Skip to content

Instantly share code, notes, and snippets.

Shaun Cummiskey parseword

Block or report user

Report or block parseword

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@parseword
parseword / librenms-1.40-error.md
Created Jun 5, 2018
RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths
View librenms-1.40-error.md

If you get errors like this when upgrading LibreNMS to 1.40, see the article Resolving LibreNMS error "RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths" for a solution.

[root@beast42 /path/to/librenms]# tail -100 logs/librenms.log
[2018-06-04 18:16:17] production.ERROR: RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths. in /path/to/librenms/vendor/laravel/framework/src/Illuminate/Encryption/Encrypter.php:43
Stack trace:
#0 /path/to/librenms/vendor/laravel/framework/src/Illuminate/Encryption/EncryptionServiceProvider.php(27): Illuminate\Encryption\Encrypter->__construct('', 'AES-256-CBC')
#1 /path/to/librenms/vendor/laravel/framework/src/Illuminate/Container/Container.php(726): Illuminate\Encryption\EncryptionServiceProvid
@parseword
parseword / 108.75.16.72-packets.md
Created Apr 26, 2018
Unidentified traffic from 108.75.16.72
View 108.75.16.72-packets.md

tcpdump associated with the article Unusual HTTP POST traffic

There were a total of 69 requests, starting with one that used "\xaf" as the HTTP verb:

108.75.16.72 - - [26/Apr/2018:09:44:10 -0500] "\xaf" 400 226 - "-" "-"
108.75.16.72 - - [26/Apr/2018:09:44:10 -0500] "POST / HTTP/1.1" 200 45 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
108.75.16.72 - - [26/Apr/2018:09:46:10 -0500] "POST / HTTP/1.1" 200 45 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
108.75.16.72 - - [26/Apr/2018:09:48:10 -0500] "POST / HTTP/1.1" 200 45 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
108.75.16.72 - - [26/Apr/2018:09:50:11 -0500] "POST / HTTP/1.1" 200 45 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
@parseword
parseword / 75.108.75.42-packets.md
Created Apr 17, 2018
Unidentified traffic from 75.108.75.42
View 75.108.75.42-packets.md

tcpdump associated with the article Unusual HTTP POST traffic from 75.108.75.42

There were a total of 48 requests:

75.108.75.42 - - [15/Apr/2018:19:07:03 -0500] "POST / HTTP/1.1" 200 45 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
75.108.75.42 - - [15/Apr/2018:19:09:03 -0500] "POST / HTTP/1.1" 200 45 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
75.108.75.42 - - [15/Apr/2018:19:11:03 -0500] "POST / HTTP/1.1" 200 45 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
75.108.75.42 - - [15/Apr/2018:19:13:03 -0500] "POST / HTTP/1.1" 200 45 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
75.108.75.42 - - [15/Apr/2018:19:15:04 -0500] "POST / HTTP/1.1" 200 45 - "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
View public-dns-compare-slack.md

Public DNS Service Comparisons - slack.com

This document is a companion to the article 1.1.1.1: Fast, but not so accurate (yet).

"A" response records for Slack, and network connectivity and latency to the answers, from Comcast in Memphis, TN. Tests conducted 2018-04-04.

Note: Traceroutes into Amazon-operated networks, including CloudFront, have a tendency to be obfuscated due to network topology and ICMP policy.

View public-dns-compare-facebook.md

Public DNS Service Comparisons - www.facebook.com

This document is a companion to the article 1.1.1.1: Fast, but not so accurate (yet).

"A" response records for Facebook, and network connectivity and latency to the answers, from Comcast in Memphis, TN. Tests conducted 2018-04-04.

Querying the A record for www.facebook.com, 1.1.1.1 gives a tied-for-best answer, a low latency server in Dallas also returned by Comcast, Google, and Level3.

View public-dns-compare-amazon.md

Public DNS Service Comparisons - www.amazon.com

This document is a companion to the article 1.1.1.1: Fast, but not so accurate (yet).

"A" response records for Amazon, and network connectivity and latency to the answers, from Comcast in Memphis, TN. Tests conducted 2018-04-04.

Note: Traceroutes into Amazon-operated networks, including CloudFront, have a tendency to be obfuscated due to network topology and ICMP policy.

View public-dns-compare-youtube.md

Public DNS Service Comparisons - youtube.com

This document is a companion to the article 1.1.1.1: Fast, but not so accurate (yet).

"A" response records for YouTube, and network connectivity and latency to the answers, from Comcast in Memphis, TN. Tests conducted 2018-04-04.

Querying the A record for youtube.com, 1.1.1.1 gives the poorest answer: inexplicably, a server in Bogota, Colombia, South America. The most optimal results were returned by Comcast and Level3, which both gave the

View public-dns-compare-google.md

Public DNS Service Comparisons - google.com

This document is a companion to the article 1.1.1.1: Fast, but not so accurate (yet).

"A" response records for Google, and network connectivity and latency to the answers, from Comcast in Memphis, TN. Tests conducted 2018-04-04.

Querying the A record for google.com, 1.1.1.1 gives the poorest answer, a server more than twice as distant as those returned by other resolvers. The most optimal results were returned by Comcast and Level3.

View public-dns-compare-network.md

Public DNS Service Comparisons

Network connectivity and latency only, from Comcast in Memphis, TN. 2018-04-02.

Cloudflare's 1.1.1.1

7 hops, ping average 13.1 ms

[parse@word ~]$ mtr -c 100 1.1.1.1
View bind9-logging-config.txt
//bind9 logging stanza with dynamic severity that can be controlled via rndc
//
//To debug something, issue "rndc trace 99" and run your troublesome query.
//This will generate extremely verbose logs, so as soon as you capture the event,
//run "rndc notrace" to return to standard non-verbose logging. Then copy and
//examine the log files at your leisure.
logging {
channel default_debug {
file "/var/log/named/named.run";
You can’t perform that action at this time.