Tag Archives: how-to

Perfect SSL in Apache

Thanks to Edward Snowden we have learned a lot about threats from various(although mostly US) governments. We started to think more about secure technologies and cryptography. I was advertising high security standards even before the Snowden’s leaks. Some of my friends thought that I was being paranoid. Now everyone knows better than to trust RSA or any of their products. Everyone is aware of malware designed by intelligence agencies. Universal snooping isn’t an Orwell’s fantasy anymore, it’s reality.

HTTPS everywhere Continue reading Perfect SSL in Apache

BCM43228 Support in Kali Linux

I have a terrible experience with wireless interfaces in Kali Linux. Either I’m unlucky in this regard or Kali team just doesn’t want to include as many wireless drivers as other distros do, but when I try to get WiFi running on Kali – it always ends up in few hours of work. This time I struggled with a Broadcom BCM43228 card. Apparently there is no support for this model in an open Broadcom driver and you need to install the proprietary one.

Installation isn’t simple one either, so I documented all the steps in case I’ll need to repeat them some time. Hopefully it’ll also prove useful for someone else.

Continue reading BCM43228 Support in Kali Linux

Sending encrypted attachments via sendmail

If you are like me, you have some scripts which report to you via email. Most of the time the report is just a simple text, but sometimes you will want to receive a file(f.e. a screenshot).

It isn’t the bad idea per se, but emails travel unencrypted through the Internet. As you know, NSA and other bastards are there to gather all the data which passes through. Therefore it’s a good idea to encrypt everything you send. I won’t tell you how to encrypt your personal email. It’s kinda simple task and multiple guides exist. I would like to share with you a way to encrypt an output from your script, which will be passed to sendmail.

I am using sendmail, not mailx, because you can find it on almost every system, much like vi. This how-to is based on following post: http://backreference.org/2013/05/22/send-email-with-attachments-from-script-or-command-line/ . So I will tackle two problems at once here: files and encryption. Of course, if attachments aren’t needed, it is even simpler. Continue reading Sending encrypted attachments via sendmail

Testing new libvirt features on Ubuntu 12.04

If you are like me and you want to experiment with cutting edge virtualization technologies on LTS version of Ubuntu(12.04 aka Precise Pangolin), you will soon find out that this is not so easy. But, of course, it is still possible. First of all, keep in mind that to achieve this, you will be turning your stable LTS system into unstable one and I can’t guarantee that everything will work as expected or work at all. You have been warned… 🙂 Continue reading Testing new libvirt features on Ubuntu 12.04

Archiving Webcomics

I enjoy reading webcomics in my spare time, but they have one common disadvantage. Well… uh… they are all web- and this means that they are accessible only online. It can be useful to be able to read your favourite webcomic offline. Or maybe you just want to back it up, just in case. Websites have a tendency to go down. In any case, you can easily archive them via command line.

Continue reading Archiving Webcomics

Converting VirtualBox to VMWare ESXi

Oracle(former Sun) VirtualBox provides virtualization solution without much hassle and requires almost no initial knowledge about virtualization technologies, but it isn’t designed for an enterprise usage. It just lacks the same flexibility and the features of VMWare. Sadly, migration from one application to the other isn’t straightforward. I stumbled upon two good resources on this subject. First guide is somewhat outdated, but it outlines the parts which need to be changed. Second link gave me an insight into the problem and I was able to solve everything else.

Continue reading Converting VirtualBox to VMWare ESXi

Converting APE+CUE images to FLAC tracks

I have some music files compressed with Monkey Audio lossless codec. I had no complaints about this situation until I tried to listen to these files on my smartphone. My phone just couldn’t play them. Well, I could either find the way to install Monkey Audio codecs on Android, or I could convert them to another format(for example, FLAC). As you probably have guessed already, I chose the latter option.

I had only vague idea how to do this. And what do you do in this kind of situation? Google, of course. Solution was here. Well, not exactly. It was written by FreeBSD user more than 3 years ago. Still, I am grateful to the author, because with some slight changes I was able to achieve my goal. In case you will need to do the same, I present you this post. Continue reading Converting APE+CUE images to FLAC tracks

SSHD bruteforce protection

If you have ever administered a server accessible from the Internet, you should probably know that leaving SSH daemon on the standard 22th port isn’t such a good idea. If you have good, difficult to guess password, constant brute-force attacks are mostly nuisance, not a threat, but all that spam in my logs from failed logins irritates me. Port could be changed, right, but it’s not always possible for various reasons. Company’s policy or client’s wish, maybe something else. There is always the possibility that you will need to leave this daemon on the standard port. But there is inbuilt option to protect from brute-force attacks.

Continue reading SSHD bruteforce protection