It was a good night! In order: Marc Hebrart Brut Rosé NV Dom Ruinart Brut, 2002 Dom Perignon, 2004 Illuminated Magnum Roederer Cristal 2006 Dom Perignon, 2002 Rosé All were nigh breathtaking, and to have them all together was a special occasion indeed. Actually there was 2x all the above (except the magnum), plus various bottles of Veuve Clicquot to cleanse the palate and drink before/after, along with caviar, tarts, oysters, […]
I think this is the way to really clear out all the stuff in iptables, the arcane packet filtering thing for Linux. At least… I think. My take on it, at least. For somewhat modern Linuxes at the time of this writing, IPv4 only. Basic method: loop over all the types of tables, flushing… then loop over all the builtin tables for the various types, reset the policies… then […]
People are afraid of wines. They’re uncertain about them, and the entire wine industry is geared towards exploiting those negative emotions and playing upon the consumer’s lack of confidence. When my wife and I started a small wine business, I was trying to figure out a way of helping people better understand wines and afford them an opportunity to explore them in a non-threatening way. So I started out […]
Security Policies Let us praise, slay, and bury security policies together. A security policy is perhaps the best way to deal with the security monster. It concerns itself with business and organizational issues, and is designed to assist the organization succeed in spite of human nature. I sometimes not-so-glibly say that a security policy is simply an expression of your desire. What do you want to see within your organization […]
I wouldn’t think I’d be writing something like this, but….. Apple changed the default of tcpdump to writeout pcap-ng format, which wireshark doens’t understand by default. Wasn’t sure what was up, but a quick search didn’t get any hits… turns out the -y flag is the key (at least, Mavericks+.) $ sudo tcpdump -w /tmp/1 tcpdump: data link type PKTAP tcpdump: listening on pktap, link-type PKTAP (Packet Tap), capture […]