Bookmarks for 12 mar 2015 through 18 mar 2015

These are my links for 12 mar 2015 through 18 mar 2015:

  • OpenSSL Essentials: Working with SSL Certificates, Private Keys and CSRs | DigitalOcean – OpenSSL is a versatile command line tool that can be used for a large variety of tasks related to Public Key Infrastructure (PKI) and HTTPS (HTTP over TLS). This cheat sheet style guide provides a quick reference to OpenSSL commands that are useful in common, everyday scenarios. This includes OpenSSL examples of generating private keys, certificate signing requests, and certificate format conversion. It does not cover all of the uses of OpenSSL.
  • Change password The Foreman – Erwan Gallen
  • OpenDJ Directory Services Project – The open source LDAP directory services in Java – The OpenDJ community actively develops open source directory services, including a high performance, highly available, secure directory server, built-in data replication, client tools, and an LDAP SDK. OpenDJ offers extensive LDAPv3 support, as well as RESTful access to directory data over HTTP. OpenDJ DSML gateway enables applications accessing directory data through DSMLv2. All modules are 100% Java based and require at least Java 6.

Bookmarks for 28 feb 2015 from 19:57 to 20:29

These are my links for 28 feb 2015 from 19:57 to 20:29:

  • MDwiki – Markdown based wiki done 100% on the client via javascript – MDwiki is a CMS/Wiki completely built in HTML5/Javascript and runs 100% on the client. No special software installation or server side processing is required. Just upload the mdwiki.html shipped with MDwiki into the same directory as your markdown files and you are good to go!
  • Step by Step Installation and Configuration of OpenLDAP as Proxy to Active Directory | haroonferoze – This guide describes how to install and configure OpenLDAP as proxy to Active Directory.
  • Integrate Active Directory and OpenLDAP | Networking content from Windows IT Pro – OpenLDAP’s proxy service can allow LDAP operations to cross the boundaries between AD and OpenLDAP deployments. To demonstrate this proxy service, we walk through the steps to make AD’s cn=Users container, which by default contains all user objects, part of an OpenLDAP directory. To produce the examples in this article, I used CentOS 4.3, OpenLDAP 2.2.13, and AD running on Windows Server 2003 R2. Later in the article, I’ll show you a limitation in the commonly deployed OpenLDAP 2.2, which you can solve by installing OpenLDAP 2.3 on CentOS 4.3.
  • Let’s Chat — Self-hosted chat for small teams – WHAT IS THIS THING? Some backstory. Way back in 2012, we didn't like any of the existing chat services out there. So we decided to write our own. Let's Chat is a persistent messaging application that runs on Node.js and MongoDB. It's designed to be easily deployable and fits well with small, intimate teams. It's free (MIT licensed) and ships with killer features such as LDAP/Kerberos authentication, a REST-like API and XMPP support. Let's Chat is a side-project of the development team at Security Compass. (A real life 10% time project!)

Bookmarks for 22 ott 2014 from 11:21 to 11:34

These are my links for 22 ott 2014 from 11:21 to 11:34:

  • F*EX – File EXchange – F*EX (Frams' Fast File EXchange) is a service to send big (large, huge, giant, …) files from a user A to a user B. The sender uploads the file to the F*EX server using a WWW upload form and the recipient automatically gets a notification e-mail with a download-URL.
  • KandanApp – An Open Source Alternative to HipChat and so much more. Get your own private Chat server in minutes, plus additional features. No credit card required. A fast, secure and stable solution based on Rails. Free and open-source Distributed under the AGPL License.
  • Get MogoChat – Beautiful team chat app written in Elixir & Ember.js
  • Ind.ie — Pulse – Pulse Freedom in sync Pulse (previously Syncthing) replaces proprietary sync and cloud services with something open, trustworthy and distributed. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party, and how it's transmitted over the Internet. Free and Open Software. All source code is available on GitHub. What you see is what you get, there is no hidden funny business. Pulse Source Code For Mac, Windows, Linux, BSD, and Solaris Secure & Private, Free & Open, Easy to Use
  • Enterprise/Authentication/sssd – Ubuntu Wiki – The sssd authentication in Ubuntu works pretty decently. You can use it basically with any directory-style backend, including OpenLDAP, Kerberos, RedHat's FreeIPA and Microsoft's Active Directory. The good part about sssd is that it can be used to log into multiple directory services, so if you have some users in one directory, and the the rest in a different place, this works pretty decently in sssd. You can use it for single-server deployments with plain LDAP with servers or workstations (where you could as well go with pam-ldap and nss-ldap), but also, or especially for more sophisticated setups.

Bookmarks for 22 ott 2014 from 11:37 to 15:55

These are my links for 22 ott 2014 from 11:37 to 15:55:

  • S3QL – nikratio – S3QL is a file system that stores all its data online using storage services like Google Storage, Amazon S3, or OpenStack. S3QL effectively provides a hard disk of dynamic, infinite capacity that can be accessed from any computer with internet access running Linux, FreeBSD or OS-X. S3QL is a standard conforming, full featured UNIX file system that is conceptually indistinguishable from any local file system. Furthermore, S3QL has additional features like compression, encryption, data de-duplication, immutable trees and snapshotting which make it especially suitable for online backup and archival. S3QL is designed to favor simplicity and elegance over performance and feature-creep. Care has been taken to make the source code as readable and serviceable as possible. Solid error detection and error handling have been included from the very first line, and S3QL comes with extensive automated test cases for all its components.
  • Using Foreman, an Opensource Frontend for Puppet – – The recent vulnerability in bash, got me running to update bash. It’s easy when you have maybe one or two Linux servers, but what do you do if you have 100’s or even thousands or servers? You need to use a server configuration and management tool like puppet. However, instead of using the command line, I wanted a GUI tool where I could select the servers or server group and select an action. That is where I found Foreman, A opensource tool which not only handles configuration of your servers but also does provisioning. Foreman is easy to install, opensource, has community based support and a good deal of documentation.
  • Power Up Your Authentication with Open LDAP and Puppet | DataCentred – When you’re busy automating your infrastructure, a recurring theme that causes questions and problems is this: how do you reliably integrate your data (which changes all the time) into your configuration? As a hosting company, we find ourselves needing to tend to an ever-increasing number of devices: servers, switches, routers, hypervisors, you name it. A staple mechanism for centralised authentication is the use of an LDAP server to manage a directory of users and groups and to perform authentication of credentials and privileges on behalf of other devices on the network.
  • Enterprise/Authentication/KerberosServices – Ubuntu Wiki – This article explains a little bit about the Kerberos protocol and how it can be used in Ubuntu. It's not a thorough manual, use more authoritative sources to get more accurate information and update if you see obvious mistakes.

Bookmarks for 25 set 2014 from 12:03 to 17:40

These are my links for 25 set 2014 from 12:03 to 17:40:

  • sebsauvage/rss-bridge – The RSS feed for websites missing it
  • debsecan – The debsecan program evaluates the security status of a host running the Debian operation system. It reports missing security updates and known vulnerabilities in the programs which are installed on the host. debsecan accesses the dpkg database and obtains a list of installed packages and their versions. This list is then evaluated against a feed of vulnerability information which ultimately comes from a database maintained by Debian's Testing Security Team . Various output formats are supported, including incremental reporting via email. Beginning with version 0.2, debsecan includes a script called debsecan-create-cron, which allows you to create a cron job which periodically sends you mail (once per day) when the security status of the system changes.
  • Barriers, Caches, Filesystems | monolight – With the recent proliferation of ext4 as the new “default” Linux filesystem there’s been much talk of write barrier support. The flurry of post-2.6.18 barrier related development in most storage subsystems has left some novice users and administrators perplexed. I hope I can clear it up a bit with this primer/refresher.
  • SMTP, testing via Telnet – FreeBSDwiki – When troubleshooting problems with SMTP service – your own, or others – it is frequently very helpful to be able to "speak" to the SMTP server directly, rather than going through a mail client which won't necessarily tell you exactly what the SMTP server is saying. You can easily do this with the telnet client. Note that many ISPs do not allow outbound connections on port 25 to any SMTP server but their own – if you get timeouts when trying to connect to port 25, you should try port 587, which is the standard ESMTP port. (Port 587 connections normally require SMTP AUTH, which is covered below.)

Bookmarks for 1 apr 2014 from 13:31 to 14:21

These are my links for 1 apr 2014 from 13:31 to 14:21:

Bookmarks for 18 mar 2014 through 21 mar 2014

These are my links for 18 mar 2014 through 21 mar 2014:

  • tune apache peformance using mpm prefork module – There could be many reasons why your website performance is poor, one of them can possibly be that Apache is not coping with the load. Below you’ll find ready to consume configuration to make Apache performance better using the Apache MPM prefork module.
  • check-httpd-limits – Check Apache Httpd MPM Config Limits – Google Project Hosting – check_httpd_limits.pl compares the size of running Apache httpd processes, the configured prefork / worker / event MPM limits, and the server's available memory. The script exits with a warning (or error message) if the configured limits exceed the server's available memory. The script does not use any 3rd-party perl modules, unless the –save/days/max command-line options are used, in which case you will need to have the DBD::SQLite module installed. It should work on any UNIX server that provides /proc/meminfo, /proc/*/exe, /proc/*/stat, and /proc/*/statm files. You will probably have to run the script as root for it to read the /proc/*/exe symbolic links.
  • Apache 2.2: Multiple authentication providers « Electricmonk.nl weblog – Since Apache 2.2 multiple authentication providers are now supported. This is nice, since now you can have an LDAP authentication provider with an htpasswd fallback authentication mechanism.
  • lozzd/Nagdash – What is Nagdash? Nagdash is the long awaited replacement of Naglite2. Written in PHP, it uses the Nagios-api, PHP and a sprinkling of jQuery and Bootstrap to provide a full screen, clean Nagios experience which is suitable either for a Dashboard/NOC screen, or simply a simple view to replace the Nagios UI.
  • Naemon Monitoring Suite – Naemon is the new monitoring suite that aims to be faster and more stable, while giving you a clearer view of the state of your network.

Bookmarks for 10 gen 2014 through 15 gen 2014

These are my links for 10 gen 2014 through 15 gen 2014:

  • CodeCombat – Learn programming with a multiplayer live coding strategy game. You're a wizard, and your spells are JavaScript. Free, open source HTML5 game! [ via http://hackingitalia.com/ ]
  • » Linuxaria – Everything about GNU/Linux and Open source SSH in 2 steps on Linux with Google Authenticator – Many security policies require you to change the port number of the SSH service to ensure greater security in a Linux system. Situation now used throughout the IT world and used mostly by users who have their own private server. Today I want to show you how to add another security layer without having to change the SSH port. To do this we’ll incorporate the famous Google Authenticator to our ssh service, in this way we’ll have a safe, two steps security, by entering our password and the combination given from the GA application. Let’s see how to do this…
  • SoftEther VPN Project – SoftEther VPN Project – SoftEther VPN is one of the most powerful and easiest VPN software in the world. It is freeware, developed as an academic research project in University of Tsukuba, Japan. Download SoftEther VPN and enjoy it today. It is open source. Features * Easy to establish both remote-access and site-to-site VPN. * SSL-VPN Tunneling on HTTPS to pass through NATs and firewalls. * Revolutionary VPN over ICMP and VPN over DNS features. * Ethernet-bridging (L2) and IP-routing (L3) over VPN. * Embedded dynamic-DNS and NAT-traversal so that no static nor fixed IP address is required. * AES 256-bit and RSA 4096-bit encryptions. * 1Gbps-class high-speed throughput performance with low memory and CPU usage. * Windows, Linux, Mac, Android, iPhone, iPad and Windows Phone are supported. * SSL-VPN (HTTPS) and 6 major VPN protocols (OpenVPN, IPsec, L2TP, MS-SSTP, L2TPv3 and EtherIP) [ via http://www.net-security.org/secworld.php?id=16171 ]

Bookmarks for 24 lug 2013 through 2 ago 2013

These are my links for 24 lug 2013 through 2 ago 2013:

  • wg/wrk · GitHub – wrk is a modern HTTP benchmarking tool capable of generating significant load when run on a single multi-core CPU. It combines a multithreaded design with scalable event notification systems such as epoll and kqueue. [ via http://onethingwell.org/post/56882294128/wrk ]
  • Automate and manage systems installation with Cobbler – Cobbler simplifies system provisioning by centralizing the tasks that are involved in setting up and administering an installation server. This article discusses some of Cobbler's features, how to install it, and how to create a configuration suitable for automatically installing multiple client machines.
  • Cobbler – Linux install and update server – Cobbler is a Linux installation server that allows for rapid setup of network installation environments. It glues together and automates many associated Linux tasks so you do not have to hop between many various commands and applications when deploying new systems, and, in some cases, changing existing ones. Cobbler can help with provisioning, managing DNS and DHCP, package updates, power management, configuration management orchestration, and much more. (And you can integrate with chef or puppet)
  • Redhat I/O Scheduler Configuration in a Virtual Machine. – FATMIN – […] However, because of the fact that ESX is its own built in elevator, the Linux kernel's elevator is not needed, and in fact can hurt disk performance. So its best to disable the elevator inside your linux VMs […] Da controllare comunque dovrebbe andare anche su altre distro
  • RDP with NLA from Linux – Is there a way to connect to a Windows 2008 Remote Desktop Services with NLA from Linux?   Yes! FreeRDP is a fork of Rdesktop. Rdesktop seems to have stopped developement, so a fork is very welcome. NLA is still not in the main release, but it isn't hard to check out a copy from GIT and compile the latest source yourself.

Bookmarks for 21 giu 2013 through 24 giu 2013

These are my links for 21 giu 2013 through 24 giu 2013:

  • Base64 Decode and Encode – Online – Have to deal with Base64 format? Then this site is made for You! Use the super simple online form below to decode or encode Your data. If You're interested about the inner workings of the Base64 format, just read the detailed description at the bottom of the page. Welcome!
  • Simple Base64 Encode & Decode on Mac OSX / Linux with OpenSSL – Drew Morris – Looking for a fast and convenient way to Base64 encode / decode a given string using your Mac or Linux machine? You can do it using the pre-installed OpenSSL package.
  • http://www.ndchost.com/wiki/mail/test-smtp-auth-telnet – Below are instructions on how to test SMTP AUTH against a mail server using Telnet and entering the commands by hand. ( base64 via openssl: http://drewsymo.com/how-to/quick-and-simple-base64-encode-on-mac-osx-terminal/ )
  • Two default routes – Linux has very advanced routing, filtering and traffic shaping options. Here is how to configure a system with two default routes.
  • Getting Started with Puppet – Hello World! | ScriptRock – As there’s a lot of interest out there in the various automation tools on offer I thought I’d do a series of blogs covering getting started on each. In particular I wanted to put them to the test regarding how simple it is to go from zero to “Hello World” *. This way I get to play the truly dumb user (not much of a stretch, I know), which is kinda fun too.