Anni fa (era il 2006), Annalisa Binato, Laura Sfardini ed io scrivemmo un libro di Ingegneria del Software. Non abbiamo più avuto tempo di aggiornarlo e di seguirne la distribuzione. Oggi il libro non è più a catalogo, ma siccome è ancora utilizzato in alcuni corsi, abbiamo chiesto all’editore di poter avere una copia dei PDF dei diversi capitoli, che adesso mettiamo a disposizione di tutti coloro che volessero utilizzarli.

Ingegneria del Software

Io l’ho già scaricato e riassemblato, poi tu fai come credi.

• EasyEngine – Easy WordPress Nginx – EasyEngine (ee) is a linux shell-script to manage your WordPress-Nginx websites on Ubuntu and Debian server.
• fresh – Keep your dot files fresh – fresh is a tool to source shell configuration (aliases, functions, etc) from others into your own configuration files. We also support files such as ackrc and gitconfig. Think of it as Bundler for your dot files.
• Cloud Orchestration & Cloud Automation the DevOps Way | Cloudify – Orchestrate Real Apps on the Cloud with Cloudify Achieve a smooth transition to the cloud and easy automation of even the most complex applications throughout their entire lifecycle with Cloudify. Orchestrate the creation of the whole cloud infrastructure required for your application, starting from compute resources all the way down to networks and block storage devices. Cloudify will then deploy your applications to the cloud (OpenStack, VMWare vSphere, or even bare metal like Softlayer), monitor their progress and scale them when needed. With Cloudify, you won’t be locked in to any one cloud provider or one type of cloud; deploy the same application in your own data center or on the cloud of your choice using your favorite automation and configuration management tools. Monitor, manage and scale your application with Cloudify, whatever the topology or technology stack.
• BLACKLISTALERT.ORG – Email Problem ? – Test if your IP or DOMAIN is blacklisted in a spamdatabase – Undelivered Email ? – Test if your IP or DOMAIN is blacklisted in a spamdatabse.
• Ridiculously simple NTLM Authentication for Apache (Ubuntu) | Kieran Barnes-Lucas
  We all know Ubuntu makes things amazingly simple. This is the best I’ve found so far. NTLM authentication in Apache used to take a while to setup, it used to be tricky, fiddly – generally a bit hit and miss.

• Relentless Coding – A Javascript malware analysis tool using static analysis / deobfuscation techniques and an execution engine featuring HTML DOM emulationRead more »
• Deis | Your Paas. Your Rules. – Deis (pronounced DAY-iss) is an open source PaaS that makes it easy to deploy and manage applications on your own servers. Deis builds upon Docker and CoreOS to provide a lightweight PaaS with a Heroku-inspired workflow.
• Speed up WordPress on DreamHost with OPcache
  Installing OPcache can improve your site’s performance by decreasing the php execution process when a script is requested. DreamHost permits a user to log into the server through secure shell with user level permissions. Since user level permissions cannot install software, the module will need to be manually compiled.
• Reduce TIME_WAIT socket connections | Linux BrigadeReduce TIME_WAIT socket connections in Apache/Linux
  Some time in your life you’ll run across an Apache server that always has tons of TIME_WAIT connections just seeming to hang out. While these don’t take up as many resources as an ESTABLISHED connection, why keep them around so long? This short article will show you how to identify how many you have, and how to tell your server to reduce them, reuse and recycle them (see, recycling IS a good thing).
• Analyzing Apache Log Files < System | The Art of Web
  There are many different packages that allow you to generate reports on who’s visiting your site and what they’re doing. The most popular at this time appear to be “Analog”, “The Webalizer” and “AWStats” which are installed by default on many shared servers. While such programs generate attractive reports, they only scratch the surface of what the log files can tell you. In this section we look at ways you can delve more deeply – focussing on the use of simple command line tools, particularly grep, awk and sed.

• Alfresco: some useful database queries – Blog dbi services – In my previous post, I talked about the Lifecycle of Alfresco Nodes. You may have noticed that I tried to insert in my explanations some elements that are specific to databases (tables, fields, aso…). These elements are quite essential to prepare a post like this one: more database oriented. I already explained what exactly are the consequences on the database side when a node is removed and I will try in this post to share some useful queries regarding these points but not only! For this post, I used my local Alfresco Community 4.2.c installation with a PostgreSQL database. For your information, it just take 30 minutes to get this test environment ready with the Alfresco’s installer (Windows, Mac or Unix). Of course, use the Database only for your daily administration work is certainly not the best idea but in some cases, it can really be faster and easier to just run some SQL commands at the DB level…
• tweekmonster/tmux2html: :cat2: Render full tmux windows or individual panes as HTML – Render full tmux windows or individual panes as HTML
• Shrinkpdf – A simple wrapper around Ghostscript to shrink PDFs (as in reduce filesize) under Linux. Inspired by some code I found in an OpenOffice Python script (I think). The script feeds a PDF through Ghostscript, which performs lossy recompression by such methods as downsampling the images to 72dpi. The result should be (but not always is) a much smaller file
• Cisco ASA privilege separation for a local user or read only user on ASA | yurisk.info
  privilege show level 3 mode exec command running-config username jonghe password Ohsaib1soh privilege 3
• How to create a read only user in Cisco devices | Cisco & Juniper Networking Note Book
  Here is the thing, can you believe there is no straight forward way to configure a read only user in Cisco devices. If you know any way to do it please correct me here.

• How to use Powershell in an exploit · rapid7/metasploit-framework Wiki
  PowerShell is a scripting language developed by Microsoft. It provides API access to almost everything in a Windows platform, less detectable by countermeasures, easy to learn, therefore it is incredibly powerful for penetration testing during post exploitation, or exploit development for payload execution. Take Metasploit’s windows/smb/psexec_psh.rb module for example: it mimics the psexec utility from SysInternals, the payload is compressed and executed from the command line, which allows it to be somewhat stealthy against antivirus. There’s only less than 30 lines of code in psexec_psh.rb (excluding the metadata that describes what the module is about), because most of the work is done by the Powershell mixin, nothing is easier than that. The command line will automatically attempt to detect the architecture (x86 or x86_64) that it is being run in, as well as the payload architecture that it contains. If there is a mismatch it will spawn the correct PowerShell architecture to inject the payload into, so there is no need to worry about the architecture of the target system.
• HOWTO use geoiplookup – Fail2ban
  You may be interested in a quick summary of the countries where the attacks come from. This document explains how to find these information.
• IP Address Details – ipinfo.io – Simple, reliable, and affordable IP geolocation data.
• Cryptocat – Chat with your friends, privately.Cryptocat is free software with a simple mission: everyone should be able to chat with their friends in privacy.Open source. All Cryptocat software is published transparently.
  Encrypted by default. Every message is encrypted, always.
  Forward secure. Chats can’t be decrypted even if your keys are stolen.
  Multiple devices. All devices linked to your account will receive forward secure messages, even when offline.
  File sharing. Securely share files with friends.
  Group chat. Chat with multiple buddies at once (coming soon).

I’ve received an email from Neil Anderson that point my attention to his free ebook on how to build a free NetApp.

If you’re interesting in a job in enterprise environment, NetAPP is something that you may encounter and it’s worth learning about it anyway.

Veteran Unix admin trait No. 8: We know more about Windows than we’ll ever let on

Though we may not run Windows on our personal machines or appear to care a whit about Windows servers, we’re generally quite capable at diagnosing and fixing Windows problems. This is because we’ve had to deal with these problems when they bleed over into our territory.

so when there is to reset the (same) silly password for tens test users on Active Directory and then unlockt them, who you gonna call©?

Someone that can’t despise more powershell to write something like this:

for($i=1; $i -le 70; $i++) { 
 $silly="sillyuser$i"
 Write-Output $silly
 Set-ADAccountPassword -Identity "$silly" -Reset -NewPassword (ConvertTo-SecureString -AsPlainText 'VerySecurePassword' -Force)
 Unlock-ADAccount -identity "$silly"
}

I’m keeping track here for the next time…

• Painless Immutable Infrastructure with Ansible and AWS | Radify Blog – […] In our blog posts Reducing Infrustration and Immutable Demo Nodes, we talk about our approach to immutable infrastructure and the benefits we have seen from employing this approach. In this article, we explore a practical project example so you can get up and running with immutable infrastructure in less than an hour! […]
• pearofducks/ansible-vim: A vim plugin for syntax highlighting Ansible’s common filetypes – A vim plugin for syntax highlighting Ansible’s common filetypes
• Provisioning EC2 Hosts with Ansible | Allan Denot – Looking to build EC2 hosts with more consistency? Using Ansible you can easily provision EC2 hosts and put some logic on it to adjust EC2 parameters based on the type of host you are building.
  The easiest way to start is to create a playbook calling the ec2 module with the parameters you want to pass to AWS to create your host. In this post I will show a little more scalable way to do this, where the parameters are variables and you can easily have multiple types of hosts sharing the same playbook and role.

• VMware: Add PortGroup to all hosts in cluster with PowerCLI – […]
  Today we configured a new VLAN on the physical switches, now we need to configure a portgroup with vlan id on multiple ESX hosts in our cluster. To do this by hand it will cost 3 minutes per host, to script this.. you configure this in 10 seconds![…]
• Creating Active Directory Accounts – Microsoft stores a quoted password in little endian UTF16 base64 encoded.
• LVM Loopback HOW-TO | Anthony’s Blog – This is a simple tutorial on setting up LVM on loopback devices, I’ve used it a few times for creating dynamic virtual disks; it came in particularly handy when archiving NEXRAD radar data for my radarwatchd project – using up all your inodes on several hundreds of thousands of 15Kb files doesn’t sound like my idea of fun. Creating a virtual volume with reiserfs was a particularly handy solution in this case.
• Retroshare – Retroshare creates encrypted connections to your friends. Nobody can spy on you. Retroshare is completely decentralized. This means there are no central servers. It is entirely Open-Source and free. There are no costs, no ads and no Terms of Service.

• Coderwall | Dump all variables – For debugging purposes it can be useful to not just dump hostvars but also all other variables and group information. You can do this using a jinja template which you could include in a debug task
• Using Ansible to create AWS instances | Tivix – Ansible is a great tool for enhancing productivity. With a vast array of modules to choose from, it can save you a lot of time by automating away common tasks. At Tivix we use it for single-command deployment, with the most common destination being Amazon EC2 instances created beforehand. Since Ansible is capable of managing EC2 resources, we can improve this setup by making a playbook to create an instance for us.
• Home | OpenSCAP portal – The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines. We maintain great flexibility and interoperability, reducing costs of performing security audits.
  The OpenSCAP project provides a wide variety of hardening guides and configuration baselines developed by the open source community, ensuring that you can choose a security policy which best suits the needs of your organization, regardless of its size.
  SCAP is U.S. standard maintained by National Institute of Standards and Technology (NIST). The OpenSCAP project is a collection of open source tools for implementing and enforcing this standard, and has been awarded the SCAP 1.2 certification by NIST in 2014.
• Wazuh | Augmenting OSSEC Host IDS – Wazuh contributes to Open Source Security developing and integrating new modules to extend OSSEC capabilities and functionality.