Thursday, January 31, 2019

I Deleted my Youtube Account

I deleted my Youtube account.



  • Gone, the small number of videos (only 10).
  • Gone, the hundreds of subscribers.
  • Gone, all  my comments.
  • Gone, my subscriptions.
  • Gone, some other stuff.


Don't let the door hit you on the ass on the way out.

Seriously, I doubt the channel will be missed.

I stopped creating new videos a while ago. Why? First, I am lazy, as can be seen by how often I post here (maybe that will change). Second, they changed how videos are monitized. If you have less then a certain number of regular views, you don't get paid. To be honest, while I like sharing a bit, I really liked the revenue, as small as it was.

Questions I have:

  • Can I make a new channel in the future?
  • Will they pay me the little revenue I have accumulated. It was slightly under the threshold needed to have them pay out.
  • Was I just contributing to the huge pile of shit that Youtube has become? Don't get me wrong, there is plenty of good content out there, but most is shit, which apparently appeals to the sheep viewing it. Don't get me started on that.


So it looks like I will be spending more time here. I will try to contribute something useful, not just shit.

Friday, January 26, 2018

Who's the Lucky One?

I received one of the nicest gifts I have ever received. Check it out:


Pretty cool right? It is an Icom IC-737 Transceiver.

Okay, I admit is a big deal to me, but might not be for anyone not interested in being an Amateur Radio Operator. I am currently studying for my Amateur Radio with Basic Qualification (honours) certificate. Passing with a mark above 80% provides honours, which in turn, allows an operator to use bands below 30MHz. This IC-737 is ideal for this. Admittedly, it as an old unit, but it works well and will definitely do what I need.

Now it is time for me to complete self study, pass the test with at least 80%, and gather equipment such as a power supply, etc. to begin enjoying the hobby.

Later...

Tuesday, July 4, 2017

The 338 Gaillard Rifle Cartridge

What is the .338 Gaillard?


  • A wildcat cartridge developed by Ted Gaillard
  • What's a wildcat? Cartridges that are not officially registered with nor sanctioned by SAAMI (Sporting Arms and Ammunition Manufacturers’ Institute) are generally known as wildcats. Basically, you wont be seeing the 338 Gaillard cartridge on any store shelves, which is fine, as it is in the company of dozens (if not hundreds) of other excellent cartridges.
  • It was developed for accurate long range shooting (beyond 600 yards).
  • It's a belted magnum cartridge with excellent capabilities.
  • It has an improved shoulder.
  • Compared to it's parent cases, it has far less taper in the case wall.
  • It's a .338 (8.585 millimeters).
  • More case capacity than the standard 8mm Remington Magnum (my favorite parent case).
  • It can be developed from a number of existing cartridges. Many wildcats restrict the developer to only one parent case. The 338 Gaillard's parent case flexibility makes it easy to develop cartridges when certain cases may be hard to acquire. (see: What is involved in forming the brass for this cartridge?).

Why would I want this wildcat?


  • For all of its capabilities
  • The 338 Gaillard is suitable for game the size of Elk or larger. It is also great for deer when loaded with lighter bullets such as Hornady's 180 grain Interlock.
  • This cartridge is a very flat shooting cartridge, and therefore perfect for long range target shooting. Range permitting, you can shoot beyond 1000 yards quite accurately.
  • Shoots heavier .338 bullets at high velocities (surpassing the .338 Winchester Magnum).
  • Heavier .33-caliber bullets yield a great deal more energy and their larger diameter delivers a heavier blow than is possible with lighter calibers. The 338 Gaillard is obviously very powerful. When loaded with a typical 225 grain bullet it can surpass velocities of 3,000 feet per second (FPS) and deliver approximately a ton (2000 Foot Pounds) of energy at 500 yards. This makes it ideal for larger North American game. You can also enjoy the advantages of the heavier 338 bullet's wind bucking ability.
  • You might like wildcats. For the uninitiated, wildcats can be fun. I personally like forming cases, reloading, testing, and the other aspects of using a wildcat cartridge.
  • It is very accurate.
  • Brass is cheaper than the 338 Lapua (Using the 8mm Remington Magnum as a base cartridge)
  • There is a very good selection of .338 bullets available to the reloader, from a variety of manufacturers.

Why wouldn't I want this wildcat cartridge?


  • The recoil of the 338 Gaillard is very substantial and this cartridge is recommended to those who have experience with other big bore caliber Magnum rifles, especially those who found they could deal with pronounced recoil. NOTE: Okay, recoil is relative. Each individual perceives recoil differently. There are also other factors besides the cartridge that determine felt recoil, such as rifle weight and style.
  • You might not like wildcats. For the uninitiated, wildcats can be intimidating. You may not like forming cases, reloading, testing, and the other aspects of using a wildcat cartridge.
  • It uses more powder.
  • Since the cases are larger, cases will of course cost more than typical cases such as the .308 Winchester or the .223 Remington.

Where do I get one?


  • You can't just walk into your favorite gun store and buy boxes of 338 Gaillard cartridges, or pick up a new rifle chambered in the 338 Gaillard. You have to build your own rifle, or rechamber an existing rifle for this wildcat.
  • I have been informed that Redding provides reamers or dies.

How do I load for it?


  • Bullets ranging from 200-250 grains are likely the best, but there's no reason not load cartridges with lighter 180 grain bullets or larger bullets as heavy as 300 grains.
  •  There are a number of recommended powders to consider. Of course each rifle behaves differently and most people already have some favorite powders in mind, but powders such as IMR 7828, H 7828, IMR 4831, H 4831 perform rather well.
  • I was tempted to share some load data here, but realize that I may be responsible for someone making a mistake and harming themselves or others.

What is involved in forming the brass for this cartridge?



  • Click on the image for a closer look. From the the left: Unmodified 8mm Remington Magnum, Necked up to .35, Necked down to .338 (false shoulder), Formed and subsequently loaded .338 Gaillard cartridge.
  • 338 Gaillard cases can be made from the Remington .416, Remington 8mm Magnum, 340 Weatherby, 7mmSTW and the 375 H&H cartridge cases.
  • Personally, I prefer to base the 338 Gaillard on the 8mm Remington Magnum case, which has become quite popular amongst wildcatters. This is because the 8mm Remington Magnum offers an exceptional sturdy, pressure resistant cartridge case that can be reloaded with relative ease.
  • There are a few general steps involved in building the 338 Gaillard on the 8mm Remington Magnum.

  1.    First, the case should be necked up to 35 caliber. This allows us to create a false shoulder for fire forming the brass.
  2.    Second, create a false shoulder by necking the case down a little at a time from 35 to 338. In this step, I removed the firing pin assembly from my Remington bolt and tried to close the bolt on my new case after partially necking the case down in increments. Each time I returned the case to the reloading press and lowered the die a little more. Again I would try to close the bolt on the new case with only a little finger pressure until it finally closed. This creates a perfect 338 neck over a false .35 inch shoulder, which is very helpful when fire forming as it reduces brass flow and prolongs the case life by stretching the case less above the belt.
  3.    Third, fire form the cases with a reduced load. I dropped the usual load by 10 percent, and the result was a batch of cases with good shoulders and sharp angles.

  • Case length. My chamber was measured at 2.8785, and my recommended trim to length is 2.860. By comparison, the 340 Weatherby magnum case is 2.825 in length.


What type of bullets are recommended?


  • Bullets ranging from 200 - 250 grains are likely the best. I enjoyed testing the 225 grain bullets, but forming 100 in a single range session left me a tiny bit tender.
  • Why not the 180, or 300 grain bullets? As mentioned earlier, these area also fine choices, but each has slight limitations. Lighter bullets like the 180 or 200 grain may not have the same long range benefits of the 225 or 250 grain bullets, but they are fine for hunting a reasonable ranges, and produce less recoil. I am very tempted to try the 180 grain bullets. I look forward to pushing those through the Chrony.
  •  Let's consider sectional density (Sectional Density or SD is important because it has a significant effect on penetration) Compared to the .308, a 200 grain 308 has a SD of .301, while a 200 grain .338 has a SD of .331. Of course the higher the number the better.

Is the .338 Gaillard similar to other wildcat cartridges?



  • Yes it is. It is very close to the 8.6 x 72mm SDM. It is also similar to the 338-8mm Remington Magnum. In addition, from what I can gather during my research, it  may be similar to the .338 Jarrett. (I would like to confirm that if anyone feels like dropping me an email)

Thanks for reading.

Worst blogger ever.

Man I suck at updating this place. Sometimes a year passes (or more?)

I think I am just busy doing many things and simply forget to include them here. I need to share more. :-)

Friday, July 1, 2016

Ack !! No Server !!

There's no point in concerning myself with network/server security right now. The Server is gone. Here are the last couple of posts related to this:

http://www.kevinschick.com/2016/06/network-attacks-ufw-is-working-but-more.html

http://www.kevinschick.com/2016/06/tenacious-attackers-network-exploiters.html

I could not resolve the server by IP or name at all yesterday. I quickly found that the systems engineer at the data center didn't verify the asset tags on the servers involved, and wiped out everything of mine by mistake.

It was an experimental server, so I did not panic or freak out. The new set up will be running with ESXi and I will be able re-install and manipulate it via vsphere. I also took this as an advantage to move away from Debian and jump into CentOS. I used Redhat many years ago, pre-Fedora to be more precise, so the transition back to rpm goodness should not present any real issues or giant hurdles.

I look forward to the change.


I will concentrate on hardening the server, and experimenting with attackers. A honeypot is tempting. The first paragraph of the Wikipedia article describes a honeypot very well. I think analysing hacker activity and how attacks develop and progress will be very interesting and make me proficient at securing my server(s).


Saturday, June 25, 2016

Network Attacks. UFW is Working, but More is Needed.

More attacks on the server. Of course. UFW (UFW -Uncomplicated Firewall) is running, which is a must.

Unfortunately, the logs are still full of assholes trying to break in. Shit like this:

Jun 25 20:16:17 vbox sshd[38237]: Invalid user guest from 91.214.130.248
Jun 25 20:16:17 vbox sshd[38237]: input_userauth_request: invalid user guest [preauth]
Jun 25 20:16:17 vbox sshd[38237]: Received disconnect from 91.214.130.248: 11: Bye Bye [preauth]
Jun 25 20:16:18 vbox sshd[38239]: reverse mapping checking getaddrinfo for host-91.214.130.248.ardinvest.net [91.214.130.2
48] failed - POSSIBLE BREAK-IN ATTEMPT!


and...

Jun 25 21:57:32 vbox sshd[38342]: Received disconnect from 95.39.39.5: 11: disconnected by user [preauth]
Jun 25 22:02:43 vbox sshd[38345]: Received disconnect from 116.31.116.7: 11:  [preauth]
Jun 25 22:09:01 vbox CRON[38349]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 25 22:09:01 vbox CRON[38349]: pam_unix(cron:session): session closed for user root
Jun 25 22:09:51 vbox sshd[38371]: reverse mapping checking getaddrinfo for static.customer-201-116-53-85.uninet-ide.com.mx
[201.116.53.85] failed - POSSIBLE BREAK-IN ATTEMPT!


There is more of course. Time to use another tool to make things a bit easier.

After some research, it appears that fail2ban comes highly recommended.


My amazing web writing skill enables me to simply regurgitate words from the fail2ban website:


"Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).

Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services."
Setting it up is easy enough. Plenty of tutorials for numerous Linux/OSS distributions out there. If you need a link, just ask. I will try and find a decent one for you.
I have set findtime to 480 seconds,
maxretry to 3,
and offenders are blocked for 6000 seconds (100 minutes)

So if I understand it correctly, if some prick tries 3 times within 480 seconds, he/she gets banned for 100 minutes.

Let's see how that works after a couple days.

Monday, June 20, 2016

Hello Manjaro

Using Debian, or any one of it's derivatives such as Linux Mint or Ubuntu is fine. Multiple systems let me enjoy some of those, but I felt that I wasn't exploring enough of the Linux goodness out there.

Maybe something different would be educational and more fun.

Ladies and gentlemen, my new friend Manjaro.
Note: Blogger offers me the choice of forcing you to leave my page when you click that link, or open it it in a new window. I dislike both choices. Opening this link in a new tab instead would be nice.

I won't go into details about Manjaro, as there are plenty of reviews and related sites out there. I doubt the world needs another one. The fact that is Arch based is important. The change is a challenge.

I grabbed the a recent Xfce edition only because I have never tried that desktop environment. Manjaro has lots of desktop choices. I could have picked KDE, BspWM, Budgie, Cinnamon, Deepin, Enlightenment, Fluxbox, Gnome, i3, JWM, LXDE, LXQT, MATE, Netbook, Openbox and PekWM.

Since my install, just days ago, they have another offering using JWM (Joe’s Window Manager), it is a lightweight stacking window manager for the X Window System written by Joe Wingbermuehle. Incredibly,the system boots up with less than 111MB of RAM usage. Not too shabby considering how powerful Manjaro is.

For me, I like Manjaro a lot. I was concerned with Xfce, having been used to stuff like KDE and MATE, but I am really digging the lighter interface.

That's it! No lengthy review or any of that. Go try Manjaro.

Tenacious Attackers. Network Exploiters Abound.

Hit already.

No surprise, it's just how much the server is attacked that is surprising to me. This is probably typical to the veterans out there.

Tenacious; adjective: persistent in maintaining, adhering to, or seeking something valued or desired
That sounds about right for our network visitors today. Here are just some examples of the activity so far:

Jun 19 03:09:18 vbox sshd[10716]: Invalid user git from 69.10.58.155
Jun 19 03:09:18 vbox sshd[10716]: input_userauth_request: invalid user git [preauth]
Jun 19 03:09:18 vbox sshd[10716]: error: Received disconnect from 69.10.58.155: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]
Jun 19 03:09:19 vbox sshd[10718]: Address 69.10.58.155 maps to server.peopleshosting.in, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT


This little pick (69.10.58.155) tried over and over again, likely as fast as the script he/she was using dictated. Tries with all sorts of possible users were employed, such as tomcat, unbuntu, ubtn, test, ftpuser, and many more. One interesting attempt was for user PlcmSpIp.

Jun 19 07:58:39 vbox sshd[11341]: Received disconnect from 195.20.3.210: 11: disconnected by user [preauth]

It's a party...

Jun 19 11:01:49 vbox sshd[11540]: Protocol major versions differ for 46.105.123.28: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u2 vs. SSH-1.5-NmapNSE_1.0

Another dickhead...

Jun 19 12:33:10 vbox sshd[11636]: Invalid user admin from 23.247.97.147
Jun 19 12:33:10 vbox sshd[11636]: input_userauth_request: invalid user admin [preauth]
Jun 19 12:33:10 vbox sshd[11636]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 19 12:33:11 vbox sshd[11638]: Address 23.247.97.147 maps to mail6.xdem067.cc, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!


That IP hammered me for quite a while. "POSSIBLE BREAK-IN ATTEMPT!" is server generated. I didn't place it here for effect. :-)

Jun 19 13:43:01 vbox CRON[12111]: pam_unix(cron:session): session opened for user root by (uid=0)
Jun 19 13:43:20 vbox sshd[12114]: Connection closed by 71.6.146.185 [preauth]
Jun 19 13:43:20 vbox sshd[12116]: Connection closed by 71.6.146.185 [preauth]


Far too many others to list here. This is just a sample of one day.

Of course none of those IP addresses are anything I typically use. They're all outsiders. sadly, this activity is probably normal for most servers out there.
Is it bad that I am enjoying this? I definitely have to see where this is going, and consider my security options. More to follow.
Feel free to leave a comment and offer suggestions. Should i change the ssh port? Fail2ban? Am I on the right track?

I am Running an Experimental Server

I have an interest in network security. so I set up a dynamic server testing environment.

It is basically an experiment to learn more about how a typical server is approached by outsiders, specifically those with bad intentions. Really, how bad could it be? Will I be attacked?

Absolutely, no doubt about it.


As time progresses I will occasionally share some of the external hacking attempts and door-knocking the server encounters. The server is set up to log practically everything, but since that data will be enormous, it will be far too much to provide as updates here. Frankly, updates containing anything more than a few periodic examples would be a tedious read and snooze fest.

I am a complete amateur in all network security. Besides me researching a lot, experience is needed. This is not a hacking invitation, especially since I won't need to invite prowling network jackasses anyways. I am fairly good at manipulating a server, but am truthfully just learning the security side of it.

I know some of the risks.


My server is virtual, and hosted nowhere near me. It can be wiped and reinstall all fresh and sparkly after a successful attack. But ... it risks being compromised and used to attack others. This a major concern. As a precaution, as soon as I detect that (and I will if need be), the server will go on complete lockdown and reset.

That said, I do have some security and tightening measures in place. I was tempted to run the server naked and see what happens, but expect it wouldn't last long before it got completely fucked by outsiders. Presently there some protections up, and a way for me to securely access the server to check logs and make changes as needed.

Stay tuned. It could be like watching a car wreck.

Sunday, May 1, 2016

My First Steps at Creating My Own Anvil-like Object

I need an anvil.

The prices of anvils in my area are simply ridiculous. I can't shell out cash for the rusty, banged up shit that is available. Sadly, it seems that some guys (and girls) are hoarding, even owning four or more anvils. It's their right, but they are making it tough for new smiths.
My answer to the dilemma? Make my own. Many have done it  before me, using old rail or other metals, so the possibility exists. I want something specific, a nice clean, heavy block of mild steel.

Anyway...


I thought of checking out the local scrap yard to see if they had a large chunk of mild steel I might use, or perhaps modify for use as an anvil. My first trip was last week, on Friday, during lunch hour, when it was safe and they let me look around the piles. No luck on a big chunk, but I did get some nice coil springs to make tools with, so not a bad first try.

I returned a week later to look around again, and the nice guy at the office informed me that it was my lucky day. A large 5" (12.7mm) plate arrived about 10 minutes before I showed up. I took a look out in the yard and found the plate to be huge. I didn't measure it, but it seemed about 2 metres x 3 metres. Most was cut away as two huge circles were removed, leaving only two corners usable to cut out anything of a decent size. I was able to get 30cm x 30cm x 12cm (1' x 1' x 5") block cut for me.The cost came to $100 CDN, cut, a lot of money for a guy like me.

It is extremely heavy for a small chunk, weighing in at about 90Kg (200 pounds). It was still hot when I moved it 8 hours later. Hot enough to quickly evaporate water sprinkled on it. Here are a few pics of what I brought home. You can click the images to enlarge.





The torch cuts are not what I expected. I know torches are a bit rough, but these are going to take me a ton of work to level and smooth out. The cuts are angled poorly,  and not at 90 degrees on the sides. Maybe this is what torch cuts are supposed to look like. I will pick the best 30cm x 12cm side to use as the anvil face, and at the very least level and flatten the opposite side so that the anvil sits properly on a wooden base.  I hope to use my 5' angle grinder to work it all out.

I have other plans for it, but am unsure how to proceed, due to possible labour pricing and my ability. A hardy hole and pritchel hole would be great, and require a pass-through to allow stuff to drop through. While I may be able to drill neatly enough for a pritchel hole, a square hardy hole is far beyond anything I can achieve. The pass-through or cut away area underneath is likely to require a machinist, or me finding a way to neatly cut something like a large semicircle out of one side.

If the face gets too dinged up, which is okay for a while, I will get a flat piece of something like AR500 welded on top, and do cuts with a small piece of scrap laid on top for those few minutes needed.

I look forward to the challenge.