WirelessPhreak.com

I like to travel, f*ck with technology, and partake in the occasional tropical drink.
I am also a co-host on The NBD Show podcast.
Follow Me
I was introduced to at Trader Sams at the old Disneyland Hotel. It's called the Piranha Pool and when you see it you'll understand why it's called that.


Blend the following
8oz of Pina Coloda mix
3oz of coconut rum
1oz of blue caraco

In a hurricane glass 
Pour 2oz strawberry pureé in the bottom
Pour the blended mixture into the glass

The strawberry should spread out like a bloody piranha attack in a glass.





Kauai is my most favorite place on the planet. Below is a quick guide I have created to send off to my friends when they ask me where to go and what to do. The feedback I have gotten is great so I wanted to share it with everyone.

This is not the end-all-be-all tourist guide to Kauai, these are just a few of the things I like to do everytime I go back.

For the first timers there is a great audio tour iPhone app I found Kauai GPS Tour Guide it gives you facts as your driving around about historic and interesting locations. The second app Kauai Beach Guide has a lot of useful info about the beaches as well as real time surf reports. If you are not familiar with the local ocean and beaches this app could really be helpful, and keep you safe.

Food:
You'll find out that every meal you eat on the island is $25+ so we tried to limit when we ate out-- that being said there are some things you have to try.
  • Pono Market 4-1300 Kuhio Hwy, Kapaa, HI 96746. This is the local hole in the wall market that servers super fresh poke and delicious fried chicken; its a great place to pick up food for a picnic.
  • Foodland in Kapaa also has an awesome deli with a lot of traditional Hawaiian food, their prices also seemed to be cheaper than Safeway. 
  • Dukes in Lihue is a little touristy but still a must go at least once. Their food is on the pricey side but the atmosphere is awesome and I think they have a happy hour. You have to try the Hula Pie for dessert it is huge and awesome. 
  • The ultimate locals food joint we found in Lihue is called Mark's Place. It is in the middle of a residential area and a total local hang out, but I got a Korean beef, sesame chicken, with a salad, rice and chowmein plate for 7 bucks. You have to go here and it's not to far from Poipu. 1610 Haleukana St, Ste A, Lihue, HI 96766
  • There are tons of local open air markets to get fresh fruit. That's what we did for breakfast most days.
  • Lastly we stopped off and had some killer fish tacos (warning the were huge) on the way to Polihale beach at a place called Island tacos. They where done differently than most fish tacos --not fried and it was a nice change. 9643 Kaumualii Hwy, Waimea, HI 96796

Sites:
You have to see the basics if it is your first time to kauai so here they go.
  • Waimea canyon it's like the Grand Canyon of the pacific very cool. Beautiful misty vistas and awesome red dirt.
  • Spouting horn just up the road from Lihue, near Poipu, is a cool under water cave that shoots up water.  If you go in the evening you can watch the sunset from the Kukuiula boat harbor...you'll pass it on the way to Spouting Horn it's beautiful and there are not a lot of people.
  • The Opaekaa Falls are just up the mountain from Kapaa and is one of the rainiest places on earth. 
  • Across from the waterfalls is a nice side visit to the ancient Kamokila Hawaiian Village Kuamoo Road, Kapaa. Very friendly and knowledgeable guides, I learned a lot.
  • Smith Family Luau is a pretty affordable show I think you can do it with or with out dinner to save a couple bucks. 
  • Also in Kapaa is the Coco Palms Resort, this was the place to be in the 60’s and 70’s. Elvis Presley filmed Blue Hawaii there and the gardens are still open for tours. Unfortunately it was decimated my hurricane Iniki and has been closed since 1992. 
  • Haneli is my second favorite town on Kauai it's small quit and they have a cool pier that shoots into the bay. It was great place to watch people learn to surf or just take in the beautiful surroundings. You can also rent kayaks in town and launch them at Haneli beach. The rental companies strap them to your rental car and send you on your way. It's only15 bucks for the day and it is a lot cheaper then renting them waterside. You can kayak up the slow moving river through the valley it's very scenic.
  • Past Haneli is where the trail starts for the North Shore. Because the roads don't go completely around the island this is the only way to see parts of the North Shore unless you take a boat. 
  • Kealia Lighthouse is a bird sanctuary and from November to May Humpbacks breed and give birth on the East side of the island.  Last time we where there, about 50 humpback whales were jumping and playing off the tip of the point - it was awesome.
  • Bike rentals in Kapaa are fun and there are plenty of places to ride them. They built a bike trail that runs from Kapaa north past Kelia beach along the ocean really nice ride and very affordable.

Beaches:

  • Poipu has some great swimming beaches, but it is pretty touristy.
  • Anini beach and past Anini beach is a cool place to snorkel especially if the more northern beaches are blown out. We saw a turtle here while snorkeling.
  • Ultimate snorkel beach is probably Ke'e it is super scenic, but last time we were here it was blown out big time. Also word of advice when you head up north past Haneli get an early start. It gets crazy and there is minimal parking. 
  • We also liked Lydgate state park, but not the Lydgate beach itself. You can head down to the camp ground and that beach runs for ever. We probably had a mile of beach to ourselves.
  • If you want a beach where maybe you can't swim but want your space, Polihale is it. It is literally where the road ends and takes a drive on a bumpy dirt road but it's well worth it. You need to get your money out of that rental car, and going to this beach you will. The views are amazing and the beach is empty. Go for an afternoon and stay for sunset.

Other Fun Things to Do:
  • You can take a chartered catamaran to the Napali Coast to snorkel and take in the beauty. The North Coast of Kauai is the backdrop for many famous movies.  The Captain will point them out as you pass them.
  • If you're a movie buff, there are couple tours that will satisfy your geekiness. The ATV tour on the private Kipu Ranch will stop off at the site they filmed the Indiana Jones and the Temple of Doom opening river scene. You can take horseback riding tours and there are also a couple van tours but I have not taken them.
  • There are always Helicopter tours...they are pricey but you get to see the island form a unique perspective.
  • Hawaii has the unique climate that lends it self to growing coffee.  Most people associate the city of Kona on the Big Island with coffee, but Kauai has it own coffee plantation.  Koloa Estates is the largest coffee farm in the United States.  They offer free tours a huge gift shop and all the coffee tasting you can stand.

Since Google's announcement that SSL affects your page ranking encrypting your blog has become even more important. This post goes through the steps for securing your google blog using SSL and CloudFlare, These steps can be applied to other sites and services, but I use Google's Blogger platform because its easy,  That being said the Blogger platform does limit your ability to perform lower level modification like securing your site using SSL and I will go over a few issues I ran into.

After playing around with CloudFlare for a couple weeks it's obvious their primary focus is caching and DDOS prevention, but they offer much more. CloudFlare's free offering is very robust and gives you a lot to experiment with. I used it to front my entire blog since my requirements were very minimal.

So what you need to get started:
  • Your own domain
  • Set up your blogger page to use the custom domain. They have really good directions that walk you through the process.
  • Create a free CloudFlare account.
  • Import your DNS
  • Login into your DNS hosting company and change the DNS servers to the servers CloudFlare has identified
  • Then wait up to 24hr mine was pretty instantaneous since the TTLs were set pretty low.
  • Your site is now on CloudFlare  
Now for the fun tweaks: 

  Felixiable SSL was on by default.  This is the setting you will need for your Blogger or Wordpress sites since those services do not allow you to implement your own SSL. Basically CloudFlare sets up SSL offload using a SAN certificate that includes your domain. Once CloudFlare decrypts the traffic it is sent to your site non encrypted.  This is an awesome service but it did cause me some issues, and at least with blogger it will pose some ongoing issues.

  • The first issue I experienced was intermittent interruption with the CloudFlare SSL service. I opened a ticket with them and they identified the template I was using was calling insecure pages.  There systems identified this and would temporarily disable Flexible SSL.  They pointed out the offending files and I was able to modify the template I was using to fix the issue.  The CloudFlare tech also pointed me to a useful article outlining how to enable SSL for a Wordpress site, here is the article https://support.cloudflare.com/hc/requests/558717
  •  The second issue is related to the first but was not actually causing any service interruptions. As you have probably seen the lock for my site is not green or has an "!" next to it.  This is because the images that where originally used in my blog were absolute http links.  This forces the browser who knows it has a secure connection to my website, to display non secure content, images that are not hosted on Google and are not SSL. This causes the mixed content error in the browser. I will be working on cleaning this up moving forward. 

Page Rules 
was one of the more exciting and powerful surprises offered by CloudFlare. They allow 3 page rules with your free account.  I work with load balancers everyday and this single page of rules really ads flexibility that companies pay a lot of money for. So for my SSL rule I wanted my page to always be redirected to SSL so I created one page rule "http://*.wirelessphreak.com/* HTTPS always redirect" that forces all traffic to my site over SSL. It worked great and was super easy to set up.

The last pleasant surprise was the analytics. I have google analytics and it has become the defacto standard on the internet.  But what CloudFlare bring in addition to google analytics is their breakdown of not only unique visitors but the ratio of cached content and served content. It also does a nice job of showing you what percentage of your traffic served was encrypted and not encrypted.

All and All it seems to be a cool service. I and I look forward to playing with it some more.





Mr. Robot, a show on the USA network is one of the most accurate representations of technology I have seen on TV. Hollywood has always dumbed down computers, coding or even technology in general, but Mr. Robot is changing the game.  Lets be real almost everyone in modern society is on a computer, smartphone or at the very least using credit cards. Much of the workforce use computers daily...Mr. Robot should scare the crap out of all of us.

The show's technological accuracy is extraordinary. The tools and techniques are hyper-accurate, and their use of social engineering really exposes what's going on in todays world. Sure the show feeds into some Hacker stereotypes with the socially inept black hoodie wearing main character, but it probably helps sell it to the masses.

Beyond the technology the acting, writing, and production stands on its own as one of the best psycho thrillers I have seen on TV. You are the imaginary friend made up by Elliot the lead character.  This immerses you into his world, and with House of Cards level inner monologue, you become an active part of his life. His paranoia becomes your paranoia as you are looking for clues or hints of whats going to happen next.

What should happen next? Everyone should watch this show. Mr. Robot shines a light onto real life events set in a fictional world. Evil Corp, fsociety these are fictional representation of companies and groups that are in our headlines every week. The genius of this show is its position to not only create this fictional world but draw on real life events as they happen, and I can't wait to see what happens next.

Links to other articles about the show:





For some reason I thought to myself it would be cool to have an emoji URL for my site. So I searched the web to see if anyone had done it before and, sure enough, an app developer named Panic registered 💩.la in 2011. After that, emoji URLs never really picked up steam.  There were a few tutorials - none of which worked. Then on February 23rd The Washington Post wrote an article about Coke's ad campaign in Puerto Rico using Emoji URLs. In response to The Washington Post article Kaleigh Rogers at Motherborad wrote a post outlining the brief history of  emoji URLs and how to register one.  The only thing she left out was which registrars allowed non latin character URLs.  I tested Go Daddy and Hover neither of which would allow me to register my fancy new emoji URL.  Finally after searching the web I found a legit Domain Registrar that would allow the unicode URL: name.com.  There may be others but name.com was painless and simple.  Finding the Domain Registrar was the most difficult part of the process.

My Fancy new Emoji URL

Here are the steps to getting your own Emoji URL, surprisingly there are a few still out there:
  1. Go to punycoder.com and generate the unicode that you are going to register.
    • The Unicode will be translated by the browser and present the emoji if your device and browser support it.
    2.  Go to Name.com and search for the unicode string, example "xn--bw8h.tk" and register it.

Done!

With HTML5 and other modern web technologies IE has not aged gracefully. If your client base is an enterprise many times clients are locked into an older version of IE, and aren't allowed to install an auto-updating browser like Chrome or Firefox.

This iRule is strait forward, I am redirecting clients accessing a website using an older versions of IE to a browser friendly version. This is done by evaluating the HTTP request and identifying the browsers user-agent string. As part of the redirect the F5 presents a web page that informs the users their browser is unsupported instead of blindly redirecting them. It will auto redirect after a pre determined count down, this example is set for 15 seconds.

Disclaimer Microsoft does not make this easy, Compatibility modes and Document modes in IE can send a different user-agent string.  For example IE 11 users running in Compatibility mode may still be redirected because their browser sends an MSIE 7.0 user-agent string. I am sure your could right variables that would check for compatibility in the user agent string, but iI chose not to.

Here is the iRule:

when RULE_INIT {
    set static::refresh_time 15
set static::notification_page {
        <html lang=\"en_US\">
<head><title>System Notification</title>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=us-ascii\">
<meta http-equiv=\"CACHE-CONTROL\" content=\"NO-CACHE\">
<meta http-equiv=\"PRAGMA\" content=\"NO-CACHE\">
<meta http-equiv=\"refresh\" content=\"15;URL=http://myspace.com">
</head>
<body>
<h1>System Notification</h1>
<hr>
<p>You are using an unsupported browser and will be redirected to Myspace.com</p>
<p>Wait $static::refresh_time seconds to continue, or click <a href=\"http://myspace.com\">here to continue.</a></p>
</body>
</html>
}
}
when HTTP_REQUEST {
 switch -glob [ string tolower [HTTP::header User-Agent]] {
   "*msie 10.0*" -
   "*msie 9.0*" -
   "*msie 8.0*" -
   "*msie 7.0*" -
   "*msie 6.*" {
     HTTP::respond 200 content [subst $static::notification_page] Mime-Type "text/html"
     log local0. "Client  IP:[IP::client_addr]  has been redirected with user agent :[HTTP::header User-Agent]"
   }
   default {
     # go to a default location if nothing matches
   }
 }
}
The iRule below was spawn from a request to block access to specific URIs on a website and only allow access from whitelisted IP networks and hosts. 

In my first attempt I used concatenated OR statements which worked but was less sexy and probably less efficient then the switch I ended up using. 

As for the Data List in this example it's named "AllowedIPDatalist." I created a network data list not because it was efficient, its not, I wanted to make it easier for co workers that didn't feel comfortable editing an iRule a place to enter Networks and Hosts in a format they where used to.

when HTTP_REQUEST {
  switch -glob [string tolower [HTTP::uri]] {
    "*/uri/sample1*" -
    "*/uri/sample2*" -
    "*/uri/sample3*" {
      if { !([matchclass [IP::client_addr] equals AllowedIPDatalist])} {
         reject 
         log local0. "Client IP Discard: \ [IP::client_addr]:[TCP::client_port] -> [IP::local_addr]:[TCP::local_port]"
      }
    }  
  }
}

EtherPEG/Driftnet works by capturing unencrypted TCP packets from your local network, collecting packets into groups based on TCP connection (determined from source IP address, destination IP address, source TCP port and destination TCP port), reassembling those packets into order based on TCP sequence number, and then scanning the resulting data for byte sequences that suggest the presence of JPEG or GIF data. EtherPEG/Driftnet works with any TCP/IP network, including ethernet and wireless networks, as long as the data is not encrypted. If the data is encrypted using TLS or IPSec Driftnet will not be able to resemble the packets.

The Driftnet software is very strait forward and easy to install, it does get a little tricky to capture traffic if you are on a switched network. One way to capture traffic on a switched LAN is by deploying ARP poisoning, there are different ways to do this but ettercap and it’s GUI is probably the easiest. 

Disclaimer... Do not do this on a network you do not own. There are network monitor systems that can identify computers performing ARP attacks on public networks this could be illegal. You are performing a man in the middle attack and all traffic will traverse your laptop for that network segment.

Now on to installing the tools. Using Ubuntu you can actually go to software install and update, make sure you allow all software sources and search for ettercap. Installing ettercap this way will install the GUI portion automatically, if you use apt-get it may not be in the repository. 

Driftnet is even easier to install either use the software install and update tool or go to terminal window and type sudo apt-get install driftnet. Once everything is installed you are ready to start playing.

in driftnet all you have to do is type this:
sudo driftnet -i <interface>

and ti launch ettercap
sudo ettercap -G
then in the GUI
sniff—>unified sniffing (click ok on your interface and press Ctrl and s at the same time)
Mitm—>arp poisoning—->check sniff remote connection
start—>start sniffing

Thats it just wait for the other people to surf the web and pics will start showing up.


hope you guys like.
You Tube has revolutionized the web, and lucky for us part of that revolution has included the 10 hour YouTube video.  I wanted to pick a couple favorites and luckily was able to narrow the list to just 191 videos.

I understand that not everyone has 239 days (don't worry those are 8 hr work days) to review these videos so I have decided to list my picks from best to worst.

1. Cantina Band - That's right Star Wars is hot right now and how can anyone not want to watch this video. I watched this video at work and some IT guy came by my desk and was like, " what the heck are you doing streaming all this video" when I showed him it was the Star Wars cantina band he was like " cool send me the link".  So I did... https://youtu.be/FWO5Ai_a80M

2. Meow Mix - This video is a classic I mean it's a night club scene there are sick beats and cats, it is the perfect storm Internet video. The drop at 3:11:26 is dope well worth the wait. http://youtu.be/SbyZDq76T74

3. Nyan Cat - It's the internet so I needed to add another cat video so here it is.  This video needs no explanation, come on it's crapping a rainbow. http://youtu.be/wZZ7oFKsKzY

4. Bees In The Trap - Samuel Jackson hits it out of the park with this one. It's kind of like listening to really good jazz, it's just smooth and mellow. Nice to see Samuel took another look at his acting career and made the move to music. He nailed this one. http://youtu.be/dh_7k2O5i7E

Here is a link to the remaining 187 videos http://www.youtube.com/playlist?list=PLE28CAB65DFFB5870


**Update** Nevada is now honoring Arizona Resident and non Resident CCWs.  See Here

I recently participated in my first handgun class and I have to say it was much more informative then I was expecting. It was a 2 day class focused around hand gun laws and practical shooting technique. The first day was classroom course work and the second day was on the range.

For someone like me who has not shot handguns on a regular basis a class in handgun basics is a great idea. Many of us try to mimic what we see on tv and in the movies, or listen to Billy Bob next to us on the range, but at the end of the day we don't really understand the body mechanics of how to shoot. The class I took was relatively short almost a crash course, but I left that class much more proficient with my weapon. To be fair prior to the class I was lucky enough to shoot with a friends brother who was ex military and a weapons trainer. I credit him and  a lot of rounds at the range for solid shooting fundamentals, but remember shooting is academic. You are never to good of a shot and you should always be learning and imporiving.

One last note I took from the class, don't trust gun law you read in forums, hear from a gun store clerk s, or any other non cited source. It is your responsibility to know the laws and interpret them don't trust any other persons interpretations.


Below are some helpful links and documents our instructor provided us in the class.

Here's a link to CA DOJ's PDF "CA Firearms Laws" http://oag.ca.gov/sites/all/files/agweb/pdfs/firearms/pdf/cfl2013.pdf. Get to know the DOJ's website (http://oag.ca.gov/firearms) and don't be afraid to call and speak with a DOJ Agent (916) 263-4887. They have been pretty cool to request info from.

Another great website for every state's laws is http://www.handgunlaw.us/.

A great website to check reciprocity and recognition of your CCW's is http://www.usacarry.com/concealed_carry_permit_reciprocity_maps.html.


Here are couple Shooting Maps that give some suggestions based on your shot grouping. It was the first time I had seen these and the looked pretty neat,

Right Handed Shooters.


Left Handed Shooters





Ingredients: 
4 boneless skinless chicken breasts
1/2 course cut onion
2 cloves peeled and chopped garlic
1 cup mango juice/nector
1/4 cup Sriracha 
1 tablespoon of sesame oil
1 tablespoon of rice wine vinegar
1 tablespoon of soy sauce 
1 teaspoon salt
1 teaspoon 

Prepare the Marinade:
Add the mango juice, Sriracha, sesame oil, vinegar, salt and pepper, to a bowl. Separate half of the marinade for the glaze. In the remainder add the onion and garlic then put it in a ziplock bag with the thawed chicken breast. Let it marinade for an hour or so.

Prepare the Glaze:
With the remainder in the sauce pan heat it over a medium high heat continually stiring until it thickens to a glaze consistency. This will be used to glaze the chicken breasts during the grilling process.

Grill the Chicken:
Get your BBQ nice and hot. Make sure you clean and oil the grill to get those beautiful char marks. Once you slap them on the grill flip them after 10 min. Once they are flipped slap on the glaze after the next 10 min flip them to the glaze side. Because the BBQ is hot you can continue to glaze and flip until the breasts are cooked though. Enjoy!!!