Today’s work : A dockerfile to build an archlinux image with sshd
You can find my notes here: Dockerfile notes
I am a very proud member of Athen’s Hackerspace.
I am enjoying the entire 3+ years time (and money) that i’ve spend at this hackerspace. Love it.
Today was a very productive day.
With a good friend of mine, are working to setup an ansible, docker, btrfs workshop !
We want to contribute back to the community and we thought that this is a great opportunity.
We are not guru or anything like that - no, we just want to share the knowledge we are getting by spending time at hackerspace. Nothing more, nothing less. Just share our feedback to all the people that have helped us till now.
So, we are working togeth...
Thank you.
I am currently pseudoparallel reading (i am currently reading one other book) The Pattern On The Stone By Daniel Hillis and i am really really impressed about the simple explanation on logical gates (boolean algebra).
Hillis is using as an example The Tinkertoy computer - the mechanical computer for playing TicTacToe !
Look at this page to take a quick look: The Tinkertoy computer
BTW The first mechanical computer is the The Antikythera mechanism 100BC to predict astronomical positions and eclipses.
Truly Amazing !
It took me a few minutes to understand why one of my online sign files isnt the correct one.
The actual file:
[~]> md5sum file.sign
89dd90709bbc51eb6796280123f46fe6
The file on my web server:
$ md5sum file.sign
89dd90709bbc51eb6796280123f46fe6
when download it :
[~]> md5sum file.sign
f57846a7032a1d106799af38ab94cfb7
Say what ?
Whattttttt !
[~]> file file.sign
file.sign: gzip compressed data, from Unix
so what if i did:
gunzip -d -c file.sign | md5sum
89dd90709bbc51eb6796280123f46fe6 -
So a light bulb lighted up upon my hackergotchi !! mod_deflate
i need to change my filters
reading
man 5 fluxbox-keys
i found that there is
ArrangeWindows pattern / ArrangeWindowsVertical pattern / ArrangeWindowsHorizontal pattern
so i edited my
~/.fluxbox/keys
to auto-tile (vertical/horintal) with my super (window) key as shortcut
Mod4 h :arrangewindowshorizontal
Mod4 v :arrangewindowsvertical
Postfix has the ability to DISCARD (or Reject) any email, by using simple regular expressions. This can be done on your incoming or outgoing mail farm and you can either check the header or body of an email.
For me header_checks is a more powerful tool but the main problem with phishing bots is that the headers arent always the same (different IPs, different Froms etc etc).
And on half of them scam situations there is an ugly url or email inside the body of the email.
Our abuse department informed us today for a scam bot that “WANTS YOU TO REPLY TO THEM WITH YOUR PASSWORDS” and we took the appropriate measures against it. None of our outgoing mail servers can be used to send a reply to the abuser mail address.
There is a deb...
Thank you.
Is ignorance !
Plz take a minute and read this:
The greater percentage of people will login to a http site. Especially if they use a lot of mobile hardware with screens small enough with outdated operating system/browser.
Whatever you do, whatever measurement you have taken, If someone finds an open wifi and wants to connect to site like facebook from his/her mobile device, he/shell will never check for a https connection. If there is a MAN-IN-THE-MIDDLE (proxy/dns spoof) people will connect to http://facebook.com on a private address like 192.168.2.5
So the effort should be on education and digital liberty. Cause people, will always choose the most free & easy use app Vs complex but secure.
If you are not using your PC/laptop as a server, then 99,99% you dont need network at the boot time.
Disabling NetworkManager can speed up your machine.
> sudo systemctl disable NetworkManager
Of course we all need network, so tell your machine to start NetworkManager after your boot process. And you can do that by editing your crontab as root:
> sudo -s
# crontab -e
and typing
@reboot systemctl start NetworkManager
try this and measure the time you have saved by
systemd-analyze
before and after .
A colleague of mine wants to add a new vhost on one of our apache web servers.
Running:
/etc/init.d/httpd configtest
he noticed that php_admin_flag had produced an error msg. We comment this flag out and tried to restart the web server. Unfortunately the httpd didnt came up.
Searching through logs I’ve seen these:
Dec 14 14:33:54 Erased: php-snmp
Dec 14 14:33:54 Erased: php-mbstring
Dec ...
Thank you.
openldap 101 - Building a Centralized Authentication System based on openldap
hands-on workshop @hackerspacegr
Sat 14 Dec 2013 15:00
- First linux distro i ‘ve ever used: Red Hat 5.2 but i couldnt find a way to power up X
- Used SuSE Linux 6.3 for about six months. There was a tool named sax or sox that you could configure your video card from command line.
- After that was Mandrake 8.2 and kept Mandrake for several years.
- Did a trial with Linux From Scratch and of course Slackware was always just a click (download) far away but i returned to mandrake
- Left from mandrake just about mandriva came in and started to use ubuntu. Before all the crappy decisions!
- Used ubuntu for almost 3 years but did some tests with fedora … never liked it !
- At 2009 did an error with rm (i removed the entire usr dir) and tried archlinux for the first time.
- NEVER looked back, never installed another linux distro, never had a problem in my life!
Yesterday i helped a company to run a training session.
PLZ keep reading … it’s an interesting article
So i’ve written the process:
- Login to a juniper web (over ssl - self signed) page
- Through this site, download a vmware client
- Run the vmware client that opens a vmware web client instance
- Login to this virtual machine
- Open through this virtual machine a citrix xen virtual desktop
- Login to this virtual machine with DOMAIN credentials
- Open an Internet Explorer to read/run the training session
Most of the tasks are just written procedures that you have to read and some are java applications that you have to run and answer some questions.
So we have 3 different sets of passwords and 3 different technologies to run a java app for training and an IE page for reading some procedures.
You need to install rtmpdump.
The rtmp stream has three parts:
- rtmp url
- target app on server
- playpath
eg.
streamer: ‘rtmp://cp126783.live.edgefcs.net/live’, file: ‘Alfaradiofwno@86944?.mp3′
- rtmp url : rtmp://cp126783.live.edgefcs.net
- target app on server : live
- playpath : ‘Alfaradiofwno@86944?.mp3′
then pipe the stream through vlc:
rtmpdump -V --live -r rtmp://cp126783.live.edgefcs.net -a live -y 'Alfaradiofwno@86944?.mp3' | cvlc -
[this blog post is just a shatter idea]
Is it time to change the way we are searching? Till this moment, we were searching through the browser’s default search engine but Gnome has changed all that for everyone (even me, who doesnt use gnome!).
What we all need from a search engine: To locate our files or info. If it is not there, search the internet, privately and anonymously.
A lot of you, are going to tell (correctly) that what we are searching define us and not the search engine itself. Privacy isnt something we can measure from or within a search engine. But most people dont understand or (even worse) dont care about all that.
I use To see the entire article, click uppon article's title/link.
Thank you.
bind has a nice command to dump all the records (cache, views and zones) of a bind dns server to a single file.
> rndc --help
dumpdb [-all|-cache|-zones] [view ...]
Dump cache(s) to the dump file (named_dump.db).
Our named_dump.db file has 3.5m lines.
I was looking for a simple way to parse this entire formatted file and split the content of the zones to bind formatted zone files (for another project). So i was looking to implement the exactly opposite from: rndc dump --zones
i came with this:
grep 'IN' named_dump.db | awk -F[\'\/] '/Zone dump of/ {out=$2;}{print > out;}'
PS: The reason i am doing that, is that we dont have the 41435 zones to strict formatted bind zone files.
Some of them have “A” against “IN A”, some of them dont have TTL on RR (so the master TTL is in place), some of them use ‘@’ for origin etc etc etc. This is acceptable from bind, not really hard to parse when you are programming a custom provisioning mechanism.
archlinux has chosen to remove TCP wrappers from it’s core packages a couple of years now.
You can read this all about here.
This is how to imitate the tcp wrapper (by the way Wietse Venema rocks! ) functionality with iptables and source range.
iptables -A INPUT -p tcp --dport 22 -m iprange --src-range 158.255.214.14-158.255.214.15 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j DROP
Hackerspace.gr [HSGR] is a physical space dedicated to creative code and hardware hacking, in Athens.
Location: Athens, Greece
320 events the last couple years
This is some of what we have accomplished
take a look
Why i chose archlinux as my primary desktop distro.
a non techinal approach
I am using linux for personal and work related use, from 2002 on a daily bases. I work as a unix system engineer, so i think of my self as an intermetiate user and not a newbie. Not at least on the majority of linux things, cause things are changing too fast and we must adopt to the new world. In this blog post, i will not write down my linux history but i believed that a prolog should be in place, so everybody (me and you) have the same context.
I am using archlinux from May 2009 so its almost four years now. You could say that i got around archlinux as a mistake (i was using ubuntu at that time and a space character after “rm -rf /usr /local/src/something” made me remove my /usr folder) but the test i’ve made (installing archlinux) that evening changed my life.
Why i chose archlinux ?
at that point, I had three options:
a. fedora
b. archlinux
c. freebsb
Thank you.
tl;dr
click here: html5test
full blog post:
I use a lot of different web browsers on a daily bases for testing and viewing company’s web applications and of course for browsing through the internet.
I use firefox cause it’s just works - without a lot of tweeks and has a huge addon library.
I dont like chromium cause i need to work through a lot of different proxies and chromium doesnt have yet a FoxyProxy plugin (or i havent found one yet).
I like working with To see the entire article, click uppon article's title/link.
Thank you.
Inside your project, there is a .git directory
> cd ~/awesome_project/
> cat .git/hooks/post-commit
git show -C | mail -s "git commit at `hostname`" myemail@example.com
simple !