My own secure DNS server - Pi-hole on NanoPi NEO3

I care about my own information security and I don't want to put up with such flow of ads.

The first and the simplest step of the fight is AdBlock plugin in the browser.

Ths second step is custom hosts file. In this manner you may protect a few PCs, but it is difficult to cover each device in your network. Also, large hosts file can affect performance.

The third step is your own DNS server that will filter all requests from each device. The solution is Pi-hole.

As a platform for the Pi-hole I choosed a small device NanoPi NEO3 with 4 ARM cores (Cortex-A53 up to 1.3GHz) and 1 GB RAM (DDR4) on Ubuntu Core 18.

MacBook Air Recovery ask WPA2 enterprise credentials when connecting to WiFi

The problem.

My MacBook Air (13-inch, Mid 2013) with macOS Catalina (10.15.5) in recovery mode runs on OS X Mountain Lion (10.8).

When I try to connect to WiFi instead of ask a single password it ask me login and password (The WiFi network requires WPA2 enterprise credentials). But I don't use WPA-Enterprise.

Visual Studio Code - error "XHR failed" in extensions

After fresh installation of Visual Studio Code I decided install Python extension, but faced with an error "Unable to open 'Extension: Python': XHR failed.".

Exchange 2016 - High CPU utilization by Microsoft Exchange Replication Service (MSExchangeMailboxReplication)

I had faced with that issue on my work and with Microsoft support we found the core issue and solved it.

Unfortunately, I haven't been able to reproduce this issue in my home lab, but I'll try to describe all main points.

Procmon was showing that "MSExchangeMailboxReplication.exe" process always (hundreds of times per second) try to open (RegOpenKey) "HKLM\SOFTWARE\Microsoft\ExchangeServer\v15\ActiveManager\TestOverride" reg key.

Adding the "TestOverride" registry key doesn't solve the problem. The process started to searching other keys.

Exchange 2016 - Issues with ECP/OWA after installing updates/KB

For several reasons after installation updates/KB (for example KB4536987) you may faced with some backfires. I collected 3 type of issues and their fixes.

Issue #1 - Lack os styles on ECP page

After authentication on ECP page you may see only text and hyperlinks without any images and styles.

How to fix

Run the script "C:\Program Files\Microsoft\Exchange Server\V15\Bin\UpdateCas.ps1" or do following manual steps:

• Go to "C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\ecp" folder and find the folder with latest version number of your server (e.g. "15.1.1913.7") and it will be empty.
• Open folder with previous version number (e.g. "15.1.1913.5") and copy all data to the new folder (e.g. "15.1.1913.7").
• Restart IIS. Reload the ECP page.

Analysis of Xiaomi YI camera connections

I have Xiaomi YI (YHS-113) camera at home and once I was wondering what servers does it connects to and what information it transmits. I had caught camera traffic on my router while it was booting and working.

Analysis revealed the following:

1. Camera tried to connect to more than 20 servers.
2. A part of connection is TCP, and other part is UDP.
3. Not all connections were established (a part of servers didn't answer).
4. Most of servers are in China, but several servers are in Amazon Cloud.
5. Camera transfers to the "log.xiaoyi.com" server information about settings and WiFi name & ssid (see below).
6. Camera checks is your router is Xiaomi Router or not.
7. Connection to the "api.xiaoyi.com" server is secured by HTTPS with TLS 1.2.

Windows 10 - Error 30800 / The server name cannot be resolved / SMB & NetBIOS issue

Can not connect to a network drive/shared folder?

Can not print any document on a network printer?

Error #30800 in the Event Log (Application and Services Logs - Microsoft - Windows - SMBClient - Connectivity)?
The server name cannot be resolved.
Error: The requested interface is not supported.
Server name: x.x.x.x
Guidance:
The client cannot resolve the server address in DNS or WINS. This issue often manifests immediately after joining a computer to the domain, when the client's DNS registration may not yet have propagated to all DNS servers. You should also expect this event at system startup on a DNS server (such as a domain controller) that points to itself for the primary DNS. You should validate the DNS client settings on this computer using IPCONFIG /ALL and NSLOOKUP.

Brief analysis of iCal structure

In my work, I occasionally have to deal with various issues with meeting invitations (encoding troubles, wrong time zone, etc.), so I wanted to understand the structure of iCal (iCalendar).

This is not a complete overview of iCalendar features (RFC2445, RFC2446 and RFC2447). You can get acquainted with the most complete functional overview on the following sites: https://www.w3.org/2000/01/foo & https://www.kanzaki.com/docs/ical/

The analysis involved 8 different iCal emails from Microsoft Exchange 2016 + Microsoft Outlook 2016 environment. Microsoft Exchange adds additional "X-MICROSOFT" and "X-MS-OLK" headers to increase Microsoft Outlook functionality. Fully description you can find there.

In the image below, I tried to clearly visualize links between the iCal file parameters and Outlook interface.