electronic items – What do I need to buy for this turntable to work in UK?

Unfortunately the removable prongs are specific to this adapter. They’re not the same as the removable prongs on a different adapter. So good luck finding the right ones. Perhaps there were a bunch of different prongs in the box when you bought it, and you threw the other ones away. Perhaps they put the right one on at the factory.

However, it is labeled 100-240V 50/60Hz. This adapter will have no trouble running on British electricity… if you can get the right prongs on it.

You are looking for an adapter which lets you plug a US plug into a British socket. It doesn’t have to change the voltage, it just has to change the prongs. Something like this one (a random Google result; I am not endorsing this particular product):

US to UK power adapter

Note: Be careful when plugging things into this adapter, because UK and US electricity are different and this will give you UK electricity with US prongs. This turntable’s adapter (the black one) can handle both, but some appliances can’t!

Electronic Check – Instant Payment Processing Solution – Payment processors

Electronic Check is the most demanding service for all businesses because it is easy to use, irrespective of the nature of the business. You can get its setup within a day with low documentation and can operate it smoothly. Get more information at 800-982-1372.

Read more: https://www.paycron.com/echeck-payment-processing

 

.

electronic voting – How could I make the results of a yes/no vote inaccessible unless it’s unanimous in the affirmative, without a trusted third party?

A family of N people (where N >= 3) are members of a cult. A suggestion is floated anonymously among them to leave the cult. If, in fact, every single person secretly harbors the desire to leave, it would be best if the family knew about that so that they could be open with each other and plan their exit. However, if this isn’t the case, then the family would not want to know the actual results, in order to prevent infighting and witch hunting.

Therefore, is there some scheme by which, if everyone in the family votes yes, the family knows, but all other results (all no, any combination of yes and no) are indistinguishable from each other for all family members?

Some notes:

  • N does have to be at least 3 – N=1 is trivial, and N=2 is impossible, since a yes voter can know the other person’s vote depending on the result.
  • The anonymous suggestor is not important – it could well be someone outside the family, such as a someone distributing propoganda.
  • It is important that all no is indistinguishable from mixed yes and no – we do not want the family to discover that there is some kind of schism. However, if that result is impossible, I’m OK with a result where any unanimous result is discoverable, but any mixed vote is indistinguishable.

Some things I’ve already tried:

  • Of course, this can be done with a trusted third party – they all tell one person their votes, and the third party announces whether all the votes are yes. However, this isn’t quite satisfying of an answer to me, since the third party could get compromised by a zealous no voter (or other cult member) to figure out who the yes votes are. Plus, this person knows the votes, and may, in a mixed vote situation, meet with the yes voters in private to help them escape, which the no voters won’t take kindly to.
  • One can use a second third party to anonymize the votes – one party (which could really just be a shaken hat) collects the votes and sends them anonymized to the second party, who reads them and announces the result. This is the best solution I could think of, however I still think I want to do better than this – after all, in a live-in settlement cult, there probably isn’t any trustworthy third party you could find. I’d like to find a solution that uses a third party that isn’t necessarily trusted.
  • However, I do recognize that you need at least something to hold secret information, because if you’re working with an entirely public ledger, then participants could make secret copies of the information and simulate what effect their votes would have, before submitting their actual vote. In particular, if all participants vote yes but the last one has yet to vote, they can simulate a yes vote and find out that everyone else has voted yes, but then themselves vote no – they are now alone in knowing everyone else’s yes votes, which is power that you would not want the remaining no voter to have.

Protect Your VPS With an Electronic Pitbull: Active Firewalls

A firewall is a security tool that blocks network traffic, with many different configuration options.  For example, you could configure your firewall to block all traffic except attempts to connect to port 80 and 443 (for a web server) as well as your ssh port.  This is an example of the best practice of “blocking everything except what is explicitly allowed”. 

However, even with this sort of policy in place, the security gains for a basic firewall are limited.  If you only have a web server and sshd server running, then there is nothing to block because connecting to a different port will fail anyway.  Chiefly the benefit from this kind of simple firewall is to prevent inadvertent opening of ports.  For example, let’s say you install a piece of software that has a dependency that starts up a service you hadn’t intended to run, or perhaps you change configurations an accidentally set MySQL to expose itself on your public IP.  With a basic firewall, traffic to those port will still be blocked so you benefit from this kind of safety net.

Read more to continue…

However, the real power of firewalls becomes evident when we deploy an active firewall that intelligently monitors traffic and blocks traffic to/from specific clients.  For example:

  • If you are running an IMAP service, you have no choice but to have it publicly-facing where it may become a magnet for people trying to brute-force (guess passwords).  If you deploy an active firewall, the firewall software will watch the IMAP logs and after a configured number of failed logins, the client IP trying to connect will be temporarily blocked. 
  • Likewise, you could have someone trying passwords on your ssh ports all day but they’ll be quickly stopped by an active firewall after a few failed logins.
  • Although an active firewall cannot stop a distributed denial of service, it can end some limited denial of service attacks that are coming from a small number of attacking hosts.

Active firewalls are critical when you have less sophisticated users on your system, such as if you’re running a web host or mail server.  While you may conscientiously pick good passwords, use SSH keys, etc., your more naive users might not.   An active firewall helps protect you by eliminating brute-forcing.

Installing CSF

There are number of different products but one of the best known is ConfigServer Firewall.

To set it up, first install some required perl modules.  On Debian-based systems:

apt-get install libwww-perl liblwp-protocol-https-perl libgd-graph-perl

On CentOS-based systems:

yum install perl-libwww-perl.noarch perl-LWP-Protocol-https.noarch perl-GDGraph

If you’re running CentOS, that distro’s native firewall (firewalld) comes pre-enabled.  You’ll want to disable it before setting up CSF:

systemctl stop firewalld
systemctl disable firewalld

Now download and extract the tarball:

cd /usr/src
wget https://download.configserver.com/csf.tgz 
tar xzf csf.tgz
cd csf
sh install.sh

Next make sure you have all the required kernel modules:

# perl /usr/local/csf/bin/csftest.pl 
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK
RESULT: csf should function on this server

In this case, all required kernel modules were present.  On your VPS you might see an error or missing module but as long as you see the result that “csf should function on this server,” you’re good to go.

Configuring CSF

CSF starts in “TESTING” mode.  This is so you do not accidentally lock yourself out. 

Take a look at /etc/csf/csf.conf.  You probably want to adjust the following:

  • TCP_IN has a list of ports you allow.  Remove any services you’re not using.  For example, if you’re not running an FTP server, you can remove ports 20 and 21.  If you’ve changed your SSH port, make sure it is in this list and remove port 22.
  • TCP_OUT should match TCP_IN
  • You can probably pare down UDP_IN and UDP_OUT, perhaps just to port 53 (DNS)
  • If you’re not using IPv6, set IPV6 to 0.  Otherwise, adjust TCP6_IN, TCP6_OUT, UDP6_IN, and UDP6_OUT to match the ipv4 versions.
  • You will be mailed for each blocked IP.  You can modify the templates in /etc/csf/alerts to set an appropriate To: address, or you can set LF_ALERT_TO to one master email address.

There are many, many more ways to customize CSF.  You should take a look through the documentation on configserver.com to see the plethora of CSF capabilities.

Starting CSF

By default, CSF is in TESTING mode.  Before you start it for real, it’s handy to pre-set a time to turn it off.  You could use a crontab entry like this:

*/10 * * * *   systemctl stop lfd ; systemctl stop csf

Don’t forget to remove this crontab entry when you are ready to use CSF for real!

This will disable CSF entirely every 10 minutes on the 10s (so 1:00, 1:10, etc.)  You can then fire up CSF with the knowledge that if you lock yourself out, you will have to wait a maximum of 10 minutes to get back in.  Alternatively, you can login from your VPS provider’s console.

When you’re ready to go, modify /etc/csf/csf.conf and set TESTING to 0.  Then:

systemctl restart csf
systemctl restart lfd

Testing CSF

Here’s a test of CSF so you can see how it works.  I’ve replaced the IP of the server with ‘s.s.s.s’ and the IP of the client with ‘c.c.c.c’.

I ssh’d with a bogus user to the VPS:

$ ssh nonexistant@s.s.s.s
nonexistant@s.s.s.s's password:
$ ssh nonexistant@s.s.s.s
nonexistant@s.s.s.s's password:
$ ssh nonexistant@s.s.s.s
nonexistant@s.s.s.s's password:
$ ssh nonexistant@s.s.s.s
nonexistant@s.s.s.s's password:
$ ssh nonexistant@s.s.s.s
nonexistant@s.s.s.s's password:

CSF (specifically the lfd daemon) detected someone trying to brute-force a login by watching the system logs.  In /var/log/lfd.log this entry appeared:

Apr  7 16:31:23 debian10 lfd(6780): (sshd) Failed SSH login from c.c.c.c (US/United States/some.example.com): 5 in the last 3600 secs - *Blocked in csf* (LF_SSHD)

CSF then created a firewall rule to block the IP.  It also made a notation in /etc/csf/csf.deny (so that if the system restarts, the firewall rule is recreated):

c.c.c.c # lfd: (sshd) Failed SSH login from c.c.c.c (US/United States/some.example.com): 5 in the last 3600 secs - Tue Apr  7 16:31:23 2020

Everything after the # is a comment so you know why this IP was blocked.  CSF also looks up the location of the IP address (this is not 100% perfect) and notes it.

Behind the scenes, CSF is manipulating the kernel’s firewall rules to create blocks.  You can see the entire CSF ruleset at any time by issuing this command:

csf -l

You may also see them in dmesg and /var/log/messages, depending on your syslog config.

If you configured an email address as mentioned above, you’ll get an email like this one:

Time:     Tue Apr  7 16:31:23 2020 -0700
IP:       s.s.s.s (US/United States/some.example.com)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked:  Permanent Block (LF_SSHD)
Log entries:
Apr  7 16:31:07 debian10 sshd(6722): Invalid user nonexistant from c.c.c.c port 42858
Apr  7 16:31:08 debian10 sshd(6722): pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c.c.c.c
Apr  7 16:31:10 debian10 sshd(6722): Failed password for invalid user nonexistant from c.c.c.c port 42858 ssh2
Apr  7 16:31:13 debian10 sshd(6722): Failed password for invalid user nonexistant from c.c.c.c port 42858 ssh2
Apr  7 16:31:18 debian10 sshd(6722): Failed password for invalid user nonexistant from c.c.c.c port 42858 ssh2

After receiving this email I tried sshing from the same client:

$ ssh nonexistant@s.s.s.s

…and there was an infinite pause.  Here I am blocked not just from SSH but at the IP level, so nothing from my client would be able to connect to this server (web, FTP, etc.)

To enable the product, issue these commands:

systemctl enable csf
systemctl enable lfd

Again, if you’ve put any kind of temporary disabling command in cron during testing, be sure to remove it before relying on the firewall.

An active firewall like CSF is a wonderful security tool but as always, security is the inverse of convenience.  There are two headaches that are common: a flood of block notifications and accidental blocks.

Reducing Block Notifications

At first, you may be surprised at how many emails you get about blocked IPs.  Welcome to the reality of the public Internet!  Previously you were in blissful ignorance – now you can see how many attempts to attack your box are routine every day.

If you’re running a web host, then there are many ports that you are kind of stuck with because users expect FTP on port 20/21, email on 25/587, etc.  However, you might consider changing your SSH port.

This advice is mildly controversial because changing your SSH port does not prevent someone from finding it and trying to login on that port.  However, it will radically cut down how many automated attacks you get.  Many attackers will mass-scan IPs and hone in on those that answer on port 22.  If your system doesn’t respond on port 22, they will move on to another host. 

Some sysadmins take the point of view that once they’ve secured the box by allowing logins only via ssh key and disabling root logins, there is little to fear from script kiddies wasting their time banging on the SSH port.  While this is true, the numerous emails you’ll receive daily are tedious and may drown out alerts you truly do want to review.

You can change sshd to run on any port, but ideally an unused high port (above 1024).

For example, let’s say you wanted to use port 32222.  To do this, modify /etc/ssh/sshd_config:

# Port 22
Port 32222

In this case, we’ve commented out the default and added our port. 

Next, be sure to update TCP_IN and TCP6_IN in /etc/csf/csf.conf to both remove port 22 and add your custom port.

Then restart sshd:

systemctl restart sshd

Your ssh command from your client will now look something like this if your account is ‘joe’:

ssh -p 32222 -i my_ssh_key joe@myvps.example.com

Handling Mistaken Blocks

When CSF blocks a client IP, it adds a firewall rule and also writes it to/etc/csf/csf.deny.  If a client is accidentally are blocked by CSF, you can immediately unblock them with this CSF command (here I’m using ‘c.c.c.c’ again for the client’s IP).  This will both remove the kernel’s firewall rule and clear it from /etc/csf/csf.deny:

# csf --denyrm c.c.c.c
Removing rule...
DROP  all opt -- in !lo out *  c.c.c.c  -> 0.0.0.0/0 
LOGDROPOUT  all opt -- in * out !lo  0.0.0.0/0  -> c.c.c.c

You can also whitelist any IP by adding it to /etc/csf/csf.allow.  Note that CSF whitelists the IP you’re connected from when you first set the product up.  You’ll see an entry like this in /etc/csf/csf.allow:

c.c.c.c # csf SSH installation/upgrade IP address - Tue Apr  7 22:56:37 2020

Consider whitelisting your home IP and/or any VPN IPs you use to connect.

raindog308

I’m Andrew, techno polymath and long-time LowEndTalk community Moderator. My technical interests include all things Unix, perl, python, shell scripting, and relational database systems. I enjoy writing technical articles here on LowEndBox to help people get more out of their VPSes.

Suggest a name for electronic store

Well, how about CloudTronics, or something a bit less explicit and more marketable, like:
Wired In
Zappers
PlugPoint
Sockets
Tapped in
TouchPoints
QuarkFinger
DigiTalk
Futechs

Something that sort of describes the contents of the store, but is also short and catchy and memorable, like CompuServe, Babbages, Elbo (short ofr Electronics Boutique), something like that. Hope that helps a bit

 

electronic items – What type of power outlets should I expect in hotels in Sao Paulo and Rio de Janeiro?

On 2009 the brazilian governament created a new standard that’s different from all other countries in the world:

why did they do it?

This image shows the brazillian standard at the bottom and the number of countries (países, in red) that use each other standard.

That said, it is still very common to find the american standard (second one) and mainly the “universal” plug (last one). Actually the most common is to find a plug using the universal without the ground port, so you’d need an adapter anyway.

Post 2009 buildings are required to use the new standard, while older buildings were not required to change existing plugs, so it doesn’t depend on where you go (São Paulo/Rio or the rest), but when the hotel was created/renovated.

That is such a hassle that every hotel must be prepared to have adapters for their guests, I wouldn’t worry if I my things use the american standard, but I guess I would buy one adapter to the american or universal or brazilian standard if using the other standards.

electronic items – How can I get a 220 V European plug into a 220 V wall outlet in Taiwan?

I have to help someone plug a European built electronic device into a 220 volt wall outlet in Taiwan. Right now they have a cord with a two round pin type-C plug.

We’re in northern Taiwan, Hsinchu and Taipei are both easily accessible. Is there any chance that there is a “weird plug store” in northern Taiwan, or some other way we can do this without cutting cables or using an ugly series of adapters? Something that is safe and safety people won’t frown upon? I’ve combed local 3C stores and can’t find anything reasonable.

FYI, Taiwan plugs and codes generally look similar if not identical to those in the US.

3C an abbreviation often used in Taiwan for “computer, communication, and consumer electronics”

Enter image description here enter image description here

Enter image description here enter image description here

electronic items – How to get a 220V European plug into a 220 V wall outlet in Taiwan?

I have to help someone plug a European built electronic device into a 220 Volt wall outlet in Taiwan. Right now they have a cord with a 2 round pin type-C plug.

We’re in northern Taiwan, Hsinchu and Taipei are both easily accessible. Is there any chance that there is a “weird plug store” in northern Taiwan, or some other way we can do this without cutting cables or using an ugly series of adapters? Something that is safe and safety people won’t frown upon? I’ve combed local 3C stores and can’t find anything reasonable.

fyi Taiwan plugs and codes generally look similar if not identical to those in the US.

3C an abbreviation often used in Taiwan for “computer, communication, and consumer electronics”

enter image description here enter image description here

enter image description here enter image description here

dslr: what equipment is suitable for close-up photos of electronic circuits?

I want to start a YouTube channel to explain the electronics and circuits, ideally with quality as in this video. I've watched over 50 videos on YouTube and tried to understand their settings, but couldn't find the details I need.

I have a budget of around $ 600-700 (in the United States), and the main thing I need is:

  • The wiring must be very clear.
  • The part numbers written on the tabs are important
  • The lighting should be of the same quality as in the video above, and not dull.

What kind of equipment would you need to accomplish this, and should you spend money on cameras, lenses, lighting equipment, or something else?

Content versus electronic commerce

I'm at a kind of crossroads. I currently operate 4 online stores that sell a range of products that I must obtain, pack and ship from the UK to the USA. USA It's slow, expensive to run, and apparently I never get a break from email and customers who want to know where their stuff is.

I also have some content sites running AdSense, Chitika, or a combination of both. I make enough money to pay my salary just from the content.

I am very upset with the execution of e-commerce …

Content versus electronic commerce