Within the next couple of months, I will be updating my Great Divide Trail gear list page and my Pacific Crest Trail gear list page. Although I won’t be hiking the Pacific Crest Trail in 2018, I’d like to polish the page a bit and make it usable for other hikers. I’m currently in the process of waiting for certain items to arrive and whatnot :).
This week, I’ve bought a lot of stuff. I’ve kind of spent way more than I planned, I guess I got sick of planning and things going wrong so this time I kind of impulse bought some stuff.
ZPacks Sleeping bag and Altaplex tent in the stronger material. I got a load of bags and stuff with them. I haven’t ordered a backpack yet… I’ll probably get the GG Mariposa 60.
Lots of shoes… I bought Sportiva Bushido and Salomon shoes in a bunch of different sizes. I’ll be sending them back and only keeping the pair that fits.
A kestrel titanium knife; it’s 15 grams. Expensive, but I won’t be cooking and it could be pretty useful :).
For clothing, I’m looking at buying a Montbell Storm Cruiser. Everyone talks about the Montbell Torrent Flier but the Storm Cruiser is actually only slightly heavier, it has pit zips and all that fancy stuff. My complaint here is that I’ll pay 20% VAT (Switzerland isn’t in the EU) and I’ll also get a nasty bill for VAT and customs when my zpacks stuff arrives. I’m stretching it a bit thin with my money but I’m confident I can spend a few months in Canada at least.
For a puffer jacket, I was thinking about Montbell but they are awfully expensive. I’m wanting to keep things lightweight to offset my camera equipment.
There’s not that many people who attempt to hike the GDT and there’s really not many gear lists to go off. I was thinking about taking a merino wool jumper and also merino wool tights to go underneath my trousers (pants.)
When I’ve bought everything, I will update my gear list and include what I spent and whatnot. Despite Montbell being a European company, it’s REALLY hard to get their items here. There’s no real equivalent to ZPacks either and it’s a nightmare when the GBP is so low in value. I think us English people just have to suck it up :).
Products from Amazon.com
I originally planned for the PCT and would be bringing a Zeiss Loxia 50mm f/2.0 lens or a Sony Zeiss 55mm f/1.8 lens; therefore, my Lowepro Toploader 45 AW II would work perfectly. Unfortunately, judging from the measurements, the Sony 24-70 f/2.8 GM lens won’t quite fit! I’m probably going to get a Lowepro Toploader 50 AW II as it’s slightly bigger but not too big.
Anyway, after re-reading my camera bag photography reviews (1, 2 and 3), I’ve decided I definitely need to re-write them. I’m awfully lazy when it comes to writing reviews but it makes me look a bit stupid / like a slob, haha. I can’t promise when I will get around to re-writing them as I have hurt my arm and it’s a bit painful to type. I will try sometime in the future.
I’ve also bought another bag since then as well, a Crumpler Muli 7500, which I also highly recommend. When I get the Sony 24-70 f/2.8 GM lens, I will see which bags it fits in and let you know if it works in this too.
Using this blog section of my site, I tend to ramble a bit and there’s a bit of uncertainty with my posts.
I’ve been researching knives for my travels in Canada next year, and travel in general. Buying a huge 1kg knife is obviously a big no-no for travel as it’s unnecessary weight. However, I’ve found a few different companies that sell extremely lightweight knives.
The first one I think is important is something like a Swiss army (I’ve never actually fought off anyone from the Swiss army, do they really run around with these little knives? Stabbing people like ninjas?) style penknife. For that, I’ve found a Victorinox Classic SD but the Victorinox NailClip 580 is also interesting as it can clip nails. I have read various reviews and many criticise the scissor design on the latter.
On a more interesting note, single blade skeleton knives are expensive, hard to find (in Europe at least) but they are incredibly lightweight.
There’s a few companies that sell these. Kestrel knives look particularly good but there’s also a knife called the Genesis 2. It’s available on amazon for people in the USA and it’s worth a look.
The Titanium skeleton EDC Knife by Kestrel Knives is even more expensive, but it weighs 15 grams. In my opinion, the Short Skeleton Ovis Hunter made by Kestrel Knives has a nicer shape, but it’s slightly heavier…
It’s definitely something to consider if you’re looking for an additional knife without carrying too much extra weight.
In my opinion, a knife like this is not just useful for the Great Divide Trail (or the Pacific Crest Trail, Appalachian Trail, Continental Divide Trail, Te Araroa, etc.) but it’s pretty handy for macro photography if you need to cut plants and stuff. I will not be buying these as self defence weapons, so hopefully they won’t get stuck in customs.
One complaint I have of the Samsung Galaxy Note 8 (and all the Samsung Galaxy phones I know of) is that sharing files from a windows machine to the Samsung Galaxy Note 8 phone via SMB is incredibly slow. I suspect it’s because this method doesn’t make the phone exit power save, but I can’t be sure. It’s something I’ve written about before and I’ve only just now thought of an obvious solution.
If you share a folder to a linux machine, you can then connect to that machine. If you don’t have a linux machine, you can either run virtualisation software and install CentOS or Debian (it’s completely free) or buy a Raspberry Pi 3 B (you could technically do it with a Raspberry Pi Zero W as well.)
I’m a bit tired now, but this idea suddenly came to me and I will write about this further tomorrow at the previous page I’ve made. The idea is you can then connect to the intermediary box using the phone, and then browse to the network file share–it’s sort of like accessing a share within a share.
It’s arguably convoluted but it’s also arguably more secure because you can use an SSH key and disable passwords altogether. On the windows machine, you can limit the network share to the IP address of the Raspberry Pi 3 B (or virtual computer) and then the only theoretical way of accessing the file is from an SFTP share.
There’s an incredible amount of trolls/spammers/hackers on the internet and even if your site isn’t that popular, don’t underestimate the amount of bots and whatnot that’re about.
One of the most recent attempts has been from the IPs “22.214.171.124” and “126.96.36.199” (by the way; I would never disclose an IP address of someone whom I believed to be innocent, so if your computer has simply been hacked send me a message and I’ll remove this!) I’m quite often having trouble with IPs in the 185.*.*.* range, and it’s really amusing but also a bit worrisome you might think.
The quickest way I notice suspicious behaviour is when my website receives a lot of hits from a specific IP address. If you’re not too tech savvy, I suggest installing the WP Statistics plugin. You’ll be faced with a list of IPs on the overview page and you’ll see the hits an IP has there:
Rank Hits Flag Country IP Agent Platform Version 1 633 Unknown Unknown 188.8.131.52 MSIE Windows 7.0 2 278 Unknown Unknown 184.108.40.206 MSIE Windows 7.0
Accessing the access log will typically give you a rough idea as to what’s happening, for example they might be using an xmlrpc.php exploit. You can view the log using nano:
Once in the log, search for the IP address and you’ll be faced with the user’s activity:
220.127.116.11 - - [01/Nov/2017:13:53:08 +0000] "POST /xmlrpc.php HTTP/1.0" 200 394 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" 18.104.22.168 - - [01/Nov/2017:13:53:08 +0000] "POST /xmlrpc.php HTTP/1.0" 200 394 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" 22.214.171.124 - - [01/Nov/2017:13:53:09 +0000] "POST /xmlrpc.php HTTP/1.0" 200 394 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"
The lazy way to deal with them using CentOS (or any operating system, but this won’t work with all operating systems) is to firewall them:
firewall-cmd --permanent --add-rich-rule="rule family=ipv4 source address=126.96.36.199/24 reject" firewall-cmd --reload firewall-cmd --zone=public --list-all
Unfortunately, this can be problematic if your site is extremely popular as someone else can use that IP address (if it’s dynamic) and you’ve blocked them from your site. They can also change IP address, but there are benefits to simple IP firewall bans (I’ll speak more about that soon.)
Another method is to add these lines to virtualhost:
<VirtualHost> <^><files xmlrpc.php> order allow,deny deny from all </files><^> </VirtualHost>
I did something slightly more crafty though. Rename the xmlrpc.php file or make a backup of it and delete the old:
cp xmlrpc.php xmlrpc.php.backup rm -rf xmlrpc.php nano xmlrpc.php
Then in nano, add a redirect:
<?php header("Location: http://127.0.0.1"); exit; ?>
With the XMLRPC exploit, people are using your website to send spam information and it becomes a bit like what’s called a “botnet.” Using this method, when something malicious connects to the xmlrpc.php page, it gets redirected to the home IP.
I said there’s benefits to simple IP firewall banning, and there is. If a user is targeting you specifically (attacks like these are very rarely personal, but trolls are another matter), then an IP firewall demonstrates you’ve attempted to ban the perpetrator. The ban doesn’t have to be perfect for you to prove you’ve made ample effort to get the perpetrator to leave you alone. Actions you take might also have an equal and opposite reaction. For example, editing the xmlrpc.php file in such a way means that plugins which rely on it might not function at all. Jetpack is one of these plugins for example. You should never reveal your hand, and you should always appear weak. A simple IP firewall might be easy to circumvent, but you can show an access log to an ISP and it’s proof enough.
The benefits of running your own webserver
Obviously it might be considered a hassle to have to worry about trolls, spammers, hackers, people trying to bruteforce you, etc. but the benefits outweigh the cons, for me.
For example, facebook or any popular site could have something negative happen to it to cause information to get lost. Correct me if I’m wrong, but I don’t believe they have a legal obligation to backup your data if you’re not paying and even if you do pay for a service e.g. squarespace, unless it’s specifically stated in the contract, I don’t believe they have to backup your data. Even if they do backup your data, it’s not necessarily easy to put that data into a usable format. With running your own MySQL server and whatnot, it’s relatively easy (it’s one command line) to save the database.
You also have access to log files and while this might be available for other services (I’m sure it is with some), it’s a lot easier to access if you own/manage everything. In the event you get targeted by a specific person, you have access to the logs–they give you more information than a simple IP address. Hosting is also a lot cheaper if you manage everything–as it should be, it’s costing you time. If you have a lot of time but not a lot of money, this method is better, in my opinion. If you’re experienced with computers, it might also cost you less time than if you signed up for a service like square space.
I don’t make much from this site after server costs and I’ve only received the one donation–thank you by the way–I put 100% of that towards a charity, but I like to keep costs down regardless :).