Migrating to Middleman

My blog has a history of migrations. It started as wordpress, then was converted Octopress. After Octopress was missing update-love and jekyll started to be actively maintained again it switched over to jekyll. And now, it finally is based upon Middleman. Sorry for any inconvinient bugs or layout errors that will happen during the migration. Why have I switched to middleman? as I’m a RoR devleoper it seems better suited for me.

Review: Penetration Testing with BackBox

Full-disclosure: I was asked by PacktPublishing to provide a review of Penetration Testing with BackBox by Stefan Umit Uygur. They offered me a free copy of the ebook; otherwise I have not been compensated by any means for this review. The book aims to be an introduction to penetration-testing for experienced Unix/Linux users or administrators (seems like there are Linux users that aren’t administrators by now). After reading the book I believe that the assumed use-case is an administrator that wants to gain some insight into the tools that might be used against his server.

Using a (host) reverse-proxy together with LXC application servers

The basic idea is to move application servers into LXC containers while keeping the HTTP server part (which is also responsible for hosting static files) on the host system. Normally an incoming request would be handled by an HTTP server on the host as well as by an HTTP server on the virtualized client: 1 browser -> http server(host) -> http server (guest) -> app-server (guest) I’m configuring the host HTTP server to directly communicate with the app worker, thus:

How to convert an KVM image into a LXC container

KVM was an improvement over Xen for me. Still for many use-cases a LXC are a more performance, light-weight alternative – which also seems to be en vougue nowadays. Through switching to LXC I’ve reduced my overall memory usage a bit – the main benefit is, that processes within an LXC container are separated processes within the host system. This should allow the host system to manage memory (think cache, buffers, swap, etc.

How to use virt-install to install new virtual machines within libvirt/kvm

I’ve been using KVM and virt-install to manage virtual machines on one of my servers, this post shows how to use virt-install. According to the package management system I’m having the following packages installed: 1 2 3 4 5 6 7 8 9 root@edgewalker ~ # dpkg -l | grep virt ii libvirt-bin 1.1.1-0ubuntu8.1 amd64 programs for the libvirt library ii libvirt0 1.1.1-0ubuntu8.1 amd64 library for interfacing with different virtualization systems ii munin-libvirt-plugins 0.

Rogue Access Point and SSL Man-in-the-Middle the easy way

After I’ve tried setting up a rogue access point using squid and hostapd I’ve seen that KDE’s network-manager offers host access-point functionality. How easy is it to combine this with BURP for an SSL man-in-the-middle attack? Well some GUI clicking and 3 command line invocations.. The Hardware I bought two USB 802.11n wireless adaptorts on deal extrem, so far both of them work as an access point: a small whitish one for $5.

How-to setup a rogue access point with a transparent HTTP(s) proxy

I’m always reading about dangerous rogue access points but never actually have seen one in action. So what better than create a test setup.. Hardware for this test setup will be * my old linux notebook (a macbook pro) as fake access point * a small deal extreme network card (Ralink 5070 chipset). I’ve actually bought three differnet wireless cards for under $20 and am trying out the different chipsets.

Politics: there seems to be no middle anymore

Yesterday was this year’s “Akademikerball” in Vienna. This is a continuation of the former WKR ball – which is used for right-wing networking across Europe and organized by the Austrian Freedom Party. This party in turn is a right-wing party: populist, xenophobic, haven of people with a far-right history. Opposed to this party were protests mostly organized by the left-ish social party and the green-alternative party. Police forces were using this event as a show-of-strength.

Luxury is Slavery

It’s weakness. Well at least un-enjoyed luxury that has become an everyday event is. This has nothing to do with morals. Luxury costs money. Making money makes you dependant and consumes your free time, it reduces your financial freedom. So if you’re spending your life on luxury make sure that it counts and you’re enjoying it every moment.

Review and New Year's resolutions

Yeah, let’s make some new year’s resolutions so that I can feel bad breaking them. The big ones are: Stop smoking. And nail-biting. Both might be the same outlet of my nervousness, let’s see if I can get them under control. Start doing Yoga and/or Meditation again. To be honest, this will be needed to get resolution #1 to work. Continue climbing. Alas my left wrist joint seems to have suffered sometime last year – I’ll gonna go to the doctor, but might have to reduce my bouldering for a bit.