Websites are port-scanning your localhost. Here’s how to stop random websites from knowing what services are running on your device.
Peer-to-peer apps forget the IP addresses it communicated with in the last session and rely on peer-discovery all the time. Caching can make them more robust.
A quick tutorial for migrating from FirewallD and getting started with the Uncomplicated Firewall (UFW).
VPS service providers have data centers located all over the world. You need managed anycast IP-addresses to direct users to the nearest VPS location.
Tutorial for quieting Multicast DNS using various firewall front-ends for Linux’s iptables firewall.
Russia to test disconnecting from the global Internet. Peer-to-peer distributed internet alternatives won’t survive after the Runet cutoff.
Two competing proxy anonymity proxy services can live side-by-side when configured with a PAC.
An over-aggressive power-savings system causes Android devices configured with a PAC proxy configuration file to lose networking.
Ctrl blog was inaccessible in Turkey for five days as the country blocks the BunnyCDN content delivery network.
InvizBox wants some of that sweet VPN subscription service revenue. Abandons Tor Onion network anonymity in favor of a more lucrative venture.
The French VPS provider Scaleway doesn’t deliver promised features like IPv6, reverse DNS, or Linux distribution availability.
I surveyed millions of websites to discover which domains were IPFS P2P DNSLink-enabled websites.
The web has become too centralized. The distributed peer-to-peer (P2P) web can help tear down the walled gardens erected by big tech companies.
Set up network monitoring and measure bandwidth consumption using Darkstat on Fedora Linux with systemd service management.
Resolve a common DNS over TLS configuration mistake in the Unbound DNS server that makes you vulnerable to man-in-the-middle resolver interceptions.
Lenovo Wi-Fi Security sends information about your device and the networks it joins to an Isreali company called Coronet Cyber Security. But is it any good?
Improve your privacy by spreading DNS resolution requests out among many recursive DNS resolvers. No single provider will know all you do online.
Many VPNs require you to install their root certificates to use their service. This also enables them to intercept your encrypted web traffic.
Bugs in the Windows Settings app cause problem when setting up VPN connections with IKEv2 EAP authentication profiles.
A tutorial for setting up a recursive DNS over TLS resolver with Know Resolver on Fedora Linux.
Set up Let’s Encrypt certificate renewals with Certbot punching-through a NAT router/firewall to reach the internet.
MikroTik RouterOS doesn’t allow mapping ports 80 or 443 over UPnP. Quite a few games need this port, though. Here is how to make it assignable.
The final part and conclusions in my review-series for the Vilfo VPN router. Is it worth the premium price tag?
I found several privacy and security issues with the Vilfo VPN router during my review.
The Vilfo VPN router has support for Wi-Fi but is too under-powered to serve as a Wi-Fi router.
The Vilfo router uses off-the-shelve hardware components but it isn’t top-grade stuff.
Take manual control of your Linux system’s DNS resolution and keep programs from interfering with and overwriting your resolv.conf file.
Ctrl blog lost IPv6 support after migrating to BunnyCDN. I lost IPv6 at home when migrating to Lynet Internett. I look back on other IPv6 issues in 2017.
TP-Link has issued firmware updates fixing its data-squandering NTP bug after my investigation. Devices won’t auto-update, however.
A design flaw in TP-Link Wi-Fi repeater firmware causes it to waste an excessive amount of bandwidth on NTP timekeeping. DDoS’ed public NTP servers in the process.
Whether you get updated drivers for your TP-Link product or not depends on what country you’re checking from.
The TP-Link RE650 and RE500 are rated for different network speeds, but they’re really the same device.
Windows 10 can show a background networking auto-configuration protocol as your device’s number one bandwidth hog.
New features and services in SSH brute-force protection utility SSHGuard version 2.1.
Compare three budget content delivery networks to find which one gets you the most bang for your bucks.
I’d registered my Ctrl.blog domain with Get.blog. That service no longer exists and my domain was transferred to WordPress.com without notice.
An intermediary HTTP proxy-cache can interfere with how different devices detect whether they’ve got working internet access or not.
So is the Linux firewall distribution IPFire well suited as a home network router?
A “security feature” on my network router began blocking all downloads through Steam.
Is Ookla Speed Test or Microsoft Network Speed Test the best for speed testing app for your Windows 10 device?
A deep look at the ASUSWRT router firmware.
Don’t blindly “cut off ports” after the first colon to “convert” a socket address (<IP>:<PORT>) to an IP address.
A comparison review of six GeoDNS service providers. GeoDNS can help reduce latency by directing your website traffic to the nearest datacenter.
Protect your Fedora/CentOS Linux-system against SSH brute-force credential-guessing with SSHGuard and FirewallD.
New features and services in SSH brute-force protection utility SSHGuard version 2.0.
Learn how to log in to and take control of Windows 10’s new SSH Server.
Set up source IP-specific or network-interface-bound firewall zones in FirewallD.
Be wary when entering DNS TXT records in Linode DNS Manager.
Plenty of third-party firewalls and similar programs can break Windows 10’s Data usage counting. Here is how to make it count your data again.
Why and when do you need to run the ‘firewall-cmd --reload’ command after making changes to your FirewallD configuration?
Feed delta updates strip away feed entries that the subscriber has already download and only transmits the update delta consisting of new entries.
Make your network-based file_get_contents() request more reliable by having it not give up so easily and try multiple network routes and protocols instead.
You decide the balance between Wi-Fi network latency and power-savings using the new llwr utility.
Identify which network interface your Google Chromecast is using to connect to the internet.
OnePlay’s website is available over IPv6 through Cloudflare. However, its backend servers blocked my purchases as they weren’t IPv6 ready.
Set up auto-updating GeoIP databases and enable the PHP-GeoIP extension in your favorite Linux distributions.
Ensure reliable and long-term content distribution over BitTorrent with a dedicated seedbox.
Stop relying on IP addresses not changing in an IPv6-enabled world were devices randomly change their address at least once a day.
IPv6-capable websites can break the website security information displayed in the Netcraft anti-phishing toolbar for Firefox and Chrome.
The popular SSH server brute-force login guessing protection utility Fail2Ban has finally added IPv6 support.
Reduce brute-force password guessing and scripted attacks on your SSH service running on a Fedora Server by changing away from the default SSH port number.
How needs a Tor-enabled Wi-Fi access-point, anyway?
A group review of the free tier of the three uptime-monitoring services Site24x7 vs StatusCake vs UptimeRobot.
How to swap out a poorly supported Broadcom Wi-Fi module in a laptop with a better and more modern Wi-Fi module from Intel.
Use Java APIs instead of Android’s URI API to avoid Android’s mishandling of IPv6 literal addresses.
Windows 10 is working on adopting widely deployed network-discovery protocols used by every other device class.
Popular mDNS-utility Avahi sees first update in three years address multiple issues.
How to factory-reset an Asus RP-AC52 Wi-Fi repeater. For whatever reason, ASUS doesn’t tell you how to do it in the manual.
Windows 10 introduces a new feature that freely shares all your Wi-Fi passwords with your Outlook, Skype, and Facebook contacts.
Microsoft got trashed by the security community for failing to deploy a firewall by default in Windows. Why are Apple products not given the same scrutiny?
Two programs struggle for control over your resolv.conf of you’ve installed Debian from an IPv6-capable network.