Ervin Barta ervinb

This is a mini-HOWTO for setting up Linux Containers (LXC) on Ubuntu. This guide focuses on the creation of a web server with good process isolation and firewalling.

Dependencies

apt-get install lxc

Create a container

This is an example of using Linux Kernel's Transparent Proxy to route all TCP traffic to docker containers without having to resort to PROXY protocol which is not supported by some applications (e.g. sshd). To get the demo to work you only need vagrant installed:

git clone [this-gist] tproxy-demo
cd tproxy-demo
vagrant up

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

QEMU/KVM Cheatsheet

Create KVM image with virt-build

cd /var/lib/libvirt/qemu/

sudo virt-builder fedora-26 \
--arch x86_64 \
--size 20G \
-m 8192 \

Find the original here article here: Devops Best Practices

DevOps started out as "Agile Systems Administration". In 2008, at the Agile Conference in Toronto, Andrew Shafer posted an offer to moderate an ad hoc "Birds of a Feather" meeting to discuss the topic of "Agile Infrastructure". Only one person showed up to discuss the topic: Patrick Debois. Their discussions and sharing of ideas with others advanced the concept of "agile systems administration". Debois and Shafer formed an Agile Systems Administrator group on Google, with limited success. Patrick Debois did a presentation called "Infrastructure and Operations" addressing

	#!/bin/sh


	# Setup some variables needed for bootstrapping the environment
	ROOT=/home/vrde/projectz/myproject
	REPOS=${ROOT}/repos

	export PYTHONPATH=${REPOS}

	# Rails Stuff
	alias stoprails='kill -9 $(lsof -i :3000 -t)'
	alias startrails='rails server -d'
	alias restartrails='stopRails && startRails'

	#Check PHP For Erroes
	alias phpcheck='find ./ -name \*.php \| xargs -n 1 php -l'

	# ROT13-encode text. Works for decoding, too! ;)
	alias rot13='tr a-zA-Z n-za-mN-ZA-M'

	/**
	* NOTE: Earlier versions of this file used `php artisan serve`.
	* However, Codeception and/or PhantomJS is not too fond of
	* running that way for some reason. I ended up switching
	* to Apache since that's what worked for all our devs
	* locally. This script now includes how to get that
	* setup properly. Please enjoy this responsibly.
	*
	* Assumptions:
	* Using site5/phantoman to run phantomjs as the headless browser

	#!/usr/bin/env python
	import json
	import sys

	try:
	dotenv = sys.argv[1]
	except IndexError as e:
	dotenv = '.env'

	with open(dotenv, 'r') as f:

	#!groovy
	import groovy.json.JsonOutput
	import groovy.json.JsonSlurper

	def label = "mypod-${UUID.randomUUID().toString()}"
	podTemplate(label: label, yaml: """
	spec:
	containers:
	- name: mvn
	image: maven:3.3.9-jdk-8