This is Warren Kwok's Internet note pad, electronic diary, online rubbish journal, whatever you might name it ! It is an archive of my random thoughts in a chronological order. I am not good at reporting boring things and change them to lively. If you find this blog boring, sorry that it is your problem.
2012/10/30
HSBC pays little attention to the prevention of email phishing.
I received an email from HSBC about annual service fee. Usually, if I receive an email from a bank, I will open the email header to identify if it is really coming from a bank or it is just a phishing email. For the HSBC's email, the sender domain is checked ok. However, there is no DKIM messages in the email header. To probe further on email protection, I tried to dig the SPF records of hsbc.com.hk. Oh no, its SPF is based on "soft fail". That is a poor setting. Without the proper use of SPF and DKIM, I can conclude that HSBC pays little attention to the prevention of email phishing.
2012/10/28
BlueScreenView
I hate Windows Blue Screen of Death (BSOD). Just yesterday, one Windows 7 experienced BSOD three times a day. After reboot, I decided to use BlueScreenView to look at the dump file. It was shown that the driver athurx.sys caused the hang up. The driver was used by TP-LINK wireless adaptor and the remedy was to re-install the latest driver from TP-LINK website. Seems resolved now but have to wait for some more days to verify the stability.
2012/10/23
Resources Public Key Infrastructure (RPKI)
My colleagues in HKSAR Government have
successfully signed the routing prefixes with RPKI and the results could be
checked over Hurricane Electric's BGP portal.
I guess the HKSAR Government is the first entity
in Hong Kong to adopt RPKI signing to secure the global routing
infrastructure. RPKI signing is just one
part. For routers to be able to validate
RPKI, the routers must be able to support RPKI and there is a need to establish
an RPKI-validating cache server with trust anchors of the five RIRs
configured. Again, I have no doubt that the Government will be the first entity in Hong Kong to adopt the full set of RPKI configurations.
2012/10/20
Hotmail and Yahoo email service
A
female boss (Miss Erica Yuen) is recruiting an assistant in Facebook. One statement she made is that " If you
are using Hotmail or Yahoo Mail, sorry that you will not be considered. If you
can tolerate such poor email service, you are not the kind of person I am
looking for."
I have to report this to senior people in Yahoo in US.
2012/10/06
multiple servers for a website
I find the following announcement in a popular website very crazy:
"Dear members,
We have added more servers to deal with traffic increase. Please remember to access the domain names vip.abc.com, www2.abc.com, www3.abc.com and www4.abc.com. "
It is absolutely not necessary to ask members to memorize the additional domain names. Users will be confused about which one to use at a particular time. Just a single domain name "www.abc.com" will be fine and with the use of DNS round robin pointing to several IP addresses, the loading of the servers can be evenly distributed.
Just take a look at www.cnn.com:
[localhost~]# dig www.cnn.com +short
www.cnn.com.vgtf.net.
cnn-lax.gslb.vgtf.net.
157.166.241.11
157.166.240.11
157.166.240.13
157.166.241.10
Can't stop myself from laughing....
"Dear members,
We have added more servers to deal with traffic increase. Please remember to access the domain names vip.abc.com, www2.abc.com, www3.abc.com and www4.abc.com. "
It is absolutely not necessary to ask members to memorize the additional domain names. Users will be confused about which one to use at a particular time. Just a single domain name "www.abc.com" will be fine and with the use of DNS round robin pointing to several IP addresses, the loading of the servers can be evenly distributed.
Just take a look at www.cnn.com:
[localhost~]# dig www.cnn.com +short
www.cnn.com.vgtf.net.
cnn-lax.gslb.vgtf.net.
157.166.241.11
157.166.240.11
157.166.240.13
157.166.241.10
[localhost~]#
2012/10/03
The first three IPv6 websites in HK
Here is the screen shot of the first three IPv6 websites in HK registered with sixy.ch dated back about 1000 days ago.
My managed website bya.org.hk came as the second. Great work.
My managed website bya.org.hk came as the second. Great work.
2012/10/02
US Government IPv6 Deadline
The US Government previously imposed a deadline
that by 30 Sept 2012, all Federal agencies must have their public-facing
servers running on IPv6. The deadline
has passed already. Less than 30 % of Federal websites are operating with IPv6. The situation of mail and DNS servers are even worse. This
is the statistics provided by NIST one week ago.
A question remains. How to push these Federal agencies to quickly deploy IPv6?
A question remains. How to push these Federal agencies to quickly deploy IPv6?
Subscribe to:
Posts (Atom)