While this topic is very different from the usual content I write, I feel it will have value for those young adults with children that are sure to be following a similar track in life; “How do I pay for my child’s college education?” I’m not financially savvy by any means, but here’s your call to action if you haven’t yet done anything to start saving.

I’m a Gen Xer and I would consider myself as middle income. I’m not rich or poor by any means, but I don’t want for much either. I buy a car/SUV every 10 years or so, mow my own lawn, pay my monthly mortgage and yearly taxes. I hold a full-time job with a large retailer, I run my own consulting business and I try to volunteer regularly with a number of organizations. With three daughters I wasn’t exactly sure how I was going to save for their college education. After a lot of reading and research I decided that a Pennsylvania TAP 529 plan was the best tool and provided the most benefits for me and my family being a Pennsylvania resident. The biggest benefit is that all my TAP 529 contributions are tax deductible at the state level. In 2020 I believe the max contribution per beneficiary was $14,000. So I could contribute $14,000 to each of my TAP 529 plans and have those contributions deducted from my income on my state taxes. This will generally save me a few thousand dollars in taxes, which I can then re-invest back into the TAP 529 accounts. In addition, the funds I contribute to the TAP 529 are excluded from the FASFA application for student aid.

I ended up selecting the PA 529 Investment Plan, and that’s where the money has been gowning for the past few years. There’s a lot of flexibility in how the funds can be allocated, if you are interested in taking an active part you can select from a myriad of options. Or you can set it and forget it and the plan will automatically re-allocate the funds to less riskier investments the closer your child gets to college age.

My Thoughts

It’s never too late to start saving or investing. Whether you are saving for your child’s college education or for your eventual retirement, there are plenty of ways to start saving and investing today. In 2018 I opened an account with Betterment, a robo advisor. That account has provide a rate of return around 9.7% annually, not a phenomenal number by any stretch but it’s definitely better than 0%.

What are you doing today to save for your child’s college education or your retirement?

Cheers!

I was surprised today when I noticed that someone had posted a new article to this site at 6:36AM this morning titled “3 Reasons to Start Using Dealspaces”. Interestingly enough the user account used to post the article was a test account under my wife’s name that I probably haven’t used in years.

I went looking at the nginx access.log files and found the relevant entires;

213.164.204.89 - - [17/Feb/2021:11:36:17 +0000] "POST //xmlrpc.php HTTP/1.1" 200 141 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0"
213.164.204.89 - - [17/Feb/2021:11:36:18 +0000] "POST //xmlrpc.php HTTP/1.1" 200 2253 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0"
213.164.204.89 - - [17/Feb/2021:11:36:19 +0000] "GET /2021/02/3-reasons-to-start-using-dealspaces/ HTTP/1.1" 200 9985 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0"

The IP address belongs to a Swedish Internet Service Provider named Bahnhof, not particularly helpful as it could have also been a Tor endpoint or exit node. I can tell from the time stamps that the action was likely scripted as there was exactly one second between each request.

Needless to say I immediately deleted the post and the user account that was used to make the post and then changed my own password out of an abundance of caution. I then scoured the entire WordPress filesystem using the recent backup I had to try and make sure that nothing else was changed. I even dumped the database and ran a quick comparision against a recent backup, again looking for any changes or any obfuscated code.

My Thoughts?

Old user accounts are becoming a bigger and bigger problem as the longer they hang around in the wild they will eventually end up being compromised. This is why IT security professionals plead with users to use different passwords on every single website and to frequently change those passwords. Unfortunately in this case I’m going to guess that the password used for this account likely wasn’t very secure (Test123) and that’s likely how the hacker was able to login to WordPress and post the article. So shame on me for yet again falling into the roll of a user.

Are you curious if your user credentials have ever been leaked? Check out have i been pwned?

Cheers!

If you live in the Northeastern United States you’re probably still digging out from the massive winter storm that blew through the area over the past three days. Here in my local area of Pennsylvania we managed to get just over 12 inches of snow, although towns not far away managed well over 23 inches and my family in northern New Jersey are estimating that they had around 18 inches of white stuff.

Thankfully I have a 27″ Briggs & Stratton 1227MD Snow Blower to help clean my 2,000 square foot driveway. I bought this unit back in 2017 and while it hasn’t had too much work in the past few years it’s always been reliable and easy to operate. On Monday afternoon my trusty steed stopped working and a bit of panic set in as the second wave of snow starting falling. The engine was fine, but the snow blower would frequently stop moving forward and the wheels would lock up. The snow blower would move in reverse but it would not move forward. Using a 10mm socket and socket wrench I was able to remove the lower panel that covers the drive train and a screw literally fell out. Looking at the bottom panel it was quite clear that the screw was rolling around at the bottom of the panel and was occasionally getting wedged between the drive gear and the external sheet metal causing everything to “lock up”.

I looked around to see if I could determine where the “extra” screw had come from but I wasn’t able to find anything missing or out of place. I put the machine back together and this morning it ran like a champ for 2+ hours clearing my driveway and my neighbors.

My Thoughts?

Thankfully I was able to quickly troubleshoot the problem and determine the issue. While I enjoy the occasional manual labor, I wasn’t looking forward to the thought of having the shovel 12 inches of snow from my long driveway, so I was sufficiently motivated to “figure it out“. Are you handy? If so great! If not, don’t be afraid to branch out and try new things, whether you are a “handy” person or not. It’s not rocket science!

Cheers!

PS: Thanks for the cake Anita, it was delicious!

In 2020 my diet and personal health choices finally caught up to me and I had to make some drastic changes. Since that September day I’ve lost more than 60lbs using a mixed low-carb / keto diet. Unfortunately I’ve also had to account for my gout diagnosis which has left me with some very restricted menu options.

The data in the graph below is from a Withings WiFi Scale and makes it pretty easy to see how quickly the weight can catch up to you, or me I guess I should say, over the years.

In July of 2018 I broke my ankle while playing ice hockey and that literally sidelined me for more than six months. The only good thing during that timeframe? I literally couldn’t get to the kitchen for months so I didn’t put on any weight. I owe that feat to my wonderful wife, she loves telling me “no!“. You can see in the graph above that 2018 was relatively flat, until I got my mobility back and started snacking again. :(

How did I do it?

In my specific case, the hunger wasn’t the big issue. The pain from the gout attack was pretty severe and lasted almost 4 weeks, and it literally masked my general hunger for the first few weeks. I was religious about keeping my fluid levels up, drinking 160oz of water daily trying to flush the uric acid out of my body. I believe the water kept me feeling full, but the numerous trips to the bathroom can be super annoying. However, it promotes getting up from the desk frequently which is a good thing.

My job for the past 7 years required me to commute almost 100 miles each day keeping me in my car for ~ 3 hours each day about 15 hours each week. Thankfully that’s changed dramatically with COVID-19 and I’ve made use of the extra free time to walk my dog, Bucket, twice daily. The Fitbit Versa 2 I wear helps track the 10,000+ steps I try to tally daily. Not surprisingly my resting heart rate has dropped from an average of 63bpm to 53bpm at my current weight.

What’s the future hold?

In December I had another round of blood tests and there was “excellent improvement“, as noted by my physician. I still need to have another round of blood tests again this month, so here’s hoping that things are continuing to improve.

As for my personal goals, I would like to get down to around 240lbs. The trick will be adopting a diet and eating behaviors that I can use to maintain my weight and not start piling it all back on once I hit my goal. Ask me in six months where I am. Don’t be so focused on work, or the family or everyone else around you that you forget to take care of your own health!

Cheers!

Wishing you and your family a Merry Christmas and Happy New Year!

Cheers!

Cheers!

—

I’ve been literally hopping around on a single foot now for the past 45 days. I’ve tried crutches, I’ve tried the kneeling scooter and I’ve tried the iWalk 2.0, the peg leg as my family likes to call it. And I was surprised to find myself more and more relying on the iWalk to get around. The crutches are fine for back and forth to the bathroom but for anything else they are a pain. The kneeling scooter was great for the malls and parking lots but it was a no going getting up and down stairs and because of my size and high center of gravity it left me prone to possibly wrecking on a pebble or rough surfaces.

I find it really easy to either climb or descend stairs with the iWalk, even walking down the stairs backwards (peg leg first). With crutches I felt like I was taking my life into my own hands every time I had navigate stairs and I was one small mistake from heading down the stairs face first.

Having my hands free is another big benefit of the iWalk 2.0, now I can carry things. You’d be surprising how frustrating it was trying to carry/transport a glass of water back to the couch with crutches.

I’ve found a measure of freedom from using the iWalk 2.0. If you are going to be limited to a single foot for a lengthy period of time it might be worth your time to look at the iWalk 2.0.

Cheers!

That all said life isn’t too hard and there are people much worse off than me.

The projects at work are starting still moving forward… we’re replacing a pair of aging Cisco Catalyst 6509s along with a pair of Cisco Nexus 5010 and 2148s (remember those).  And we’ll be rolling out another 10Gbps Internet link to keep up with the insatiable appetite for Internet bandwidth and cloud solutions.  With that additional Internet bandwidth we’ll also need to upgrade our firewalls to support 10Gbps interfaces so there’s no shortage of work to be done.

Cheers!

YouTube TV has Nat Geo and Nat Geo Wild which are a requirement from the family.

The next big question… should I go with Verizon Gigabit Internet?

Anyone with any recommendations?

Cheers!

Articles

Cisco ASA- Basic LDAP Authentication by Dan – It’s been a while since I configured a Cisco ASA to authenticate VPN users against a Microsoft Windows Active Directory Domain Controller. If you Google ‘Cisco ASA Active Directory Authentication’ you’ll get hundreds of links and articles. I choose to scroll down a bit in the list and chose the link from IN THE WORKS – A tech apprenticeship. Thankfully Dan’s article from 2016 was straight forward and easy to follow. The trick was in reusing the DefaultWEBVPNGroup tunnel-group so users don’t need to select from multiple tunnel-groups in the client.

Authenticate to vCenter from Active Directory credentials by Romain Serre – A customer wanted to authenticate with vSphere using his Active Directory credentials. In this specific case the client was using the vCSA (vCenter Server Appliance) and not a typical Windows Server running vCenter. I initially ran into some DNS issues, thankfully the CLI error gave me the hint I needed as the web UI error was pretty basic.

How to Configure NTP Server on Windows Server 2016 by Stefan – A client was having some significant clock drift issues with one of their servers. I recalled the command was w32tm but could recall exactly what the commands were to enable NTP. Stefan has an easy to follow post. Stefan, I’m not a big fan of ad banners placed in the middle of the content and I’m sure I’m not alone.

Cheers!

Unfortunately the wife’s computer recently died so I gave her my desktop (swapping SSDs and hard drives) and went about putting together a new desktop for myself from the following purchases;

• ASUS ROG Maximus IX Hero Z270 LGA1151 DDR4 DP HDMI M.2 USB 3.1 ATX Motherboard
• Intel 7th Gen Intel Core Desktop Processor i7-7700K (BX80677I77700K)
• Noctua NH-D15 6 heatpipe with Dual NF-A15 140mm fans
• Corsair Vengeance RGB 16GB (2x8GB) DDR4 3200 (PC4-25600) C16 -Intel 100/200 Series PC memory CMR16GX4M2C3200C16
• EVGA 850 GQ, 80+ GOLD 850W, Semi Modular, EVGA ECO Mode, 5 Year Warranty, Power Supply 210-GQ-0850-V1
• Corsair Crystal Series 570X RGB – Tempered Glass, Premium ATX Mid-Tower Case Cases CC-9011098-WW
• Microsoft Windows 10 Pro | Download

I decided to stay with Intel for now and passed on AMD Ryzen and Threadripper. I also decided that I’d be more than happy with an Intel Core i7 series processor, no need to look at the recently released Intel Core i9 processors. I did decide that the old Antec P180 case needed to be put into the scrap pile so I ordered a Corsair Crystal Series 570X RGB case. Since I swapped the SSDs and hard drives I ran into the dreaded Windows activation issue since the original product keys were OEM versions. I didn’t want to go through the time and effort of re-installing Windows 10 so I purchased 2 retail copies of Windows 10 Professional and applied those product keys. While the hardware supports overclocking, I’ll probably run it at stock until I need more performance or I find the time to start testing the overclocking potential of the hardware.

Now I need to spend sometime finding a replacement for Crashplan. Any recommendations?

Cheers!

Overall I’m happy with the TV, and really happy with the Whalen furniture. The Smart TV functionality includes Amazon Video, Netflix, YouTube, Hulu and HBO Now along with a built in web browser.

Perhaps I’ll get a chance to replace the Onkyo TX-SR600 over the next few years.

Cheers!

*/15 * * * * wget http://blog.michaelfmcnamara.com/wp-cron.php?doing_wp_cron > /dev/null 2>&1

There are a few issues with this… wget was not following the redirect from HTTP to HTTPS after I forced HTTPS/SSL as the default for all traffic. And since I was using multiple virtual hosts behind a single IP address I was relying on SNI and the HTML headers to determine which virtual host the request should be delivered to.

Here’s what I’m running today in my cron;

*/15 * * * * curl --header 'Host: blog.michaelfmcnamara.com' https://blog.michaelfmcnamara.com/wp-cron.php?doing_wp_cron=true > /dev/null 2>&1

If you are forcing all traffic to SSL you might want to check any old links you have lying around and if you are using SNI you’ll definitely need to attach the proper host headers to the HTTP request.

Cheers!

Cheers!

In any case I thought it was high past time to give Windows 10 a spin so I went out and purchased a 512GB Samsung 850 Pro SSD. I did this so I could clone my 256GB Samsung 840 Pro SSD, providing me a very simple backout plan if I didn’t like Windows 10 or something went terribly wrong. I fired up Clonzilla Live via a USB flash drive and quickly cloned the 256GB SSD to the 512GB SSD. I installed the 512GB SSD and put the 256GB SSD in a safe pace. The computer booted up to Windows 7 fine on the new SSD and I upgraded to Windows 10 with no problems or issues. Fast forward almost four months later and I’m pretty happy with the upgrade. I’m not sure I gained a whole lot from a technical standpoint. Windows 7 had worked pretty well for me the past few years and I suspect Windows 10 will do the same but if the upgrade hadn’t been free I’m not sure I would have made the jump myself.  About four weeks ago I upgraded my Lenovo T430 to Windows 10 without issue. It helps that I replaced the hard drive with an SSD about a year ago.

Windows 10 is a free upgrade for Windows 7 and Windows 8.1 users until July 29, 2016 so time is running short.

Have you made the jump to Windows 10? At Home? At Work?

Cheers!

We recorded our first show last week with another show scheduled for this Sunday so I’m here today to ask for your feedback. We’ve each committed to keeping the project going for six months after which time we’ll re-evaluate. We’re going to try and keep each episode to around 30 minutes in length and hopefully record bi-weekly (we’ll see how we hold that schedule when the weather gets nice).

We’d love to know what you think!

Network Broadcast Storm

Cheers!

Articles

Network Field Day #NFD11 by Dominik Pickhardt – Dominik will be attending Network Field Day 11 this January 2016 in San Jose, CA. It just happens that I’ve also been invited to join the gang in Silicon Valley on January 19th – 22nd. You find more information over on the Tech Field Day website.

US House okays making internet tax exemptions permanent by Shaun Nichols – We’ll need to see how HR 644 fairs in the senate now that it includes a provision to prevent states from collecting sales tax on Internet retailers for out of state customers.

IP leak affecting VPN providers with port forwarding by Perfect Privacy – The team over at Perfect Privacy have revealed how an attacker can reveal a VPN user’s real IP address given a few specific conditions.

A free, almost foolproof way to check for malware by Roger A. Grimes – A great article describing how to easily test a Windows client to see if it’s infected with some malware. I’ve recently found myself doing quite a bit of security forensics analyzing various systems and images.

Will Let’s Encrypt threaten commercial certificate authorities? by Larry Seltzer – Let’s Encrypt is a new free Certificate Authority looking to make publicly signed certificates available for free to anyone. The stated goal of the organization is to help secure the Internet by offering free SSL certificates to anyone. The certificates are only valid for 90 days, a significant caveat and differentiator with the commercial certificate authorities.

Cheers!

 host relay.verizon.net[206.46.232.11] refused
    to talk to me: 571 Email from 162.243.40.10 is currently blocked by Verizon
    Online's anti-spam system. The email sender or Email Service Provider may
    visit http://www.verizon.net/whitelist and request removal of the block.
    151214

Ok, it’s quite possible that someone on the discussion forums has been a misbehaving so I need to make sure there’s no legitimacy to this report. I need to scour the log files and make sure that there’s nothing going on. I keep the log files on my server for 30 days, let’s do some quick crude command line fu;

[root@moon ~]# grep -h @verizon /var/log/maillog* | awk '{ print $7 }' | sort | uniq -c
    427 to=nobody@verizon.net,

Note: I’ve obfuscated the email above so I don’t end up getting any more spam than I already receive daily.

Now that’s very interesting, I’m the only person that the server has been trying to mail which is getting denied by Verizon. Ok, so this problem is only impacting me, I guess that’s good.

So if it’s been going on for 30 days then I need to make sure the server is not listed on some RBL (real-time black list) somewhere. I’ll check http://www.blacklistalert.org/;

Alright so I wasn’t listed on any of the RBL, I looked through the logs for any other anomalies and found none, focusing again on mail for Verizon customers (verizon.net/verizon.com) and found nothing, I searched the discussion forums user database and blog comment subscriptions and found nothing. It must be a false positive on Verizon’s side, I’ll submit a request to Verizon following their instructions. I went to http://www.verizon.net/whitelist and I tried submitting a request as a Verizon customer and the form submission crashed with the following;

Ok, so I went back and submitted a request as an ISP (although I’m not an ISP but I’m starting to feel like one). That form was successfully submitted and I quickly received a reply via email.

That’s a boiler plate reply if I’ve ever seen one. Ok, so this doesn’t look like it’s going to be easy… I’ll need to chase the folks at abuse@verizon.net and probably in Twitter as well.

Cheers!

We’ll be hearing from the following vendors;

There’s a lot of diversity in the vendors so I’m really looking forward to the presentations and discussions.

I’m also looking forward at the opportunity to meet Dominik of Avaya networking fame from Germany in person. Dominik has essentially been a partner in moderating the Network Infrastructure Forums for the past 4+ years. I’ve spoken to Dominik many times over Skype and we’ve recorded a few podcasts together (story for another time) but I’m really excited to finally meet him in person.

Cheers!

In addition, Google has been using HTTP/HTTPS signals in their ranking for quite a few months now. Not sure if that will have any impact on my little blog but I’m happy to try and push that percentage of sites using HTTPS/SSL just a little higher.

I purchased a wildcard SSL certificate from RapidSSL that covers *.michaelfmcnamara.com. I have multiple servers and virtual hosts so it only made sense to purchase a wildcard certificate instead of purchasing multiple individual certificates.

The installation was pretty simple, I did need to bundle all the certificates including the root GeoTrust Global CA, the intermediate RapidSSL SHA265 CA – G3 and then my certificate into the certificate file so the browser was presented the proper SSL chaining. I changed the WordPress Address and Site Address URLs from within WordPress and then I setup a redirect from Nginx;

server {
    listen              [::]:80;
    server_name         blog.michaelfmcnamara.com mirror.michaelfmcnamara.com;

    return 301 https://$server_name$request_uri;
}

I also had to make a few small changes to the Google Adsense scripts.

Any Issues?

Yes, there will be a few issues… Internet Explorer 8 for Windows XP doesn’t support SNI (Server Name Indicator) so that browser won’t be able to connect now that I’ve enabled two SSL enabled sites on the same IP address using two different certificates in Nginx. If you are still using Internet Explorer 8 on Windows XP you should really consider migrating off Windows XP.

Are you going to enable HTTPS/SSL on your blog or website?

Cheers!

Update: December 30, 2015 –  I had issues uploading images via WordPress after turning on the HTTP redirect. I was getting the error “An error occurred in the upload. Please try again later.” when I tried to upload an image via HTTPS/SSL. I had to go into wp-config.php and add the following, “define(‘FORCE_SSL_ADMIN’, true);” which appears to have resolved the problem.

I hope you and your family have a Merry Christmas and a safe and Happy New Year!

Cheers!

Here’s a great example from Oracle. On Tuesday December 8th I received 12 messages from Oracle with the subject, “2016 Commerce Survey and a $25 Amazon Gift Card” between 6:00AM and 6:45AM EST. As a side note, they weren’t offering a $25 Amazon gift card for completing the survey, you would be entered to win a $25 Amazon gift card for completing the survey – see the difference?

This morning I received a follow-up from Zach Hanlon with the following explanation;

If I’m an industry expert then please treat me as one and don’t just “blame the network”. I find it fascinating that there’s no mention of human error anywhere in the above statement. It’s certainly possible that “network problems” could have interrupted some process but I usually find that issues like these have multiple causes.

While I’m on my rant if you really value my input then you won’t insult my intelligence with that clickbait subject line next time.

Cheers!

As is usually the chase on the Schuylkill River Trail there was a headwind heading toward Norristown and then a really strong headwind along Rt 422 heading back toward Pawlings road. Only rarely do I end up with the headwind behind me pushing me along.

I was easily able to maintain a high tempo with the SG9 bearings and 90mm wheels so I pushed the distance bit to provide a good workout.

I’m happy to report that I’m down 24 lbs. in my battle of the bulge after about 7 weeks of eating smarter and working out.

Cheers!

I’ve been a Fitbit and Withings user for more than 3 years now so I can look back at the data and easily see how I’ve let things get out of control. You can easily see that things started to get really bad just before January 2015.

I’m no fitness or nutrition expert… far from it but I’ll share what seems to be working for me.

I’ve cut out the after dinner snacks or desserts, I’ve reduced the portion sizes I eat, I’ve taken to eating more fruit, I’ve cut out the soda and Gatorade and just drink water now and I’ve taken to working out for at least 60 minutes 4 times a week while I try to walk at least 3 times a week for 2 miles or more. Working out can be boring and it’s hard for me to stay motivated, so a little friendly competition is just what I need to keep myself engaged.

I still enjoy in-line skating and the Valley Forge Schuylkill River Trail offers a really smooth virtually flat trail for joggers, bikers and skaters.

I was out this morning and was able to complete a 11 mile circuit in just over an hour. Unfortunately it had rained last night so the sections of the trail that were covered by the tree canopy were still wet and if you’ve ever skated on wet roads you’ll know that it’s akin to skating on ice with rubber feet – it’s hard to get traction and extremely slippery. And to that the leaves and other debris on the trail that you usually find on a tree covered trail and it can get really interesting. It can also occasionally be dangerous as I was reminded this morning when I wiped out at Betzwood, my wet wheels failing to grip the surface as I rounded a curve. I’ve got a nice case of road rash up my right leg for my inattentiveness.

I used the Fibit application on my Android smartphone to track my exercise above, I only just realized recently the Fitbit app could do that.

What are you doing to stay fit?

Cheers!