cammckenzie.com Report : Visit Site


  • Ranking Alexa Global: # 8,698,847

    Server:lighttpd/1.4.45...

    The main IP address: 54.39.73.125,Your server United States,Rahway ISP:Merck and Co. Inc.  TLD:com CountryCode:US

    The description :mutterings, inconsistant tips, rants and randomness docker and iptables firewall merger posted in operating systems , linux , red hat , network , firewall , tools , tips , centos , iptables on friday,...

    This report updates in 16-Aug-2018

Created Date:2010-03-03
Changed Date:2018-03-04

Technical data of the cammckenzie.com


Geo IP provides you such as latitude, longitude and ISP (Internet Service Provider) etc. informations. Our GeoIP service found where is host cammckenzie.com. Currently, hosted in United States and its service provider is Merck and Co. Inc. .

Latitude: 40.557357788086
Longitude: -74.285545349121
Country: United States (US)
City: Rahway
Region: New Jersey
ISP: Merck and Co. Inc.

HTTP Header Analysis


HTTP Header information is a part of HTTP protocol that a user's browser sends to called lighttpd/1.4.45 containing the details of what the browser wants and will accept back from the web server.

Content-Length:39051
Expires:Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie:fpsess_fp-b5562bc0=mhqu4kel1c8hlpun464e056n73; path=/
Strict-Transport-Security:max-age=63072000; includeSubdomains;
Server:lighttpd/1.4.45
Pragma:no-cache
Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date:Thu, 16 Aug 2018 13:26:29 GMT
Content-Type:text/html; charset=utf-8

DNS

soa:ns17.domaincontrol.com. dns.jomax.net. 2018062600 28800 7200 604800 3600
ns:ns18.domaincontrol.com.
ns17.domaincontrol.com.
ipv4:IP:54.39.73.125
ASN:16276
OWNER:OVH, FR
Country:CA

HtmlToText

mutterings, inconsistant tips, rants and randomness docker and iptables firewall merger posted in operating systems , linux , red hat , network , firewall , tools , tips , centos , iptables on friday, august 10, 2018 by cam the problem: modifying firewall rules on a host that runs docker or rancher (cattle) causes the docker-bridges and rancher nat rules to be blown away, causing all your containers networking to break. the solution: modify /etc/sysconfig/iptables as normal and instead of running iptables-restore /etc/sysconfig/iptables run as root: dockerfirewallmerge.py i’d appreciate some constructive feedback! https://github.com/c … /dockerfirewallmerge facebook twitter google+ create self-signed cert with long expiry date posted in tips on tuesday, august 7, 2018 by cam openssl req -x509 -nodes -days <# of days> -newkey rsa:<keysize> -keyout <key_name>.key -out <cert_name>.crt facebook twitter google+ squid https interception and filtering without client certificates posted in operating systems , linux , red hat , services , tips , centos , iptables , proxies on thursday, july 19, 2018 by cam i had a requirement to filter (all) web traffic on a few servers. this is typically easy with squid and using it’s transparent proxy function. where it gets difficult is filtering domains for https traffic. i don’t want to ssl intercept the traffic, i don’t want to install ca certificates on the clients, i only want to filter the urls based on a whitelist to which it can access. this is how it is done: yum install squid # i used squid 3.5.20 /usr/lib64/squid/ssl_crtd -c -s /var/lib/ssl_db chown -r squid.squid /var/lib/ssl_db mkdir /etc/squid/ssl_cert/ chown -r squid.squid /etc/squid/ssl_cert/ cd /etc/squid/ssl_cert openssl req -new -newkey rsa:1024 -days 1365 -nodes -x509 -keyout myca.pem -out myca.pem echo "www.google.com" > /etc/squid/whitelist chmod 640 /etc/squid/whitelist chown root:squid /etc/squid/whitelist /etc/squid/squid.conf: acl localnet src 10.0.0.0/8 # rfc1918 possible internal network acl localnet src 127.0.0.1/32 # rfc1918 possible internal network acl localnet src 172.16.0.0/12 # rfc1918 possible internal network acl localnet src 192.168.0.0/16 # rfc1918 possible internal network acl localnet src fc00::/7 # rfc 4193 local private network range acl localnet src fe80::/10 # rfc 4291 link-local (directly plugged) machines acl ssl_ports port 443 acl safe_ports port 80 # http acl safe_ports port 21 # ftp acl safe_ports port 443 # https acl safe_ports port 70 # gopher acl safe_ports port 210 # wais acl safe_ports port 1025-65535 # unregistered ports acl safe_ports port 280 # http-mgmt acl safe_ports port 488 # gss-http acl safe_ports port 591 # filemaker acl safe_ports port 777 # multiling http acl connect method connect http_access deny !safe_ports http_access deny connect !ssl_ports http_access allow localhost manager http_access deny manager acl step1 at_step sslbump1 acl whitelist_ssl ssl::server_name "/etc/squid/whitelist" acl whitelist dstdomain "/etc/squid/whitelist" acl port_80 port 80 acl http proto http ssl_bump peek step1 ssl_bump splice whitelist_ssl ssl_bump terminate all !whitelist_ssl http_access deny http port_80 localnet !whitelist http_access allow localnet http_access deny all https_port 3127 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4mb cert=/etc/squid/ssl_cert/myca.pem key=/etc/squid/ssl_cert/myca.pem http_port 3128 transparent coredump_dir /var/spool/squid refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 # test it with: iptables -m owner --uid-owner cm -t nat -a output -p tcp --dport 80 -j dnat --to 127.0.0.1:3128 iptables -m owner --uid-owner cm -t nat -a output -p tcp --dport 443 -j dnat --to 127.0.0.1:3127 # closing notes and thoughts around this section here: http_access deny http port_80 localnet !whitelist http_access allow localnet http_access deny all it looks a bit funny because we ‘allow localnet’ which typically allows our clients open access. however assessing: ssl_bump terminate all !whitelist_ssl http_access deny http port_80 localnet !whitelist rules first, you see that we filter out all sites other than the whitelist with an explicit ‘deny’ or ssl ‘terminate’. also trying to use a proxy-aware application with the above configuration will not work because the proxy is configured in transparent / intercept mode only. this is likely due to not having a normal http_port directive, this is good for me as it’s minimizing the abuse avenues. also for a final, final step, you need to configure your edge (or local) firewall to do destination nat’ing back to the two squid ports. facebook twitter google+ block network traffic based on uid / user and gid / group posted in operating systems , linux , services , tips on by cam i just found out that you can apply different iptables rules based on uid and gid. just check that your kernel / iptables supports the module: iptables -m owner --help which should output near the bottom like: owner match options: [!] --uid-owner userid[-userid] match local uid [!] --gid-owner groupid[-groupid] match local gid [!] --socket-exists match if socket exists then make a rule as required. eg. user ‘cm’ gets their web traffic transparently proxied via squid. iptables -m owner --uid-owner cm -t nat -a output -i eth0 -p tcp --dport 80 -j dnat --to 127.0.0.1:3128 pretty cool! facebook twitter google+ fast development of grok / logstash extractions and fields posted in operating systems , linux , tips on monday, july 16, 2018 by cam i had the fun times of trying to write grok rules in a particular way along with a complicated pipeline. i got tried of pushing the rules and restarting logstash, there had to be a better way! this is want i ended up doing on my development system: wget https://artifacts.elastic.co/downloads/logstash/logstash-6.3.1.rpm yum localinstall logstash-6.3.1.rpm create your pipeline in: /etc/logstash/conf.d/ create the following example files: /tmp/input.txt: 2018-07-16t01:53:28.716258+00:00 acme-host1 sshd[12522]: disconnected from 8.8.8.8 port 37972 000-file-in.conf: input { file { path => [ "/tmp/input.txt" ] start_position => beginning type => "test" add_field => { "sourcetype" => "test" } sincedb_path => "/dev/null" } } 25-filter.conf: filter { if [type] == "test" { grok { match => { "message" => "%{timestamp_iso8601} %{sysloghost:logsource} %{syslogprog}?: %{greedydata:message}" } overwrite => [ "message" ] add_tag => [ "p25vls" ] } date { locale => "en" match => [ "timestamp", "mmm dd hh:mm:ss", "mmm d hh:mm:ss" ] timezone => "utc" } } } 999-output.conf: output { stdout { codec => rubydebug } } run: /usr/share/logstash/bin/logstash -r -f /etc/logstash/conf.d/ give it a minute, because well java now in a second window, modify you pipeline (or file 25-filter.conf etc), save it. you should see logstash reprocess the data from ‘/tmp/input.txt’ happy iterational development :-) facebook twitter google+ next page » search categories operating systems unix linux fedora debian suse red hat centos windows security encryption network firewall iptables vpn tools services apache mysql ssh mail proxies exchange splunk tips hardware disks network archives 2018 august july february 2017 september august june may april january 2016 august july may january 2015 december september august july june may january 2014 december september july june may march february 2013 december november october june april march february january 2012 december november october september august july june last 10 entries docker and iptables firewall merger create self-signed cert with long expiry date squid https interception and filtering without client certificates block network traffic based on uid / user and gid / group fast development of grok / logstash extractions and fields the minimum firewall ports for

URL analysis for cammckenzie.com


https://www.cammckenzie.com/blog/index.php/2014/09/
https://www.facebook.com/sharer/sharer.php?u=https://www.cammckenzie.com/blog/index.php/2018/07/16/fast-development-of-grok-logstash-extractions-and-fields/&t=fast
development
of
grok
/
logstash
extractions
and
fields
https://www.facebook.com/sharer/sharer.php?u=https://www.cammckenzie.com/blog/index.php/2018/07/19/squid-https-interception-and-filtering-without-client-certificates/&t=squid
https
interception
and
filtering
without
client
certificates
https://www.cammckenzie.com/blog/index.php/category/firewall/
https://www.cammckenzie.com/blog/index.php/2017/06/
https://www.cammckenzie.com/blog/index.php/category/vpn/
https://www.cammckenzie.com/blog/index.php/2013/04/
https://www.cammckenzie.com/blog/index.php/2016/08/
https://www.cammckenzie.com/blog/index.php/category/apache/
https://www.cammckenzie.com/blog/index.php/2015/12/
https://www.cammckenzie.com/blog/index.php/2018/02/
https://www.cammckenzie.com/blog/index.php/2017/08/09/enable-chrome-show-ssl-certificate-button/
https://www.cammckenzie.com/blog/index.php/category/debian/
https://www.cammckenzie.com/blog/index.php/2012/10/
https://www.cammckenzie.com/blog/index.php/category/mysql/

Whois Information


Whois is a protocol that is access to registering information. You can reach when the website was registered, when it will be expire, what is contact details of the site with the following informations. In a nutshell, it includes these informations;

Domain Name: CAMMCKENZIE.COM
Registry Domain ID: 1587414404_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2018-03-04T10:14:32Z
Creation Date: 2010-03-03T21:03:52Z
Registry Expiry Date: 2019-03-03T21:03:52Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: 480-624-2505
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Server: NS17.DOMAINCONTROL.COM
Name Server: NS18.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2018-08-24T14:46:35Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.

  REGISTRAR GoDaddy.com, LLC

SERVERS

  SERVER com.whois-servers.net

  ARGS domain =cammckenzie.com

  PORT 43

  TYPE domain

DOMAIN

  NAME cammckenzie.com

  CHANGED 2018-03-04

  CREATED 2010-03-03

STATUS
clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
clientRenewProhibited https://icann.org/epp#clientRenewProhibited
clientTransferProhibited https://icann.org/epp#clientTransferProhibited
clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited

NSERVER

  NS17.DOMAINCONTROL.COM 216.69.185.9

  NS18.DOMAINCONTROL.COM 173.201.76.9

  REGISTERED yes

Go to top

Mistakes


The following list shows you to spelling mistakes possible of the internet users for the website searched .

  • www.ucammckenzie.com
  • www.7cammckenzie.com
  • www.hcammckenzie.com
  • www.kcammckenzie.com
  • www.jcammckenzie.com
  • www.icammckenzie.com
  • www.8cammckenzie.com
  • www.ycammckenzie.com
  • www.cammckenzieebc.com
  • www.cammckenzieebc.com
  • www.cammckenzie3bc.com
  • www.cammckenziewbc.com
  • www.cammckenziesbc.com
  • www.cammckenzie#bc.com
  • www.cammckenziedbc.com
  • www.cammckenziefbc.com
  • www.cammckenzie&bc.com
  • www.cammckenzierbc.com
  • www.urlw4ebc.com
  • www.cammckenzie4bc.com
  • www.cammckenziec.com
  • www.cammckenziebc.com
  • www.cammckenzievc.com
  • www.cammckenzievbc.com
  • www.cammckenzievc.com
  • www.cammckenzie c.com
  • www.cammckenzie bc.com
  • www.cammckenzie c.com
  • www.cammckenziegc.com
  • www.cammckenziegbc.com
  • www.cammckenziegc.com
  • www.cammckenziejc.com
  • www.cammckenziejbc.com
  • www.cammckenziejc.com
  • www.cammckenzienc.com
  • www.cammckenzienbc.com
  • www.cammckenzienc.com
  • www.cammckenziehc.com
  • www.cammckenziehbc.com
  • www.cammckenziehc.com
  • www.cammckenzie.com
  • www.cammckenziec.com
  • www.cammckenziex.com
  • www.cammckenziexc.com
  • www.cammckenziex.com
  • www.cammckenzief.com
  • www.cammckenziefc.com
  • www.cammckenzief.com
  • www.cammckenziev.com
  • www.cammckenzievc.com
  • www.cammckenziev.com
  • www.cammckenzied.com
  • www.cammckenziedc.com
  • www.cammckenzied.com
  • www.cammckenziecb.com
  • www.cammckenziecom
  • www.cammckenzie..com
  • www.cammckenzie/com
  • www.cammckenzie/.com
  • www.cammckenzie./com
  • www.cammckenziencom
  • www.cammckenzien.com
  • www.cammckenzie.ncom
  • www.cammckenzie;com
  • www.cammckenzie;.com
  • www.cammckenzie.;com
  • www.cammckenzielcom
  • www.cammckenziel.com
  • www.cammckenzie.lcom
  • www.cammckenzie com
  • www.cammckenzie .com
  • www.cammckenzie. com
  • www.cammckenzie,com
  • www.cammckenzie,.com
  • www.cammckenzie.,com
  • www.cammckenziemcom
  • www.cammckenziem.com
  • www.cammckenzie.mcom
  • www.cammckenzie.ccom
  • www.cammckenzie.om
  • www.cammckenzie.ccom
  • www.cammckenzie.xom
  • www.cammckenzie.xcom
  • www.cammckenzie.cxom
  • www.cammckenzie.fom
  • www.cammckenzie.fcom
  • www.cammckenzie.cfom
  • www.cammckenzie.vom
  • www.cammckenzie.vcom
  • www.cammckenzie.cvom
  • www.cammckenzie.dom
  • www.cammckenzie.dcom
  • www.cammckenzie.cdom
  • www.cammckenziec.om
  • www.cammckenzie.cm
  • www.cammckenzie.coom
  • www.cammckenzie.cpm
  • www.cammckenzie.cpom
  • www.cammckenzie.copm
  • www.cammckenzie.cim
  • www.cammckenzie.ciom
  • www.cammckenzie.coim
  • www.cammckenzie.ckm
  • www.cammckenzie.ckom
  • www.cammckenzie.cokm
  • www.cammckenzie.clm
  • www.cammckenzie.clom
  • www.cammckenzie.colm
  • www.cammckenzie.c0m
  • www.cammckenzie.c0om
  • www.cammckenzie.co0m
  • www.cammckenzie.c:m
  • www.cammckenzie.c:om
  • www.cammckenzie.co:m
  • www.cammckenzie.c9m
  • www.cammckenzie.c9om
  • www.cammckenzie.co9m
  • www.cammckenzie.ocm
  • www.cammckenzie.co
  • cammckenzie.comm
  • www.cammckenzie.con
  • www.cammckenzie.conm
  • cammckenzie.comn
  • www.cammckenzie.col
  • www.cammckenzie.colm
  • cammckenzie.coml
  • www.cammckenzie.co
  • www.cammckenzie.co m
  • cammckenzie.com
  • www.cammckenzie.cok
  • www.cammckenzie.cokm
  • cammckenzie.comk
  • www.cammckenzie.co,
  • www.cammckenzie.co,m
  • cammckenzie.com,
  • www.cammckenzie.coj
  • www.cammckenzie.cojm
  • cammckenzie.comj
  • www.cammckenzie.cmo
Show All Mistakes Hide All Mistakes