A colleague asked me to install MySQL UDF (MySQL user defined functions) on a server.

So here are my notes on the subject, for a CentOS 6.7 linux box:

First you need to have mysql-devel on your system which install the mysql development headers on /usr/include/mysql/ directory:

# yum -y install mysql-devel

Then download the latest source code of mysqludf_udf:

# wget -c https://raw.githubusercontent.com/mysqludf/lib_mysqludf_udf/master/lib_mysqludf_udf.c

and compile it

# gcc -m64 -fPIC -Wall
        -I/usr/include/mysql -I.
        -L/usr/lib64/libstdc++.so.6
        -shared lib_mysqludf_udf.c
        -o /usr/lib64/mysql/plugin/lib_mysqludf_udf.so

confirm:

# ls -l /usr/lib64/mysql/plugin/lib_mysqludf_udf.so

Restart your MySQL and test it !

CPU

# cat /proc/cpuinfo
Processor   : ARMv7 Processor rev 1 (v7l)
processor   : 0
BogoMIPS    : 3.27

processor   : 1
BogoMIPS    : 3.27

processor   : 2
BogoMIPS    : 3.27

processor   : 3
BogoMIPS    : 3.27

To see the entire article, click uppon article's title/link. 
Thank you.

UPDATED: 14 February 2016
Blog Post: 16 December 2015

I have started (for some time now, to be honest) to transfer my router’s function to my ODROID-c1

that runs Archlinux arm so I have my favorite distribution on this beautiful development board.

# uname -a
Linux myodroid To see the entire article, click uppon article's title/link. 
Thank you.

As we getting closer to the amazing 32nd Chaos Communication Congress (32C3) we must consider some privacy steps to our electronic devices.

Perhaps it’s idiotic to take a smartphone to this conference, as we all know that in such events hacking is fair play to everyone.

The below quote, from Person of Interest, reminds us exactly that:

If they don’t want you to get inside, they ought to build it better.

You should treat every network as a hostile, already compromised network.
It’s probably true, anyway !

For us mere people that we dont have many security knowledge, we need to take some extra security measures if we want to bring our smartphone together. It’s just for browsing, taking some picture from the event (and not the people, respect that please), check some emails or tweet...

[UPDATE 2015 12 13]

How about if you could control your entire home temperature and hot water/central heating etc etc, through your smartphone over the internet ?

You are going to think that this is a dangerous IoT (Internet of Thing) that exposes your privacy to unknown attackers and your smart home is going to be under the control of an evil company.

What if I could tell you, that you can build your own smart controller with open-design/open hardware & free software that costs about €100 ?

Crazy, right ?

Actually there is a project that does exactly all the above and much more and it’s based on a Raspberry Pi.

Let me introduce you to HestiaPi .

First remove NetworkManager:

# systemctl stop NetworkManager

# systemctl disable NetworkManager
rm '/etc/systemd/system/multi-user.target.wants/NetworkManager.service'
rm '/etc/systemd/system/dbus-org.freedesktop.NetworkManager.service'
rm '/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service'

# yum -y remove NetworkManager*

# /usr/bin/rm -rf /etc/NetworkManager

If you want to be more productive you should clean your system from FirewallD, install iptables-services and if you are going to install a redhat pro...

I had the opportunity to participate on an Athen’s Hackerspace event with a dozen debian developers about the issue with reproducible distribution’s package builds.

I had never thought of this thing before and the presentation blown me away !

So here is the deal, if you download the latest openssl package from an archlinux mirror (want archlinux users will going to do):

# pacman -Sw openssl

What if we tried to build openssl by our selfs from the PKGBUILD file ?

# cd /var/abs/core/openssl

$ makepkg -cf
==> Making package: open...

There are some companies that have just started to dual stack (IPv4 & IPv6) their infrastructure, like twimg (the twitter hosting images site).

Reminder that IPv6 is preferable on the Internet (by design)

query[AAAA] pbs.twimg.com from 192.168.1.4
pbs.twimg.com to xxx.xxxTo see the entire article, click uppon article's title/link. 
Thank you.

UPDATE Thu Nov 26 11:28:05 EET 2015

Does SPF break forwarding?
(like in mailing lists)

• Yes, it does break forwarding.

So learn from my mistake and think this through.

Wednesday, 25 November 2015

There is a very simply way to add spf [check] support to your postfix setup.
Below are my notes on CentOS 6.7

Step One: install python policy daemon for spf

# yum -y install pypolicyd-spf

Step Two: Create a new postfix service, called spfcheck

# vim + /etc/postfix/master.cf

spfcheck     unix  -       n       n    ...

A few days ago, I gave a presentation on fosscomm 2015 about DNS, OpenNic Project and DNScrypt

So without further ado, here it is: dns_opennic_dnscrypt.pdf

updated versions for rpm spec files here

• dnscrypt-wrapper v0.1.17
• libsodium v1.0.4

# rpmbuild -ba libsodium.spec
# rpmbuild -ba dnscrypt-wrapper.spec

I did a road trip last week and had almost 11 hours to “kill” while driving.
So I’ve downloaded an audio book to accompany me all those hours.

I chose ‘I, Robot’ a collection of short stories by Isaac Asimov.

I have to admit that although I was aware on the core beliefs and the Three Laws of Robotics, I had never had the change to read (or listen) I, Robot.

These dystopia stories captivate me from the start!
If anyone havent yet read these stories, PLZ make yourself a present and read (or listen) them.

After that, you should really watch the swedish TV series Real Humans / Äkta människor and/or the british version Humans which are about androids!

So … it seems that some router gives dhcp ipv6 prefixes for specific lans.

The default behaviour of CentOS is to autoconfigure the network interface with ifup script.

We havent finished our #ipv6 schema/deployment so we need to disable this ipv6 autoconfigure feature.

global

# vim /etc/sysconfig/network

NETWORKING_IPV6=no
IPV6FORWARDING=no
IPV6_AUTOCONF=no

interface

# vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPV6INIT=no

Flushing

# ip -6 addr flush eth0

# ip -6 route flush scope global

and finally restart

# service restart network

remove unnecessary locales:

# localedef --list-archive | egrep -v '^el_GR|^en_US' | xargs localedef --delete-from-archive
# mv -f /usr/lib/locale/locale-archive /usr/lib/locale/locale-archive.tmpl
# build-locale-archive

Just finished

τα ουγγρικά ψάρια του Γιάννη Πλιώτα

Μπορείτε να διαβάσετε ολόκληρο το βιβλίο εδώ

Απίθανη, μυστηριώδης, κωμική απαγωγή !

Ματωμένο Μήνυμα του Jussi Adler-Olsen

Ενοχή του Jussi Adler-Olsen

So at athen’s hackerspace our bots made a new podcast for this season!

If you are a greek listener, take a look here: botcast s02e01

podcast

This blog post is dedicated to “rwman os” for contacting me to suggest that I was wrong !

And indeed I was !! ( <— two exclamation marks)

So this blog post create true random passwords has some mistakes and I am here to make amens.

the correct syntax on creating random passwords is this:

$ cat /dev/urandom | tr -dc $'\x21-\x7E' | head -c 21

and after further investigation (with GNU coreutils 8.23) seems that you can use octal as well:

$ cat /dev/urandom | tr -dc '\041-\176'  | head -c 21

This is a list with podcasts I listen on a regular base

• Security Now Steve Gibson and Leo Laporte podcast about security news
• Hacker Public Radio Various podcasts, mostly about free software
• Talk Python To Me Podcast Podcast about python
• The Changelog The Changelog is a member supported blog, weekly newsletter and podcast that covers the intersection of software development and open source.
• ask-mrdns Matt Larson and Cricket Liu expound on DNS
• Future Thinkers Podcast Various: Obsessed with all things future: singularity, technology, spirituality, and philosophy.
• The Command Line Thomas Gideon’s podcast
• cybersecurity-initiative American politics, prosperity, and purpose in the digital age through big ideas, technological innovation

Μου αρέσουν τα σκοτεινά βιβλία … δεν μπορώ να προσδιορίσω το γιατί. Ίσως μιλάνε υποσυνείδητα σε μέρη που δεν μπορώ ηθικά να φτάσω …

Ειδικά οι συγγραφείς των Σκανδιναβικών Χωρών έχουν γράψει αριστουργήματα κι ο Γιούσι Άντλερ-Όλσεν δεν αποτελεί εξαίρεση.

Στην αρχή του 2013 διάβασα το Βεβήλωση όπου ήταν το 2ο βιβλίο της σειράς Q. Το βιβλίο θυμάμαι το είχα ρουφήξει. Η σύγχυσή μου όταν διαπίστωσα πως είναι το 2ο στην σειρά κι ο Λιβάνης δεν είχε πουθενά το 1ο, απίστευτη. Μάλιστα θυμάμαι πως έχω κάνει φασαρία για το συγκεκριμένο θέμα σε περίπτερο του Λιβάνη σε έκθεση βιβλίων. Ο άνθρωπος στο περίπτερο μίλησε στο τηλέφωνο (καλοκαίρι 2013) μου είπε πως πράγματι δεν είναι διαθέσιμο γκρρρρρρ

Μιας κι η λίστα με τα todo list μου φτάνει στο φεγγάρι, το ξέχασα μέχρι πριν από μερικές μέρες. Όπου η αδελφή μου αγόρασε το 2ο βιβλίο (μετά από προτροπή μου). Μέσα σε 8 ώρες (σάββατο απόγευμα/κυριακή πρωί) ρούφηξα κι αυτό το βιβλίο!!!

Έχουν βγει και δύο ταινίες (βασισμέν...

Server_A —> Server_B —> Server_C

Let’s say that we have our elasticsearch/kibana setup on Server_C
but Server_A can’t talk to Server_C.

Server_A

# tail /etc/rsyslog.d/20_central_logging.conf 

*.*      @192.168.1.100:42185
& ~

Server_B

install fluentd

# wget -c http://packages.treasuredata.com.s3.amazonaws.com/2/redhat/6/x86_64/td-agent-2.2.1-0.el6.x86_64.rpm
# rpm -ivh td-agent-2.2.1-0.el6.x86_64.rpm

configure fluentd

# vim /etc/t...