2017年6月30日 星期五
CRM vs NRCS
Basically a system will be sufficient for working if it already has proper amount of market share. The most important key is how to deploy it to your users. For example, NRCS is News / Reporter management, and CRM is Customer / Sales management. You can even run a CRM with NRCS concept. IT staff only needs to survey a popular, recent solution that can run on modern machines and devices.
2017年6月29日 星期四
Large-Scale Petya Ransomware Attack In Progress, Hits Europe Hard
- Apply the security patch MS17-010
- Disable TCP port 445
- Restrict accounts with administrator group access
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/large-scale-ransomware-attack-progress-hits-europe-hard
2017年6月28日 星期三
GPU for OpenBSD desktop
http://wklej.org/hash/c4ef1b0fe36/
#-----------------------------------------------------------------------------------------
# dmesg |grep Radeon cpu0: AMD A4-6320 APU with Radeon(tm) HD Graphics,
3793.53 MHz cpu1: AMD A4-6320 APU with Radeon(tm) HD Graphics, 3793.11
MHz radeondrm0 at pci1 dev 0 function 0 "ATI Radeon HD 8490" rev 0x00
azalia0 at pci1 dev 0 function 1 "ATI Radeon HD 6400 Audio" rev 0x00:
msi # # dmesg |grep ERROR # dmesg |grep error
#-----------------------------------------------------------------------------------------
> Radeon HD 6450
>
> I just bought one of these this week to finish building an OpenBSD
> desktop. It's ~$40, fanless, and works great on OpenBSD. My goal was to
> keep the entire computer under $100, so your mileage may vary. I will
> say that this specific card works great.
REF: https://marc.info/?l=openbsd-misc&m=149856768401625&w=4
#-----------------------------------------------------------------------------------------
# dmesg |grep Radeon cpu0: AMD A4-6320 APU with Radeon(tm) HD Graphics,
3793.53 MHz cpu1: AMD A4-6320 APU with Radeon(tm) HD Graphics, 3793.11
MHz radeondrm0 at pci1 dev 0 function 0 "ATI Radeon HD 8490" rev 0x00
azalia0 at pci1 dev 0 function 1 "ATI Radeon HD 6400 Audio" rev 0x00:
msi # # dmesg |grep ERROR # dmesg |grep error
#-----------------------------------------------------------------------------------------
> Radeon HD 6450
>
> I just bought one of these this week to finish building an OpenBSD
> desktop. It's ~$40, fanless, and works great on OpenBSD. My goal was to
> keep the entire computer under $100, so your mileage may vary. I will
> say that this specific card works great.
REF: https://marc.info/?l=openbsd-misc&m=149856768401625&w=4
ffmpeg keep aspect ratio
Keep aspect ratio from source video:
-vf "scale=iw*sar:ih , pad=max(iw\,ih*
(16/9)):ow/(16/9):(ow-iw)/2:(oh-ih)/2" -s 640x360 -aspect 16:9
REF: https://lists.ffmpeg.org/pipermail/ffmpeg-user/2011-July/001746.html
2017年6月26日 星期一
SMBv1 removed in Windows
SMB 1 led to the spread of WannaCry ransomware and created the biggest cyber attack in the history of computing. The attack started on Friday May 12, 2017 and infected more than 230,000 computers across the globe. It brought down major services, including Britain's National Health Service (NHS), Spain's Telefónica, FedEx, and Deutsche Bahn. It also shows Europe's reliance on Microsoft technologies.
Microsoft is finally getting rid of aged SMB1 protocol from future releases of Windows 10. The original SMB1 protocol is older than most people reading this story. It was introduced some 30 years ago for a world that no longer exists.
REF: http://www.admin-magazine.com/News/Microsoft-to-Remove-SMBv1-Protocol-in-Windows-10
Microsoft is finally getting rid of aged SMB1 protocol from future releases of Windows 10. The original SMB1 protocol is older than most people reading this story. It was introduced some 30 years ago for a world that no longer exists.
REF: http://www.admin-magazine.com/News/Microsoft-to-Remove-SMBv1-Protocol-in-Windows-10
2017年6月25日 星期日
Cyber Espionage Campaign
REF: http://blog.trendmicro.com/trendlabs-security-intelligence/following-trail-blacktech-cyber-espionage-campaigns
2017年6月24日 星期六
How to use IMediaStreamActionNotify2 to monitor live streams
The following module monitors live streams that are published to an application and broadcasts information to the connected Flash clients every 10 seconds. The Flash clients can be configured to respond to these broadcasts either to monitor the stream health or to play the stream.
A compiled version of this module is included in the Wowza Module Collection.
REF: https://www.wowza.com/docs/how-to-use-imediastreamactionnotify2-to-monitor-live-streams-modulestreamwatchdog
New OpenBSD kernel security feature
Over the last three weeks I've been working on a new randomization feature which will protect the kernel.
The situation today is that many people install a kernel binary from OpenBSD, and then run that same kernel binary for 6 months or more. We have substantial randomization for the memory allocations made by the kernel, and for userland also of course.
However that kernel is always in the same physical memory, at the same virtual address space (we call it KVA).
Improving this situation takes a few steps.
REF: http://www.osnews.com/story/29870/New_OpenBSD_kernel_security_feature
linux zip with password
This will prompt for a password:
zip --encrypt file.zip files
This is more insecure, as the password is entered/shown as plain text:
zip --password (password) file.zip files
REF: http://askubuntu.com/questions/17641/ddg#17643
Linux disable full-disk encryption
If Ubuntu asks for an encryption passphrase during boot (i.e. on the text console before the login screen is displayed), this indicates that a full disk encryption method was used. (There's more than one way to do this, but I'll keep the answer general.) The encryption is handled by an extra software layer between the file system and the physical hard drive, not the file system itself.
There is no simple method or tool to undo this. With some knowledge about how Linux systems work, it can be done. You'd have to move the whole file system (or all files) to another partition (with enough free space) or external HDD. Then, remove the encrypted container, and recreate the file system without encryption. Finally, make sure that the new file system is properly recognized by the boot loader and mount -a before rebooting.
If possible, it's best to avoid this time consuming and error-prone procedure. Just do a fresh install. For a new users, this is the quickest and safest option.
REF: https://askubuntu.com/questions/245112/can-i-disable-full-disk-encryption
There is no simple method or tool to undo this. With some knowledge about how Linux systems work, it can be done. You'd have to move the whole file system (or all files) to another partition (with enough free space) or external HDD. Then, remove the encrypted container, and recreate the file system without encryption. Finally, make sure that the new file system is properly recognized by the boot loader and mount -a before rebooting.
If possible, it's best to avoid this time consuming and error-prone procedure. Just do a fresh install. For a new users, this is the quickest and safest option.
REF: https://askubuntu.com/questions/245112/can-i-disable-full-disk-encryption
MySQL replication only one database on slave
So my question is, if I setup the mysql replication and only replicate one database:
ie. by using: replicate-do-db=my_database
will this affect my other databases in server B? can I still do the basic mysql operations (insert, update, select delete) on my other databases in server B?
REF: https://stackoverflow.com/questions/23373887/mysql-replication-replicate-only-one-database-on-slave-can-i-still-perform-th
Simple Desktop for OpenBSD 6.1
Then change into the OpenBSD61_SimpleDE directory and open the README with your preferred pager. The README should take you the rest of the way. If you use the default fvwm window manager, one xterm can be used for the README and a second xterm for the commands.
When you're done you should have something that looks like this:
2017年6月18日 星期日
VNC subscription
REF: https://manage.realvnc.com/pricing
HOME
Easy-to-use remote access for friends and family
For non-commercial use only
$0
Limited to 5 remote computers
and 3 users
and 3 users
2017 Internet Governance Forum
- IP, domain name, root server
- new model: multi stakeholder mechanism
- one world, one Internet
- digital territory ex. china.
- Fintech, decentralized. transparent credential levels. ex. in 300yrs, 90% money from bank can be used for investment.
- innovation requires negative listing instead of positive.
- destructive creation: still monopoly? traditional impact?
- TRUST
TeamViewer management
REF: https://community.teamviewer.com/t5/Knowledge-Base/How-to-activate-Business-license/ta-p/4326
In order to use the three possible installations of your Business license, you need to link the respective TeamViewer IDs to your license in the TeamViewer Management Console. The devices with their TeamViewer IDs can then be used for commercial purposes.
Watch this video to learn about how to link your Business license from the license confirmation email to your TeamViewer account.
A Go-To-Market Strategy In Trello
REF: https://blog.trello.com/go-to-market-strategy-in-trello
Easily one of the most exciting aspects of working in marketing is taking a brand new product or feature that took months to develop and sharing it with the world. Often the campaign includes fun assets like flashy landing pages, hashtags, and Taco popping his head up on your Trello boards with exciting announcements. What's not to love?
Upgrading Cacti
from 0.8.8 to 1.1.7:
- UI will fo Pre-installation Checks. Fix all problems.
- Timezone needs to be set in php.ini: 'date.timezone =America/Regina'.
- incompatible plugins, e.g. syslog, etc, will be disabled automatically.
- mobile UI is available in the latest version.
nginx reverse proxy
REF: https://www.nginx.com/resources/admin-guide/reverse-proxy/
To disable buffering in a specific location, place the
proxy_buffering
directive in the location
with the off
parameter, as follows:location /some/path/ {
proxy_buffering off;
proxy_pass http://localhost:8000;
}
2017年6月9日 星期五
New Check_MK stable release 1.4
Changes in all Check_MK Editions:
WATO:
* 4747 FIX: Fixed resetting global settings to factory defaults
* 4750 FIX: Ensure uploaded icons are saved with their filename instead of paths
User interface:
* 4702 FIX: Quicksearch: fixed minor parsing issue when using specific filters
* 4746 FIX: Fixed using HW/SW inventory filters in views without inventory painters
Livestatus:
* 4430 FIX: Fixed logwatch-related Livestatus queries in NEB module
HW/SW inventory:
* 4568 FIX: mk_inventory.vbs: fixed getNetworkAdpater function to prevent errors caused by null arrays
Checks & agents:
* 4742 FIX: wmi_cpuload: Added required tables to prevent crash
* 4748 FIX: solaris_fmadm: Check was only discovered when an error is detected
* 4664 FIX: netapp_api_qtree_quota: Fixed NameError: name 'is_digit' is not defined
* 4740 FIX: mysql: Fixed crash if instance is not available anymore
* 4633 FIX: jolokia_metrics.uptime: No longer crash when agent info is incomplete
* 4739 FIX: hp_proliant_da_phydrv: Implemented new possible values
* 4632 FIX: fsc_subsystems: No longer crash when statuscode is missing
* 4743 FIX: f5_bigip_conns: Fixed crash if empty values
* 4741 FIX: dell_powerconnect_temp: Fixed missing reference for computing the temperature
* 4631 FIX: cisco_ace_rserver: Fix broken IP address parsing
NOTE: Please refer to the migration notes!
* 4663 FIX: check_mailboxes: Removed useless report_age which causes TypeError: float() argument must be a string or a number
* 4735 FIX: check_mailboxes: Fixed broken check when setting "connect timeout" option
* 4734 FIX: check_mail check_mail_loop check_mailboxes check_sql: Passwords from password store were not used correctly
REF: http://lists.mathias-kettner.de/pipermail/checkmk-announce/2017-May/000205.html
WATO:
* 4747 FIX: Fixed resetting global settings to factory defaults
* 4750 FIX: Ensure uploaded icons are saved with their filename instead of paths
User interface:
* 4702 FIX: Quicksearch: fixed minor parsing issue when using specific filters
* 4746 FIX: Fixed using HW/SW inventory filters in views without inventory painters
Livestatus:
* 4430 FIX: Fixed logwatch-related Livestatus queries in NEB module
HW/SW inventory:
* 4568 FIX: mk_inventory.vbs: fixed getNetworkAdpater function to prevent errors caused by null arrays
Checks & agents:
* 4742 FIX: wmi_cpuload: Added required tables to prevent crash
* 4748 FIX: solaris_fmadm: Check was only discovered when an error is detected
* 4664 FIX: netapp_api_qtree_quota: Fixed NameError: name 'is_digit' is not defined
* 4740 FIX: mysql: Fixed crash if instance is not available anymore
* 4633 FIX: jolokia_metrics.uptime: No longer crash when agent info is incomplete
* 4739 FIX: hp_proliant_da_phydrv: Implemented new possible values
* 4632 FIX: fsc_subsystems: No longer crash when statuscode is missing
* 4743 FIX: f5_bigip_conns: Fixed crash if empty values
* 4741 FIX: dell_powerconnect_temp: Fixed missing reference for computing the temperature
* 4631 FIX: cisco_ace_rserver: Fix broken IP address parsing
NOTE: Please refer to the migration notes!
* 4663 FIX: check_mailboxes: Removed useless report_age which causes TypeError: float() argument must be a string or a number
* 4735 FIX: check_mailboxes: Fixed broken check when setting "connect timeout" option
* 4734 FIX: check_mail check_mail_loop check_mailboxes check_sql: Passwords from password store were not used correctly
REF: http://lists.mathias-kettner.de/pipermail/checkmk-announce/2017-May/000205.html
Azure CDN
- Secure, reliable content delivery with broad global reach and rich feature set
- Accelerated performance and improved availability
- Global coverage with massive scalability
- Simplified experience to enable Content Delivery Network from multiple providers
AWS Summit 2017
- cloud edge IoT
- AWS greengrass
- Intellectual Orchestration Technology
- construct once, run globally
- AWS Shield for DDOS
- innovation is not a goal, it's an ongoing process
ARTIST MIX with TriCaster
AVID® ARTIST MIX
TriCaster’s support for the AVID® Artist Mix hardware surface brings a highly desirable level of convenience and creative control to a critical aspect of almost every video production – audio. This section explains how to connect and use this powerful third party device.
FreeBSD with pf and nginx
# portsnap fetch extract
# cd /usr/ports/ports-mgmt/pkg && make reinstall clean
Installing pkg-1.10.1...
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/lib/libpkg.so.4.0.0
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
http://wiki.freebsd.org/pkgng
===> Cleaning for pkg-1.10.1
# pkg install nginx
# vi /etc/pf.conf
public_int = "xn0" # public interface
tcp_svcs = "{ 22 80 443 }" # tcp service ports
icmp_types = "{ echoreq, unreach }" # icmp types
## ignore loopback interface
set skip on lo
## restrict incoming traffic / unrestrict outgoing traffic
block in all
pass out all
## allow tcp ports specified by $tcp_svcs
pass in quick on $public_int proto tcp from any to any port $tcp_svcs
## allow icmp request types specified by $icmp_types
pass in inet proto icmp all icmp-type $icmp_types
# vi /etc/rc.conf
pf_enable="YES"
pf_rules="/etc/pf.conf"
nginx_enable="YES"
# vi /usr/local/etc/nginx/nginx.conf
# service nginx start
# cd /usr/ports/ports-mgmt/pkg && make reinstall clean
Installing pkg-1.10.1...
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/lib/libpkg.so.4.0.0
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
http://wiki.freebsd.org/pkgng
===> Cleaning for pkg-1.10.1
# pkg install nginx
# vi /etc/pf.conf
public_int = "xn0" # public interface
tcp_svcs = "{ 22 80 443 }" # tcp service ports
icmp_types = "{ echoreq, unreach }" # icmp types
## ignore loopback interface
set skip on lo
## restrict incoming traffic / unrestrict outgoing traffic
block in all
pass out all
## allow tcp ports specified by $tcp_svcs
pass in quick on $public_int proto tcp from any to any port $tcp_svcs
## allow icmp request types specified by $icmp_types
pass in inet proto icmp all icmp-type $icmp_types
# vi /etc/rc.conf
pf_enable="YES"
pf_rules="/etc/pf.conf"
nginx_enable="YES"
# vi /usr/local/etc/nginx/nginx.conf
# service nginx start
2017年6月4日 星期日
The Crowd: A Study of the Popular Mind
REF: https://en.m.wikipedia.org/wiki/The_Crowd:_A_Study_of_the_Popular_Mind
The Crowd: A Study of the Popular Mind (French: Psychologie des Foules; literally: Psychology of Crowds) is a book authored by Gustave Le Bon that was first published in 1895.[1][2]
Author | Gustave Le Bon |
---|---|
Original title | Psychologie des Foules |
Country | France |
Language | French |
Genre | Social psychology |
Publication date
| 1895 |
Published in English
| 1896 |
Pages | 130 |
In the book, Le Bon claims that there are several characteristics of crowd psychology: "impulsiveness, irritability, incapacity to reason, the absence of judgement of the critical spirit, the exaggeration of sentiments, and others...".[1] Le Bon claimed "that an individual immersed for some length of time in a crowd soon finds himself – either in consequence of magnetic influence given out by the crowd or from some other cause of which we are ignorant – in a special state, which much resembles the state of fascination in which the hypnotized individual finds himself in the hands of the hypnotizer."[3]
2017年6月3日 星期六
2017年6月2日 星期五
VPN vs CDN
VPN may not work for cases due to low performance of internet routing, for example unstable connection from Korea to Japan then finally Taiwan. VPN only creates an encrypted tunnel which doesn't accelerate the internet connection speed.
A proper way to solve this issue would be setting up CDN, content delivery network, which can really improve the routing efficiency.
2017年6月1日 星期四
active dhcp leases
Here's a great command using CLI - You can go to the directory where
dhcpd.log
file is located and do:tail -f dhcpd.log
That will show you leases as they are being issued by the server in real time.
You can also do:
cat /var/lib/dhcpd/dhcpd.leases
to see leases that are in the lease file dhcpd.leases
NVIDIA COMPUTEX 2017
- AI in the cloud
- AI at the edge
- continually maintained, tested , tuned
- eventually, data driven technology
- AI for smart city: traffic, factory
- data is the beginning
- algorithm makes human level decisions
- AI experience is key to define
- AI in Healthcare and Bioinformatics
訂閱:
文章 (Atom)