Author: jtheo

Bookmarks for 16 Mar 2016 through 24 Mar 2016

These are my links for 16 Mar 2016 through 24 Mar 2016:

  • “Reverse Engineering for Beginners” free book
  • Resolve Hardware Status Alert SEL_FULLNESS | Brian Ragazzi – […] I noticed an alert on two UCS B250M2 hosts in the vSphere Client. The alert Name was “Status of other host hardware objects”. This isn’t helpful. To get more information, you have to navigate to the Hardware Status tab of the host properties. Here I saw more information about the alert. It’s cryptically named “System Board 0 SEL_FULLNESS”. […]
  • Network Stack: Cisco ASA Packet Capture – […] The ASA platform has fantastic built-in packet capture capabilities which can come in very handy for troubleshooting issues. I will be demonstrating some of the capabilities using an ASA 5505 running version 9.0(1).Performing a packet capture is done using the capture command from privileged exec mode. […][ Fantastic… I won’t say that ]
  • Sanesecurity ClamAV Malware, Phishing, and Spam Signatures – Sanesecurity produces add-ons signatures to help improve the ClamAV detection rate on Zero-Day malware and even on Zero-Hour malware. Since 2006 we have provided professional quality ClamAV signatures to protect against the following email types: Macro malware, Zip malware, Rar malware, Javascript malware, 7z malware, Phishing, Spear phishing and other types of common emailed malware and spam. Sanesecurity 3rd Party ClamAV signatures can also help prevent TeslaCrypt, Cryptowall, Cryptolocker and other ransomware, who’s source usually starts as a malicious email.
  • Multistage environments with Ansible – Ross Tuck – Ansible has excellent documentation but one thing I was confused about was the best way to store the configuration for multistage projects: say, different passwords for dev, staging, production. This isn’t really covered in the ansible-examples repo because it’s specific to your project and while the documentation has recommendations, it doesn’t spell it out completely (which I need since I’m an idiot).

Bookmarks for 14 Mar 2016 through 16 Mar 2016

These are my links for 14 Mar 2016 through 16 Mar 2016:

  • Checking UCS Settings from the UCS Manager CLI – I was recently using the UCS Manager CLI and I wanted to share my findings. You can SSH to the UCSM (UCS Manager) and then run commands to figure out information about your hardware configuration. Whenever working with Cisco UCS Servers, the first thing we need to figure out is how Service Profiles are used in a UCS Environment.
  • Add a VLAN to a UCS blade via the CLI | VirtuallyMikeBrown – What I really wanted to do was add a couple existing VLANs to the vNIC of an ESXi host on a blade (so I could vMotion some stuff around). Of course, with the GUI, it’s a few clicks. Without the GUI (and not knowing where to go in the CLI), I was at a bit of a loss.The UCS CLI guide wasn’t helpful as it was more for managing the hardware or upstream configs – not so much for what would seem like a task made for UCSM. So to get on with it, let me share the quick config for adding VLANs to vNICs.

Bookmarks for 8 Mar 2016 through 14 Mar 2016

These are my links for 8 Mar 2016 through 14 Mar 2016:

  • Zsoldier’s Tech Blog: Add Portgroups/VLANs to vmware standard switches via PowerCLI – Wrote a simple little script to insert a portgroup into a targeted vSwitch of all VM hosts in a targeted cluster. This is not an issue if you use distributed vSwitches.
  • siph0n – exploits : leaks : dumps : papers : hashes – Hello and welcome to "siph0n", we are a group of security enthusiasts that want to make people
    more aware of security risks and the risks behind compromised(stolen) data.
    By using this Site, you signify your assent to these Terms of Service if you do not agree to any of these conditions,
    do not use this website.
  • Hardening Framework – […] Server hardening is a well-known topic with many guides out in the wild. Why this project? At Deutsche Telekom we need to manage thousands of servers for customers and ourselves. All servers need to be configured properly and maintained, which is difficult and time-consuming to get right. To answer these needs for security, compliance, and maintainability, we decided to launch this project as a common ground for requirements and their fulfillment.[…]
  • Node-RED – Node-RED is a tool for wiring together hardware devices, APIs and online services in new and interesting ways.
  • zachlatta/sshtron: Play Tron over SSH – SSHTron is a multiplayer lightcycle game that runs through SSH

Bookmarks for 1 Mar 2016 through 8 Mar 2016

These are my links for 1 Mar 2016 through 8 Mar 2016:

  • ansiblecookbook.com – This books should become a reference for how doing cool things in your daily business with Ansible, things you can not find in the official docs.
  • Ansible Cheat Sheet | Wall-Skills.com – Ansible is the cool, new kid on the block that is IT automation. So, just in case you need an Ansible Cheat Sheet, we’ve got you covered
  • zorangagic/awsinfo – Daily Inventory of all AWS resources in excel format
  • High availability clustering on AWS | Zoran’s Blog – How do we keep legacy applications highly available on AWS? I have already written about this previously and there are many good alternatives with the upcoming Cloudwatch instance recovery the easiest to implement. Yet Cloudwatch instance recovery or autoscaling group with min=1,max=1 still requires failure to be detected (1-2 mins) and new instance to be booted up (2-3 mins). If the application can not tolerate outage of 3-5 minutes then high availability clustering may be a good alternative
  • jordansissel/pleaserun: An attempt to abstract this “init” script madness. – Pleaserun is a tool to generate startup scripts for the wasteland of sorrow that is process launchers.

Bookmarks for 30 Dic 2015 through 17 Feb 2016

These are my links for 30 Dic 2015 through 17 Feb 2016:

  • Robtex – We aim to make the fastest and most comprehensive free DNS lookup tool on the Internet
  • OS.js – JavaScript Cloud/Web Desktop Platform – OS.js is a JavaScript web desktop implementation for your browser with a fully-fledged window manager, Application APIs, GUI toolkits and filesystem abstraction.
  • Try Perl: learn the basics of the Perl language in your browser – Welcome to Try Perl ! The window on your right is an interactive Perl interpreter. You can type Perl statements and watch it run. [ via MD http://braindead.tumblr.com/post/136604576916 ]
  • Syncthing – Syncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it's transmitted over the Internet.
  • AlessandroZ/LaZagne · GitHub – The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these passwords for the most commonly-used software. At this moment, it supports 22 Programs on Microsoft Windows and 12 on a Linux/Unix-Like OS.

Bookmarks for 16 Dic 2015 through 21 Dic 2015

These are my links for 16 Dic 2015 through 21 Dic 2015:

  • 29 questions to ask yourself if you’re in devops | www.rohit.io – A few days ago, I had an opportunity to meet and interact with Mike Place, who works as a developer at Saltstack. We had an interesting conversation about devops and how things work in the valley. Mike explained the growing importance of devops in organizations and the rise of devops as a culture that aims to collaboratively deliver systems into production, reliably and effectively.
  • H2O – the optimized HTTP/2 server – H2O is a new generation HTTP server providing quicker response to users when compared to older generation of web servers. The server takes full advantage of HTTP/2 features including prioritized content serving and server push, promising outstanding experience to the visitors of your web site. [ via http://onethingwell.org/post/135440804989 ]
  • Mattermost – Mattermost is modern communication behind your firewall. As an alternative to proprietary SaaS messaging, Mattermost brings all your team communication into one place, making it searchable and accessible anywhere.

Bookmarks for 9 Dic 2015 through 10 Dic 2015

These are my links for 9 Dic 2015 through 10 Dic 2015:

  • JavaScript: The World’s Most Misunderstood Programming Language – JavaScript, aka Mocha, aka LiveScript, aka JScript, aka ECMAScript, is one of the world's most popular programming languages. Virtually every personal computer in the world has at least one JavaScript interpreter installed on it and in active use. JavaScript's popularity is due entirely to its role as the scripting language of the WWW. Despite its popularity, few know that JavaScript is a very nice dynamic object-oriented general-purpose programming language. How can this be a secret? Why is this language so misunderstood?
  • Dynamic multi-point VPN with OpenNHRP powered linux hub – This post aims to explain how to configure a dynamic multi-point site-to-site VPN over IPSEC between CISCO routers and a Linux machine using the NHRP protocol. […] To support the NHRP protocol I used OpenNHRP, an open-source implementation of the NHRP protocol. To bring up the IPSec tunnels, I used racoon with pre-shared key based authentication.
  • portableR – portableR is a version of R statistics that have all their static libraries within the same folder, this lets run in x86_64 VMs. This project is aimed to run in web servers to build microservices (AWS Lambda) that require R to process data, png chart generation, etc.

Bookmarks for 9 Dic 2015 from 12:09 to 16:26

These are my links for 9 Dic 2015 from 12:09 to 16:26:

  • One Thing Well | Let’s Encrypt – Let’s Encrypt is now in public beta and offers a command line tool that makes the process of getting and renewing certificates easy, but you have to run it as root, and it’s designed to rewrite your web server’s configuration files. Here’s a selection of alternative tools and clients:
  • Tsung – It can be used to stress HTTP, WebDAV, SOAP, PostgreSQL, MySQL, LDAP and Jabber/XMPP servers. Tsung is a free software released under the GPLv2 license. The purpose of Tsung is to simulate users in order to test the scalability and performance of IP based client/server applications. You can use it to do load and stress testing of your servers. Many protocols have been implemented and tested, and it can be easily extended. It can be distributed on several client machines and is able to simulate hundreds of thousands of virtual users concurrently (or even millions if you have enough hardware …). Tsung is developed in Erlang, an open-source language made by Ericsson for building robust fault-tolerant distributed applications. [ via http://onethingwell.org/post/134852940551/tsung ]
  • Internet Redundancy with ASA SLA and IPSec – PacketU – I’ve seen a lot of examples of redundant Internet connections that use SLA to track a primary connection. The logic is that the primary Internet connection is constantly being validated by pinging something on that ISP’s network and routing floats over to a secondary service provider in the event of a failure. I was recently challenged with how this interacted with IPSec. As a result I built out this configuration and performed some fairly extensive testing.

Bookmarks for 3 Dic 2015 through 8 Dic 2015

These are my links for 3 Dic 2015 through 8 Dic 2015:

  • minio/mc · GitHub – Minio client (mc) provides a set of tools to work with Amazon S3 compatible cloud storage and filesystems. It has features to resume partial downloads, progress bar and parallel copy. Minio client is written in Golang and released under Apache license v2. [ via http://onethingwell.org/post/134793050379 ]
  • Choosing an HTTP Status Code — Stop Making It Hard | Racksburg – What could be simpler than returning HTTP status codes? Did the page render? Great, return 200. Does the page not exist? That’s a 404. Do I want to redirect the user to another page? 302, or maybe 301.
  • Spinnaker: Global Continuous Delivery – Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence. It provides two core sets of features: cluster management and deployment management. Below we give a top-level overview of these features. [ via http://cloudacademy.com/blog/netflix-spinnaker/ ]