can't just skimp and hope all goes well in the cyber world.
Do your company right and explore all the features a firewall has to offer before deciding which route to go.
But what about features of a firewall? It's imperative that you have a feature rich firewall protecting your company. I think it's comparable to having a B B gun protecting your home. You feel free to do that. I'll go with the larger caliber myself. My point is that you have to select the appropriate firewall features for your company data. You can't just skimp and hope all goes well in the cyber world.
Do your company right and explore all the features a firewall has to offer before deciding which route to go.
Monday, April 27, 2020
Home Projects: An "On The Fly" Fence
My wife has an impressive vegetable garden growing on the side of our house. She has many different things growing, and we have picked a few vegetables out and included them in some very good dinners so far.
We have noticed in the past couple of days that something is getting into it though. Not eating anything, just stepping in it. We had some sorrano peppers getl completely ruined and another strawberry (not that strawberries are a vegetable) branch broken off. So, we decided to make a quick fence to keep whatever this is from getting in. We think it's a dog down the road. Either way, let's hope this deters it.
We have noticed in the past couple of days that something is getting into it though. Not eating anything, just stepping in it. We had some sorrano peppers getl completely ruined and another strawberry (not that strawberries are a vegetable) branch broken off. So, we decided to make a quick fence to keep whatever this is from getting in. We think it's a dog down the road. Either way, let's hope this deters it.
Sunday, April 26, 2020
Friday, April 24, 2020
🌪
Thursday we had a tornado come through in the Florida Panhandle. I got an "imminent extreme alert" text on my phone telling me to take shelter. I went outside to take a look and my wife was coming in. The tornado, which had already touched down on the ground in Greyton, was literally going over my house. It was not on the ground at this time, but just over the trees. It was quite a site to see. Of all my time living in "tornado alley" (46 years in Alabama), I've never been that close to a tornado.
Tuesday, April 21, 2020
Paintings
Now I'm not one for art, at all. I've seen some Picasso's and Monet's in museums before in New York City and Kansas City, and I am glad I've seen them. But honestly, it's just not my thing.
However, my daughter does some pretty cool stuff on a canvas. I'm sure she gets it from her mom, and this below shows that she has some talent.
However, my daughter does some pretty cool stuff on a canvas. I'm sure she gets it from her mom, and this below shows that she has some talent.
Monday, April 20, 2020
Home Projects: Who Says You Need A Plumber?
Down here in Santa Rosa Beach, FL, finding a good plumber is a joke. I've been through probably half a dozen already since I've lived here, and my experiences with them have generally been less than a one star. Yes, it's that bad.
So I took it upon myself to start doing my own plumbing. So I bought a PEX crimper and off to the hardware store to get supplies for a bathroom remodel I'm doing.
I don't know if your recall, but not long ago, I ended up cutting one of my lines to the shower (when tearing out the fiberglass shower combo). I've since ripped all of the copper so I could rerun water to where I need it to go.
Working with PEX is surprisingly easy. I did multiple runs, angles, and valves without one single leak. I was actually surprised on just how easy it is to work with.
Save yourself quite a bit of money and tackle that plumbing job yourself. You will feel good with yourself and the new skill you learned.
So I took it upon myself to start doing my own plumbing. So I bought a PEX crimper and off to the hardware store to get supplies for a bathroom remodel I'm doing.
I don't know if your recall, but not long ago, I ended up cutting one of my lines to the shower (when tearing out the fiberglass shower combo). I've since ripped all of the copper so I could rerun water to where I need it to go.
Working with PEX is surprisingly easy. I did multiple runs, angles, and valves without one single leak. I was actually surprised on just how easy it is to work with.
Save yourself quite a bit of money and tackle that plumbing job yourself. You will feel good with yourself and the new skill you learned.
Saturday, April 18, 2020
Sunday Thought: It's All About Him
My wife came across this song, and I found I really like it. By Alan Jackson, It's All About Him
Thursday, April 16, 2020
New Tab Above Called "On The Road" Internet
I have a new tab above which takes you to a new website I launched. It's for the traveling man or woman who needs security when out in public or on a trip. If you use the Internet at the hotel, coffee shoppe, campground, etc, then take a look at the above new tab, or go direct here to www.ontheroadinternet.com .
Tuesday, April 14, 2020
PFSense vs Sonicwall
I set this box up for PFSense and it's working great. I've noticed that PFSense has some great features to it and I've come to the conclusion that it's a better firewall than Sonicwall. It's certainly harder to manage that the Sonicwall, but the features are better on PFSense.
Monday, April 13, 2020
Weekend Water Concert
We have been very careful to stay home as much as possible during this "stay at home" restrictions in Florida. Some neighbors across the water decided to have a backyard concert for everyone who wanted to keep a safe social distance, but still enjoy some live music. Boats in the water and people out on their docks. That was nice.
Sunday, April 12, 2020
Happy Easter
Today we celebrate the empty tomb. Yeshua was crucified on Good Friday, and He overcame death on Sunday. It's interesting that some people still do not believe this event in history. Both people of faith and people who did not believe wrote about this event in ancient. Yet there has never been one single writing in history saying that the body of Yeshua was found.
I stand as a believer in that event in history. One day, we will all rise from the grave and be judged by the only God. I don't know what exactly that day will look like, but I suspect at least two things will happen.
1. It will be determined if we truly believed that Yeshua came down from Heaven, lived a perfect, sinless life on earth, and died during His crucifixion on the cross, taking the punishment for all mankind for all sins that had been committed, that were committed, and that will be committed. And that he rose up three days later and defeated death.
2. There will be two groups formed on that day. One group on the right and one on the left. One of those groups will be allowed to enter into Heaven. And the other group will be allowed to not live in Heaven.
Notice I say above that one group will be allowed to not go to Heaven. This is a choice that everyone makes here on this earth. To ignore what He did for us, in the form of unbelief, is a choice. To believe it, is also a choice. I ask you to look into the story of Yeshua. In fact, I plead with you. I ask you to look into a few things:
1. What the story actually is.
2. The prophecies that was written about this "Messiah" before he actually came. There are many of them, one even including the exact time when the Messiah would come (written hundreds of years before).
3. I would ask that you ponder one thing. My question to you would be this: Why did those people continue to believe, facing literal death during that time, for something that they knew was not right? There were over 500 witnesses that saw Him alive after He rose from the dead. Not one of them refuted what was being proclaimed at the time. Would you die for something you knew was not right? I wouldn't.
Everyone makes up there own mind. I have made mine up, and there is no way I'll ever deny what He did for us. At this point, there is no way I could deny it.
May you and yours be blessed. May He shine His face towards you, and bring you peace.
I stand as a believer in that event in history. One day, we will all rise from the grave and be judged by the only God. I don't know what exactly that day will look like, but I suspect at least two things will happen.
1. It will be determined if we truly believed that Yeshua came down from Heaven, lived a perfect, sinless life on earth, and died during His crucifixion on the cross, taking the punishment for all mankind for all sins that had been committed, that were committed, and that will be committed. And that he rose up three days later and defeated death.
2. There will be two groups formed on that day. One group on the right and one on the left. One of those groups will be allowed to enter into Heaven. And the other group will be allowed to not live in Heaven.
Notice I say above that one group will be allowed to not go to Heaven. This is a choice that everyone makes here on this earth. To ignore what He did for us, in the form of unbelief, is a choice. To believe it, is also a choice. I ask you to look into the story of Yeshua. In fact, I plead with you. I ask you to look into a few things:
1. What the story actually is.
2. The prophecies that was written about this "Messiah" before he actually came. There are many of them, one even including the exact time when the Messiah would come (written hundreds of years before).
3. I would ask that you ponder one thing. My question to you would be this: Why did those people continue to believe, facing literal death during that time, for something that they knew was not right? There were over 500 witnesses that saw Him alive after He rose from the dead. Not one of them refuted what was being proclaimed at the time. Would you die for something you knew was not right? I wouldn't.
Everyone makes up there own mind. I have made mine up, and there is no way I'll ever deny what He did for us. At this point, there is no way I could deny it.
May you and yours be blessed. May He shine His face towards you, and bring you peace.
Saturday, April 11, 2020
Tuesday, April 7, 2020
New Domain Name Added
I added two new domain names for the White Rhino Security VPN Solution. It's called rv-vpn.com and rvvpn.com . It's for corporate use a personal use. Security is for everyone, and my VPN Solution will keep your communications safe.
Wednesday, April 1, 2020
Monday, March 30, 2020
Palo Alto:Factory Reset On A PA-2050
I have an older PA-2050 that I'm going to use for a customer of mine (as a router), and I'm having to do a factory reset on it. Below, you can see the output of what I had to do. I simply reboot it, and during the 5 second window, type in "maint".
Welcome to the PanOS Bootloader.
U-Boot 4.1.8.0-21 (Build time: Aug 27 2012 - 19:23:20)
BIST check passed.
KESTREL board revision major:2, minor:0, serial #: 0003C104442
OCTEON CN3120-CP pass 1.1, Core clock: 500 MHz, DDR clock: 265 MHz (530 Mhz data rate)
DRAM: 1024 MB
Clearing DRAM........ done
Using default environment
Flash: 64 MB
Net: octeth0, octeth1, octeth2
Bus 0 (CF Card): not available
USB: (port 0) No USB devices found.
Autoboot to default partition in 5 seconds.
Enter 'maint' to boot to maint partition.
Entry: maint
Booting to maint mode.
...
Welcome to the PanOS Bootloader.
U-Boot 4.1.8.0-21 (Build time: Aug 27 2012 - 19:23:20)
BIST check passed.
KESTREL board revision major:2, minor:0, serial #: 0003C104442
OCTEON CN3120-CP pass 1.1, Core clock: 500 MHz, DDR clock: 265 MHz (530 Mhz data rate)
DRAM: 1024 MB
Clearing DRAM........ done
Using default environment
Flash: 64 MB
Net: octeth0, octeth1, octeth2
Bus 0 (CF Card): not available
USB: (port 0) No USB devices found.
Autoboot to default partition in 5 seconds.
Enter 'maint' to boot to maint partition.
Entry: maint
Booting to maint mode.
...
Sunday, March 29, 2020
Beaches Closed (Supposedly) Due To Coronavirus
The coronavirus issue has really been a eye opening situation. We have learned a few things so far about this:
1. It is highly contagious
2. It can be fatal for older people, yet I have read of people in their 30's dying from this
3. If you have respiratory problems, like asthma, it can be fatal to you
4. It can live on some surfaces for up to two weeks, but can live on most all surfaces for some time
5. Until we get it, our bodies have no immunity to it.
6. You can have no symptoms of it for up to two weeks
7. Even with no symptoms, it's highly contegeous (so you can have it, and be spreading it without knowing it)
What has been interesting is the reaction to this, from local and state governments and also from individuals.
The local government where I live (Walton County, FL) has proved to care more about tourism than they do the well being of the general public. In the beginning, they simply refused to act on it, and even now, refuse to do really much about it that makes and sense. They have done some things, that really don't make any sense (although several weeks too late), but nothing to actually stop the spread of this virus. Same for the FL governor, nothing to stop the spread of this thing. Any action for not spreading the virus has been made by local business owner's decision to close thier places down. Don't get me wrong, I'm not for the government telling me what to do. But people's lives are at stake here, so I'm willing to do my part to help prevent the spread of this.
While restaurants and other business are suffering, they have offered pick up services and other things to try to make up for lost business. I certainly respect any efforts to stay afloat. Its certainly trying times for local business.
What also been interesting is the individual attitudes about this. I won't get into this, but it's very concerning to see the "lack of concern" for the greater good of all, to say the least.
My wife has shown me many videos of healthcare workers who post a few minutes worth of a video online, talking about having no supplies, ventilators, etc. Literally making life and death decisions for patients who won't be able to get a ventilator, because they are all taken. And putting their own lives at risk by working around all the sick people. Not to mention taking it home to their families. It's really a heart wrenching situation.
Another observation is that groceries have been a little harder to get. Meat in particular. Hoarding of food has taken place, when there is no reason for that. The supply has not gone down. It's just that panic has gone up.
So what do you do about all of this, where there is no cure for a virus that has spread across the whole world very quickly? I don't know the answer. I'm hoping that a cure is found quickly. I think about my own family. My mother and ask of ther older ones. And although in not elderly, I'm still old enough to be concerned about this. Italy and China are good examples of how this thing can go. That's not what I want for this country, or any country.
It's time to be praying for a solution.
1. It is highly contagious
2. It can be fatal for older people, yet I have read of people in their 30's dying from this
3. If you have respiratory problems, like asthma, it can be fatal to you
4. It can live on some surfaces for up to two weeks, but can live on most all surfaces for some time
5. Until we get it, our bodies have no immunity to it.
6. You can have no symptoms of it for up to two weeks
7. Even with no symptoms, it's highly contegeous (so you can have it, and be spreading it without knowing it)
What has been interesting is the reaction to this, from local and state governments and also from individuals.
The local government where I live (Walton County, FL) has proved to care more about tourism than they do the well being of the general public. In the beginning, they simply refused to act on it, and even now, refuse to do really much about it that makes and sense. They have done some things, that really don't make any sense (although several weeks too late), but nothing to actually stop the spread of this virus. Same for the FL governor, nothing to stop the spread of this thing. Any action for not spreading the virus has been made by local business owner's decision to close thier places down. Don't get me wrong, I'm not for the government telling me what to do. But people's lives are at stake here, so I'm willing to do my part to help prevent the spread of this.
While restaurants and other business are suffering, they have offered pick up services and other things to try to make up for lost business. I certainly respect any efforts to stay afloat. Its certainly trying times for local business.
What also been interesting is the individual attitudes about this. I won't get into this, but it's very concerning to see the "lack of concern" for the greater good of all, to say the least.
My wife has shown me many videos of healthcare workers who post a few minutes worth of a video online, talking about having no supplies, ventilators, etc. Literally making life and death decisions for patients who won't be able to get a ventilator, because they are all taken. And putting their own lives at risk by working around all the sick people. Not to mention taking it home to their families. It's really a heart wrenching situation.
Another observation is that groceries have been a little harder to get. Meat in particular. Hoarding of food has taken place, when there is no reason for that. The supply has not gone down. It's just that panic has gone up.
So what do you do about all of this, where there is no cure for a virus that has spread across the whole world very quickly? I don't know the answer. I'm hoping that a cure is found quickly. I think about my own family. My mother and ask of ther older ones. And although in not elderly, I'm still old enough to be concerned about this. Italy and China are good examples of how this thing can go. That's not what I want for this country, or any country.
It's time to be praying for a solution.
Wednesday, March 25, 2020
Home Projects: Guest Bathroom Tearout
This past weekend, I had intended on slowly starting to work on our guest bathroom remodel. Sadly, nothing went right from the get go.
First, while taking the not water cover off to get to the faucet, I ended up having water shooting out the faucet at full force. That was fun.
Second, when I was starting to saws-all the tub/shower (a fiberglass insert), I accidentally hit the hot water line feeding the faucet, opening up the copper. Ugh.
Now the last thing my wife and I wanted to do was to get out in public. We are trying to stay away from this coronavirus thing. But, we had to fix my mistakes, as we need water for cooking, showers, etc.
I'm not a plumber, but, I had to get this fixed. And here in the Florida panhandle, plumbers are terrible. So, if to Home Depot we went.
We ended up getting two shut off valves so that we could get our water turned back on. We used the "Sharkbite" technology, and it worked very well. I have heard many plumbers complain about Sharkbite, but I think it's because it putts their job at risk. Honestly, you just don't need a plumber because it's do easy to do. And it works. Would I put this inside my wall? Probably not. But outside the wall (like a shut off valve)? Yep, every time.
It's literally cut the pipe, clean the pipe, and push the fitting on. It's that simple.
By the time we were done we had all the demo done.
First, while taking the not water cover off to get to the faucet, I ended up having water shooting out the faucet at full force. That was fun.
Second, when I was starting to saws-all the tub/shower (a fiberglass insert), I accidentally hit the hot water line feeding the faucet, opening up the copper. Ugh.
Now the last thing my wife and I wanted to do was to get out in public. We are trying to stay away from this coronavirus thing. But, we had to fix my mistakes, as we need water for cooking, showers, etc.
I'm not a plumber, but, I had to get this fixed. And here in the Florida panhandle, plumbers are terrible. So, if to Home Depot we went.
We ended up getting two shut off valves so that we could get our water turned back on. We used the "Sharkbite" technology, and it worked very well. I have heard many plumbers complain about Sharkbite, but I think it's because it putts their job at risk. Honestly, you just don't need a plumber because it's do easy to do. And it works. Would I put this inside my wall? Probably not. But outside the wall (like a shut off valve)? Yep, every time.
It's literally cut the pipe, clean the pipe, and push the fitting on. It's that simple.
By the time we were done we had all the demo done.
Tuesday, March 24, 2020
Monday, March 23, 2020
Garden Of The Gods, CO
Another good trip if you can make it while in Colorado. The Garden of the Gods.
Friday, March 20, 2020
Tuesday, March 17, 2020
Great Sand Dunes National Park
In Colorado, there is this National Park called Great Sand Dunes. Literally, in the middle of nowhere, there are these huge sand dunes. Definitely worth a visit if you can.
Check out the size of the people in the background. This will give you some perspective on how big those are.
Check out the size of the people in the background. This will give you some perspective on how big those are.
Sunday, March 15, 2020
Big Bend National Park
Subscribe to:
Posts (Atom)