Automaticaly Build Penetration Testing Environment – Kali, Metasploitable, Vagrant

My student Toni Jääskeläinen developed a PenTest environment that can be set up automatically. Based on my idea, it’s distributed as a single Vagrantfile.

Using pentest tools requires special care and skill, as even mistakes with some of these tools could be crimes in some places. Check local laws before downloading. Often, it’s best to disconnect from the Internet when testing.

Vagrantfile for PenTest environment and thesis in Finnish.

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Automation of Router Configuration with Python & SSH

My student Joram is automating router configuration for NDC Networks.

Joram configures Advantech B+B routers for NDC’s clients. The configuration is done using custom built Python Paramiko SSH script.

The routers are configured for clients of NDC, an 8 person company with 3 million EUR revenue. An estimate of 3000 to 4000 routers per year need to be configured. Based on Joram’s test, automation is 80% faster than fully manual operation, saving over a month of working time per year.

See the results & read the source code: Puumala 2017: Automation of router configuration

Posted in Uncategorized | Tagged , , , , , , , , , , , | Leave a comment

Tommi’s 639 Puppet Slaves

My student Tommi tested Puppet with 639 slaves. Tommi is running some 20 physical computers with about 30 virtual computers each.

Tatu has 263 slaves – on a single physical machine with a huge swap file.

Who will get 640 slaves?

Posted in Uncategorized | Tagged , , , , , , , , , , , , | Leave a comment

Top Configuration Management Systems – Puppet vs Salt vs Ansible vs Chef

The leading configuration management systems compared: Puppet, Chef, Ansible, Salt. My students Joona, Jori, Eero and Jarkko gave a presentation and demonstrated each system.

ArcticCM provisioned and configured a couple of Linux desktops and servers, and also configured some Windows desktops. They published a Free (MIT licensed) configuration for that network with each of the four tools.

Download code for Puppet, Salt, Ansible and Chef.

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Provision Multiple Virtual Puppet Slaves with Vagrant

For testing, it’s convenient to provision many virtual slave computers to your master.

This Vagrant file installs two virtual computers and automatically configures them as slaves to a puppetmaster in a predefined IP address.

Advanced stuff warning: Using this sample configuration requires fluency in command line, Puppet master-slave architecture and knowing the basics of vagrant and virtualbox.

Continue reading

Posted in Uncategorized | Tagged , , , , , | Leave a comment

Multiple Virtual Computers in Minutes – Vagrant Multimachine

You can install multiple virtual computers in minutes.

This example shows how to install two Ubuntu 16.04 virtual machines and configure SSH – in a couple minutes.

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

Aikataulu – Monialaprojekti Infra pro4tn001-5 – kevät 2018 – 10 op

English: Complete a project with a company as a client. Work with students from different tracks and backgrounds. Course in Finnish.

Tee projekti yritysasiakkaalle ryhmässä, jossa on opiskelijoita eri aloilta.

Continue reading

Posted in Uncategorized | Leave a comment

Aikataulu DigiStartUp digt4tn024-3 – keväällä 2018 – molemmat 1p ja 2p – 10 op

English: Create your own digital product and find paying customers. Real customers, actual money. Course is in Finnish.

Luo digitaalinen tuote ja hanki sille maksavia asiakkaita. Siis oikeita asiakkaita, joilta saa oikeaa rahaa.

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Aikataulu – Linux palvelimet ict4tn021 7-ti ja 6-to – alkukevät 2018 – 5 op

English: Learn to manage your own Linux server – in 8 weeks. Beginners welcome. Student feedback excellent 4.7 out of 5. Course is in Finnish.

Aloita nollasta. Opiskele 8 viikkoa ja hallitset omaa Linux-palvelinta.

Opintojakson suoritettuaan opiskelija:

  • Osaa hallita Linuxia palvelimena
  • Osaa tehdä tärkeimmät asetukset tärkeimmille palvelimille (Apache, OpenSSH)
  • Osaa asentaa www-ohjelmointiin sopivan alustan
  • Osaa tehdä itselleen uusia asetuksia palvelinohjelmistoihin ohjeiden avulla
  • Tietää esimerkkejä palvelintilan tarjoajista ja hinnoista sekä fyysisten palvelinten vastaavista ominaisuuksista

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , | Leave a comment

Aikataulu – Linuxin keskitetty hallinta – 3 op, vanha OPS – loppusyksy 2017 p5 – Puppet

Control 10 computers. Or 100. Or 1000. Use Puppet, the tool used by US Gov (security baseline), Mozilla, Google (laptops and desktops) and Wikipedia.

Just write what you want (idempotency). Control almost everything with one system (single source of truth). In plain text (infrastructure as code, versionable).

The course in Finnish.

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , | 16 Comments

Starting with JavaScript – Arrays, for..of, F12 console

JavaScript gets you to results easily. It’s the native language of web pages.

You can create and sell Android Apps easily by packaging your HTML and JavaScript with PhoneGap/Cordova. All popular (1000+ installs) cell phone apps in my courses have been created this way, including Lauri’s Times Grid Table with over 50 000 installs.

But how do you learn JavaScript? Read MDN JavaScript, try it out in Firefox F12 console, and learn some more in FreeCodingCamp.org.

This article shows you a simple example with a lion, a horse and a duck.

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Initial Testing and Tries on MySQL Socket Authentication

MySQL has some initial support for passwordless socket authentication, but based on by very brief and initial testing, it does not seem to be ready for prime time yet. If you want socket authentication, PostgreSQL does socket authentication out of the box.

This article describes some tests on MySQL socket authentication and a configuration that does not work.

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , | Leave a comment

Simpler Puppet Manifests – Resource Defaults and Manifest Ordering

Tips to make your Puppet manifests shorter and easier to read.

Resource defaults: If I say ‘package’, of course I want it installed. Services are usually running and enabled at boot.

Manifest ordering: Top-down, so I don’t have to ‘require’ the package in every other resource.

Puppet is the configuration management system used by Google (desktops and laptops), Wikipedia (servers) and US Gov (security baseline).

Continue reading

Posted in Uncategorized | Tagged , , , , , | 1 Comment

Apply Puppet Resources Top Down – ordering=manifest – Order without Require

By default Puppet manifest ordering is arbitrary. You either have to use require a lot or apply your modules twice. But there is an easy fix:

$ sudoedit /etc/puppet.conf
[main]
ordering = manifest
# ...
Posted in Uncategorized | Tagged , , , , , , , , | Leave a comment

Aikataulu – Palvelinten hallinta ict4tn022-3 – 5 op, uusi OPS – loppusyksy 2017 p5

Control 10 computers. Or 100. Or 1000. Use Puppet, the tool used by US Gov (security baseline), Mozilla, Google (laptops and desktops) and Wikipedia.

Just write what you want (idempotency). Control almost everything with one system (single source of truth). In plain text (infrastructure as code, versionable).

My current research area is configuration management systems: I gave an invited speech in IEEE ICIM, I’ve recently published a conference paper and gave some tailored teaching on this.

The course in Finnish.

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , | 59 Comments

Arvioitava laboratorioharjoitus – Linux palvelimet ict4tn021-5 torstai – alkusyksy 2017 – 5 op

This is the evaluated lab exercise for Linux Server Administration course, 50% of grade. Student had a Live USB stick and an empty computer, and he could use the public Internet. No other tools were allowed.

Course feedback was excellent 4.7 out of 5. The mode (most common) feedback grade was the highest score 5. Thank you! You can read student feedback (and some more).

The exercise is in Finnish.

Tervetuloa “Turvallinen Sipuli Oy:n” palvelukseen. Olet nyt tietohallitopäällikkömme (ja -osastomme). Tämä on Linux palvelimet ict4tn02-4 torstain ryhmän arvoitava laboratorioharjoitus, 50% arvosanasta.

Continue reading

Posted in Uncategorized | 4 Comments

Arvioitava laboratorioharjoitus – Linux palvelimet ict4tn021-4 tiistai – alkusyksy 2017 – 5 op

This is the evaluated lab exercise for Linux Server Administration course, 50% of grade. Student had a Live USB stick and an empty computer, and he could use the public Internet. No other tools were allowed. Course feedback was excellent 4.5 out of 5. The exercise itself is in Finnish.

Opiskelijat saivat hyviä arvosanoja, yleisimmät olivat 4-erittäin-hyvä ja 5-kiitettävä, joskin skaala oli käytössä ja joukkoon mahtui hylättykin suoritus. Katso Teron kommentit labrasta ja läksyistä.

Kurssipalautteen keskiarvo oli 4.5 erittäin-hyvän ja kiitettävä välillä, moodi ja mediaani oli 5-kiitettävä (paras mahdollinen). Lue opiskelijoiden kurssipalaute ja lisää palautetta. 100% eli 24/24 kurssin suorittaneista antoi palautteen.

Tehtävä alkaa…

Olet nyt “Kätketty Mestari” Oy:n tietohallintopäällikkö (ja -osasto). Tämä on Linux palvelimet ict4tn021-4 arvioitava laboratorioharjoitus.

Continue reading

Posted in Uncategorized | Tagged , | 4 Comments

Acute 0.2.2 – Integrate Help Commands to Single Interface – pydoc3, puppet describe and man in GoldenDict

Access all documentation commands and dictionaries trough a single interface.

Acute(1) suppresses output if it’s just “documentation not found”, so your interface stays clean.

With GoldenDict and acute, you can see real time queries to help commands along offline programmer’s dictionaries and regular dictionaries.

By using ‘grep’ as a command, you can quickly add any one-thing-per-line as a dictionary.

Continue reading

Posted in Uncategorized | Leave a comment

Print Special Characters as Backslash Escapes – Python3 One-liner with Unicode Support

Let’s find that weird or invisible character that breaks your code

$ echo "Hello in Finnish: Päivää"|python3 -c 'import sys; s=sys.stdin.read(); print(s.encode("unicode_escape"));'
b'Hello in Finnish: P\\xe4iv\\xe4\\xe4\\n'

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , | Leave a comment

Commands in GoldenDict – Offline Dictionary of man, grep, pupppet help and your commands

NEW: There is a new, better version of this article and program.

Add Python reference, man pages and your own commands to dictionary.

This example shows how to add commands as dictionaries to GoldenDict. Commands show information for the exact versions of software we have installed and this information (man, puppet help…) gets updated automatically with the software.

By using ‘grep’ as a command, we can quickly add any one-thing-per-line as a dictionary.

Continue reading

Posted in Uncategorized | Tagged , , , , , , , | Leave a comment

pydoc3 str – Python Reference in Your Command Line – Airplane & Cottage Entertainment

You can read Python documentation offline with pydoc3. It’s installed automatically with Python, and it always shows documentation for the version of Python you have installed.

$ pydoc3 str

You can see reference for a library ‘pydoc3 re’ or a single command ‘pydoc re.sub’. If you’re going to airplane or far, far away from the Internet, also check out my offline reference for programmers.

Posted in Uncategorized | Tagged , , , , , , , , , , | Leave a comment

Python RegEx One-Liner in a Pipe – Remove Hard Line Wrapping – No Perl

Just put Python in your pipe and let Perl rest in peace.

Python can be used as a one-liner in a pipe. Replacing text with a regular expression used to be the last holdout of perl, but now you can do it with Python.

Python is more familiar to most of us, and Python 3 also shines with Unicode and UTF-8 encoding and multiline expressions. For very short or simple replacements, perl syntax might still be more convenient.

$ echo "Hello Tero!"|python3 -c 'import sys, re; s = sys.stdin.read(); s=re.sub("Hello", "Good morning", s); print(s);'
Good morning Tero!

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , | Leave a comment

Interactive Map on Your Web Page – with Markers – Leaflet.js and OpenStreetMap

Create an interactive map on your web page.

Using Leaflet.js, it can be a static web page on any server. With OpenStreetMap.org tiles, you can start using it without any API keys and without registration.

Includes live example.

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , | 1 Comment

Your JavaScript in Thunderbird – Manipulate Shown Email Contents with Developer Console

You can run Javascript interactively in Thunderbird. It containts a developer toolbox, similar to Firefox F12 console.

In this short example, we change some text on the message being viewed.

With Firefox, I have used similar content manipulation to fix broken websites and to see translations in every Wikipedia page.

Continue reading

Posted in Uncategorized | Tagged , , , , , , , , | Leave a comment

Database Connection from Python Flask to Postgre, Using Plain SQL

Reading PostgreSQL database with Python.

Create a website with database. Use the simple popular Python framework, Flask. Apply your existing SQL skills.

This short program creates a new PostgreSQL database and inserts some records.

If database and sample records already exist, initialization is skipped.

Finally, the records are read from the database and shown on a web page.

These notes contain code from BotBook.com projects.

Continue reading

Posted in Uncategorized | Leave a comment
  • Picks

  • Boxing Clock for AndroidOcton8 Diving T-ShirtsShaking Tower Panda Android GameLearn Chinese with Android
  • Student projects