04 Jan

Ubuntu Trusty Tahr Backports Repository

in case you got broken package, you may need to try changing the content of  /etc/apt/sources.list  with this:

 

14 Oct

Disable Mac OSX Animation

Animation can be annoying, so here’s some list of animation that you can disable.

fire up your iterm2 and choose the animation youl’d like to disable.

source

07 May

prevent dns enumeration on bind dns server

what the hell is dns enumeration? well, according to this pdf book DNS enumeration is

… the process of locating all the DNS servers and their corresponding records for an organization. A company may have both internal and external DNS servers that can yield information such as usernames, computer names, and IP addresses of potential target systems.

so, this just little tricks on how to prevent dns enumeration on bind dns server, some dns enumeration tools will look at the zone transfer located on your dns server, and when it was misconfigured, it will leak all dns info to the attacker, like this:

sample of dns enumeration result

sample of dns enumeration result

Q: so, what’s the actual danger of this kind of leakage?

A: The information can disclose the network infrastructure of the company without alerting the IDS/IPS. This is due that most of the organizations are not monitoring their DNS server traffic and those that do they only monitor the zone transfers attempts.

and the trick is simple, most of the enumeration tools look for dns zone transfer record, so instead of allowing it for the rest of server’s uptime, just turn it of until you’re needed to do that.

put this line on your named.conf

and restart the service.

disclaimer: this tips doesnt guarantee your server will 100% immune to enumeration. the incident was reported and already fixed by the sysadmin on 18 april 2016.

05 Apr

XTraDB – InnoDB internal, in drawing

as an idiot sysadmin, it’s quite hard for me to understand what was the differrence between InnoDB and XtraDB, until I found this document called “XtraDB – InnoDB internal drawing”.

 

XtraDB - InnoDB internal

 

need a bigger picture? click here

23 Feb

[Job Offer] Backend Developer at Qasico

Hello,

Qasico is looking for a Backend Developer.

qasico

here is a brief explanation for Qasico,
QASICO are the first customized Integrated Business Application (IBA) provider in Indonesia. IBA is an integration model that combines business model operations and processes with technology to achieve efficiency, manageable, expandable and sustainable company or businesses. QASICO understand business challenges in every business stages, once the company fail to cope with that it’ll be a hard way to restart it again. That’s why QASICO with IBA modular system will assure company’s growth for successes.

QASICO origin name yield from Padang language (West Sumatra province of Indonesia), means “come here”. We are welcoming all business leaders and entrepreneurs to allocate the time to think about the business future without worrying how to get there. When challenges of business process enabler using technology as solution, QASICO is the answer

are you interested? find more info here.

14 Feb

golang oEmbed package

oembed

oEmbed

hello Everyone, I just want to share a small Golang oEmbed package for parsing Oembed data, there was a paid service like embed.ly or iframely.com. but in case you’re have a growing startup that doesn’t have big pile of money to pay some SaaS, maybe deploying your own service can be a good solution.

this module is written in golang, called oembed, and I also write a demo on how to use this module as a part of http service called gallang, the working demo are live here.

I’m bit suck at introducing something, so that was all.  X_X

27 Jan

[Scrapy] ‘scrapyd.webservice’ doesn’t define any object named ‘DaemonStatus’

I was using scrapy v1.0.3 and scrapyd v1.1.0 when I got "Module 'scrapyd.webservice' doesn't define any object named 'DaemonStatus'"  error as I throw deploy command through my scrapyd-client .

let me at 'em

let me at ’em

I doesnt know exactly why scrapinghub team doesnt release a new package to pypi, the documentation of scrapyd allready showing the latest docs describing about DaemonStatus.json  endpoint, but the latest package on cheese-shop still doestn provide this function.

In case you’re hurry and need this to be fixed asap, just pull the code from their github repo, I’m using this version [c7b98c].
extract, and install it. restart your scrapyd and everything just fine except you still cannot access the daemonstatus.json  endpoint.

naah not bad, at least I still can manage to deploy my latest spider to the production server.

hints:

if you are working with virtualenv, make sure you activate the virtualenv before firing these command

after that, resume your delayed task.