August Browser Tab Round-Up

Security

Hardening Framework

The Hardening Framework combines DevOps with security by adding a security layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults.

InSpec – Audit and Test Framework

InSpec is an open-source testing framework for infrastructure with a human-readable language for specifying compliance, security and other policy requirements. Easily integrate automated tests that check for adherence to policy into any stage of your deployment pipeline.

Kali Linux Revealed – Mastering the Penetration Testing Distribution

Whether you’re new to Information Security, or a seasoned security veteran, the Kali Linux Revealed Book and our online training exercises have something to teach you.

laramies/theHarvester

theHarvester – E-mail, subdomain and people names harvester

ModMy – Myriam Security Challenges, exploit education tool, scores an update

Myriam Security Challenges, exploit education tool, scores an update The best tool for learning exploiting has just scored a new update Myriam has just received an update bumping it to version 4.0 and has been released on Cydia. The update adds bugfixes and a new Touch ID module for Touch ID exploitation education.

Linux

How to move/migrate LXD VM to another host on Linux

Explains how to migrate LXD (Linux container) vm from a local server1 to a emote server2 server using API method.

Queueing in the Linux Network Stack

A slightly shorter and edited version of this article appeared in the July 2013 issue of Linux Journal. Thanks to Linux Journal’s great copyright policy I’m still allowed to post this on my site. Go here to subscribe to Linux Journal.] Packet queues are a core component of any network stack or device.

Vultr: High Performance SSD Cloud.

Deploy high performance SSD VPS on the worldwide Vultr network in 60 seconds. Sign up for free and start hosting virtual servers today!

Docker in Development

A small course on using Docker Compose to get started using Docker now. We’ll cover docker-compose, volumes, networks and more!

Start Improving Your Chef, Automation, And Devops Skills Today – Only At Learn Chef Rally!

Learn how treating your infrastructure as code with Chef simplifies the way you manage and automate your infrastructure, making it more maintainable, versionable, testable, and collaborative.

DNSDiag

No Description

Solaris FMD logs – solaris… wtf?!?

(based on FMA Cheat Sheet (Doc ID 1355350.1)) Had some issues in the last days getting my “fmadm faulty” empty…

Oracle Big Data

Oracle Big Data Lite Virtual Machine v 4.9

Oracle BigDataLite is a VM that helps you get started with the Oracle big data platform.

No Title

No Description

Oracle Big Data Learning Library

Oracle Big Data Learning Library, Welcome , Learn about Oracle Big Data, Data Science, Learning Analytics, Oracle NoSQL Database, and more!

https://pythonhosted.org/python-hpilo/index.html

Exadata

IOsaturationtoolkit-v2 with Exadata IORM and AWESOME text graph

I’ve got a new version of IOsaturation toolkit which you can download here https://karlarao.wordpress.com/scripts-resources/ and it has a cool script called “smartscanloop” that shows you the Smart Scan MB/s per database across the Exadata compute nodes.. it’s a per 2secs sample so that’s a pretty fine grained perf data and near real time text graph.


http://karlarao.tiddlyspot.com/#%5B%5Bawr_iowlexa.sql%20-%20Hierarchy%20of%20Exadata%20IO%5D%5D

Monitoring Smart Flash Cache Activity on Oracle Exadata

With a bit of effort and preparation, monitoring Smart Flash Cache can be fairly easy. If the time is taken to also establish user equivalence between nodes and storage cells, the process can be automated via cron. Read on to learn more.

Geography

National Park Maps | NPMaps.com – just free maps, period.

The National Park Service publishes tons of great free maps; I’ve collected them all for you. Here on NPMaps you’ll find hundreds of PDF and image files of any U.S. national park map; you can view all parks alphabetically and sort by state .

Coding

No Title

No Description

Open Source Projects

dapulse: Project management is better when it’s visual

The best tool is the one that your team actually uses, and dapulse comes with built in addiction. Get addicted to turning things green.

Passbolt | Open source password manager for teams

Passbolt is a free open source password manager for teams. Try our online demo!

Music

Theme Time Radio Hour Archive | Dreams, Schemes & Themes…

On May 3, 2006, satellite radio listeners tuned in to the sultry growl of a living legend who took them on a thematic journey through musical history. Theme Time Radio Hour, hosted by Bob Dylan, included both the most well-known and ultra-rare musical testimonies to the assorted concepts to form a thematic narrative through our collective consciousness.

Learn the Basics of Music Theory With This Interactive Tutorial

As a fan of music, I’d love to learn how to make a song. Devoting time to learning music theory, however, isn’t exactly on my list of priorities. Music lessons are intimidating, they’re a little inconvenient, and definitely pricey. So this interactive tutorial on beat-making from Ableton is perfect for the budding musician in all of us.

Weather

Weather Forecast Maps

Animated wind, rain and temperature maps, detailed forecast for your place, data from the best weather forecast models such as GFS, ICON, GEM

Windows

How to turn your Windows laptop into a WiFI Hot Spot | Dell US

How to turn your Windows laptop into a WiFI Hot Spot Instructions below will show you how to turn a computer into a WiFi hotspot without using a third-party software that may likely eat up memory even after it is closed. Any machine running Windows XP and up, including Windows 8.1 Preview, will work using commands below.

Playing with Bitcoin

Blockchain and Bitcoin are still way too complex for mainstream adoption.
Here are some links I’ve had to use over the past weeks to manage a few simple transactions.
(Don’t trust these links – rather visit the sites directly – there’s a lot of mischief in this space)

https://blockchain.info – Bitcoin wallets, status, API
Note – not easy to get the private keys to one’s wallet, had to go through a BIP39 mnemonic conversion from https://github.com/iancoleman/bip39
More on blockchain.info private key management here: https://bl4nkcode.info/bitcoin/how_to_export_blockchain_wallet_private_key#bip39-standalone.html

Don’t underpay your Bitcoin transfer fees – you’ll get your money stuck for eternity.
https://support.21.co/bitcoin/transactions-and-fees/what-happens-when-a-fee-is-too-low
Check the current fee levels here: https://bitcoinfees.21.co/
If your coin does get stuck, luckily there’s CPP – Child Pays for Parent – perform a child transaction with one of the outputs (hopefully you have leftover coin to work with) and bump up the fee to the total satoshis per byte that it should have been for all your stuck transactions in that chain – Blockchain.info will give you each transaction size in bytes and you’ll need to multiply it out.

https://pool.viabtc.com/tools/txaccelerator/ – Bitcoin transaction accelerator (free), uhm, whatever.

https://blockexplorer.com/ Blockexplorer, among other features, will give you details on how fast blocks are completing, which should give a rough idea of the state of mining.

https://coinb.in/ Coinbin is the coolest – a javascript based in-browser wallet and manual transacting system.
If you can use this tool effectively you probably understand blockchain. It’s not for those who are careless with security or those who don’t want to perform very manual bitcoin transactions. They also offer a wallet, but best be careful you don’t make a mistake.

https://coinmarketcap.com/ – What are the total values of each of these currencies? Hint: a lot smaller than the values of the dotcom giants.

Bitcoin Cash
https://bcc-wallet.btc.com A Bitcoin Cash wallet. Very rudimentary, but does the job for this alt currency.

http://blockdozer.com/insight/status Blockdozer for insights into Bitcoin Cash addresses, blocks and transactions.

https://www.bitfinex.com/stats Bitfinex cryptocurrency data and charts

https://www.blocktrail.com/BCC Bitcoin Cash blockchain and block insights, including visibility to the test networks.

http://www.techradar.com/how-to/how-to-claim-bitcoin-cash-bcc-using-the-electron-cash-wallet Get your Bitcoin Cash

Other
https://chain.com/ – Roll your own blockchain…

https://www.rootproject.co/ – An Ethereum based project, let’s see if their noble plan works…

Convert between cryptocurrencies at: https://www.shapeshift.io and https://changelly.com

Browser Tab Roundup April 2017

The Nifty Cook My Meat Tool Helps You Cook the Perfect Steak With Science

If you’ve ever prepared a steak and wished you could see what the meat actually looked like on the inside before you cut into it, Cook My Meat can offer a glimpse. A big, frozen rib-eye may not seem like something you can just throw on the grill at the last…

You Fail Because You Lack Energy, Not Time: Lifehacks for an Energy-Efficient Brain

Got a big goal? Shift your focus to managing your energy and the time crisis will solve itself. We spend a lot of energy trying to save time, but in reality, we should be doing it the other way around: spending time trying to boost our energy. The reason?

50 Things You Can Control Right Now

“Why worry about things you can’t control when you can keep yourself busy controlling the things that depend on you?” ~Unknown CNN reports that psychic businesses are thriving in this challenging economy, and the clientele has expanded to include more business professionals who are worried about their financial future.

Advice on how to play a gig by Thelonious Monk

In 1960, saxophonist Steve Lacy wrote down a list of advice from jazz pianist Thelonious Monk on how to play music. Among the items on the list: Just because you’re not a drummer, doesn’t mean you don’t have to keep t

Data Selfie Analyzes Your Facebook Usage to Show What Companies Can Learn About You

Chrome: Facebook collects a lot of your data, but you might never get to see what they really learn about you. Data Selfie aims to give you a glimpse by letting you analyze your own Facebook usage. While there’s no way to know exactly how Facebook analyzes your data without working for the company, Data Selfie gives you a rough approximation.

The ear training guide for audio producers

Ear training, the practice of learning how to recognize certain sounds, is a must for audio producers.

This Video Is a Quick Primer on How to Read Sheet Music

Learning to read music is like learning to read another language. Sheet music has a variety of dots, lines, and symbols to tell you what and when to play. It all looks very daunting at first, but this video helps you break down some of the basics.

5 Easy Ear Training Techniques You Can Work on Every Day – Soundfly

If you’re one of the human beings on Earth born with two functional ears, you should consider yourself lucky. Not only are you a miracle of evolution and natural selection, but you get to experience the vibration of air molecules and interpret them as different sounds!

Commandline Challenge

No Description

LUNAR – Lockdown UNix Auditing and Reporting

A UNIX security auditing tool based on several security frameworks Introduction This scripts generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Where possible there are references to the CIS and other benchmarks in the code documentation.Why a shell script?

Stop Disabling SELinux: A Real-World guide

It’s 2017, and your New Year’s resolution should be to stop disabling SELinux. SELinux does a great job of doing what it says on the tin – making your servers safer. It doesn’t matter if a Docker, Samba or even Flash vulnerability hits, as SELinux can contain it.

Exadata Simulator, 2way RAC + 1 storage cell

To build a more useful simulator for studying, due lack of memory of my laptop, I must create a single cell – single db configuration. But I can try building a 2 way RAC on a single cell and …

Oracle VM Storage Design Considerations | Mokum Solutions, Inc.

By Roddy Rodstein 09/11/2015 This post is applicable to all Oracle VM Releases There are many Oracle VM storage design considerations each with a multitude of functionally, and options that need to be understood before creating an Oracle VM server pool.

Riemann – A network monitoring system

Riemann aggregates events from your servers and applications with a powerful stream processing language. Send an email for every exception in your app. Track the latency distribution of your web app. See the top processes on any host, by memory and CPU. Combine statistics from every Riak node in your cluster and forward to Graphite.

Logz.io: Secure & Scalable Log Management with Cloud-Based ELK

Easily index, search, visualize and analyze your data! “We chose ELK because it is open source and supported by a huge community. Logz.io’s ELK as-a-service works fast and allows us to save time and money.” Shahar Kedar VP of Engineering “As a rapid growth company the ability to scale is crucial.

Getting Started with Logstash | Logstash Reference [5.5] | Elastic

This section guides you through the process of installing Logstash and verifying that everything is running properly. After learning how to stash your first event, you go on to create a more advanced pipeline that takes Apache web logs as input, parses the logs, and writes the parsed data to an Elasticsearch cluster.

Logstash Tutorial: How to Get Started

A great use for the ELK Stack is the storing, visualization, and analysis of logs and other time-series data. Logstash is an integral part of the data workflow from the source to Elasticsearch and further.

Google Infrastructure Security Design Overview | Solutions | Google Cloud Platform

The Compute Engine control plane exposes its API via the GFE, and so it takes advantage of infrastructure security features like Denial of Service (DoS) protection and centrally managed SSL/TLS support.

No Title

No Description

Hipster Business Name Generator

No Description

Graphite

Graphite is an enterprise-ready monitoring tool that runs equally well on cheap hardware or Cloud infrastructure. Teams use Graphite to track the performance of their websites, applications, business services, and networked servers. It marked the start of a new generation of monitoring tools, making it easier than ever to store, retrieve, share, and visualize time-series data.

Grafana – The open platform for analytics and monitoring

Data visualization & Monitoring with support for Graphite, InfluxDB, Prometheus, Elasticsearch and many more databases