danmassey.net Report : Visit Site

Technical data of the danmassey.net

Geo IP provides you such as latitude, longitude and ISP (Internet Service Provider) etc. informations. Our GeoIP service found where is host danmassey.net. Currently, hosted in United Kingdom and its service provider is Challenger Technology Ltd .

HTTP Header Analysis

HTTP Header information is a part of HTTP protocol that a user's browser sends to called Apache/2.2.23 (FreeBSD) PHP/5.4.11 mod_ssl/2.2.23 OpenSSL/0.9.8x DAV/2 containing the details of what the browser wants and will accept back from the web server.

DNS

HtmlToText

dan massey's blog technical notes for bored geeks skip to content home freebsd zfs perl cisco apache c ipv6 ubuntu about ← older posts cisco asa site to site vpn with dynamic ip addresses posted on september 16, 2016 by danmassey99 today’s problem is a new customer office opening ahead of their scheduled mpls installation. we need to connect them back into their vpn via their existing hosted cisco asa. the internet connection at the new office is at this point unknown, could be a 4g dongle, could be a satellite or even a dsl connection – or a combination of the three! we have a spare asa and we are going to create a site to site vpn, despite the fact that the new office ip is unknown or possibly dynamic. cisco provide a special kind of crypto map for this challenge called a dynamic crypto map and a special tunnel-group called ‘defaultl2lgroup’ which catches l2l runnels where the peer ip address cannot be matched. there are ways of ‘steering’ dynamic l2l peers into different tunnel-groups but we only need to use the basics here. the configuration on the ‘spoke’ end (the one with the dynamic/unknown ip address) is just a standard l2l ipsec tunnel, so we just need the hub (fixed ip) end: step 1 – define the interesting traffic (for the nat exemption) object network local_lan subnet <local lan ip range> object network remote_lan subnet <remote lan ip range> step 2 – configure the nat exemption nat (inside,outside) source static local_lan local_lan destination static remote_lan remote_lan step 3 – configure the phase 1 setup crypto ikev1 enable outside crypto ikev1 policy 10 authentication pre-share encryption aes hash sha group 2 lifetime 86400 step 4 – configure the phase 2 setup crypto ipsec ikev1 transform-set my-set esp-aes esp-sha-hmac step 5 – configure the tunnel-group tunnel-group defaultl2lgroup ipsec-attributes ikev1 pre-shared-key <secret_key> step 6 – configure the crypto maps crypto dynamic-map dynovpn 10 set ikev1 transform-set my-set crypto dynamic-map dynovpn 10 set reverse-route crypto map vpnmap 999 ipsec-isakmp dynamic dynovpn crypto map vpnmap interface outside posted in cisco | tagged cisco asa , dynamic vpn , ipsec , vpn | comments off on cisco asa site to site vpn with dynamic ip addresses basic webvpn setup on the cisco asa 9.x posted on august 7, 2016 by danmassey99 we have resisted the change for a long time, bit its time to finally move some of our customers over to the ssl vpn who were previously using the ipsec remote access vpn. windows 10 does not support the ipsec client any more, cisco have stopped developing it and its only saving grace is that mac seem to have no problem with the built in vpn connector. we are moving some clients to the asav which i will document the installation of another time, but the software version i am using is 9.6(1). requirements: 1. most users will be standard, tunnel-all users 2. a few users will require local lan access for ip printers etc. these will be kept to a minimum as they pose a security risk 3. the anyconnect software should be deployed from the asa. 4. the users will all be stored in the asa local database. stage 1 – get a 3rd party certificate i have a previous post on this which is still valid. i used a rapidssl from geotrust. the latest client has a ‘checked’ check box to disable non trusted certificates by default and could cause a lot of pain for the support guys – so do this first! make sure the time is set as per the article. stage 2 – create an ip pool for the remote users i favour using a completely separate ip range, not used anywhere else on the internal network. this saves a lot of faff with adding routes later. ip local pool vpn-pool 10.11.11.1-10.11.11.50 stage 3 – sort the nat out i ran into a world of pain when i did this first as the asa started responding to arp requests from anything on its outside subnet. the take-home message is that avoid using ‘any’ in your nat setup. so we want to define the pool as an object and use that to get the nat exemption for data leaving our ‘inside’ network to the ‘outside’ network via the vpn tunnel. also we want traffic coming back from the client, not destined for the inside network to be natted to the internet. object network vpn-ip-pool subnet 10.11.11.0 255.255.255.0 nat (outside,outside) dynamic interface dns now the nat exemption for the inside to outside traffic. i assume there is already a lan object defined. nat (inside,outside) source static lan lan destination static vpn-ip-pool vpn-ip-pool also we’ll need to allow the outside traffic to hairpin on the interface. same-security-traffic permit intra-interface stage 4 – add the webvpn config here we need to upload the pkg files which can be downloaded from cisco.com into the flash of the asa. they are then referenced in the config. webvpn enable outside anyconnect image disk0:/anyconnect-win-4.2.05015-k9.pkg 1 anyconnect image disk0:/anyconnect-macosx-i386-4.2.05015-k9.pkg 2 anyconnect image disk0:/anyconnect-linux-64-4.2.05015-k9.pkg 3 anyconnect enable tunnel-group-list enable note the pkg references have an index number to permit multiple files to be uploaded. stage 5 – group policy we’ll create a group policy to set the parameters for the users. its best to create a new policy rather than edit the default. this is our ‘tunnel-all’ policy which will be referenced by the tunnel group as the default policy. group-policy customer-policy internal group-policy customer-policy attributes dns-server value 8.8.8.8 vpn-tunnel-protocol ssl-client split-tunnel-policy tunnelall stage 6 – the tunnel group here a tunnel group is created which pulls it all together tunnel-group customer type remote-access tunnel-group customer general-attributes address-pool vpn-pool default-group-policy customer-policy tunnel-group customer webvpn-attributes group-alias customer-login enable the group aliases appear in the dropdown when the user logs in. stage 7 – the users the users are all using the default group policy of ‘customer-policy’ unless we specify differently. username user_name password pass_word username user_name attributes vpn-group-policy my-different-group-policy group-lock value customer service-type remote-access i’ve also locked the user into the correct group to be secure. this is enough to get up and running – there is loads more to do with customisation, additional security and the like, but for now the customer needs to get online. posted in cisco | tagged asa , cisco , ssl vpn , webvpn | comments off on basic webvpn setup on the cisco asa 9.x upgrading mysql on centos 6 posted on january 21, 2016 by danmassey99 i’ve been migrating a web site from a community web server to a dedicated 30:30 server running centos, apache, mysql and php. the issue is that centos stopped updating mysql at version 5.1 in the centos 6 track and the ‘source’ database is version 5.5. after the first mysqldump would not import into the 5.1 version i decided to update the 30:30 server to a more modern version of mysql – 5.7! firstly, backup the databases using mysqldump. stop the server. # service mysqld stop remove the old software. # yum remove mysql mysql-server at this point i found it was a good idea to completely remove the mysql directory. # cd /etc/lib/ # rm -f mysql/ fetch the new software. # wget http://dev.mysql.com/get/mysql57-community-release-el6-7.noarch.rpm install the code. # yum localinstall mysql57-community-release-el6-7.noarch.rpm install the new software. yum install mysql mysql-server start the service. # service mysqld start now here’s the next snag – normally i’d run the secure install programme, which i did, but i could not get in with the usual blank password, which i thought was odd! also the old root password failed the password strength requirement mysql had assigned itself! i wanted to maintain the old password for the time being so that issue needed resolving. first things first, mysql 5.7 assigns itself a temporary root password which is logs in t

URL analysis for danmassey.net

http://blog.danmassey.net/?m=201310
http://blog.danmassey.net/?tag=nagios
http://blog.danmassey.net/?feed=comments-rss2
http://blog.danmassey.net/?tag=ipsec
http://blog.danmassey.net/?tag=apache-logging
http://blog.danmassey.net/?tag=zfs-restore
http://blog.danmassey.net/?cat=64
http://blog.danmassey.net/?cat=65
http://blog.danmassey.net/?tag=spamassassin
http://blog.danmassey.net/?tag=xcode4
http://blog.danmassey.net/?tag=asa
http://blog.danmassey.net/?tag=sendmail
http://blog.danmassey.net/?p=1005
http://blog.danmassey.net/?tag=snapshot
http://blog.danmassey.net/?p=959

Whois Information

Whois is a protocol that is access to registering information. You can reach when the website was registered, when it will be expire, what is contact details of the site with the following informations. In a nutshell, it includes these informations;

Domain Name: DANMASSEY.NET
Registry Domain ID: 110613556_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.tucows.com
Registrar URL: http://www.tucowsdomains.com
Updated Date: 2017-01-20T11:40:14Z
Creation Date: 2004-01-26T16:23:56Z
Registry Expiry Date: 2018-01-26T16:23:56Z
Registrar: Tucows Domains Inc.
Registrar IANA ID: 69
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Server: NS0.GCONNECT.NET
Name Server: NS1.GCONNECT.NET
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2017-08-10T07:12:10Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.

  REGISTRAR Tucows Domains Inc.

SERVERS

  SERVER net.whois-servers.net

  ARGS domain =danmassey.net

  PORT 43

  TYPE domain

DOMAIN

  NAME danmassey.net

  CHANGED 2017-01-20

  CREATED 2004-01-26

STATUS
clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
clientTransferProhibited https://icann.org/epp#clientTransferProhibited
clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited

NSERVER

  NS0.GCONNECT.NET 84.21.142.170

  NS1.GCONNECT.NET 84.21.136.45

  REGISTERED yes

Mistakes

The following list shows you to spelling mistakes possible of the internet users for the website searched .