Jason Pearce – relatively irrelevant

Use PowerShell’s Invoke-WebRequest to report if a website is up or down

If Internet Control Message Protocol (ICMP) — a protocol used to communicate problems with data transmission — is disabled, PowerShell’s Invoke-WebRequest can be a helpful alternative to use to monitor of a website is up or down.

# What website would you like to check if it is up or down?
$website = "https://example.com/"
 
# How many seconds do you wish to pause between attempts?
$seconds = 3
 
# Loop indefinitely
while($true) {
 
    # Clear previous result
    $response = $null
 
    # Send an HTTP request to a website and store the response object in $response
    try {
        $response = Invoke-WebRequest -Uri $website #-ErrorAction SilentlyContinue -UseBasicParsing -DisableKeepAlive
    } catch {
        $response = $null
    }
 
    # If the HTTP status code is 200 (OK), write "OK" to the console with a green background
    if($response.StatusCode -eq 200) {
        Write-Host (Get-Date).ToString() "Okay" -BackgroundColor Green
    } 
 
    # If the HTTP status code is not 200 (OK), write "Fail" to the console with a red background and play a sound
    else {
        Write-Host (Get-Date).ToString() "Failed" -BackgroundColor Red
        [System.Console]::Beep(200,1500)
    }
 
    # Wait for X seconds (defined above) before sending another request
    Start-Sleep -Seconds $seconds
}

Booe North Carolina genealogy books

My grandmother Sarah Alexander Pearce enjoyed genealogy. She most enjoyed researching the Booe surname (mostly from North Carolina), and created four books on the Booe surname.

They feature her ancestors:

Naomi Booe (b: 1 Dec 1889, m: 25 Jun 1917, d: 14 Sep 1965)
James Cheshire Booe (b: 9 Sep 1859, m: 2 Mar 1887, d: 29 Jun 1934)
John Calhoun Booe (b: 4 May 1824, m: 5 Dec 1858, d: 5 Sep 1903)
John Booe (b: 19 Aug 1790, m: 15 Jan 1814, d: 27 Aug 1838)
George Booe II (b: 1775, d: 1838)
Jacob Booe Sr (b: 1741, m: 1769, d: 1815)
Stoffel Christopher Booe (b: 6 May 1712, d: 1783)

Booe Genealogy Book Red Binding

Booe Genealogy Book Blue Binding

Booe Genealogy Book III

Booe Genealogy Book: Booe Who

Chinanethost.org Domain Registration Scam

This scam is so old I forgot about it. Goes back to at least 2010.

Basically, the scammer says they run a domain name registrar and noticed someone trying to buy .cn, .net.cn, .org.cn, and other variations of a domain name you already own.

At first, they imply that they want confirmation from you to block the sale of similar domain names. In reality, they want you to block the sale by buying the domains from them yourself.

Don’t fall for it. Very few can afford to by every top level domain variation of their domain name. Learn more about this scam here and here.

This is the version of the scam I received in 2022 July:

Subject: exampledomain
From: [email protected]
(It’s very urgent, therefore we kindly ask you to forward this email to your CEO. If you believe this has been sent to you in error, please ignore it. Thanks)
Dear CEO,
This is a formal email. We are the Domain Registration Service company in Shanghai, China. Here I have something to confirm with you. On July 7, 2022, we received an application from Hongmei Ltd requested “exampledomain” as their internet keyword and China (CN) domain names (exampledomain.cn, exampledomain.com.cn, exampledomain.net.cn, exampledomain.org.cn). But after checking it, we find this name conflict with your company name or trademark. In order to deal with this matter better, it’s necessary to send email to you and confirm whether this company is your distributor in China?
Best Regards
Robert Liu | Service & Operations Manager
China Registry (Head Office)
Tel: +86-2161918696
Fax: +86-2161918697
Mob: +86-13816428671
6012, Xingdi Building, No. 1698 Yishan Road, Shanghai 201103, China
This email contains privileged and confidential information intended for the addressee only. If you are not the intended recipient, please destroy this email and inform the sender immediately. We appreciate you respecting the confidentiality of this information by not disclosing or using the information in this email.

If you want to setup mail filtering rules to block this particular scammer, here’s some email header information:

domain of chinanethost.org designates 205.185.118.41 as permitted sender
client-ip=205.185.118.41
[email protected]
helo=mx.chinanethost.org;
[email protected];
header.from=chinanethost.org;
dkim=pass [email protected];
spf=pass (domain of chinanethost.org designates 205.185.118.41 as permitted sender)
[email protected];
dmarc=pass header.from=robert@chinanethost.org (p=none dis=none)
Received: from mx.chinanethost.org (mx.chinanethost.org [205.185.118.41])
Return-Path: robert@chinanethost.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=chinanethost; d=chinanethost.org; h=Date:From:To:Subject:Mime-Version:Message-ID:Content-Type; [email protected];

As you can see, this particular scammer is using valid SPF, DKIM, and DMARC records.

Keyboard Shortcuts for InPrivate, Incognito, and Private browsers on Windows

Most browsers have a mode you may use that will not remember your history or cookies when closed. For a Windows machine, these are their keyboard shortcuts.

Ctrl + Shift + N for a Microsoft Edge InPrivate browser
Ctrl + Shift + N for a Google Chrome Incognito browser
Ctrl + Shift + P for a Mozilla Firefox Private browser
Ctrl + Shift + N for a Brave Private browser
Ctrl + Shift + N for an Opera Private browser

How to Disable Ads on the Roku Home Screen

If you own a Roku streaming media player or Roku TV and want to disable the advertisements that occupy one-third of the Home screen, you will discover that Roku does not provide you a way to opt out.

According to How-To Geek, Roku makes more money from ads than it does selling hardware ($740 million in ad revenue in 2019).

Don’t be deterred. If you are technically savvy and motivated, this article documents how to engineer an ad-free Roku home screen — like this one.

A summary of what needs to be done (overview)

There is more than one way to remove Roku ads. If you are a talented technical engineer, this is what you are trying to accomplish.

Prevent your Roku from reaching a list of domains (see below)
Provide your Roku a fixed/static IP address
Prevent your Roku from using DNS port 53 for LAN to WAN queries

Settings within the Roku (easy)

Most of the steps that you will take to remove ads resides outside of the Roku. If you simply want a little more privacy and fewer customized ads, at least perform these easy steps on your Roku.

Roku Features to Disable:

Roku TV > Settings > Privacy > Advertising > Limit ad tracking (enabled)
Roku TV > Settings > Privacy > Advertising > Reset advertising identifier (do this often)
Roku TV > Settings > Privacy > Smart TV experience > Use info from TV inputs (not selected)
Roku TV > Settings > Privacy > Smart TV experience > Enable auto notification (not selected)
Roku TV > Settings > Home Screen > Featured Free > Hide
Roku TV > Settings > Home Screen > Movie Store and TV Store > Hide
Roku TV > Settings > Home Screen > My Offers > Hide

Block these domains (medium)

Using some network capturing tools, I logged about fifty unique IP addresses the Roku attempts to access within the first two minutes of it powering on. Blocking them all would result in a loss of functionality. Instead, you want to prevent the Roku from accessing just the following domains (LAN to WAN traffic).

ads.roku.com
amarillo.logs.roku.com
amoeba-plus.web.roku.com
austin.logs.roku.com
bryan.logs.roku.com
camden.logs.roku.com
cloudservices.roku.com
cooper.logs.roku.com
customer-feedbacks.web.roku.com
digdug-g2.logs.roku.com
digdug.logs.roku.com
display.ravm.tv
esp.logs.roku.com
giga.logs.roku.com
gilbert.logs.roku.com
griffin.logs.roku.com
hereford.logs.roku.com
i.ads.roku.com
identity-dev.ads.roku.com
identity.ads.roku.com
lagrange.logs.roku.com
liberty.logs.roku.com
littlefield.logs.roku.com
logs.roku.com
longview.logs.roku.com
midland.logs.roku.com
mobile.logs.roku.com
p.ads.roku.com
paolo.logs.roku.com
raps-perf.ravm.tv
raps.ravm.tv
ravm.tv
richmond.logs.roku.com
rollingwood.logs.roku.com
rxr.ravm.tv
samples.voice.cti.roku.com
scribe.logs.roku.com
sugarland.logs.roku.com
traces.sr.roku.com
track.sr.roku.com
tyler.logs.roku.com
victoria.logs.roku.com
windsor.logs.roku.com
wwwimg.roku.com

Perhaps the easiest way to do this is to use either NextDNS.io or a Raspberry Pi Pi-Hole as your DNS provider, and subscribe to the Lightswitch05 Ads & Tracking block list. All of the domains above, except for amoeba-plus.web.roku.com and wwwimg.roku.com (in bold) were already included in Lightswitch05’s block list at the time of writing.

I accomplished DNS filtering by installing ASUSwrt-Merlin on my home router. I then configured my router to use NextDNS.io as the router’s DNS-over-TLS / DNS-over-HTTPS source. Using NextDNS.io at the router level will help you block ads for all devices on your home network, not just your Roku.

Here’s how I configured my home router to use NextDNS.io.

And how I configured NextDNS.io to filter out most Roku ads and tracking.

NextDNS.io > Privacy > Blocklists > Add > Lightswitch05 Ads & Tracking
NextDNS.io > Privacy > Native Tracking Protection > Add > Roku
NextDNS.io > Denylist > Add > amoeba-plus.web.roku.com (missing from Lightswitch05)
NextDNS.io > Denylist > Add > wwwimg.roku.com (missing from Lightswitch05)

Optionally, if you prefer to roll your own DNS filtering solution, build a Pi-Hole or install Diversion via AMTM on your ASUSwrt-Merlin router.

Once you have a DNS filtering solution in place and have configured your home router to use it, all devices on your network should (by default) have their DNS traffic filtered. Except for the Roku, of course, which has hard coded its own public DNS source for some of its queries.

Provide your Roku a static/fixed IP address (medium)

To perform the last step, which involves creating firewall rules, you need to first provide your Roku a static IP address. I accomplish this by letting DHCP provide the Roku a dynamic IP address, and then configure my router to always reserve that IP for the Roku.

ASUSwrt-Merlin > LAN > DHCP Server > Manually Assigned IP

Firewall LAN to WAN Port 53 (hard)

DNS queries traditionally use Port 53 via TCP or UDP. You want to force your Roku to always use your router (and thus NextDNS or Pi-Hole) for all of its DNS queries.

In order to prevent your Roku from quering Google’s public DNS servers at 8.8.8.8 and 8.8.4.4 directly, you’ll need to configure a network firewall to block LAN to WAN traffic over Port 53 (TCP and UDP).

How to do this differs for each router. Here’s how I did it using ASUSwrt-Merlin.

ASUSwrt-Merlin > Firewall > Network Services Filter > Enable
ASUSwrt-Merlin > Firewall > Network Services Filter Table > add these two entries
Entry 1 > Source IP (the static LAN IP address of your Roku), Destination Port Range 53, Protocol TCP
Entry 2 > Source IP (the static LAN IP address of your Roku), Destination Port Range 53, Protocol UDP

That should do it. Reboot your router to clear your DNS cache then reboot your Roku. Hopefully you will be rewarded with an ad-free Roku.

Closing

Removing Roku ads will take some work. And for some of these steps, like installing ASUSwrt-Merlin or a Pi-Hole, take some effort and require specific hardware you might not yet own. There are likely other ways to perform these steps on your own hardware — but I leave that to you. You know what needs to be done, and now just have to figure out how to do so if you want an ad-free Roku.