Debian Ninja

2020-12-302020-12-30

PCI – DSS – Hardening

CIS Apache HTTP Server Benchmarks
https://www.cisecurity.org/benchmark/apache_http_server/

CIS Apache HTTP Server 2.4 Benchmark 2.0.0 Checklist Details
https://nvd.nist.gov/ncp/checklist/521

CIS Apache HTTP Server 2.4 Benchmark
https://security.uri.edu/files/CIS_Apache_HTTP_Server_2.4_Benchmark_v1.2.11.pdf

SANS – The most trusted source for cyber security training, certification, and research.
https://www.sans.org/

Center for Internet Security (CIS)
International Organization for Standardization (ISO)
SysAdmin, Audit, Network, and Security (SANS) Institute
National Institute of Standards and Technology (NIST)

2020-12-282020-12-28

Google Developers – pagespeed insights

https://developers.google.com/speed/pagespeed/insights/

2020-12-282020-12-28

PulseAudio – modules

pactl load-module module-loopback latency_msec=1

pactl unload-module module-loopback

How to hear my voice in speakers with a mic?
https://askubuntu.com/questions/123798/how-to-hear-my-voice-in-speakers-with-a-mic

pactl load-module module-echo-cancel aec_method=webrtc source_name=echocancel sink_name=echocancel1

pactl unload-module module-echo-cancel

How To Enable Echo / Noise Cancellation Of Microphone Input On Your Linux Desktop (PulseAudio)
https://www.linuxuprising.com/2020/09/how-to-enable-echo-noise-cancellation.html

2020-12-202021-01-04

Android and amd64

Anbox – Main site
https://github.com/anbox/anbox
Anbox – User guide
https://docs.anbox.io/index.html
Linux – Android binderfs
https://people.kernel.org/brauner/android-binderfs
Linux – Android binderfs
https://www.kernel.org/doc/html/latest/admin-guide/binderfs.html
Anbox – Android Image
https://build.anbox.io/android-images/2018/07/19/
Anbox – Arch Wiki
https://wiki.archlinux.org/index.php/Anbox
Anbox – How To Install Google Play Store And Enable ARM (libhoudini) Support, The Easy Way
https://www.linuxuprising.com/2018/07/anbox-how-to-install-google-play-store.html
Debian – Build Kernel Package
https://wiki.debian.org/BuildADebianKernelPackage
Mobian – Anbox systemd files
https://wiki.mobian-project.org/doku.php?id=anbox
Mobian – Anbox fails to start
https://gitlab.com/mobian1/issues/-/issues/63

/lib/systemd/system/anbox-container-manager.service

#ExecStartPre=/sbin/modprobe ashmem_linux
#ExecStartPre=/sbin/modprobe binder_linux

# mount -t binder binder /dev/binderfs
# mknod /dev/binder c 250 1
# mount -t cpuset none /dev/cpuset
# mkdir /dev/cpuset/camera-daemon
# chmod 777 /dev/cpuset/camera-daemon
# touch /dev/cpuset/camera-daemon/tasks
# chmod 777 /dev/cpuset/camera-daemon/tasks

config

CONFIG_ASHMEM=y 
CONFIG_ANDROID=y
CONFIG_ANDROID_BINDER_IPC=y
CONFIG_ANDROID_BINDERFS=y
CONFIG_ANDROID_BINDER_DEVICES="binder,hwbinder,vndbinder"

# systemctl restart anbox-container-manager.service
$ systemctl --user start anbox-session-manager.service

$ /usr/bin/anbox session-manager

2020-12-112020-12-11

Rocket.chat + NewRelic

class Script {
    process_incoming_request({ request }) {
      var webhookPayload = request.content;
      var webhookIncidentId = webhookPayload.incident_id;
      var webhookSeverity = webhookPayload.severity;
      var webhookCurrentState = webhookPayload.current_state;
      var webhookPolicyName = webhookPayload.policy_name;
      var webhookConditionName = webhookPayload.condition_name;
      var alertColor = "warning";
      var channels = ["#cloud-team"];
  
      if(webhookCurrentState === "open") { alertColor = "danger";}
      
      if(webhookPolicyName === "Project A") { channels.push("#ProjectA"); }
      else if(webhookPolicyName === "Project B") { channels.push("#ProjectB"); }
      
      //console.log(request.content);
      //console.log("Channels: " + channels.join(", "));
            
      return {
          content:{
            channel: channels,
            attachments: [{

              title: webhookSeverity + ' - ' + webhookPolicyName,
              text: "Condition: " + webhookConditionName + "\nIncident Id: " + webhookIncidentId,
              color: alertColor,
              fields: [
                {
                  title: "Status",
                  value: webhookCurrentState
                }
              ]
            }]
           }
        };
      };
  };

Rocket.Chat – Integrations WebHooks
https://docs.rocket.chat/guides/administrator-guides/integrations

Webhook notifications coming to Rocket.Chat from NewRelic
https://github.com/kaji-bikash/rocketchat-newrelic

2020-11-302020-11-30

Nginx + RTMP

Secured HLS setup with Nginx as media server
https://gist.github.com/mrbar42/09c149059f72da2f09e652d4c5079919

Receiving RTMPS stream on NGINX-RTMP
https://serverfault.com/questions/1019317/receiving-rtmps-stream-on-nginx-rtmp

2020-11-09

Wifi Security – WPA3

Trying to deploy WPA3 on my home network

https://gist.github.com/est31/d92d17acbb4ea152296f9b38764cd791

NetworkManager 1.16 released, adding WPA3-Personal and WireGuard support

https://blogs.gnome.org/lkundrak/2019/03/15/networkmanager-1-16/

2020-11-092020-11-09

Virtual private network – WireGuard

Debian 10 set up WireGuard VPN server

https://www.cyberciti.biz/faq/debian-10-set-up-wireguard-vpn-server/

WireGuard

https://en.wikipedia.org/wiki/WireGuard

2020-09-28

DeepFace

DeepFaceLab – the leading software for creating deepfakes
https://github.com/iperov/DeepFaceLab

DeepFaceLab – Install DeepFaceLab
https://github.com/nagadit/DeepFaceLab_Linux

2020-09-242020-09-24

Amazon EC2 Image – Debian Buster

The AMI names are:

debian-10-arm64-20200803-347
debian-10-amd64-20200803-347

Source: https://wiki.debian.org/Cloud/AmazonEC2Image/Buster

Debian – Official Debian Amazon Machine Images (AMIs)
https://wiki.debian.org/Cloud/AmazonEC2Image