Are you over 18 and want to see adult content?
More Annotations
A complete backup of khabar.ndtv.com/news/india/election-results-2020-complete-guide-to-check-results-trends-election-commission
Are you over 18 and want to see adult content?
A complete backup of www.behindthesteelcurtain.com/2020/2/8/21128598/complete-xfl-schedule-for-week-1-this-weekend-landry-jones-
Are you over 18 and want to see adult content?
A complete backup of www.rtbf.be/sport/football/etranger/italie/detail_inter-ac-milan-le-duel-lukaku-saelemaekers-live-commente-
Are you over 18 and want to see adult content?
A complete backup of udn.com/news/story/120940/4333091
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of usbest-casino.com
Are you over 18 and want to see adult content?
A complete backup of canopyandstars.co.uk
Are you over 18 and want to see adult content?
Text
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
UBIQUITI - CONFIGURE MICRO-SEGMENTATION FOR IOT DEVICESSEE MORE ONROBPICKERING.COM
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
UBIQUITI - CONFIGURE MICRO-SEGMENTATION FOR IOT DEVICESSEE MORE ONROBPICKERING.COM
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access toABOUT ME
Leader, Mentor, Challenger, Educator, Network Engineer, System Administrator, Developer, Hacker, Writer, Diver, and Technology Explorer. ServiceNow Currently, I'm the Sr. Director - Now on Now Program. ServiceNow's Program where we document and tell the stories of how we're successful running a $100B company on our own technology.Prior to my
HOWTO - ROB PICKERING Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. by Rob Pickering. 4 min read. blog. SECURITY - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security (TLS) (you. by Rob Pickering. 7 min read. SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security (TLS) (you. by Rob Pickering TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop.B&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
CREATE A FULL BACKUP IMAGE OF YOUR AMAZON EC2 INSTANCE Here are the steps, in order, to get your Private Key and X.509 Certificate needed to perform an Amazon Machine Image (AMI) backup: Log into your Amazon AWS Management Console. Click the Account button at the top. Click the Security Credentials link. Click the X.509 Certificates tab. Click the Create a new Certificate link. PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
REVIEWS - ROB PICKERING 4 min read. backup. April Fools! Your blog backup is incomplete. My first VaultPress backup was completed at 7:03pm, Fri, February 25. I felt safe. I had been playing with various WordPress backup solutions, including AWB, BackupBuddy (I purchased it), but wasn’t. by robpickering. 5 min read. TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
B&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
REVIEWS - ROB PICKERING 4 min read. backup. April Fools! Your blog backup is incomplete. My first VaultPress backup was completed at 7:03pm, Fri, February 25. I felt safe. I had been playing with various WordPress backup solutions, including AWB, BackupBuddy (I purchased it), but wasn’t. by robpickering. 5 min read. TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
B&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access toABOUT ME
Leader, Mentor, Challenger, Educator, Network Engineer, System Administrator, Developer, Hacker, Writer, Diver, and Technology Explorer. ServiceNow Currently, I'm the Sr. Director - Now on Now Program. ServiceNow's Program where we document and tell the stories of how we're successful running a $100B company on our own technology.Prior to my
BELIEVING - ROB PICKERING This weekend, Disney released a new movie for download. That by itself isn't remarkable. What's remarkable is that this is a move that was just released to the theaters two weeks prior. That movie is from Pixar studios and is called Onward. I'm writing this as my son and I REVIEWS - ROB PICKERING 4 min read. backup. April Fools! Your blog backup is incomplete. My first VaultPress backup was completed at 7:03pm, Fri, February 25. I felt safe. I had been playing with various WordPress backup solutions, including AWB, BackupBuddy (I purchased it), but wasn’t. by robpickering. 5 min read. HOWTO - ROB PICKERING Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. by Rob Pickering. 4 min read. blog. SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security (TLS) (you. by Rob Pickering TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. PRIVACY - ROBPICKERING.COM ** RobPickering.com is committed to protecting the privacy and accuracy of confidential information to the extent possible, subject to provisions of state and federal law. Other than as required by laws that guarantee public access to certain types of information, or PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
HOW TO ROOT THE GOOGLE NEXUS 7 ON OS X I got a Nexus 7 last year and have been playing with it on and off since then. Recently I upgraded to JellyBean 4.2.2 and it toasted my Root. I went searching for the Root instructions again and found that things had changed since I had last done HOWTO - ROB PICKERING Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. by Rob Pickering. 4 min read. blog. TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
B&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
HOWTO - ROB PICKERING Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. by Rob Pickering. 4 min read. blog. TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
B&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access toABOUT ME
Leader, Mentor, Challenger, Educator, Network Engineer, System Administrator, Developer, Hacker, Writer, Diver, and Technology Explorer. ServiceNow Currently, I'm the Sr. Director - Now on Now Program. ServiceNow's Program where we document and tell the stories of how we're successful running a $100B company on our own technology.Prior to my
BELIEVING - ROB PICKERING This weekend, Disney released a new movie for download. That by itself isn't remarkable. What's remarkable is that this is a move that was just released to the theaters two weeks prior. That movie is from Pixar studios and is called Onward. I'm writing this as my son and I HOWTO - ROB PICKERING Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. by Rob Pickering. 4 min read. blog. REVIEWS - ROB PICKERING 4 min read. backup. April Fools! Your blog backup is incomplete. My first VaultPress backup was completed at 7:03pm, Fri, February 25. I felt safe. I had been playing with various WordPress backup solutions, including AWB, BackupBuddy (I purchased it), but wasn’t. by robpickering. 5 min read. SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security (TLS) (you. by Rob Pickering PRIVACY - ROBPICKERING.COM ** RobPickering.com is committed to protecting the privacy and accuracy of confidential information to the extent possible, subject to provisions of state and federal law. Other than as required by laws that guarantee public access to certain types of information, orBEWARE THE POGOPLUG
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
UBIQUITI - CONFIGURE MICRO-SEGMENTATION FOR IOT DEVICESSEE MORE ONROBPICKERING.COM
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
UBIQUITI - CONFIGURE MICRO-SEGMENTATION FOR IOT DEVICESSEE MORE ONROBPICKERING.COM
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to OTHER PEOPLE WRITING ABOUT ME Leader, Mentor, Challenger, Educator, Network Engineer, System Administrator, Developer, Hacker, Writer, Diver, and Technology Explorer. ServiceNow Currently, I'm the Sr. Director - Now on Now Program. ServiceNow's Program where we document and tell the stories of how we're successful running a $100B company on our own technology.Prior to my
HOWTO - ROB PICKERING Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. by Rob Pickering. 4 min read. blog. BELIEVING - ROB PICKERING This weekend, Disney released a new movie for download. That by itself isn't remarkable. What's remarkable is that this is a move that was just released to the theaters two weeks prior. That movie is from Pixar studios and is called Onward. I'm writing this as my son and I SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security (TLS) (you. by Rob PickeringBEWARE THE POGOPLUG
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. PRIVACY - ROBPICKERING.COM ** RobPickering.com is committed to protecting the privacy and accuracy of confidential information to the extent possible, subject to provisions of state and federal law. Other than as required by laws that guarantee public access to certain types of information, orB&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
UBIQUITI - CONFIGURE MICRO-SEGMENTATION FOR IOT DEVICESSEE MORE ONROBPICKERING.COM
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
UBIQUITI - CONFIGURE MICRO-SEGMENTATION FOR IOT DEVICESSEE MORE ONROBPICKERING.COM
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to OTHER PEOPLE WRITING ABOUT ME Leader, Mentor, Challenger, Educator, Network Engineer, System Administrator, Developer, Hacker, Writer, Diver, and Technology Explorer. ServiceNow Currently, I'm the Sr. Director - Now on Now Program. ServiceNow's Program where we document and tell the stories of how we're successful running a $100B company on our own technology.Prior to my
HOWTO - ROB PICKERING Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. by Rob Pickering. 4 min read. blog. BELIEVING - ROB PICKERING This weekend, Disney released a new movie for download. That by itself isn't remarkable. What's remarkable is that this is a move that was just released to the theaters two weeks prior. That movie is from Pixar studios and is called Onward. I'm writing this as my son and I SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security (TLS) (you. by Rob PickeringBEWARE THE POGOPLUG
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. PRIVACY - ROBPICKERING.COM ** RobPickering.com is committed to protecting the privacy and accuracy of confidential information to the extent possible, subject to provisions of state and federal law. Other than as required by laws that guarantee public access to certain types of information, orB&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security(TLS)
PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
B&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security(TLS)
PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
B&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read. OTHER PEOPLE WRITING ABOUT ME Leader, Mentor, Challenger, Educator, Network Engineer, System Administrator, Developer, Hacker, Writer, Diver, and Technology Explorer. ServiceNow Currently, I'm the Sr. Director - Now on Now Program. ServiceNow's Program where we document and tell the stories of how we're successful running a $100B company on our own technology.Prior to my
WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to HOWTO - ROB PICKERING Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. by Rob Pickering. 4 min read. blog. REVIEWS - ROB PICKERING 4 min read. backup. April Fools! Your blog backup is incomplete. My first VaultPress backup was completed at 7:03pm, Fri, February 25. I felt safe. I had been playing with various WordPress backup solutions, including AWB, BackupBuddy (I purchased it), but wasn’t. by robpickering. 5 min read. BELIEVING - ROB PICKERING This weekend, Disney released a new movie for download. That by itself isn't remarkable. What's remarkable is that this is a move that was just released to the theaters two weeks prior. That movie is from Pixar studios and is called Onward. I'm writing this as my son and I SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security (TLS) (you. by Rob Pickering TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. UBIQUITI - CONFIGURE MICRO-SEGMENTATION FOR IOT DEVICES Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of PRIVACY - ROBPICKERING.COM ** RobPickering.com is committed to protecting the privacy and accuracy of confidential information to the extent possible, subject to provisions of state and federal law. Other than as required by laws that guarantee public access to certain types of information, orROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
UBIQUITI - CONFIGURE MICRO-SEGMENTATION FOR IOT DEVICESSEE MORE ONROBPICKERING.COM
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read.WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
UBIQUITI - CONFIGURE MICRO-SEGMENTATION FOR IOT DEVICESSEE MORE ONROBPICKERING.COM
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to OTHER PEOPLE WRITING ABOUT ME Leader, Mentor, Challenger, Educator, Network Engineer, System Administrator, Developer, Hacker, Writer, Diver, and Technology Explorer. ServiceNow Currently, I'm the Sr. Director - Now on Now Program. ServiceNow's Program where we document and tell the stories of how we're successful running a $100B company on our own technology.Prior to my
HOWTO - ROB PICKERING Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. by Rob Pickering. 4 min read. blog. BELIEVING - ROB PICKERING This weekend, Disney released a new movie for download. That by itself isn't remarkable. What's remarkable is that this is a move that was just released to the theaters two weeks prior. That movie is from Pixar studios and is called Onward. I'm writing this as my son and I REVIEWS - ROB PICKERING 4 min read. backup. April Fools! Your blog backup is incomplete. My first VaultPress backup was completed at 7:03pm, Fri, February 25. I felt safe. I had been playing with various WordPress backup solutions, including AWB, BackupBuddy (I purchased it), but wasn’t. by robpickering. 5 min read. SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security (TLS) (you. by Rob PickeringBEWARE THE POGOPLUG
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. PRIVACY - ROBPICKERING.COM ** RobPickering.com is committed to protecting the privacy and accuracy of confidential information to the extent possible, subject to provisions of state and federal law. Other than as required by laws that guarantee public access to certain types of information, or PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEING Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security(TLS)
PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop.B&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEINGSERVICENOW DEVELOPER INSTANCESERVICENOW DEV INSTANCEPERSONAL DEVELOPER INSTANCE SERVICENOWSERVICENOW INSTANCE NAMESERVICENOW INSTANCE URL Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
TRIPLE BOOT MACBOOK PRO (MACOS, WINDOWS 10, LINUX) The first step is to shrink the Windows partition to make some space for Linux: Boot into Windows 10. Right-click on the Start Menu and select Disk Management. Select the BOOTCAMP partition, right-click and select Shrink Volume. Enter the size, in megabytes, by which to shrink the volume. I shrunk mine by 64GB, so I entered 65,536. HOW TO USE AN APPLE TV WITH HOTEL WIFI (CAPTIVE PORTAL) Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security(TLS)
PXE BOOT YOUR PARALLELS VM The Problem If you’re in a corporate environment you probably have Windows OS servers. Those servers probably use a protocol to boot machines without an OS called PXE (Preboot Execution Environment). Here at the office, this is how we load the Windows OS on all of ourdesktops / laptops.
TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop.B&N NOOK COLOR
This article is about the NOOK Color and how to convert it from a stock device, make modifications to enable additional features, and finally convert it into a full-blown Android tablet (running either Android 2.3 (Gingerbread) or Android 3.0 (Honeycomb)). The other day Iwas lamenting to my
CONFIGURING SYNOLOGY FOR FORWARD AND REVERSE INTERNAL DNSSEE MORE ONROBPICKERING.COM
WORKING AROUND INCOMPLETE UBIQUITI UNIFI SECURITY GATEWAYSEE MORE ONROBPICKERING.COM
RECOVER A LOST ADMIN ACCOUNT ON MACOS WITH FILEVAULT 2 ENABLED Reboot your Mac and go through the Setup Wizard. Create a new Admin account, making sure you use a DIFFERENT username than your Standard user account (e.g. "Super User") After logging in to your Mac as the new Admin user, run System Preferences. Select your Standard user account and check the box labeled "Allow user to administer thiscomputer
PREVENT YOUR SERVICENOW DEVELOPER INSTANCE FROM BEINGSERVICENOW DEVELOPER INSTANCESERVICENOW DEV INSTANCEPERSONAL DEVELOPER INSTANCE SERVICENOWSERVICENOW INSTANCE NAMESERVICENOW INSTANCE URL Prevent your ServiceNow Developer Instance from being reclaimed. robpickering. ·. 17 December 2015. ·. cloudcomputing. I’m a big ServiceNow fan. I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance. Just go to that link, register, and then ask for yourDeveloper Instance.
ROB PICKERING
Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physical. Rob Pickering. 12 min read. OTHER PEOPLE WRITING ABOUT ME Leader, Mentor, Challenger, Educator, Network Engineer, System Administrator, Developer, Hacker, Writer, Diver, and Technology Explorer. ServiceNow Currently, I'm the Sr. Director - Now on Now Program. ServiceNow's Program where we document and tell the stories of how we're successful running a $100B company on our own technology.Prior to my
WHAT I'VE READ
I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. This post will act as a permanent archive of the books I read, broken down by year (and sometimes month). A capacity, and taste, for reading gives access to HOWTO - ROB PICKERING Recently my family and I went on vacation and stayed in a condo that had "Complimentary WiFi". We had packed our AppleTV because my son knows how to access all of his purchased movies (way too many) and it has my wife and I's current programming for the evenings. by Rob Pickering. 4 min read. blog. REVIEWS - ROB PICKERING 4 min read. backup. April Fools! Your blog backup is incomplete. My first VaultPress backup was completed at 7:03pm, Fri, February 25. I felt safe. I had been playing with various WordPress backup solutions, including AWB, BackupBuddy (I purchased it), but wasn’t. by robpickering. 5 min read. BELIEVING - ROB PICKERING This weekend, Disney released a new movie for download. That by itself isn't remarkable. What's remarkable is that this is a move that was just released to the theaters two weeks prior. That movie is from Pixar studios and is called Onward. I'm writing this as my son and I SYSADMIN - ROB PICKERING Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP. One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security (TLS) (you. by Rob Pickering TRACK SPAMMERS USING GMAIL To begin using this feature just follow these three steps, yep, just three: Come up with a unique identifier for the vendor (e.g. flowers) Add the unique identifier, preceded by a “+” to your existing GMail address (e.g. myid+flowers@gmail.com) Give the address, myid+flowers@gmail.com, to your online flower shop. PRIVACY - ROBPICKERING.COM ** RobPickering.com is committed to protecting the privacy and accuracy of confidential information to the extent possible, subject to provisions of state and federal law. Other than as required by laws that guarantee public access to certain types of information, or UBIQUITI - CONFIGURE MICRO-SEGMENTATION FOR IOT DEVICES Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet ofRob Pickering
I write about things that interest me: Digital Transformation, Networking, Security, Home Automation, Macintosh Hardware/Software,and Programming.
* Home
* Reviews
* How tos
* Reading
* About
* Contact
* PGP
Use the up and down arrows to select a result. Press enter to go to the selected search result. Touch device users can use touch and swipegestures.
Rob Pickering
* Home
* Reviews
* How tos
* Reading
* About
* Contact
* PGP
Ubiquiti - Configure micro-segmentation for IoT devicesRob Pickering
03 December 2016
Security
INTERNET OF THINGS (IOT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. > The Internet of things (stylised Internet of Things or IoT) is the > internetworking of physical devices, vehicles (also referred to as > "connected devices" and "smart devices"), buildings and other > items—embedded with electronics, software, sensors, actuators, and > network connectivity that enable these objects to collect and > exchange data. The IoT allows objects to be sensed and/or > controlled remotely across existing network infrastructure, creating > opportunities for more direct integration of the physical world into > computer-based systems, and resulting in improved efficiency, > accuracy and economic benefit. -- Wikipedia>
In my household I've defined IoT to encompass the following types ofdevices:
* Any device with an IP address, not running a macOS, iOS, Android, Windows, or Linux operating system, that * Does not require direct access to internal storage devices, and * Does not store personal data Examples of IoT devices in my home include: * Philips Hue Lightbulbs and associated Bridge * SmartThings Bridge * Netgear Arlo Bridge* Sonos Speakers
* Harmony Remote Hub* Kindles
* Amazon Echos
* Ring Doorbells and Chimes * Chromecast (mine doesn't access any internal resources)* IP Video Cameras
* Any other types of WiFi connected sensors (Smoke detectors, Temperature, Humidity, etc.) * Anything related to a SMART HOME (lights, light switches, power,etc.)
MICRO-SEGMENTATION
What is micro-segmentation? This is a relatively new concept in security and is what I believe will be required in order to combat the threats we now face on the Internet and in our Enterprises. Traditionally, if you were in Enterprise IT Security, you built a perimeter. The most common component of that perimeter was a Firewall. Things outside of the firewall were "bad", things inside the firewall were "good". The firewall protected us from the bad things by blocking them from coming into our network. You placed a firewall on your inbound Internet connection to keep yourself secure from everything running "out there". Next, you had to connect to a vendor, partner, or customer, so you extended your firewall to protect yourself from them as well. As your bandwidth to the Internet continued to increase, you eventually diversified and brought a connection into another site, which necessitated having another firewall, and a perimeter was born. It looks something like this: The problem with Perimeter-style security is that you've made a fundamental assumption that things on the inside are "good" and things on the outside are "bad". This means that if something DOES get through the perimeter that all of a sudden it will be trusted to move around the inside network. That's a really bad assumption. The perimeter defense also has another major flaw, you have to open it, a lot. Every time there is a service that needs to flow into or out of your network, you have to add firewall rules to allow it, this is also known as "opening ports". Since the firewall is your primary perimeter defense, that means you're "poking holes" in that defense (we actually use that phrase in IT, "poke a hole in the firewall"). Pretty soon your nice perimeter defense looks like this: The more you poke holes in the firewall, the worse the perimeter defense looks. Every green arrow is an allowed connection into a network host, but then that host can connect to everything elseinside.
Micro-segementation is an architecture that distributes the "perimeter" to only encapsulate, and protect, specific items (applications, services, servers, departments, etc.). Building this type of architecture will allow you to better protect each individual asset because you're only going to "poke holes" for the specific services required to run that asset. > I saw a great presentation on this from Edward Amoroso > (@hashtag_cyber ), which you can > also read in this article: Remove the balloon from the dartboard> .
I believe that the larger threat globally is that our personal networks are not being adequately protected and yet they are growing at a MUCH faster pace than Enterprise networks, with far less ability to secure them. We are all buying "Smart Things" at Home Depot and Lowe's and then bringing them home and plugging them into our personal networks. The same networks into which we plug our work laptops. For not a lot more money than a traditional, high-end, wireless network, you can instead build an architecture that protects yourself, but more importantly the World, from your Internet of Things. DESIRED ARCHITECTURE To be honest, we aren't really going to be performing micro-segmentation. If we were going to do that, we'd have to take each of our IoT "hubs" (SmartThings, Philips Hue, Sonos, etc.) and segment each off to its own subnet (own network) with its own firewall rules. Micro-segmentation would be a great idea and would enhance the security of your network, but there are limitations to most prosumer (we're talking a level above standard consumer networks you buy at Best Buy or Staples, but a notch lower than most Enterprises) networking equipment that doesn't make it practical. Instead, we're going to segment our IoT devices into their own subnet, and SSID, to keep them segregated from our internal network. The network equipment I decided to use was Ubiquiti Wireless . I was first introduced to this equipment through a Security Researcher named Troy Hunt in his blog article titled Ubiquiti all the Things.
I purchased a similar set of equipment, but fewer Access Points (APs) as I had a smaller home to cover. My equipment list was the following: * Ubiquiti USG UniFi Security Gateway (notthe Pro Model)
* Ubiquiti UC-CK Unifi Controller Cloud Key(optional)
* 2 x Ubiquiti Unifi US-16-150W PoENetwork Switch
* 1 x Ubiquiti Unifi UAP-AC-PRO-US 802.11ac Dual-Radio PRO Access Point The total cost for all of this equipment was $1,041.28 US. That's a lot of money for a network, but you could skip the Cloud Key (more later) and you probably won't need two switches (I did). I replaced the following equipment: * Cisco SG 300-28 (28-port Switch) - $492.89 * Cisco SG 300-10 (10-port Switch) - $207.98 * Asus RT-AC3200 Tri-Band Wireless Gigabit Router - $187.88 * Custom-built pfSense Firewall - $374.99 So, at $1,263.74 for my previous setup, this is actually cheaper and I'll be selling all of the old components, other than the pfSense firewall, so I'll make quite a bit back. Once everything was connected, the physical topology looked like this: We'll be doing the segmentation with a combination of different SSIDsmapped to
different VLANs being routed on different Subnets . The beautiful thing about the Ubiquiti equipment is that the Ubiquiti Access Point (UAP) supports up to 4 different SSIDs, the switching equipment supports multiple VLANS, and the USG can route multiple IP subnets and provide DHCP service to each of them. INITIAL CONFIGURATION First, let me address the use of the Cloud Key. All of the equipment I'm discussing here is in Ubiquiti's UniFi line of networking equipment. All of these components are meant to be configured from a central management interface. You can still configure the equipment via console cables, or by SSHing into the system and using the Command Line Interface (CLI), but that's not the intent. The Cloud Key is an all-in-one device that provides the management interface for all of your Ubiquiti UniFi equipment. It is powered via Power-over-Ethernet (PoE) from the US-16 switch and makes the entire system turn-key. However, you can also run the Ubiquiti UniFi Controller for Macintosh, Windows, or Linux (you can even run it in The Cloud).
This is a free download from Ubiquiti, but also means that you need to be able to have it running somewhere whenever you want to make configuration changes. I opted to have a dedicated piece of hardware handling these functions as part of the overall configuration. The initial setup of the Ubiquiti equipment was straightforward, with the exception of the USG. The two US-16s were drop-in replacements for the Cisco switches and didn't require any initial configuration to start working. I then plugged the Cloud Key and the UAP into the first US-16 switch and they too just powered up via PoE from the switch. When the Cloud Key came online, I connected to it at https://unifi.ubnt.com/ which takes you to your Ubiquiti account and has a scanner that finds the Cloud Key on your local LAN. Once connected to your Cloud Key you set up an Administrator username and password and then "Adopt" each of your network components to be configured using the Cloud Key. This is where I ran into issues withthe USG...
My internal network runs on an RFC-1918 subnet that is NOT 192.168.1.0/24. The DHCP service is being provided by my pfSense firewall and for the purposes of this upgrade I wanted to keep the pfSense firewall online during the migration, to minimize downtime. Unfortunately, the USG comes pre-configured to hand out 192.168.1.0/24 on the inside interface. In order to "Adopt" the USG into the Cloud Key, the Cloud Key MUST be able to talk to it on the same subnet. That means the Cloud Key MUST be on the 192.168.1.0/24 network, which was a real hassle in my configuration. I eventually had to bite the bullet and take the pfSense firewall offline, put the USG in, let everything pull 192.168.1.0/24 addresses, and then "Adopt" the USG into the configuration, before I could re-configure the USG to hand out the internal network I wanted to use...it burned several hours of my time, so hopefully you'll learn from reading this that you MUST put the USG into the network and just let it be the DHCP server and hand out the network it was configured to use, it'll add some time, but fighting itmakes it worse.
MICRO-SEGMENTATION CONFIGURATION The first step is to set up the VLANs you're going to be using for the various networks within your LAN. This is done through the UniFi Controller (Cloud Key) interface, found here: For the purposes of this discussion you should only need to create one additional network (for your IoT devices). * Go to SETTINGS > NETWORKS and click CREATE NEW NETWORK * Configure a VLAN NAME, set it as a CORPORATE network (this means it will have a separate subnet) * Input the IP/SUBNET with the gateway address you wish the USG to use for itself (this will be the default router for your clients) * After entering the CIDR (the /24) at the end of the gateway address, an UPDATE DHCP RANGE button will show up, click this to automatically enable the DHCP Server and configure a DHCP range(adjust to suit)
* Enter a VLAN number (between 2-4095) for the IoT network * Click SAVE when you're done with the configuration. You now have a VLAN in which your IoT devices can live. Next we need to create a new SSID and assign it to our new VLAN: * Under SETTINGS > WIRELESS NETWORKS, click CREATE NEW WIRELESSNETWORK
* Configure a SSID network name, WPA PERSONAL security, and aSECURITY KEY
* Under ADVANCED OPTIONS, check USE VLAN and enter your VLAN number * You will now have an end-to-end solution for your IoT devices. Connect them to your new SSID, where they'll be mapped to your new VLAN, and routed directly to your USG and passed to the Internet You now have your IoT devices on a separate network from your default LAN (which was the original network that the USG built for you, and to which you probably configured your initial SSID). Now when you add an IoT device to your network, configure it with your IoT SSID to provide segmentation. Additionally, you should also take any physically wired devices (SmartThings Hub, Hue Bridge, Sonos Bridge) and configure the ports in the switch to only speak on your IoT VLAN. Perform the configuration for the Switch Port: * Under SETTINGS > CLIENTS, select the appropriate switch * Under the switch configuration, click PORTS, then click the little PENCIL ICON next to the port you wish to configure * Change the VLAN assignment under NETWORKS/VLANS to be the appropriate VLAN for your IoT devices * Don't forget to APPLY the changes, which will then provision those changes from your UniFi Controller to your switch The network configuration is now complete. You should be able to have both wired and wireless clients join the IoT network and they should work normally. However, there is an additional security step you should take to complete the micro-segmentation of the IoT network.FIREWALL THE THINGS
The USG will automatically route all networks of type CORPORATE between each other (in fact, it creates uneditable/undeletable firewall rules to enable this behavior). You could have made your IoT network of type GUEST which would allow you to automatically restrict its access to your Corporate networks, but in my case I set up my Guest network to have a Captive Portal. On the USG, all Guest networks have to be treated the same, so if one has a Captive Portal they all will and my IoT devices cannot authenticate via the web page, so they would be denied access. If, like me, you want to have a real Guest network, then you're going to have to firewall the IoT network from your Private network. To make long-term management of your Firewall easier, we're first going to define groups for the following subnets on your network: * PRIVATE (the primary, internal network for your computers) * PUBLIC (the network that exists outside of your firewall, between you and your ISP, though you may not have one) * IOT (the network you built for your IoT devices) Groups are configured at your UniFi Controller: * Access SETTINGS > ROUTING & FIREWALL > FIREWALL tab * Select the GROUPS tab * Click CREATE GROUP * Give the Group a NAME, set TYPE to ADDRESS, and define the ADDRESS as the Subnet for that network Once you have created at least two groups, PRIVATE and IOT, you can configure a Firewall rule to secure them from each other.FIREWALL STATES
Before I jump into the configuration it will be important to understand something about firewall connection states. The two most common states you encounter when working with firewallrules are:
* NEW - A brand new connection being opened to/from a remote site * ESTABLISHED - An existing connection that has already been allowed through the firewall and subsequent traffic on that same connection isbeing allowed
FIREWALL RULE CONFIGURATION At the Firewall we want to deny traffic from the Internet that is attempting to make a new connection into our network (UNSOLICITED), but we want to allow traffic from the Internet that is in Response to a connection that was Requested from inside the network (ESTABLISHED). You want to block bad guys from coming in, but you also want to see the web page from Amazon that you asked your web browser to open up when you typed in https://www.amazon.com/. To block NEW connections coming from your IOT network into your PRIVATE network, configure a Firewall rule: * Access SETTINGS > ROUTING & FIREWALL > FIREWALL tab * Select the RULES tab * Click CREATE NEW RULE * Enter a NAME for the rule (e.g. DenyNewTrafficFromIoTtoPrivate) * Select BEFORE PREDEFINED RULES (or else it won't work) * Select DROP as the ACTION (this is a Deny rule) * Select ALL for the PROTOCOL (all traffic will be denied) * ENABLE LOGGING if you wish * Check NEW for the STATES of the connections you will block * Select ADDRESS/PORT GROUP for both the SOURCE TYPE and DESTINATIONTYPE
* Select your IOT group for the ADDRESS/PORT GROUP under SOURCE * Select your PRIVATE group for the ADDRESS/PORT GROUP underDESTINATION
Once you click SAVE it will take approximately 60 seconds for the rule to be applied in your Firewall. If you only selected NEW under STATES then you should be able to still reach things in the IOT network from your PRIVATE network (e.g. ping them), but the reverse will not betrue.
You can test your connectivity by placing an iPad or iPhone on the IOT network, then from the iOS device ping something on the PRIVATE network, it should be blocked, but when you ping the iOS device itself from the PRIVATE network, you should get a response. If you desire complete segregation of the two networks, edit your Firewall Rule and check the other three states (ESTABLISHED, INVALID, RELATED) and save it. You will no longer be able to access systems across internal networks in either direction. > When testing you will ALWAYS be able to ping the default gateway > (USG), even from the _wrong_ network, since it is using > sub-interfaces and you're really just pinging the same interface, so > be sure to test actual hosts inside your various networks. You now have a MUCH more secure network than when you started and you've successfully segmented your IoT devices from the rest of yournetwork.
-------------------------Published in
Security
Networking
Share Twitter icon
Facebook icon
Editor's Pick
Security
Ubiquiti - Configure micro-segmentation for IoT devices Internet of Things (IoT) The Internet of Things is a label that the computer industry, the media, and manufacturers have created to describe small devices that live on a network and provide a specific feature. The Internet of things (stylised Internet of Things or IoT) is the internetworking of physicalRob Pickering
12 min read
Apple/Mac
macOS Hints and Tips There are many ways to customize your macOS environment to suit your personal tastes. However, not every preference you want to change can be modified using System Preferences or Application Preferences. Often, settings are deemed too obscure for everyday users and relegated to complex keystrokes or hidden system settings. Thisrobpickering
3 min read Authors
Rob Pickering
Leader, Mentor, Challenger, Educator, Network Engineer, System Administrator, Developer, Hacker, Writer, Diver, and TechnologyExplorer
Twitter icon Twitter RSS icon RSSSan Jose, CA
More posts by Rob Pickering.Comments
Weekly Update 1
It's my first Weekly Update since my re-launch and I had quite a bit of activity this week. On the blog: It's a new Blog! (discussion of moving to a new platform, and the inspiration that got me there) Getting a drone for Christmas? Don't wreck it, learn to fly 2016 - What I've Read I recently saw an article on another blog where the author documents all of the books that he read during the course of the year. I like to think I read a lot and it's always a mix of professional, self-improvement, knowledge expansion, productivity, and entertainment. I liked the idea 2021 Rob Pickering · All Right Reserved · Published with Ghost Twitter icon RSS icon* Home
* Reviews
* How tos
* Reading
* About
* Contact
* PGP
Thanks for SubscribingDetails
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0