GiGl first alpha version available

GiGl (Glycemic index/Glycemic load) is an app that I developed for personal usage. It is a fast way to check the expected response of your body to most of the commonly available foods. Key points:

  • No tracking. No adds. The app doesn’t require network permissions.
  • Insulin index (II where scientific study available).
  • Open-source.

Continue reading “GiGl first alpha version available”

Fighting SPAM with postfix and fail2ban

After detecting spammers with an RBL list you can block them for a predefined period of time with the help of fail2ban. How does it work:
– fail2ban parses mail.log
– when a spammer IP is found it is added to a temporary list
– future requests from the spammer’s IP is blocked Continue reading “Fighting SPAM with postfix and fail2ban”

Copy data from bloomberg sft with winscp cmd

It is a little bit tricky to run winscp command. Here is a working example:

  1. connect and authenticate with pre shared key
  2. synchronize all except bin,etc
  3. exit with correct exit code
  4. eventually run powershell script

 

Testing IO performance with variable block size on NTFS and REFS

Basic command:

raw data: Continue reading “Testing IO performance with variable block size on NTFS and REFS”

Change local admin password with PowerShell

Change local admin password on multiple machines with PowerShell.

 

Convert VMDK to VHDX with powershell

 

NextCloud 12 Active Directory nested groups

Insert following query in editor:

 

Test it:

 

 

Recursively change folder permissions Exchange 2016

 

FC Adapter HBA Attributes

All cluster’s WWN

 

Adaptive DDOS IDS firewall

We had a task to build a simple solution for DDOS protection on the learning phase of attack. Main goals were:

  1. To build it fast: We chose Ubuntu … as everything needed is compiled and build in.
  2. Minimum network intervention: We opted for L2/L3 bridge with iptables integration which we plugged between our autonomous system (AS) and internet.
  3. Auto learning offenders: Using honeypot service to distinguish non-legitimate connections. Log source IP address and drop packet with iptables. Using suricata ids to additionally analyze client requests.
  4. Auto block offenders: Using fail2ban to pars logs generated by iptables and suricata and temporary disable all connections from offending sources.
  5. Have some connection limit capabilities: Again we used iptables with connlimit and conntrack modules activated.

Continue reading “Adaptive DDOS IDS firewall”