If you haven't heard about this, I think I am deeply envious of you. It likely means you live a life that has next to no contact with the news at large, and especially social media. But, for the other 99% of us we all know Facebook (and it's child companies like Instagram, WhatsApp, and some others all went offline on October 4th somewhere in the middle of the day (EST). Conspiracy theories about the outage started in record time, but the real reason behind it all - at least from what they're disclosing - is an issue with BGP. You're likely wondering what BGP is, but frankly you should be a hell of a lot more concerned with the hidden implications of what this outage meant for many.
I've been somewhat pulling my hair out (ok, that's a lie - I have none) figuring out a way to update a Cloudflare A name using the UDM-Pro. There's a long list of reasons you'd want to do this, but for my purposes in this instance I want to setup a VPN endpoint. Of course, static IP addresses aren't something that are common for small business users, and especially not so for home users. Setting manual DNS entries will work for all of a few days and users need something easy to remember that will update whenever the public IP address of the UDM-Pro gets updated (which could be days, weeks, or even months apart).
Ubiquiti's firmware allows DDNS updates natively within it, but the providers are quite limited, and despite Cloudflare being arguably the most requested one in the forums, they've yet to add it. I suspect this is because it's not as simple as a quick URL call with some variables like DynDNS used to be. There's some tricky ways to do this using DNSoMatic, but I'm going to be setting this up for a long list of clients, and I also really don't want to rely on yet another middleware service.
The "Geek Squad", eh? Okie dokie.
For those who aren't as familiar with what the Geek Squad is, it's Best Buy's "in-house" IT support team. Surely you know who Best Buy is, the massive electronics retailer that's more or less dominated the consumer electronics market. Seeing as almost all consumer electronics are designed to fail, and with technology moving at breakneck speeds, it's no surprise that a predominantly overwhelming amount of the population simply doesn't know where to start to get anything tech related fixed. The first instinct would be to take said item back to the store you bought it from. The friendly associate directs you to the "Geek Squad" counter nestled into the back of the store. This isn't by chance, but by design.
I ran into an interesting issue this evening which required a creative solution. The age old saying goes, a person is only as good as the tools available within their toolbox.
So, some quick backstory on how I got here. I recently purchased an Ubiquiti Dream Machine Pro to replace my Fortigate 30E-3G4G-NAM. While the Fortigate firewall was completely kicking ass serving as the brains behind my home network, there were some other challanges I faced such as offloading the load on my Synology NAS which was running an Ubiquiti Controller (for my APs), and an Ubiquti Video Controller (my security cameras). The main issue stemmed around the fact that Ubiquti is slowly phasing out support for standalone controllers, specifically the video one. Plus, the extra load on my NAS just wasn't something I felt comfortable with.The UDM-Pro solves a ton of this with onboard NVR, Cloudkey and a vareity of other things.
Phishing scams have been around for decades, but in recent years they have become far more advanced due to the incredible amount of your data that has been leaked to the world. It's important to understand some of the methods being used today, as to ensure you do not fall prey to a would-be attacker. I want to be clear, this is by no means intended to be a complete guide to phishing simply to shed some light some of the more recent advancements in how the scams are operated.
Let's backup a second and explain the roots of what a phishing scam is. Phishing by definition is a cyber crime in which a target is contacted by email, phone, text message, or otherwise to try and lure the target into revealing sensitive information to the attacker. Attackers can pretend to be nearly anyone, so it's important to always be astute, no matter how legitimate you may believe a message could be. Typical scams include attackers posing as a financial institution (bank or credit card), a popular store (Walmart, Amazon, Costco, etc), or even as sneaky as being a friend or family member.