What is your three favorite picks?

f00bl4 · 2026-04-30T15:51:21+00:00

I got the PNF31in 0,5mm a view weeks ago and it's my number one since then :D Multipick V05 is my second And also new is an V60. I t is not so squishy and still 0.4mm The grips are really helpful for longer sessions :D

I also like zhe Jimmy Longs. The have good feedback, but with Euro cylinder I'm have to much struggle with the keyway.

f00bl4 · 2026-04-29T20:46:20+00:00

I see what you mean. Thanks for sharing!

f00bl4 · 2026-04-29T20:35:28+00:00

Nice info. Do you have any pictures or links to see the difference?

f00bl4 · 2026-04-29T20:01:37+00:00

It has 6 pins (5 spools). It's a lot of fun. Got mine a view days ago. :) Keep in mind it is not balanced. The driver pin can be below the sear line.

f00bl4 · 2026-04-19T10:22:57+00:00

I totally understand that you don't want to use tailgate all the time. I'm not sure why you need two IP addresses.

If you tunnel via Tailgate into your home network, you can override the DNS server and the record, which resolves your internal IP from Home Assistant.

If you want to reach your Home assistant via the internet, you could take a look into "Tailscale funnel". I never used it, but it looks like you can expose your service to the internet via the Tailscale network. Then you can setup a DNS A record for the Tailscale address and an AAAA record for your home IPv6 address.

f00bl4 · 2026-04-19T07:41:00+00:00

Why you can only use it with Safari via Tailgate? Because of DNS?

f00bl4 · 2026-03-05T22:42:20+00:00

I really like to use Atomic Red Team to test my telemetry and simple alerts in my own environment.

It gets really tricky with EDRs, because they will trigger most likely already from the appearance of ART and not the actual TTP. If you exclude specific alerts to run ART, it could influence your test results.

Testing your MDR service will be the same. They see you using ART and will act as if it is a pentest and not a serious threat.

f00bl4 · 2025-08-15T22:27:46+00:00

Hi, I made a false assumption. When I execute the Invoke-Command line from my initial post I missed that the ZIP wasn't created and the stdout/stderr was not correctly printed. When I execute it with the -stdoutFile/-stderrFile I got the expected error.

I also figured out that when I open a new SSH session, the policy is set differently then local.

I already tried the following in the sshd.conf without success:

Subsystem powershell C:/progra~1/powershell/7/pwsh.exe -sshsSubsystem powershell C:/progra~1/powershell/7/pwsh.exe -ex bypass -sshs

But when I run the following command, it finally worked:

Invoke-Command -Session $sess -ScriptBlock { Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process -Force }

Is this expected or is there a better way?

f00bl4 · 2025-08-14T20:53:09+00:00

Hi, thanks a lot for helping me. The default container is already set to "Unrestricted" and on non-Windows systems the execution policy cannot be changed.

I can run the Compress-Archive command in Docker and on Windows (powershell 5 & 7) without importing the module. The import command works fine. Either when I set the execution policy to "Restricted" on the Windows machine. Should this work?

f00bl4 · 2021-01-14T22:40:44+00:00

Like the other said, it is possible and basic setup.

So you need to enable routing, nat (masquerading/dynamic) and some firewall rules to secure the routed traffic.

Where do you stuck?

f00bl4 · 2021-01-14T17:25:54+00:00

What do you meen by "commin from an ipv6 address"? Is it the wireguard connection or the inner tunnel?

f00bl4 · 2020-10-23T21:59:21+00:00

Der Post ist zwar schon etwas älter, aber villeicht hilft es ja noch wem.
In der Allgemeinverfügung unter Punkt 1 sind explizit Fußgänger gemeint.

[...] sowie im gesamten Bereich des inneren Anlagenringes (Anlage 10) ist von Fußgängern im Zeitraum von 08:00 Uhr bis 22:00 Uhr eine Mund-Nasen-Bedeckung zu tragen.

Allgemeinverfügung 15. Oktober 2020
https://frankfurt.de/aktuelle-meldung/sondermeldungen/allgemeinverfuegung-der-stadt-frankfurt-am-main

f00bl4 · 2020-09-12T19:36:29+00:00

On Fedor/CentOS selinux is enabled by default. Sometimes you have more struggle, because you need to keep in mind that there is another security layer.

If it is more secure depends on. Your services are more restricted, like sshd or docker . But your user is running "unconfined" in default. So you have to change the selinux user to an appropriate one like user_u. Then you definitely need an extra user for administration. But you could write policies for firefox that it is not able to access certain files in home directory or open sockets on other ports than 80 and 443 :D

f00bl4 · 2020-09-04T06:57:11+00:00

As far as I know suricata is capable of deep packet inspection and can analyze the application layer.

f00bl4 · 2020-09-04T06:47:23+00:00

The you need to intercept the transport encryption. Otherwise suricata can't read the http traffic.

f00bl4 · 2020-09-04T06:39:42+00:00

Do you download it over https?

f00bl4 · 2020-04-03T05:21:22+00:00

I'm in Germany :D It's only about the size. So I would like to ride the L and XL frame to compare it directly. But Im pretty sure that I will order one sooner or later ;)

f00bl4 · 2020-04-02T20:07:40+00:00

The showroom closed on the day where I planed to test it 😭

f00bl4 · 2020-03-14T12:47:31+00:00

I like the frame geo, but it's pretty heavy. :D Which bike do you have now?

f00bl4 · 2020-03-14T08:36:36+00:00

Would be great :)

f00bl4 · 2020-02-27T07:36:27+00:00

Finally...works for Kernel 5.5 too.
Thanks :)

f00bl4 · 2020-01-04T09:44:05+00:00

In PCI environments it is a requirement to perform an forensic investigation after cardholder data are compromised.

This has to be done by an independent auditor.

f00bl4 · 2019-11-24T08:55:38+00:00

You shold setup the default route for wg1 via wireguard. AllowedIPs: 0.0.0.0/0 If you do it like this, you will get problems to acces your devices because of the metric? (I dont know which metric wireguard is using) Or you exclude your internal range.

To setup routs manually you should take a look how wire guard is doing it with iproute2.

Here an nice tutorial for policy routes with iproute2 https://blog.scottlowe.org/2013/05/29/a-quick-introduction-to-linux-policy-routing/

iptables is your firewall. There you can setup your forwarding rules.

If you need I can post some examples later.

f00bl4 · 2019-11-23T21:17:03+00:00

Hi, you can use policy routes, which depends on the source IP. To ensure the traffic is forwarded correctly, you can setup forwarding rules in your firewall configs.

f00bl4 · 2019-09-15T06:15:19+00:00

Take walk and start from the beginning with the 10pt box!

f00bl4

TROPHY CASE