cron.weekly issue #74: RHEL 5, linkerd, hping3, Nginx, Bash, Ceph, Postfix & moreApril 2, 2017 - Mattias Geniar
Welcome to corn.weekly issue #74 for Sunday, April 2nd, 2017.
Every tech company had its April Fools joke yesterday. Imagine all that effort going to feature, bugfixes and real product enhancements … 🙂
This is a slightly smaller issue, it’s been a busy week and time’s lacking to provide more context. But still plenty of links to follow-up on.
If you have any Red Hat Enterprise Linux 5 running, or one of its derivatives like CentOS, be aware: as of April 1st, there will no longer be security or bugfixes. It’s time to move on.
A lawyer’s take on open source licenses.
Google has built a new open source website, showcasing its 2.000+ projects.
Tools & Projects
Track & alert on the health and performance of every server, container, and app in any environment, with Datadog. Sign up for a free 14-day trial. (Sponsored)
linker∙d is a transparent proxy that adds service discovery, routing, failure handling, and visibility to modern software applications.
A TCP load balancer for the linkerd service mesh.
DNSCrypt is a protocol that authenticates communications between a DNS client and a DNS resolver. It prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven’t been tampered with.
Algo VPN is a set of Ansible scripts that simplify the setup of a personal IPSEC VPN. It uses the most secure defaults available, works with common cloud providers, and does not require client software on most devices.
DragonFly version 4.8 brings EFI boot support in the installer, further speed improvements in the kernel, a new NVMe driver, a new eMMC driver, and Intel video driver updates.
Moloch is an open source, large scale, full packet capturing, indexing, and database system. Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access.
Puppeteer is a design configuration smell detection tool for Puppet code.
Space-vim is a vim distribution for vim plugins and resources, compatible with Vim and NeoVim. It is inspired by spacemacs and mimics spacemacs in a high level, especially in the whole architecture, key bindings and GUI.
hping3 is a network tool able to send custom TCP/IP packets and to display target replies like ping program does with ICMP replies. hping3 handle fragmentation, arbitrary packets body and size and can be used in order to transfer files encapsulated under supported protocols.
Guides & Tutorials
A good explanation of the TCP options in Nginx, on top of its ability to load balance HTTP traffic.
Some very nice drawings explaining virtualization, containers, cgroups & namespacing. If you like visual representations to grasp tech concepts, you’ll appreciate this.
This post covers rebalancing nodes, the ideal cluster size & setup, the different storage pools, etc.
A very good write-up to clearly explain containers vz. Solaris Zones vs. BSD jails vs. Virtual Machines.
If you like stories of hacked servers and compromised applications, this post has you covered: details on post-exploitation strategies, bash & perl code to spread malware, …
This post covers Bash loops, why quoting your variables is important, types of variables, writing safe Bash code, …
A guide to setup Postfix, tips on checking your mail queue, fighting spam, adding TLS to SMTP, …
This event takes place on May 3rd 2017 in Switzerland.