Bookmarks for 9 Dic 2015 from 12:09 to 16:26

These are my links for 9 Dic 2015 from 12:09 to 16:26:

  • One Thing Well | Let’s Encrypt – Let’s Encrypt is now in public beta and offers a command line tool that makes the process of getting and renewing certificates easy, but you have to run it as root, and it’s designed to rewrite your web server’s configuration files. Here’s a selection of alternative tools and clients:
  • Tsung – It can be used to stress HTTP, WebDAV, SOAP, PostgreSQL, MySQL, LDAP and Jabber/XMPP servers. Tsung is a free software released under the GPLv2 license. The purpose of Tsung is to simulate users in order to test the scalability and performance of IP based client/server applications. You can use it to do load and stress testing of your servers. Many protocols have been implemented and tested, and it can be easily extended. It can be distributed on several client machines and is able to simulate hundreds of thousands of virtual users concurrently (or even millions if you have enough hardware …). Tsung is developed in Erlang, an open-source language made by Ericsson for building robust fault-tolerant distributed applications. [ via http://onethingwell.org/post/134852940551/tsung ]
  • Internet Redundancy with ASA SLA and IPSec – PacketU – I’ve seen a lot of examples of redundant Internet connections that use SLA to track a primary connection. The logic is that the primary Internet connection is constantly being validated by pinging something on that ISP’s network and routing floats over to a secondary service provider in the event of a failure. I was recently challenged with how this interacted with IPSec. As a result I built out this configuration and performed some fairly extensive testing.

Bookmarks for 12 mar 2015 through 18 mar 2015

These are my links for 12 mar 2015 through 18 mar 2015:

  • OpenSSL Essentials: Working with SSL Certificates, Private Keys and CSRs | DigitalOcean – OpenSSL is a versatile command line tool that can be used for a large variety of tasks related to Public Key Infrastructure (PKI) and HTTPS (HTTP over TLS). This cheat sheet style guide provides a quick reference to OpenSSL commands that are useful in common, everyday scenarios. This includes OpenSSL examples of generating private keys, certificate signing requests, and certificate format conversion. It does not cover all of the uses of OpenSSL.
  • Change password The Foreman – Erwan Gallen
  • OpenDJ Directory Services Project – The open source LDAP directory services in Java – The OpenDJ community actively develops open source directory services, including a high performance, highly available, secure directory server, built-in data replication, client tools, and an LDAP SDK. OpenDJ offers extensive LDAPv3 support, as well as RESTful access to directory data over HTTP. OpenDJ DSML gateway enables applications accessing directory data through DSMLv2. All modules are 100% Java based and require at least Java 6.

Bookmarks for 28 feb 2015 from 19:57 to 20:29

These are my links for 28 feb 2015 from 19:57 to 20:29:

  • MDwiki – Markdown based wiki done 100% on the client via javascript – MDwiki is a CMS/Wiki completely built in HTML5/Javascript and runs 100% on the client. No special software installation or server side processing is required. Just upload the mdwiki.html shipped with MDwiki into the same directory as your markdown files and you are good to go!
  • Step by Step Installation and Configuration of OpenLDAP as Proxy to Active Directory | haroonferoze – This guide describes how to install and configure OpenLDAP as proxy to Active Directory.
  • Integrate Active Directory and OpenLDAP | Networking content from Windows IT Pro – OpenLDAP’s proxy service can allow LDAP operations to cross the boundaries between AD and OpenLDAP deployments. To demonstrate this proxy service, we walk through the steps to make AD’s cn=Users container, which by default contains all user objects, part of an OpenLDAP directory. To produce the examples in this article, I used CentOS 4.3, OpenLDAP 2.2.13, and AD running on Windows Server 2003 R2. Later in the article, I’ll show you a limitation in the commonly deployed OpenLDAP 2.2, which you can solve by installing OpenLDAP 2.3 on CentOS 4.3.
  • Let’s Chat — Self-hosted chat for small teams – WHAT IS THIS THING? Some backstory. Way back in 2012, we didn't like any of the existing chat services out there. So we decided to write our own. Let's Chat is a persistent messaging application that runs on Node.js and MongoDB. It's designed to be easily deployable and fits well with small, intimate teams. It's free (MIT licensed) and ships with killer features such as LDAP/Kerberos authentication, a REST-like API and XMPP support. Let's Chat is a side-project of the development team at Security Compass. (A real life 10% time project!)

Bookmarks for 5 nov 2014 from 10:48 to 13:51

These are my links for 5 nov 2014 from 10:48 to 13:51:

  • Configuring OpenLDAP pass-through authentication to Active Directory – Alex Tcherniakhovski – Security – Site Home – MSDN Blogs – This particular functionality of OpenLDAP should be of special interest for environments where long term co-existence between OpenLDAP and Active Directory is required. By establishing pass-through authentication the following advantages could be achieved: Great end-user experience. No need to remember multiple passwords Increased security, due to the reduction of the attack surface (one less password store in the environment) Single password policy The rest of the post will expand on the instructions provided by the OpenLDAP 2.4 Administration guide on establishing pass-through authentication from OpenLDAP to Active Directory. Specifically, will will leverage the capability of SASL to use LDAP as an authentication back-end. In our case, Active Directory will play a role of such authentication back-end.
  • Books – UNIX Systems Programming (BSD) – BitsInTheWind.com – ISBN 10: 0-937175-23-4 / ISBN 13: 9780937175231  O'Reilly & Associates January 1989 The following are made available for your personal, non-commercial use only. You may cite this document as a bibliographic reference in any works that you are writing. Any commercial use of this document, including printing and distribution to groups of people (such as a classroom) is prohibited without my prior written permission.
  • osquery – With osquery, you can use SQL to query low-level operating system information. Under the hood, instead of querying static tables, these queries dynamically execute high-performance native code. The results of the SQL query are transparently returned to you quickly and easily.
  • Boxupp – GUI tool to manage Puppet & Vagrant based project environments | Paxcel – Boxupp makes it easy for integrated management of development stacks over Vagrant and Puppet. Initially built over these two softwares, we plan to add support for more providers and provisioners * Integrated management environment for Vagrant and Puppet * Intelligence at its core * Simple Web GUI * Easy provisioning * Inbuilt console and editors * Start right from level zero ! * Share your configurations with team members.

Bookmarks for 22 ott 2014 through 24 ott 2014

These are my links for 22 ott 2014 through 24 ott 2014:

  • Phamm – PHP LDAP Virtual Hosting Manager – Postfix MTA Fronted – Phamm is a front-end written in PHP to manage virtual services using a OpenLDAP directory back-end. A couple of scripts and tools included help you to set up services.
  • WP-Cli Tutorial – How to Use WP-Cli with Your WordPress Site – WP-Cli is a command line interface which allows the users to manage their WordPress web sites from the command prompt. Upgrades can be performed, backups can be generated, new posts can be published and most of the regular admin actions can be performed with a set of commands. In this tutorial we will explain how to use the WP command line interface in order to complete regular administrative tasks like upgrades, database backup creation, plugins and themes installations and removals, publishing and deleting posts, changing site's URL settings and getting help on chosen commands. Note that WP-Cli requires an SSH access.
  • WordShell – WordPress from the command-line | WordPress from the CLIWordShell – WordPress from the command-line – WordPress from the command-line (Linux, Mac, Windows, BSD, Solaris, etc.) Don't log in to the dashboard on 20 sites one after the other; just type one command. Automate everything and use many bonus tools (e.g. automated backups, maintaining custom patches and version control). This is the time-and-money saver that WP admins have been waiting for.

Bookmarks for 22 ott 2014 from 11:37 to 15:55

These are my links for 22 ott 2014 from 11:37 to 15:55:

  • S3QL – nikratio – S3QL is a file system that stores all its data online using storage services like Google Storage, Amazon S3, or OpenStack. S3QL effectively provides a hard disk of dynamic, infinite capacity that can be accessed from any computer with internet access running Linux, FreeBSD or OS-X. S3QL is a standard conforming, full featured UNIX file system that is conceptually indistinguishable from any local file system. Furthermore, S3QL has additional features like compression, encryption, data de-duplication, immutable trees and snapshotting which make it especially suitable for online backup and archival. S3QL is designed to favor simplicity and elegance over performance and feature-creep. Care has been taken to make the source code as readable and serviceable as possible. Solid error detection and error handling have been included from the very first line, and S3QL comes with extensive automated test cases for all its components.
  • Using Foreman, an Opensource Frontend for Puppet – – The recent vulnerability in bash, got me running to update bash. It’s easy when you have maybe one or two Linux servers, but what do you do if you have 100’s or even thousands or servers? You need to use a server configuration and management tool like puppet. However, instead of using the command line, I wanted a GUI tool where I could select the servers or server group and select an action. That is where I found Foreman, A opensource tool which not only handles configuration of your servers but also does provisioning. Foreman is easy to install, opensource, has community based support and a good deal of documentation.
  • Power Up Your Authentication with Open LDAP and Puppet | DataCentred – When you’re busy automating your infrastructure, a recurring theme that causes questions and problems is this: how do you reliably integrate your data (which changes all the time) into your configuration? As a hosting company, we find ourselves needing to tend to an ever-increasing number of devices: servers, switches, routers, hypervisors, you name it. A staple mechanism for centralised authentication is the use of an LDAP server to manage a directory of users and groups and to perform authentication of credentials and privileges on behalf of other devices on the network.
  • Enterprise/Authentication/KerberosServices – Ubuntu Wiki – This article explains a little bit about the Kerberos protocol and how it can be used in Ubuntu. It's not a thorough manual, use more authoritative sources to get more accurate information and update if you see obvious mistakes.

Bookmarks for 5 ago 2014 through 6 ago 2014

These are my links for 5 ago 2014 through 6 ago 2014:

  • Welcome to the NOC Project – Site – Confluence – NOC is the scalable, high-performance and open-source OSS system for ISP, service and content providers.
  • GestióIP – IP address management (IPAM) software – GestióIP is an automated, Web based IPv4/IPv6 address management (IPAM) software. It features powerful network discovery functions and offers search and filter functions for both networks and host, permitting Internet Search Engine equivalent expressions. This lets you find the information that administrators frequently need easily and quickly. GestióIP also incorporates an automated VLAN management system.
  • phpIPAM IP address management | Open-source IP address management – phpipam is an open-source web IP address management application. Its goal is to provide light and simple |P address management application. It is ajax-based using jQuery libraries, it uses php scripts and javascript and some HTML5/CSS3 features, so some modern browser is preferred to be able to display javascript quickly and correctly…
  • LemonLDAP::NG » start – LemonLDAP::NG is an open source Web Single Sign On product (WebSSO) written in Perl, plugged into Apache Web Server. LemonLDAP::NG is a free software, released under GPL license. LemonLDAP::NG is the first SSO software deployed in French administrations. It can handle more than 200 000 users. Many private firms use it too.
  • CoreOS is Linux for Massive Server Deployments – CoreOS is a new Linux distribution that has been rearchitected to provide features needed to run modern infrastructure stacks. The strategies and architectures that influence CoreOS allow companies like Google, Facebook and Twitter to run their services at scale with high resilience.

Bookmarks for 28 mar 2014 through 29 mar 2014

These are my links for 28 mar 2014 through 29 mar 2014:

  • LDAP org chart | bitcube.co.uk – For centralised authentication and authorisation, LDAP is the de-facto standard. Whether in its pure form on Unix or in Active Directory guise on Windows, everyone uses it. What many people don't realise is that you can store all sorts of useful (and not so useful) information in LDAP. One field which can be useful is the "manager" attribute. One of our customers use that and so we've written a small script to graph it using the excellent Graphviz tool. It will probably need customising for specific cases, however we hope that people find it useful nonetheless. If you want to alter the output, do have a look at the record format documentation.
  • Puppet errors explained | bitcube.co.uk – Puppet is a wonderful system automation tool, however the learning curve can be a little steep. We've collected some of the errors messages and "strange" behaviour you may come across together with explanations to help overcome these hurdles and boost adoption of this fabulous tool. If you have any useful errors and explanations, please do send them in and we'll update this article.
  • SCAP: Guide To The Secure Configuration of Red Hat Enterprise Linux 5 – This guide has been created to assist IT professionals, in effectively securing systems with Red Hat Enterprise Linux 5.
  • DNS Load Balancing and Using Multiple Load Balancers in the Cloud – […] Load balancing in general is a complicated process, but there's some secret sauce in managing DNS along with multiple load balancers in the cloud. It requires that you draw from a few different sets of networking and “cloudy” concepts. In this second article in my best practices series (my first post covered how to use credentials within RightScale for storing sensitive or frequently used values), I'll explain how to set up load balancers to build a fault-tolerant, highly available web application in the cloud. Here's what you’ll need: Multiple A records for a host name in the DNS service of your choice Multiple load balancers to protect against failure […]
  • gdnsd – gdnsd is an Authoritative-only DNS server which does geographic (or other sorts of) balancing, redirection, weighting, and service-state-conscious failover at the DNS layer. gdnsd is written in C using libev and pthreads with a focus on high performance, low latency service. It does not offer any form of caching or recursive service, and notably does not support DNSSEC. There's a strong focus on making the code efficient, lean, and resilient. The code has a decent regression testsuite with full branch coverage on the core packet parsing and generation code, and some scripted QA tools for e.g. valgrind validation, clang-analyzer, etc. The geographically-aware features also support the emerging EDNS Client Subnet draft for receiving more-precise network location information from intermediate shared caches.

Bookmarks for 18 mar 2014 through 21 mar 2014

These are my links for 18 mar 2014 through 21 mar 2014:

  • tune apache peformance using mpm prefork module – There could be many reasons why your website performance is poor, one of them can possibly be that Apache is not coping with the load. Below you’ll find ready to consume configuration to make Apache performance better using the Apache MPM prefork module.
  • check-httpd-limits – Check Apache Httpd MPM Config Limits – Google Project Hosting – check_httpd_limits.pl compares the size of running Apache httpd processes, the configured prefork / worker / event MPM limits, and the server's available memory. The script exits with a warning (or error message) if the configured limits exceed the server's available memory. The script does not use any 3rd-party perl modules, unless the –save/days/max command-line options are used, in which case you will need to have the DBD::SQLite module installed. It should work on any UNIX server that provides /proc/meminfo, /proc/*/exe, /proc/*/stat, and /proc/*/statm files. You will probably have to run the script as root for it to read the /proc/*/exe symbolic links.
  • Apache 2.2: Multiple authentication providers « Electricmonk.nl weblog – Since Apache 2.2 multiple authentication providers are now supported. This is nice, since now you can have an LDAP authentication provider with an htpasswd fallback authentication mechanism.
  • lozzd/Nagdash – What is Nagdash? Nagdash is the long awaited replacement of Naglite2. Written in PHP, it uses the Nagios-api, PHP and a sprinkling of jQuery and Bootstrap to provide a full screen, clean Nagios experience which is suitable either for a Dashboard/NOC screen, or simply a simple view to replace the Nagios UI.
  • Naemon Monitoring Suite – Naemon is the new monitoring suite that aims to be faster and more stable, while giving you a clearer view of the state of your network.

Bookmarks for 3 mar 2014 through 4 mar 2014

These are my links for 3 mar 2014 through 4 mar 2014:

  • Centos yum 404 repository errors | Natural Order Development – […] Basically yum ran through every single mirror and got nothing but 404 errors. I thought something might have gotten broken with yum or maybe the entire Internet changed overnight to a new repository layout (not likely but it has happened before). Well a simple Google for yum 404 led to some message threads that basically said yum's caches were out of data […]
  • Avoiding reboot: Resetting USB on a Linux machine – Every now and then, some USB device misbehaves badly enough to knock out the entire interface, to the extent that the system doesn’t detect any new USB devices. Or work so well with the existing ones, for that matter. The solution for me until now was to reboot the computer. But hey, I don’t like rebooting Linux!
  • AfterLogic WebMail Lite — free ajax webmail – Fast and easy-to-use webmail front-end for your existing IMAP mail server, Plesk or cPanel