- unDraw - A constantly updated collection of beautiful svg images that you can use completely free and without attribution. From Web Developer Monthly 💻🚀December 2019
- hacker news comments on 33 Amazing Sites with Beautiful Free Icon Sets.
Tuesday, December 31. 2019
Images, Artwork, Illustrations, SVG
Sunday, December 29. 2019
Http Web Site Load Testing
I need to expand on this, but for reference, I found this on reddit - A good C++ (or C, honestly, so long as it works) HTTP server/library, and can be modified to suit:
httperf --hog --num-conns=1024 --num-calls=1 --rate=128 --server localhost --port 8080
Consider Nikto, a web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Another tool for HTTP regression and debugging: siege which is a Debian package supplied by Joe Dog Software.
Monday, December 23. 2019
VIM with CMake and clangd Enhancements
In my search for an editing environment, I am currently running Visual Studio Code with a number of extensions. It is a GUI based IDE environment and seems to be relatively performant. When jumping to symbol declarations and definitions, it can take a few seconds while performing the lookup.
Since I also use VIM for editing files, I have been keeping my eye on VIM add-ons for creating a console based IDE. Some tools which might be applicable:
- clangd - the language server protocol daemon for clang
- Using LSP & clangd in Vim - notes on integrating clangd, and with a reference at the end about the JSON compilation database, (which in another link, can be supplied via CMake)
- vim cp enhanced highlight - with clangd, I am not sure if this is required, but helps with syntax high-lighting without clangd
- vim-cpp-modern: Enhanced C and C++ syntax highlighting - another syntax highligher, one is forked from the other, with this one being more current, I believe
- VIM CMake - plugin to make working with CMake a little nicer
- CMake Support for Vim - CMake Interoperability in Vim - not sure what the difference is to the previous link
- Vim Cmake integration - some chatter on StackOverflow on integrating CMake with VIM
NeoVim
Ramping up for a Proxmox / Ceph project
- Proxmox Ceph Server
- Manage Ceph Services on Proxmox VE Nodes
- Manage Ceph Services on Proxmox VE Nodes - reformatted copy of above link
- Proxmox VE Ceph Benchmark 2018/02 with a referral to Benchmark Proxmox VE Ceph Cluster Performance
- Install Ceph Server on Proxmox VE - video tutorial
- Ceph PGs per Pool Calculator
- As Ceph handles data object redundancy and multiple parallel writes to disks (OSDs) on its own, using a RAID controller normally doesn’t improve performance or availability. On the contrary, Ceph is designed to handle whole disks on it’s own, without any abstraction in between. RAID controller are not designed for the Ceph use case and may complicate things and sometimes even reduce performance, as their write and caching algorithms may interfere with the ones from Ceph.
- Ceph Object Storage Daemons are storing objects for Ceph over the network. It is recommended to use one OSD per physical disk.
- We recommend a Ceph cluster size, starting with 12 OSDs, distributed evenly among your, at least three nodes (4 OSDs on each node).
Sunday, December 22. 2019
LXDE Screen Rotation Settings on Debian
On my Debian desktop, I have both of my primary monitors in portrait mode, with a third monitor in landscape mode. The login screen is therefore rotated 90 degrees from how it needs to be. After login, I need to manually go into System Settings, and manually rotate the monitors.
That is, up until now. A little poking around says I need to:
apt install arandr
This is a GUI application which will create a script in .screenlayout which can be auto-started upon login:
$ cat .screenlayout/bythree.sh #!/bin/sh xrandr \ --output DisplayPort-0 --primary --mode 3840x2160 --pos 0x8 --rotate right \ --output DisplayPort-1 --mode 3840x2160 --pos 2160x0 --rotate right \ --output DisplayPort-2 --off \ --output DisplayPort-3 --mode 2560x1600 --pos 4320x0 --rotate normal \ --output HDMI-A-0 --off \ --output HDMI-A-1 --off
This can be autostarted in LXDE with:
$ cat ~/.config/lxsession/LXDE/autostart @lxpanel --profile LXDE @pcmanfm --desktop --profile LXDE @xscreensaver -no-splash #@~/.screenlayout/bythree.sh <= does not work #@${HOME}/.screenlayout/bythree.sh <= does not work # make sure there is a line return at end of command: @/home/me/.screenlayout/bythree.sh
Instructions for the autostart file can be found at LXSession.
Visual Studio Code with CMake and Clangd
Continuing on in the search for a responsive IDE for building large C++ codesets with CMake, the next stop is Visual Studio Code.
The initial install supplies a basic IDE editing environment.
Usability occurs when extensions are loaded. I have the following installed (versions are as of this writing):
- C/C++ for Visual Studio Code, v0.26, by Microsoft <== some sites say to disable this, but it is required by the debug function
- CMake, v0.0.17, by twxs, which provides CMake language support
- CMake Tools, v1.2.3, by Microsoft, which provides the build capability
- vscode-clangd, v0.0.19, is the clang language server, which provides code completion and symbol tables
Prior to installation of the extensions, on Debian, I installed the following packages first (in addition to the standard compilers):
- cmake
- clangd
- clangd-9
reddit - PROTIP: Use clangd instead of the official C/C++ extension suggests adding the following to .vscode/settings.json:
"C_Cpp.autocomplete": "Disabled", "C_Cpp.formatting": "Disabled", "C_Cpp.errorSquiggles": "Disabled", "C_Cpp.intelliSenseEngine": "Disabled",
In addition, I have a more recent version of clangd, so in .vscode/settings.json, I also have:
"clangd.path": "/usr/lib/llvm-9/bin/clangd",
My over all file looks like:
{ "clangd.path": "/usr/lib/llvm-9/bin/clangd", "C_Cpp.autocomplete": "Disabled", "C_Cpp.formatting": "Disabled", "C_Cpp.errorSquiggles": "Disabled", "C_Cpp.intelliSenseEngine": "Disabled", "C_Cpp.default.intelliSenseMode": "clang-x64", "editor.tabSize": 2 }
In the root directory of the project, a link is required (the setting "compileCommands" in .vscode/c_cpp_properties.json does not appear to be used by the clangd module) :
ln -s build/compile_commands.json .
2023/11/05 - Or add the following to .vscode/settings.json (which causes the file to be created and referenced directly in the basic workspace directory):
"cmake.copyCompileCommands": "${workspaceFolder}/compile_commands.json"
As a note, if compile_commands.json is not provided, then the following flag needs to be passed to CMake (seems to be defaulted "on" in current Visual Studio Code):
-DCMAKE_EXPORT_COMPILE_COMMANDS=1
Documentation for clangd is found at Getting started with clangd.
Monday, December 9. 2019
Cygwin ssh-pageant
On a Windows platform, I use SSH tools in two incarnations: a) Cygwin, or b) PuTTY.
When using PuTTY, to connect to a destination host, it is convenient to use pageant as a memory resident program to hold 'opened' private keys.
When using SSH on Cygwin, ssh-pageant can be installed via the Cygwin installer. The trick for linking ssh-pageant to the Windows resident pageant is to put the following into .bashrc:
# ssh-pageant eval $(/usr/bin/ssh-pageant -r -a "/tmp/.ssh-pageant-$USERNAME")
Wednesday, December 4. 2019
Security Tools
- Sandboxed Execution Environment (SEE) is a framework for building test automation in secured Environments. The Sandboxes, provided via libvirt, are customizable allowing high degree of flexibility. Different type of Hypervisors (Qemu, VirtualBox, LXC) can be employed to run the Test Environments.
- OWASP Zed Attack Proxy (ZAP) - helps you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing. With more tools at OWASP™ Foundation - the free and open software security community.
- Upgrade Your Security Incident Response Plan (CSIRP) : 7 Step Checklist 1) conduct a complete risk assessment, 2) identify key team members & stakeholders, 3) define security incident types, 4) inventory resources & assets, 5) plan hierarchy of information flow, 6) prepare a variety of public statements, 7) prepare an incident event log
- CISA - Assessments: Cyber Resilience Review (CRR)
- What is a Security Operations Center (SOC)? Best Practices, Benefits, & Framework - 1) establishing asset awareness, 2) preventive security monitoring, 3) keeping records of activity and communications, 4) ranking security alerts, 5) modifying defenses, 6) maintaining compliance
Security Web Sites
- Hacking Tools presented for pentesters - Kali Linux, Parrot Security OS, Black Arch, Nmap, Metasploit, Nikto (how to at Admin Magazine), Wireshark, SQLMap
- Mining Adminers – Hackers Scan the Internet For DB Scripts - I found "GET /adminer-4.4.0-mysql.php HTTP/1.1" in my own logs, one of many similar entries