Подпишете петицията ПРОТИВ чл. 13.

Всеки потребител на интернет би трябвало вече да е запознат с чл. 13 и за какво служи. Все пак резюмирано: интернет доставчиците имат право да филтрират интернета, който предлагат. Това би довело до масова цензура, поръчкови новини и още по-голяма корупция. Също така, това е поредната стъпка към централизацията на интернета. НЕ ГО ЖЕЛАЕМ И НЕ НИ ТРЯБВА. Ако сте адекватен човек, подпишете ПЕТИЦИЯТА.

Free image stock and graphical resources

Recently, I needed huge photo database from which I can choose couple of images for an upcoming project of mine for the web site I am preparing. It is a product oriented web site but right now I don’t posses the product so it was simply impossible to pay for photographer. Until the product is here, I needed photos /or any graphical resources/. So, here is the list of what I’ve managed to collect:

Blog posts (in Bulgarian with free resources):

 

openSUSE в България с 2 събитие за този месец!

С момчетата от openSUSE България започнахме да обикаляме из родината и да проповядваме словото на гущера. През изминалата седмица се състоя събитието във VarnaLab.

На 26.04, т.е. утре, предстои събитието в София. Какво ще представлява?

В малко повече детайли, програмата изглежда така – ще започнем с кратък преглед на историята на SUSE и openSUSE, последван от представяне на екосистемата на SUSE/openSUSE, с маркиране на основните компоненти и връзките помежду им. След това ще кажем няколко думи за това какво всъщност е openSUSE и какво интересно има там, както за начинаещи, така и за професионални потребители. Накрая ще покажем в действие някои от по-интересните неща, за които сме говорили.

Адресът е:
гр. София, бул. “Акад. Иван Гешов” 2Е, сграда 3, етаж 2.

За повече информация се обърнете към мен, към Димитър Захариев или Радо Панев!

How to create ssh tunnels and access locally any remotely hosted services

Wassup y’all,

I want to start off by saying that this is my very first time writing an article of any sort. Thanks to Rosen for letting me write as a guest on his awesome website. Anyhow, I hope you find the information below useful and practical as much as I have. Enjoy!

SSH tunnels

Several months ago, I quit Tech Support and started working as a Sys Admin for a storage company (still learning, there’s a looong way to go…). I knew about the power of SSH before, but on several occasions, I found out that creating SSH tunnels can be super useful and it gives you the freedom to quickly access devices from anywhere you want.
In my particular situation, I have a Raspberry Pi 3 sitting at home, up and running all the time, which I use for pretty much anything that I want to experiment with, whenever I get the chance… That last part is key: I want to be able to access the little gadget whenever I feel like it, and not be restricted by my location or the computer I’m accessing it from.

After I set up proper port forwarding in my home router (check the web if you don’t know how to do that yet, it’s very useful), I had to SSH to my external IP address and the specific port, which would in turn forward that to port 22 on my Raspberry Pi, allowing me to type my password at the prompt. Pretty basic procedure but I wasn’t really happy with the fact that I have to specify and address, a port, and type a password. I wanted to create some sort of an alias which would include all that information. I wanted the process to be as automated as possible, and after quite some time digging around on the web, here are the possible solutions that I found:

Simple SSH with an SSH key

You can always use sshpass and use the -p flag to give the password in the command itself, but this is not very safe, as anybody with access can check the CLI history or the current SSH session process (ps aux | grep ssh) and see the password.

Continue reading “How to create ssh tunnels and access locally any remotely hosted services”

SSH aliases

I was extremely tired of typing hostnames of the machines we are using at the office. I had these days when I ssh to a single machine 20 times. And I don’t want to remember names or IPs. Of course, you can generate private keys and passphrase but if you don’t have this option or knowledge, you can make SSH alias to a common server. Follow few easy steps:

Use you favorite text editor, I like MC:

mcedit ~/.ssh/config

In the config file add these lines (and put your server settings):

Host ALIAS_NAME
HostName IP_or_HOSTNAME
Port 22
User USERNAME

By typing in the terminal “ssh ALIAS_NAME” this will lead you to the password prompt of the server instantly.

Bash script that exits after specified time

Yo,

I want to share with you a script I wrote. It’s about quitting/killing your script process after X seconds, managed entirely by you. You should know that bash in not “smart”. Doing arithmetic operations can be painful. I needed a script which collect MySQL processlists. Of course this can be done manually but the thing is that I needed this to start on Monday, 1 AM. I am too lazy and sleepy to work at night. And I couldn’t risk to put a script in the crontab without exiting after the needed time. I cannot be sure how big logs I will collect. That’s why I wanted my script to finish at 3:00 AM.

 

#!/bin/bash

echo “_______________________________________”
echo “|                                                                            |”
echo “|Logging full processlist every second!               |”
echo “|______________________________________|”

UNIX_TIME_NOW=$(date +%s)
EXTRA_TIME=12600
UNIX_TIME_LIMIT=$(( UNIX_TIME_NOW + EXTRA_TIME ))

while [ “$UNIX_TIME_LIMIT” -gt “$UNIX_TIME_NOW” ];
do
NOW=`date ‘+%Y-%m-%d__%T’`
mysql -u -p -e “show full processlist” | grep -v ‘Sleep’ | tee -a /your/dir/plist-$NOW.log
sleep 2s
UNIX_TIME_NOW=$(date +%s)
done

 

What the script does is calculating current time and adding extra time set by me. When the clock measures EXTRA_TIME the script will exit.

Linux Mint website got HACKED!

Beware of hacked ISOs if you downloaded Linux Mint on February 20th! Or at least what they (from Mint) say.

What happened?

Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it.

Does this affect you?

As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition.

If you downloaded another release or another edition, this does not affect you. If you downloaded via torrents or via a direct HTTP link, this doesn’t affect you either.

Finally, the situation happened today, so it should only impact people who downloaded this edition on February 20th.

How to check if your ISO is compromised?

If you still have the ISO file, check its MD5 signature with the command “md5sum yourfile.iso” (where yourfile.iso is the name of the ISO).

The valid signatures are below:

6e7f7e03500747c6c3bfece2c9c8394f linuxmint-17.3-cinnamon-32bit.iso
e71a2aad8b58605e906dbea444dc4983 linuxmint-17.3-cinnamon-64bit.iso
30fef1aa1134c5f3778c77c4417f7238 linuxmint-17.3-cinnamon-nocodecs-32bit.iso
3406350a87c201cdca0927b1bc7c2ccd linuxmint-17.3-cinnamon-nocodecs-64bit.iso
df38af96e99726bb0a1ef3e5cd47563d linuxmint-17.3-cinnamon-oem-64bit.iso

If you still have the burnt DVD or USB stick, boot a computer or a virtual machine offline (turn off your router if in doubt) with it and let it load the live session.

Once in the live session, if there is a file in /var/lib/man.cy, then this is an infected ISO.

What to do if you are affected?

Delete the ISO. If you burnt it to DVD, trash the disc. If you burnt it to USB, format the stick.

If you installed this ISO on a computer:

Put the computer offline.
Backup your personal data, if any.
Reinstall the OS or format the partition.
Change your passwords for sensitive websites (for your email in particular).

Is everything back to normal now?

Not yet. They took the server down while fixing the issue.

Who did that?

The hacked ISOs are hosted on 5.104.175.212 and the backdoor connects to absentvodka.com.

Both lead to Sofia, Bulgaria, and the name of 3 people over there.

 

So as you can see, Bulgarian hackers did this. Not so proud right now 🙂 If my people are gonna hack something, there are tons of websites that need to be removed. But Linux Mint .. come on 🙂

 

EDIT: infected backdoor file exposed on GitHub. Malicious Linux Mint iso file can be searched: find / -iname man.cy

Useful IT project management terms

While I was reading TechRepublic’ blog, I found extremely useful post regarding IT PM. As a fan of management, I decided to share this article with you. So, here they are:

 

Assumption

There may be external circumstances or events that must occur for the project to be successful (or that should happen to increase your chances of success). If you believe that the probability of the event occurring is acceptable, you could list it as an assumption. An assumption has a probability between 0 and 100%; that is, it is not impossible that the event will occur (0%), and it is not a fact (100%) — it is somewhere in between. Assumptions are important because they set the context in which the entire remainder of the project is defined. If an assumption doesn’t come through, the estimate and the rest of the project definition may no longer be valid.

Client / customers

The person or group that is the direct beneficiary of a project or service is the client / customer. These are the people for whom the project is being undertaken (indirect beneficiaries are stakeholders). In many organizations, internal beneficiaries are called “clients” and external beneficiaries are called “customers,” but this is not a hard and fast rule.

Constraints

Constraints are limitations that are outside the control of the project team and need to be managed around. They are not necessarily problems. However, the project manager should be aware of constraints because they represent limitations that the project must execute within. Date constraints, for instance, imply that certain events (perhaps the end of the project) must occur by certain dates. Resources are almost always a constraint, since they are not available in an unlimited supply. Continue reading “Useful IT project management terms”