IT Random Stuff

How to secure your linux? (easily) Now days computer security is on the top trending topics for several reasons, the pandemic confiment also boosted the search for this topic. So you have a linux, is it secure? Most likely yes, is it vulnerable, even if daily updated (also see how to speed up apt-update ) due to default values of some configurations. An easy way to enhance Linux security or hardening Linux? Using lynis (also works on OSX) What's hardening?  Basically is just tunning and configuring some features that by default might allow someone to exploit or use that as a vulnerability. (not just one feature per se, but some combined might create something exploitable) How to install lynis on Linux? There are two instalation methods, easy and easiest. The main difference is  the version you download from the Lynis site is always the latest one where the apt-get version might take sometime to get to the lastest.  An example is allowing access to compilers, an intruder...

Remote Desktop Gaming Yes codding rocks, scripts make you smile and git is the new winamp but once in a while it's nice to play a bit. Most people now days have laptops, company laptops or personal laptops, which in general, aren't suitable for gaming nor you want to risk your working tool by overheating it. Installing games on work computers isn't also the brightest idea in the world. There's also the physical part of it, you don't want to move to your desk or across the living room to play.  Desktop's aren't exactly portable Alternatively you can get a gaming laptop, but those are a bit more expensive than usual, also a bit bigger and with less battery life, certainly your company won't get you one and sometimes they're a bit flashy... not ideal for a formal meeting. Care to take it to a formal meeting? Solution : get a cheap desktop, put a GPU on it ( I did it with my dell T1600 cheap homeserver ) and do all the gaming on it remotely How? With a ...

My home server needs All the stuff on the laptop is great, but sometimes I need something with a little bit more power (not Dual core but Quad-Core and more RAM), also I'd like to have something always running and available (dockers for example) and that's not doable with laptops.   So my requirements would be quad-core, expansible RAM up to 32gb, GPU expandable, SILENT, CHEAP, and CHEAP. After some time browsing the net I've found a Dell T1600 for 50$ !!! Dell T1600 home server specs So for 50$ (plus shipping) what does one get? E3-1225 CPU (quad-core 4threads and GPU integrated), 4GB Ram (1066Mhz Dual Channel), GPU NVIDIA Quadro2000, PUS 320W 90%Power Efficient, 500GB HDD and a not so pretty chassis (but will be hidden so no issue here). The CPU and Chassis fan (on the back below the PSU) are very quite by default so at present time no need to change them. T1600 chassis 2 HDD Bays ready to get SSD on it! Upgrades to T1600 What stays what goes and what to enhance?  Clean...

Python static code analysis with Prospector and Bandit Not going to talk about the "why should one use code analysis tools", if you read it up to the end you'll get it! Which code analysis tools? Let's talk about Code Analysis in Python, what to use, why to use, experience on using it. Currently I use only 2, and for me it's the limit of code analysis tools to use at the same time without much overhead.  Prospector & Bandit . Why two? Well one, Bandit,  focus specifically on security on your Python code, the other has a wider range focusing on potential errors, complexity and convention violations . Both overlap in some way, with Prospector replacing Pylint, pep8 and McCabe complexity, endoing: you'll get more than enough code analysis, sometime more than you can handle. (I'll get to that latter on)   How to Install Bandit and Prospector? Installation is very strait forward on both of them. Installing Bandit is as simple as: pip install bandit or  pip3...

How to speed up apt-get updates? Apt is the package manager used on Ubuntu and Debian systems, it's been around for a while and it should be around for a lot more, yet it has a problem: it downloads only one package at a time thus making it slow sometimes, specially if you have tons of tinny packages to update. The solution: apt-fast ! Downloads packages in parallel making A LOT faster. How to install sudo add-apt-repository ppa:apt-fast/stable sudo apt-get update sudo apt-get -y install apt-fast How to use it sudo apt-fast update sudo apt-fast upgrade apt-fast installation That's it!   Obviously the more packages you're installing/upgrading the more you'll notice the difference.

Why the Lenovo X250? My needs: a daily driver laptop, very cheap, light, small, upgradable and serviceable. (want to swap hdd, thermal paste etc) and Linux friendly. All things considered, I came up with a bargain on eBay, a 12.5"  Lenovo ThinkPad X250, i5 5300U with 8gb RAM, 128gb SSD, 2 batteries and HD screen with a barely noticeable bruise (which shall be swapped latter) for 130Euro. X250 condition X250 keyboard and screen The Lenovo X250 in 2019 It's preparation for linux daily driver. The batteries, yep no typo --two batteries-- this model has 2, one internal the other external were ~82% capacity each, the screen bruise is somehow noticeable, the fan and thermals were alright, yet first things to do; swap thermal paste for a top of the line one and swap the 128gb SSD for one bigger a 256SSD.  Keep in mind that there's a whitelist of LCD screens, if not on the list no brightness control on windows. So price tag till now: X250 + Postage = 130Euro Gri...

What’s a honeypot what what it’s purpose ? It’s basically a computer or Virtual Machine emulating some services (ex: ssh, ftp, telnet, netbios, https, samba server etc) and accepting, logging and sending warnings of all incoming connections. You can use it as intrusion detection or early warning system but it also might go a little further and allow one to get inside the intruders ”head” since you get to log every interaction. How and where should it be placed? Let’s start with “where”. I usually place them in specific areas to get an idea how/or if the network is tested from outside or inside. So I have about three major areas; behind firewalls, in “sensible zones” where only pre-defined machines should have access and in the “public zone” such as administrative/general network. Placing a honeypot behind firewalls/”sensible zones” will ensure that the firewall is doing it’s and if you get a hit that means you have a miss-configurations or a serious intrusion. Honeypots place...