https://www.staffordnet.uk/ 2026-04-05T18:25:28+00:00 https://www.staffordnet.uk/ https://www.staffordnet.uk/lib/exe/fetch.php?media=favicon.ico text/html 2025-09-19T20:35:46+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:dhcp&rev=1758314146&do=diff DHCP Also, remember the port flow: * client to relay source udp-68 to udp-67 * relay to server udp-67 to udp-67 (initial request and T2 request) * server to relay udp-67 to udp-67 * relay to client udp-67 to udp-68 * client direct to server udp-68 to udp-67 (T1 request. Blocked by Azure) text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:email_with_telnet&rev=1669207782&do=diff Email with Telnet This page contains instructions on how to send an email using telnet. Prerequisites The machine must have telnet installed and must be able to connect to port 25 of an email relay. Sending Email Using Telnet telnet mail.example.com 25 EHLO example.com MAIL FROM: source@example.com RCPT TO: target@example.com DATA FROM: Your Name TO: Target Name SUBJECT: Some Subject Text Here Hey You, Life is good. Enjoy it. Regards, Me . quit text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:fibre_cable_global_map&rev=1669207782&do=diff Global Map of Fibre Cable This is a map of the world's fibre cable connectivity. text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:fritzbox_3490&rev=1669207782&do=diff Configure FritzBox 3490 Configure Public IP Subnet This will show the settings required to have the FritzBox own a /29 subnet and allow a dedicated firewall device to own the other five IP addresses. * Log into the WebGUI of the FritzBox * Switch to advanced view. text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:ftp&rev=1669207782&do=diff FTP Configure VSFTPD Ports The FTP protocol uses two TCP connections. You have port 21, the command and login connection, and a second connection, the data connection. With passive FTP the second connection is to a randomly assigned available TCP port above 1024. text/html 2025-08-05T16:08:27+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:ipv4&rev=1754410107&do=diff IPv4 Note: Ipv4 and IPv6 PTR zones for private ranges From * IANA * RAD Web Hosting * ipinfo.io * Team Cymru Bogons IPv4 * Team Cymru Bogons IPv6 Also, * 172.17.0.0/16 - Default subnet for docker and developers often do not change it. * 10.88.0.0/16 - Default network for podman. More details here. Host (RFC 5735) * 127.0.0.0/8 - host loopback address text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:ipv6&rev=1669207782&do=diff Unique Local 3 ways to do UL wrong IPv6 Delegation What is it IPv6 Disable Privacy Extensions On Ubuntu 20.04 cat >> /etc/sysctl.conf <<EOT net.ipv6.conf.all.use_tempaddr=0 net.ipv6.conf.default.use_tempaddr=0 EOT sudo sysctl -p text/html 2023-03-17T00:03:25+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:mac_addresses&rev=1679011405&do=diff MAC Addresses IEEE list of MAC address vendors text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:nhs_digital&rev=1669207782&do=diff NHS Digital HSCN Connectivity Info is here. HSCN Suppliers Source is here. As of June 2020, the following 21 companies supply connections into HSCN. * AdEPT Technology Group * BT * CANCOM UK Managed Services * CenturyLink (Lumen) * Convergence (Group Networks) text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:ocsp&rev=1669207782&do=diff OCSP Commands from this site. Test OCSP in Windows You can test OCSP on Windows with the following commands certutil.exe -verify -urlfetch NAME_OF_CERT.crt You can use the GUI with the following command certutil.exe -url NAME_OF_CERT.crt However, if you are testing certificates generated internall (i.e. not public certificates for websites like Google or Wikipedia), then you will need to install the full certificate chain on your machine. Specifically, use the following command to install… text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:ping&rev=1669207782&do=diff Ping Ping without Framenting Data from Palo Alto Networks here. -f will mean that the ping is only sent if it isn't fragmented. -l sets the size of the packet ping -f 10.1.1.1 -l 1472 The reason to chose 1472 Bytes as the size for the first test is because the complete packet will then be 1500 Bytes. text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:public_cloud_ip&rev=1669207782&do=diff Public Cloud IP AWS <https://ip-ranges.amazonaws.com/ip-ranges.json> Azure <https://www.microsoft.com/en-us/download/confirmation.aspx?id=56519> <https://download.microsoft.com/download/7/1/D/71D86715-5596-4529-9B13-DA13A5DE5B63/ServiceTags_Public_20200629.json> GCP <http://www.gstatic.com/ipranges/cloud.json> text/html 2025-08-29T13:16:09+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:quic&rev=1756473369&do=diff QUIC Against Decrypting Intersting thoughts from reddit here on why decrypting QUIC is almost pointless. What's your use case for QUIC Decryption? As of today decrypting QUIC only works with Firefox since Google / Chromium opted for not supporting MiTM for QUIC. SPKI Validation can be disabled in Chromium with the ignore-certificate-errors-spki-list flag but to operationalize QUIC Decryption you would need to manage all Chromium Based Browsers on the endpoint text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:region_codes&rev=1669207782&do=diff Region Codes Regions A list of region codes can be found here. You may be wondering what A1 and A2 regions are. It turns out that the GeoIP database tracks (where possible) known IPs that are used for Anonymous Proxy access. This page describes it as follows: text/html 2025-08-05T15:44:57+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:rfc1918&rev=1754408697&do=diff RFC 1918 When configuring PAN-OS, keep the following in mind. RFC3927/RFC5735 specifies 169.254.0.0/16 as a link local range to be used for connectivity links. This makes it ideal for HA connections. RFC5735 lists special use cases. 198.18.0.0 RFC6598 specifies 100.64.0.0/10 text/html 2024-07-29T09:28:51+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:ssh&rev=1722245331&do=diff SSH Install SSH Server In Ubuntu 16.04, you can install SSH server with sudo apt-get install openssh-server You can ensure it starts at boot with systemctl enable ssh.socketv SSH Key Generation To generate an RSA key pair to work with version 2 of the protocol, type the following command at a shell prompt. Accept the default file location of ~/.ssh/id_rsa. Good security practice dictates that you should enter a password that is unique. text/html 2025-08-24T17:09:41+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:tcpdump&rev=1756055381&do=diff TCPDUMP On Linux, to capture data on a port and write to output.pcap, run sudo tcpdump -i any -v 'port 1514' -w output.pcap To capture traffic on a server (192.168.11.153) where the client (1921.68.99.74) is accessing TCP-443 on the server. tcpdump -i eth1 -n '(src 192.168.99.74 and dst 192.168.11.153 and dst port 443) or (src 192.168.11.153 and dst 192.168.99.74 and src port 443)' text/html 2022-11-23T12:49:42+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:traffic_generator&rev=1669207782&do=diff Traffic Generator Linux To generate some web traffic on Linux, run the following. for i in {1..15}; do wget www.google.com; sleep 2; done text/html 2025-08-24T17:06:43+00:00 Anonymous (anonymous@undisclosed.example.com) https://www.staffordnet.uk/doku.php?id=networking:wireshark&rev=1756055203&do=diff Wireshark Show all DNS queries from local IP that are for a specific FQDN. NOTE: This will obviously not show the return queries as we are only showing outbound requests. dns and ip.src==192.168.1.10 and dns.qry.name == "example.com" dns.qry.name == "test.com" or dns.qry.name == "example.com"