Skip to main content


 

Pubblicati i video dell'End Summer Camp


I video dell'End Summer Camp sono stati pubblicati:

endsummercamp



@Gruppo Linux Como consiglio caldamente la visione di ESC1605 PANDA A New Development Attitude (sul divano, ma miraccomando niente pop corn a meno che non abbiate qualcuno accanto a salvarvi se vi va di traverso)


 

mjg59 | Microsoft aren't forcing Lenovo to block free operating systems

There's a story going round that Lenovo have signed an agreement with Microsoft that prevents installing free operating systems. This is sensationalist, untrue and distracts from a genuine problem.
@Gruppo Linux Como yet another reason why we may have problems installing linux on computers.


 

Aggiungere una regola su Fail2ban


Fail2ban, di default su debian blocca temporaneamente gli ip da cui arrivano tentativi falliti di login su ssh. E se uno volesse aggiungere altro? Si puo' fare, vediamo come.

Nel mio caso volevo bloccare gli ip da cui arrivano scansioni su pagine potenzialmente vulnerabili su lighttpd. Primo passo creare un filtro:

/etc/fail2ban/filter.d/lighttpd-scan.conf


# Fail2Ban filter to match frequent scan from bot for lighttpd
#


[Definition]failregex = ^<HOST> .*GET /sqlitemanager/main.php
^<HOST> .*GET /script
^<HOST> .*GET /jenkins
^<HOST> .*GET /hudson
^<HOST> .*GET /login
^<HOST> .*GET /manager/html
^<HOST> .*GET /phpmyadmin
^<HOST> .*GET /phpMyAdmin
^<HOST> .*GET /mysql
^<HOST> .*GET /sql
^<HOST> .*GET /xmlrpc.php

ignoreregex =



Failregex contiene le regexp che devono essere cercate nel file di log, e che causeranno l'eventuale ban.

Per verificare se il filtro funziona:


root@scw-3a2c2d:/etc/fail2ban# fail2ban-regex /var/log/lighttpd/access.log /etc/fail2ban/filter.d/lighttpd-scan.conf

Running tests
=============

Use failregex filter file : lighttpd-scan, basedir: /etc/fail2ban
Use log file : /var/log/lighttpd/access.log
Use encoding : UTF-8


Results
=======

Failregex: 25 total
|- #) [# of hits] regular expression
| 1) [1]^<HOST> .*GET /sqlitemanager/main.php
| 2) [1]^<HOST> .*GET /script
| 3) [2]^<HOST> .*GET /jenkins
| 4) [2]^<HOST> .*GET /hudson
| 5) [1]^<HOST> .*GET /login
| 6) [2]^<HOST> .*GET /manager/html
| 7) [3]^<HOST> .*GET /phpmyadmin
| 8) [3]^<HOST> .*GET /phpMyAdmin
| 9) [3]^<HOST> .*GET /mysql
| 10) [4]^<HOST> .*GET /sql
| 11) [3]^<HOST> .*GET /xmlrpc.php
`-

Ignoreregex: 0 total

Date template hits:
|- [# of hits] date format
| [83]Day(?P<_sep>[-/])MON(?P=_sep)Year[ :]?24hour:Minute:Second(?:\.Microseconds)?(?: Zone offset)?
`-

Lines: 83 lines, 0 ignored, 25 matched, 58 missed
[processed in 0.16 sec]




Ora che abbiamo visto che funziona possiamo abilitarlo, creando un altro file:

jail.d/lighttpd-scanbot.conf


[lighttpd-scan]
port = http,https
logpath = /var/log/lighttpd/access.log
enabled = true



Riavviare fail2ban, con "service fail2ban restart", e verificare che sia configurato correttamente con:


root@scw-3a2c2d:/etc/fail2ban# fail2ban-client status
Status
|- Number of jail: 2
`- Jail list: lighttpd-scan, sshd



Per maggiori informazioni, c'e' una comoda guida qui:

http://www.fail2ban.org/wiki/index.php/MANUAL_0_8

L'importante e' prima di fare esperimenti, avere un altro modo di accedere alla macchina, in caso ci si autobanni. A me non e' successo, ma meglio avere un piano B nel caso. ;-)

@Gruppo Linux Como


 

Serata su ansible per uso domestico

leggi tutto

Inizia: Giovedì 15 Settembre 2016 @ 21:15

Posizione:

2 persone partecipano



 
Sandro wrote the following post:
This Tiny Computer has no Battery, Powered Wirelessly from Radio Waves
This Tiny Computer doesn’t need a battery or any external power source to keep it powered; rather it works on radio waves.
Diego Roversi 2 mesi fa
Insomma, hanno reinventato gli rfid... :)

That's quite an antenna, however, as compared to the rfids.



 

Debian Day a Varese


Come ogni anno, il 16 agosto è il Debian Day, il compleanno del Sistema Operativo Universale.

Dato che in questo periodo molti sono in vacanza, non abbiamo organizzato eventi particolari, ma ci troviamo per una cena presso la Vecchia Varese in via Ravasi.

Per informazioni o per unirvi alla prenotazione contattate prima possibile @Elena ``of Valhalla'' o fate un giro su #lifo@FreeNode.

@Gruppo Linux Como


 

Personal git hosting, under https


I've finally found the time to finish configuring:

* various stuff, including gitolite
* a cgit server
* letsencrypt

on https://git.trueelena.org/ to host my public git repositories; I now only have to push the missing ones ("only"…).

All of the configuration, especially the one related to letsencrypt, is under ansible, and thus as soon as the relevant people are home from the holidays we can work on configuring it on the @Gruppo Linux Como websites.


 

Linux Performance Observability Tools


found on teh interwebz, no idea where it comes from (if you do, please tell me in the comments)





edit: it was as easy as actually opening imgur with javascript on: the source is http://www.brendangregg.com/linuxperf.html

@Gruppo Linux Como
Questa voce è stata modificata (2 mesi fa)
tzafrir 2 mesi fa
netstat is wider in scope that ss?



 

One Liberated Laptop


Immagine/foto

After many days of failed attempts, yesterday @Diego Roversi finally managed to setup SPI on the BeagleBone White¹, and that means that today at our home it was Laptop Liberation Day!

We took the spare X200, opened it, found the point we were on in the tutorial installing libreboot on x200, connected all of the proper cables on the clip³ and did some reading tests of the original bios.

Immagine/foto

While the tutorial mentioned a very conservative setting (512kHz), just for fun we tried to read it at different speed and all results up to 16384 kHz were equal, with the first failure at 32784 kHz, so we settled on using 8192 kHz.

Then it was time to customize our libreboot image with the right MAC address, and that's when we realized that the sheet of paper where we had written it down the last time had been put in a safe place… somewhere…

Luckily we also had taken a picture, and that was easier to find, so we checked the keyboard map², followed the instructions to customize the image, flashed the chip, partially reassembled the laptop, started it up and… a black screen, some fan noise and nothing else.

We tried to reflash the chip (nothing was changed), tried the us keyboard image, in case it was the better tested one (same results) and reflashed the original bios, just to check that the laptop was still working (it was).

It was lunchtime, so we stopped our attempts. As soon as we started eating, however, we realized that this laptop came with 3GB of RAM, and that surely meant "no matching pairs of RAM", so just after lunch we reflashed the first image, removed one dimm, rebooted and finally saw a gnu-hugging penguin!

We then tried booting some random live usb key we had around (failed the first time, worked the second and further one with no changes), and then proceeded to install Debian.

Running the installer required some attempts and a bit of duckduckgoing: parsing the isolinux / grub configurations from the libreboot menu didn't work, but in the end it was as easy as going to the command line and running:


linux (usb0)/install.amd/vmlinuz
initrd (usb0)/install.amd/initrd.gz
boot



From there on, it was the usual debian installation and a well know environment, and there were no surprises. I've noticed that grub-coreboot is not installed (grub-pc is) and I want to investigate a bit, but rebooting worked out of the box with no issue.

Next step will be liberating my own X200 laptop, and then if you are around the @Gruppo Linux Como area and need a 16 pin clip let us know and we may bring everything to one of the LUG meetings⁴

¹ yes, white, and most of the instructions on the interwebz talk about the black, which is extremely similar to the white… except where it isn't

² wait? there are keyboard maps? doesn't everybody just use the us one regardless of what is printed on the keys? Do I *live* with somebody who doesn't? :D

³ the breadboard in the picture is only there for the power supply, the chip on it is a cheap SPI flash used to test SPI on the bone without risking the laptop :)

⁴ disclaimer: it worked for us. it may not work on *your* laptop. it may brick it. it may invoke a tentacled monster, it may bind your firstborn son to a life of servitude to some supernatural being. Whatever happens, it's not our fault.
Aaaand second laptop liberated (no pictures, they wouldn't be significantly different from the ones of the first).

(mostly: I still have the original wifi card, until I can find one supported by a free firmware)




 

Debconf video are being published right now


DebConf16 videos already available! - Identi.ca

Thanks video team, numerous videos from the DebConf16 talks are already available for download and watch. DebConf16 continues all along the week; today is the DayTrip; talks and BoFs will resume on Thursday.
Grab the videos from meetings-archive.debian.net, or even better try to help the Video Team (some tasks can be done remotely, including subtitling, which can also be done online, and even for just part of one video).

#debconf @Gruppo Linux Como @Debian


 

Verifying gpg keys

Suppose you have a gpg keyid like 9F6C6333 that corresponds to both key 1AE0322EB8F74717BDEABF1D44BB1BA79F6C6333 and 88BB08F633073D7129383EE71EA37A0C9F6C6333, and you don't know which of the two to use. You go to http://pgp.cs.uu.nl/ and find out that the site uses short key IDs, so the two keys are indistinguishable. Building on Clint's hopenpgp-t...
#gnupg @Gruppo Linux Como @LIFO


 

The ECHO IV Home Computer: 50 Years Later


@Gruppo Linux Como

The ECHO IV Home Computer: 50 Years Later | Computer History Museum

This year we celebrate the 50th anniversary of a home computer built and operated more than a decade before ‘official’ home computers arrived on the scene. Yes, before the ‘trinity’ of the Apple II, the Commodore PET and the Radio Shack TRS-80–all introduced in 1977—Jim Sutherland, a quiet engineer and family man in Pittsburgh, was building a computer system on his own for his family. Sutherland configured this new computer system to control many aspects of his home with his wife and children as active users. It truly was a home computer—that is, the house itself was part of the computer and its use was integrated into the family’s daily routines.


 
@Gruppo Linux Como
amo il web, non ricambiato wrote the following post:
Ardue conversazioni.
Maker faire a Roma, in una zona con stand di vendita.

Tizio: (indicando un Arduino) Ma cosa è questo coso?

Io: Un microcontrollore montato su una schedina e pronto all’uso.

Tizio: E che fa?

Io: Beh, si può programmare…

Tizio: Uhm, non ho capito, che fa?

Io: Si scrive un programma, si carica e fa quello che dice il programma.

Tizio: E che dice il programma?

Un coso contributo di giomini che Ama il web, non ricambiato. Ed esaurita la pazienza ha deciso cosa dice il programma. Cose irripetibili che il programma si è rifiutato di riferire all’Arduino.

Archiviato in:Parliamo e non ci capiamo., Suggerite da voi. Immagine/foto
Fabio 4 mesi fa
Vedi che non siamo soli?




 

Buono e Giusto a Somma Lombardo


Domenica prossima, 22 maggio, il LIFO sarà presente con un banchetto a Buono e Giusto, Giornata del consumo consapevole e sostenibile, presso la Comunità ANFFAS di Maddalena, Somma Lombardo.

Ulteriori informazioni sull'evento si trovano purtroppo solo sulla pagina facebook, informazioni su come raggiungere il posto sono anche sul sito degli organizzatori (mappa OSM)

Come nostro solito in queste occasioni, avremo esempi di computer a basso consumo, materiale informativo sull'esistenza di un modo di fare informatica incentrato sull'etica, materiale di cultura libera e — per la prima volta — qualche copia di schemi di ricamo liberi :)

@Gruppo Linux Como


 

Memtype: Open Source Password Keeper

Memtype project is a low-cost and open source solution to store your passwords for having them available everywhere in a tiny and portable USB form factor device.

The device is based on the Atmel attiny85 device and uses V-USB software solution to have USB communications and enumerate as a keyboard.

The project started with the idea... what's the cheapest way of having a USB stick with all your passwords ?

About security... the device can&apos;t be accessed without entering a 4 digit PIN and all credential info is encrypted using NOEKEON cipher (we use this cipher as AES implementation is too much for the little attiny85).

The project can be found at: <a href="https://github.com/jim17/memtype" target="_blank">https://github.com/jim17/memtype</a>

YouTube: memtype How it works (Area0x33)



@Gruppo Linux Como


 

Linux Presentation Day a Tradate


Corrispondente primaverile del Linux Day, il Linux Presentation Day è un evento europeo nel corso del quale i gruppi locali di utenti Linux e Software Libero si mettono a disposizione del pubblico per far conoscere il loro mondo, rispondere a domande, mostrare opportunità poco conosciute e — perché no? — divertirsi assieme.

Alcuni gruppi di utenti linux delle province di Varese e Como saranno a disposizione quel sabato pomeriggio, il 30 aprile, dalle 14:30 alle 19 a Tradate, presso il FaberLab in Viale Europa 4/a.

L'evento, a ingresso libero, non è rivolto a professionisti dell'informatica, ma al grande pubblico, e non prevede un programma prefissato di talk formali, ma spazi liberi dove conversare liberamente e senza vincoli di scalette di vari argomenti a seconda degli interessi specifici dei partecipanti.

@Gruppo Linux Como


 
@Gruppo Linux Como

Release notes 0.16 - FreeCAD Documentation

FreeCAD 0.16 was released on 18. April, 2016, get it from Download. This is a summary of the most interesting changes. The complete list of changes can be found in the Mantis changelog. Older versions at: 0.15 - 0.14 - 0.13 - 0.12 - 0.11 Expression support has been introduced, which allows to define formula relationships between properties of objec...