The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,318 other followers

Archive for the ‘Docker’ Category

Dockerfile with Bite Size Networking tools from b0rk

Posted by jpluimers on 2021/04/16

[WayBack] Ryan James Spencer on Twitter:

“I wrote a quick Dockerfile so people who purchase Bite Size Networking from  @b0rk can quickly have access to the tools. You can slim the image down to do debugging on docker networks once you get comfortable with which tools are most useful to you.”

He is planning to do more, so maybe a few of [WayBack] wizard zines get encapsulated into dockerfiles as well.

–jeroen

PS: [WayBack] Dockerfile | Docker Documentation

# N.B. The only tool missing here that is mentioned in the document is `zenmap`
# purely because this image is intended to be run via a CLI and `zenmap` is a GUI
# to `nmap` i.e. one can play around with the tools by running:
#
# $ docker build –name bite_size_networking:latest .
# $ docker run –rm -d –name bsn_test bite_size_networking:latest
# $ docker exec -it bsn_test bash
#
# Alternatively, one can change the `ENTRYPOINT` to `["bash"]` and run:
#
# $ docker run -it –name bsn_test bite_size_networking:latest
#
# then later (after exiting the shell):
#
# $ docker start bsn_test
# $ docker attach bsn_test
#
# One can also run this image on a docker network to capture packets and so
# forth for debugging purposes. Once you've found the tooling that best suits
# your needs, it may make sense to make a slimmed down version of this
# Dockerfile and, if wireguard isn't needed, base this image off
# `debian:stable` instead.
#
# Lastly, you can purchase Bite Size Networking or Julia's other fantastic
# zines over at https://wizardzines.com/
# We use `unstable` here since we install `wireguard` below
FROM debian:unstable
RUN apt update && \
DEBIAN_FRONTEND=noninteractive apt install -y \
dnsutils \
curl \
nmap \
tcpdump \
ngrep \
mitmproxy \
iptables \
ethtool \
stunnel \
hping3 \
lsof \
ipcalc \
p0f \
iperf \
apache2-utils \
wget \
python3 \
iftop \
nethogs \
iptraf \
httpie \
nload \
aria2 \
nftables \
tcpflow \
telnet \
openvpn \
links \
wireguard \
tshark
ENTRYPOINT ["sh", "-c", "while true; do sleep $(( 60 * 60 * 24 )); done"]

Posted in *nix, *nix-tools, Cloud, Containers, Docker, Infrastructure, Power User | Leave a Comment »

Helping the WayBack ArchiveTeam team: running their Warrior virtual appliance on ESXi

Posted by jpluimers on 2021/03/19

The [WayBack] Archiveteam helps the WayBack machine with feeding new content.

You can help that team by running one or more “warrior” virtual machine instances. The VM is distributed as a virtual appliance in an ova file according to the Open Virtualization Format.

That format sounds more generic than it actually is, so the (at the time of writing) archiveteam-warrior-v3-20171013.ova file at [WayBack] Index of /downloads/warrior3/ was created for VirtualBox.X

This meant running it on VMware ESXi or VMware vSphere takes a few steps for patching it, then uploading it to your VMware host.

Since I might want to run the appliance on multiple places or multiple instances, I wanted to have a ready-to-go solution, I created a git repository with both the patch instructions and the update at [WayBack] wiert.me / public / ova / archiveteam-warrior-v3-20171013.ESXi · GitLab.

Read the rest of this entry »

Posted in Cloud, Containers, Docker, Infrastructure, Internet, InternetArchive, Kubernetes (k8n), Power User, WayBack machine | Leave a Comment »

Why and how GitLab abandoned Microsoft Azure for Google Cloud | VentureBeat

Posted by jpluimers on 2020/07/22

Reminder to self to check out how this move went: [WayBack] Why and how GitLab abandoned Microsoft Azure for Google Cloud | VentureBeat.

Via [WayBack] Kristian Köhntopp – Google+

–jeroen

Posted in Azure Cloud, Cloud, Containers, Development, DevOps, Docker, GCP Google Cloud Platform, Google Kubernetes Engine, Infrastructure, Kubernetes (k8n), Software Development | Leave a Comment »

Getting rid of Docker plain text credentials – Hacker Noon

Posted by jpluimers on 2020/05/29

For my research list: [WayBack] Getting rid of Docker plain text credentials – Hacker Noon

Repository at [WayBack] GitHub – docker/docker-credential-helpers

–jeroen

Posted in *nix, *nix-tools, Cloud, Containers, Docker, Infrastructure, Power User | Leave a Comment »

Update NOW! CVE-2018-1002105, with root access. ​Kubernetes’ first major security hole discovered | ZDNet

Posted by jpluimers on 2018/12/04

From [WayBack] ​Kubernetes’ first major security hole discovered | ZDNet in reverse order:

Fortunately, there is a fix, but some of you aren’t going to like it. You must upgrade Kubernetes. Now. Specifically, there are patched version of Kubernetes [WayBackv1.10.11,  [WayBack] v1.11.5, [WayBackv1.12.3, and [WayBackv1.13.0-rc.1.

[WayBack] Red Hat said, “The privilege escalation flaw makes it possible for any user to gain full administrator privileges on any compute node being run in a Kubernetes pod. [WayBackThis is a big deal. Not only can this actor steal sensitive data or inject malicious code, but they can also bring down production applications and services from within an organization’s firewall.”

And the bug, [WayBackCVE-2018-1002105, aka the Kubernetes privilege escalation flaw, is a doozy. It’s a [WayBackCVSS 9.8 critical security hole.

Via [WayBack] ​Kubernetes’ first major security hole discovered | ZDNet – Ondrej Kelle – Google+

–jeroen

Posted in Cloud, Containers, Docker, Infrastructure, Kubernetes (k8n), Power User, Security | Leave a Comment »

 
<span>%d</span> bloggers like this: