Bookmarks for 24 Mar 2016 through 25 Mar 2016

These are my links for 24 Mar 2016 through 25 Mar 2016:

  • Coderwall | Dump all variables – For debugging purposes it can be useful to not just dump hostvars but also all other variables and group information. You can do this using a jinja template which you could include in a debug task
  • Using Ansible to create AWS instances | Tivix – Ansible is a great tool for enhancing productivity. With a vast array of modules to choose from, it can save you a lot of time by automating away common tasks. At Tivix we use it for single-command deployment, with the most common destination being Amazon EC2 instances created beforehand. Since Ansible is capable of managing EC2 resources, we can improve this setup by making a playbook to create an instance for us.
  • Home | OpenSCAP portal – The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines. We maintain great flexibility and interoperability, reducing costs of performing security audits.
    The OpenSCAP project provides a wide variety of hardening guides and configuration baselines developed by the open source community, ensuring that you can choose a security policy which best suits the needs of your organization, regardless of its size.
    SCAP is U.S. standard maintained by National Institute of Standards and Technology (NIST). The OpenSCAP project is a collection of open source tools for implementing and enforcing this standard, and has been awarded the SCAP 1.2 certification by NIST in 2014.
  • Wazuh | Augmenting OSSEC Host IDS – Wazuh contributes to Open Source Security developing and integrating new modules to extend OSSEC capabilities and functionality.

Bookmarks for 8 Mar 2016 through 14 Mar 2016

These are my links for 8 Mar 2016 through 14 Mar 2016:

  • Zsoldier’s Tech Blog: Add Portgroups/VLANs to vmware standard switches via PowerCLI – Wrote a simple little script to insert a portgroup into a targeted vSwitch of all VM hosts in a targeted cluster. This is not an issue if you use distributed vSwitches.
  • siph0n – exploits : leaks : dumps : papers : hashes – Hello and welcome to "siph0n", we are a group of security enthusiasts that want to make people
    more aware of security risks and the risks behind compromised(stolen) data.
    By using this Site, you signify your assent to these Terms of Service if you do not agree to any of these conditions,
    do not use this website.
  • Hardening Framework – […] Server hardening is a well-known topic with many guides out in the wild. Why this project? At Deutsche Telekom we need to manage thousands of servers for customers and ourselves. All servers need to be configured properly and maintained, which is difficult and time-consuming to get right. To answer these needs for security, compliance, and maintainability, we decided to launch this project as a common ground for requirements and their fulfillment.[…]
  • Node-RED – Node-RED is a tool for wiring together hardware devices, APIs and online services in new and interesting ways.
  • zachlatta/sshtron: Play Tron over SSH – SSHTron is a multiplayer lightcycle game that runs through SSH

Bookmarks for 28 mar 2014 through 29 mar 2014

These are my links for 28 mar 2014 through 29 mar 2014:

  • LDAP org chart | – For centralised authentication and authorisation, LDAP is the de-facto standard. Whether in its pure form on Unix or in Active Directory guise on Windows, everyone uses it. What many people don't realise is that you can store all sorts of useful (and not so useful) information in LDAP. One field which can be useful is the "manager" attribute. One of our customers use that and so we've written a small script to graph it using the excellent Graphviz tool. It will probably need customising for specific cases, however we hope that people find it useful nonetheless. If you want to alter the output, do have a look at the record format documentation.
  • Puppet errors explained | – Puppet is a wonderful system automation tool, however the learning curve can be a little steep. We've collected some of the errors messages and "strange" behaviour you may come across together with explanations to help overcome these hurdles and boost adoption of this fabulous tool. If you have any useful errors and explanations, please do send them in and we'll update this article.
  • SCAP: Guide To The Secure Configuration of Red Hat Enterprise Linux 5 – This guide has been created to assist IT professionals, in effectively securing systems with Red Hat Enterprise Linux 5.
  • DNS Load Balancing and Using Multiple Load Balancers in the Cloud – […] Load balancing in general is a complicated process, but there's some secret sauce in managing DNS along with multiple load balancers in the cloud. It requires that you draw from a few different sets of networking and “cloudy” concepts. In this second article in my best practices series (my first post covered how to use credentials within RightScale for storing sensitive or frequently used values), I'll explain how to set up load balancers to build a fault-tolerant, highly available web application in the cloud. Here's what you’ll need: Multiple A records for a host name in the DNS service of your choice Multiple load balancers to protect against failure […]
  • gdnsd – gdnsd is an Authoritative-only DNS server which does geographic (or other sorts of) balancing, redirection, weighting, and service-state-conscious failover at the DNS layer. gdnsd is written in C using libev and pthreads with a focus on high performance, low latency service. It does not offer any form of caching or recursive service, and notably does not support DNSSEC. There's a strong focus on making the code efficient, lean, and resilient. The code has a decent regression testsuite with full branch coverage on the core packet parsing and generation code, and some scripted QA tools for e.g. valgrind validation, clang-analyzer, etc. The geographically-aware features also support the emerging EDNS Client Subnet draft for receiving more-precise network location information from intermediate shared caches.

Bookmarks for 23 gen 2014 through 24 gen 2014

These are my links for 23 gen 2014 through 24 gen 2014:

  • Pancake HTTP Server – What is Pancake? Pancake is a lightweight and modern HTTP server that comes with its own PHP Server API and interfaces for FastCGI and AJP13. With its modern server architecture Pancake is capable of handling very high concurrency loads along with many other features – try it out!
  • GitLab: Self Hosted Git Management Application – GitLab is open source software to collaborate on code. Create projects and repositories, manage access and do code reviews. GitLab allows you to keep your code secure on your own server manage repositories, users and access permissions communicate through issues, line-comments and wiki pages perform code review with merge requests GitLab is powered by Ruby on Rails completely free and open source (MIT license) used by more than 25.000 organizations to keep their code secureGitLab is open source software to collaborate on code. Create projects and repositories, manage access and do code reviews.
  • Hardening the Linux server – Summary:  Servers — whether used for testing or production — are primary targets for attackers. By taking the proper steps, you can turn a vulnerable box into a hardened server and help thwart outside attackers. Learn how to tighten Secure Shell (SSH) sessions, configure firewall rules, and set up intrusion detection to alert you to possible attacks on your GNU/Linux® server.