Sometimes, you see something and think “I can do that better.” And sometimes, you actually act on it.

That’s how MailShield started.

The itch

E-mail security is a mess of protocols bolted onto technology from 1971. DMARC was supposed to help. It lets domain owners define policies for unauthenticated e-mail and sends aggregate reports back so you can see what’s happening. Great in theory. In practice, those reports are XML files that look like this:

With 12 testers and 14 days of patience! That’s how!

For eSIM op reis, which I talked about in the last blog post, I developed 2 apps: first for iOS, then for Android.

So, by now, I would say I have a pretty good understanding of what it takes to release an app on both platforms nowadays.

The Apple experience is like this: You pay €100 (or thereabouts), and you get access to App Store Connect. You submit an app by uploading it (through Xcode typically). Then your app gets reviewed by a human being. If they need extra info, they provide clear communication, and you can sort it out. You can even communicate with the reviewer via an e-mail-like system. Then, when approved, the app is on the App Store.

Earlier this year I was planning a trip to the 🇺🇸 US. Despite the current political situation there, I had a great time and met some wonderful people. I did not have a single negative experience.

During trip planning, I started looking for an eSIM. An electronic SIM card for mobile data while I am in the US. There are many options. But I noticed something: not a single one of my options was 🦁 Dutch.

Recently I came across a benchmark paper called Vending-Bench, which simulates a vending machine business to test how well LLM-based agents can handle long-term tasks. The setup is simple on paper: order stock, manage inventory, set prices, collect money. But runs can span 20 million tokens, making it a great stress test for long-term coherence.

The researchers ran a bunch of popular models (Claude, GPT-4o, Gemini, etc) through the simulation. The results? Some impressive profits, yes — but also some glorious, completely unhinged meltdowns. Here’s a look at what happens when your helpful AI agent loses the plot entirely.

Happy New Year!

Recently, I learned about a thing called ‘Catalog Zones’. A relatively new thing in DNS that helps simplify your DNS architecture. A Catalog Zones contains one or more ‘real’ zones. And it can be useful for configuring slave / secondary DNS servers.

(I would rather not get into the naming thing; I just want people to understand what I am writing.)

Before catalog zones, you had to provision each new zone to your slave DNS servers. Updates are no problem, most of the time. Just issue a NOTIFY and your slaves will AXFR the zone from the master. But configuring new zones onto slaves used to be a pain (unless you were using the superslave feature).

TL;DR (lawyers hired by) Odido is threatening to sue me over a joke.

Introduction and background

At the beginning of 2024, I launched a new website: heeftodidoalipv6.nl (translated: ‘does odido have ipv6 already?’).

The website would display a big fat ‘Nee, Helaas! (No, unfortunatley!)’ together with links to competitor ISPs in the Netherlands for every word in their slogan ‘Het kan ook zo’.

This website was meant as a joke and a message to Odido. It’s time to deploy IPv6. And Odido is not only very, very late; they also haven’t communicated about their roadmap in the slightest. Everyone benefits when the world switches to IPv6, so why is it so hard? Everyone has had enough time.

The internet, it’s a series of tubes! Right? It’s a bunch of magic that you pay a company you don’t respect very much to handle.

Most of you know that what we call ’the internet’ is just a ‘bunch’ of networks connected to eachother. Your ISP has a connection with Google, and that’s how you can search and watch YouTube. It also has a connection to Amazon, Apple, and.. even the network that this website is hosted on.

(or almost any other app)

In a recent tweet I showed the output of a script that I run every week to automatically activate offers that the Dutch supermarket Albert Hein puts in their app every week. You are supposed to open up to app, go to ‘bonus box’ and activate the offers you want. Normally, you can activate 5 / 10 discounts. But the thing is, if you have ‘Albert Heijn Premium’ (12,99 / year) you can activate 10 discounts. Sometimes there are more then 10, but we’ll ignore that for now.

Teams is getting more and more popular everyday. Microsoft includes it for free with their Office Suite and since a lot of organizations are heavily invested into using Microsoft products, people just start using it.

Unfortunatley, this is contributing to the centralization of the internet.

This post isn’t about that though.

This post is a written version of a video I made on making Asterisk a Teams Direct Routing SBC. You can check the video out by following this link.

This blogpost goes together with a video I made. You can check the video out by following this link

Before anything else, let’s first talk about the legality of doing this. I haven’t looked into it that much, but I know it isn’t permitted to broadcast on DAB+ frequensies if you don’t have a license or permit. However, the transmit power of the HackRF is so low, that the signal doesn’t even leave the room. I’ve also specificly looked for a DAB+ channel that isn’t being used in my area by checking out these helpful websites. Keep in mind that you’re responsible for your own actions.

Don’t ask me how I got this list … 😶

If you have any tips for what list should include, please use the contact page to get in touch with me.

Software and tools

The Cyber Swiss Army Knife

• Cyberchef - A must-have web application developed by the British GCHQ for encryption, encryption, compression and data analysis applications.

Hex editors

• XXD - Linux tool for making hexdumps
• HexEdit - CLI hex editor for Linux
• Bless - GUI hex editor for Linux
• HxD - GUI hex editor for Windows
• Hex Fiend - GUI hex editor for MacOS

PE analysis

• PE Studio - Tool for initial malware triage
• CFF Explorer - Parser and editor for Windows PE binaries

Disassemblers

• IDA - nteractive Disassembler for various executable file formats and architectures
• Ghidra - Reverse engineering tool developed by the US National Security Agency (NSA)

Dynamic Analysis

• x64 Debugger - Windows Tool for debugging binaries
• Fakenet - Tool for simulating generic internet services in a lab environment developed by FireEye
• iNetSIM - Tool for simulating generic internet services in a lab environment

Networkanalysis

• WireShark - Tool for analyzing network protocols
• Networkminer - Passive sniffer and packet capturing tool. Also suitable for exploring network traffic
• Moloch - Tool for capturing, indexing and searching network traffic
• Brimsecurity - Desktop application for indexing and searching network traffic
• Snort - Open-source Intrusion Detection System (IDS), Intrusion Prevention System (IPS)
• Suricata - Open-source Intrusion Detection System (IDS), Intrusion Prevention System (IPS) and Network Security Monitor (NSM)
• Zeek - Open-source Network Security Monitor (NSM)

Data analysis and visualization

• Kibana - Tool for exploring and visualizing Elasticsearch data
• Elasticsearch - Open-source distributed search engine for various types of data

Operating Systems

• SIFT - Linux OS provided with various Digital Forensics and Incident Response tooling developed by SANS
• REMNUX - Linux OS provides various malware analysis tools
• Kali - Linux OS providing various Penetration Testing and Ethical Hacking tools
• FlareVM - Windows OS provides various malware analysis tools

Analyze mobile apps

• JD-GUI - Open-source Java Disassembler for rebuilding “.class” files
• APKTool - Tool for reverse engineering APK files
• Dex2Jar - Open-source tool to turn Android Dex files into Jar files.

Memory Forensics

• Volatility - Open-source memory forensics toolkit
• Rekall - Open-source memory forensics framework, includes additional functions for Forensics and Incident Response

Forensics

• The Sleuth Kit - A collection of CLI tools for forensics on disk images
• FTK Imager - A data preview and imaging tool that lets you quickly assess electronic evidence to determine if further analysis with a forensic tool

Virtualization

• VMWare Player - Virtualization software for Linux, Windows and MacOS
• VirtualBox - Virtualization software for Linux, Windows and MacOS

Password cracking

• THC-Hydra - Popular password brute-forcing tool that supports a large number of protocols
• John - Open Source password security auditing and password recovery tool
• Hashcat - Password cracking tool that supports a large number of hashes

Reading material

Reverse engineering information

• Automated Malware Analysis - An overview of free tools and web services suitable for automated malware analysis
• Malicious IP Blocklists - An overview of various malicious IP and URL blocklists
• Malware Analysis Tools - An overview of free frameworks for automated malware analysis
• Remnux Malware Analysis Tips - A cheat sheet of various tools available in the REMnux Linux distribution
• Analyzing Malicious Documents - A cheat sheet for analyzing malicious documents
• Malware Analysis Cheat Sheet - A cheat sheet for analyzing malicious software
• Didier Stevens Tools - An overview of various tools developed by security researcher Didier Stevens

Reverse engineering tutorials

• Flare-On Challenge 2018 - Solutions of the FireEye Flare-On Challenge 2018
• Flare-On Challenge 2019 -Solutions of the FireEye Flare-On Challenge 2019

Cheat sheets (general)

• SANS Digital Forensics Cheat Sheet - SANS overview of cheat sheets for various forensic tools and software
• The Ultimate List of SANS Cheat Sheets - SANS overview of cheat sheets in the field of IT Security, Digital Forensics and Incident Response

Some say it couldn’t be done, I’d like to prove you otherwise.

I recently did a project where the combination from the title would come in handy. A secure VPN server that uses an existing Windows Active Directory setup.

After everything is setup. You have an OpenVPN server that authenticates using Active Directory and requires a TOTP token, all running on OPNsense

Alright, let’s get to work! First, go to System > Access > Servers and click Add. Use the following info, replace data to fit your enviroment.

Everyone makes backups, right? Yeah, me neither. I mean, I do make backups, but not as regularly as I should.

Every Mac that was sold in the last 15 years (or thereabouts) comes with an excellent piece of software called Time Machine. It’s set and forget, You do need a place to backup to, though. I own a NAS that runs Debian 10 and it currently has about 💾 12TB worth of storage space and there is still a few TBs free. Perfect place for my 🔄 Time Machine backups, right?

Wow. Two posts in less then a week! I’m on a roll! Don’t get used to it though. I’ve only waited ountil the first day of the decade so nobody could say I didn’t post anything this decade. .

When someone talks about pagers, most people imagine old devices that were used before cell phones were a thing. They can be used to transmit numbers or short messages, mostly to tell someone to call a specific phone number.

The Eneco Toon is a thermostat by a Dutch power and gas company. It has a relatively large display for a thermostat and is also a touch screen. It let’s you view realtime information about your electricity and gas usage and can be controlled remotely if you subscibe to Eneco’s services… At least, that’s that Eneco want’s you to do.

I was looking for a thermostat that could be controlled remotely but I don’t need Eneco, Google or anyone else to know what the temperature in my living room is. Knowing I can root the Toon, I looked for one on Marktplaats and picked one up for a fair price. It’s the first version, so it’s a bit slow.

Snom phones ☎️ can do a lot of things. One of those things is displaying a ‘video’ 📹 feed from an intercom or a surveillance camera. With video I mean a lot of pictures 📷📷📷 after eachother. For that to work, the pictures need to be a certain size.

I own a Snom D785 and a Unifi UVC-G3 camera and obviously I wanted both to work together. Unfortunatly the Snom expects a certain size of pictures. The Unifi only spits out 1080p snaphots through the default snapshot url http://$IP/snap.jpeg. Does that mean it can’t be done?

I love a good puzzle. And I’m not talking about 🧩 jigsaw puzzles. The ones I’m talking about are 👨‍💻 digital. I’m a big fan of Valve’s Portal games for instance.

Today, I’ve prepared a puzzle for you! You’ll need some technical skills though.

One part of this puzzle is analog, but I’m sure you can figure it out 😉.

You start here:

L0VHN2hKa3hMenovIA==

🤠 Good luck! Let me know if (you think) you have reached the end. If you get stuck, you can always ask for a hint.

Recently, a colleague told me about the existance of SSHFP DNS records. A way to verify that you’re actually connecting to the host you’re expecting to connect to.

Here’s how you can set it up for yourself:

1: Run this command

➜  ~ ssh-keygen -r $hostname

2: ??? \ 3: Profit!

In all seriousness: you’re now going to see the records you need to add that are specific to the server you ran the command on. It looks something like this:

Here’s what I did about it.

Working at a VoIP provider comes with some great advantages. One of these is Mobile on PBX. This basically means I can route the calls from and to my mobile phone through my own PBX of choice. This works with a host at the provider we call a ‘mobreg’. This is the host that pretends to be a phone, and registers on my PBX.

But will it be my last? Probably (not). Let’s see how this goes.

I frequently find myself busy with random things that I sometimes wish to share. Of course I can’t think of anything while building this website, but I hope to be able to write something in the future, maybe.

I’ll go back to work now. Thanks for visting..