These are my links for 6 ago 2015 through 21 set 2015:
/bin/bash based SSL/TLS tester: testssl.sh – testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more. [ via quasi.dot: https://delicious.com/farmando ]
Policy NAT for L2L VPN • LearnIOS.com – I kind of missed the wood for the trees here. The static policy NAT is failing because you are trying to map a network 192.168.0.0 to a single IP address 172.20.n.1. However it's just occured, why are you doing policy NAT for the Internet. I tested in lab and if you do this
Encrypted Data Bags on Cloud on AWS – Many customers have asked us how they should handle shared secrets, passwords and other sensitive data in Chef and now we have a good solution. With the release of our stable-v4 stack, we introduced Chef 10 to the platform, and with it came data bags. Now with the 3.0 release of the engineyard gem, we can officially support data bags and encrypted data bags. You may be wondering what data bags are, how data bags work or how to implement data bags. This blog post will walk you through the entire process.
How to set disk alignment in Linux | Dirty Cache – As you might know, if disk partitions containing Oracle datafiles are not aligned with the underlying storage system, then some I/O’s can suffer from some overhead as they are effectively translated in two I/O’s. If you want more info, google for “EMC disk alignment” and you’ll find plenty of information, explaining the issue.
Add Private Route 53 DNS to your AWS VPC | CloudTrek – A really cool feature of Amazon’s Route 53 DNS Management Service is the private hosted DNS zone. Basically, you get the ability to manage the DNS in your private VPC without setting up your own DNS infrastructure (yuck!) [ Just a friendly reminder Note 1: the resolution is working only inside the VPC. Note 2: if you don't have the AmazonProvidedDNS in your DHCP-OPTION you won't resolve the zone. Note 3: if you are using linux, you can use as DNS 169.254.169.253 it won't work on windows 2008 Ref: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-private.html http://aws.amazon.com/route53/faqs/ ]
The Complete Guide for your AWS RDS Database Security | GreenSQL – Amazon Web Services (AWS) is a flexible, scalable and reliable infrastructure-as-a-service provider. AWS provides a suite of infrastructure and complementary monitoring and auditing services which users can leverage to deploy and maintain their applications. In this paper, we will discuss how to strengthen the security aspect of your AWS Relational Database Service (AWS RDS).
These are my links for 22 ott 2014 from 11:21 to 11:34:
F*EX – File EXchange – F*EX (Frams' Fast File EXchange) is a service to send big (large, huge, giant, …) files from a user A to a user B. The sender uploads the file to the F*EX server using a WWW upload form and the recipient automatically gets a notification e-mail with a download-URL.
KandanApp – An Open Source Alternative to HipChat and so much more. Get your own private Chat server in minutes, plus additional features. No credit card required. A fast, secure and stable solution based on Rails. Free and open-source Distributed under the AGPL License.
Get MogoChat – Beautiful team chat app written in Elixir & Ember.js
Ind.ie — Pulse – Pulse Freedom in sync Pulse (previously Syncthing) replaces proprietary sync and cloud services with something open, trustworthy and distributed. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party, and how it's transmitted over the Internet. Free and Open Software. All source code is available on GitHub. What you see is what you get, there is no hidden funny business. Pulse Source Code For Mac, Windows, Linux, BSD, and Solaris Secure & Private, Free & Open, Easy to Use
Enterprise/Authentication/sssd – Ubuntu Wiki – The sssd authentication in Ubuntu works pretty decently. You can use it basically with any directory-style backend, including OpenLDAP, Kerberos, RedHat's FreeIPA and Microsoft's Active Directory. The good part about sssd is that it can be used to log into multiple directory services, so if you have some users in one directory, and the the rest in a different place, this works pretty decently in sssd. You can use it for single-server deployments with plain LDAP with servers or workstations (where you could as well go with pam-ldap and nss-ldap), but also, or especially for more sophisticated setups.
These are my links for 22 ott 2014 from 11:37 to 15:55:
S3QL – nikratio – S3QL is a file system that stores all its data online using storage services like Google Storage, Amazon S3, or OpenStack. S3QL effectively provides a hard disk of dynamic, infinite capacity that can be accessed from any computer with internet access running Linux, FreeBSD or OS-X. S3QL is a standard conforming, full featured UNIX file system that is conceptually indistinguishable from any local file system. Furthermore, S3QL has additional features like compression, encryption, data de-duplication, immutable trees and snapshotting which make it especially suitable for online backup and archival. S3QL is designed to favor simplicity and elegance over performance and feature-creep. Care has been taken to make the source code as readable and serviceable as possible. Solid error detection and error handling have been included from the very first line, and S3QL comes with extensive automated test cases for all its components.
Using Foreman, an Opensource Frontend for Puppet – – The recent vulnerability in bash, got me running to update bash. It’s easy when you have maybe one or two Linux servers, but what do you do if you have 100’s or even thousands or servers? You need to use a server configuration and management tool like puppet. However, instead of using the command line, I wanted a GUI tool where I could select the servers or server group and select an action. That is where I found Foreman, A opensource tool which not only handles configuration of your servers but also does provisioning. Foreman is easy to install, opensource, has community based support and a good deal of documentation.
Power Up Your Authentication with Open LDAP and Puppet | DataCentred – When you’re busy automating your infrastructure, a recurring theme that causes questions and problems is this: how do you reliably integrate your data (which changes all the time) into your configuration? As a hosting company, we find ourselves needing to tend to an ever-increasing number of devices: servers, switches, routers, hypervisors, you name it. A staple mechanism for centralised authentication is the use of an LDAP server to manage a directory of users and groups and to perform authentication of credentials and privileges on behalf of other devices on the network.
Enterprise/Authentication/KerberosServices – Ubuntu Wiki – This article explains a little bit about the Kerberos protocol and how it can be used in Ubuntu. It's not a thorough manual, use more authoritative sources to get more accurate information and update if you see obvious mistakes.