• Use Network Manager to handle 'device not managed' or 'unmanaged' issue in Ubuntu for SecurityOnion at Digital Ocean

    Posted in Developing Software on Jul 21, 2021

    An out-of-the-box install of Ubuntu 18.04.5 at Digital Ocean will not work for a SecurityOnion installation, because of the way cloud-init is managing the network. Security Onion prefers NetworkManager to manage the network. Cloud-init is required by Digital Ocean for deployment of a custom image. Yet Security Onion also prefers a specifically-partitioned virtual disk, which is not recommended to do with an already-running Ubuntu. Together, these constraints leave few options.

    Fortunately, after the custom image of Ubuntu is deployed in Digital Ocean, you will not need the network part of clou...

  • Use fdisk and parted to resize a 100Gb custom image of Ubuntu for Digital Ocean to prepare for a 320Gb SecurityOnion install

    Posted in Developing Software on Jul 21, 2021

    Digital Ocean cannot deploy a Custom Image larger than 100Gb. Security Onion requires 200Gb to install. To workaround the Digital Ocean limitation, create a 100Gb custom image of Ubuntu, configured with only three partitions: /boot, /, and /tmp. (Leaving out /nsm and swap requirements for the moment). After the image is deployed as a 320Gb Digital Ocean custom image droplet (or larger), you can resize it easily using parted. Then you can use fdisk to add these final two partitions (or you can use parted, but I find fdisk's mostly-automatic prompts make it the easiest approach for this purpose)...

  • Install and whitelabel Grafana with a custom grafana_icon.svg and a few other minor changes

    Posted in Developing Software on Jul 20, 2021

    Grafana is an amazing application, one of the most active open source projects in the world, and they are firmly committed to the Free Software / Open Source way of doing things. You should know up front that the following information enables a feature (whitelabel) which is part of the Enterprise edition from Grafana Labs. So in the spirit of being thankful for the hard work Grafana Labs has done to make this software available for free, please only use the following information for small, private installations. If you can at all afford to use the Enterprise edition -- which has many other exc...

  • How to configure Ubuntu via /etc/network/interfaces using ifupdown managed by Network Manager for Security Onion

    Posted in Developing Software on Jul 12, 2021

    That headline is a mouthful, so let's break it down:

    • How to configure Ubuntu
    • via /etc/network/interfaces
    • using ifupdown
    • managed by Network Manager
    • for Security Onion

    In more simple terms I would prefer this headline: "How to configure Ubuntu with ifupdown for Security Onion," but it turns out Security Onion requires Network Manager (which thankfully is not entangled with systemd in the way that netplan and networkd are), and so... I've found a way to eliminate netplan and networkd, leaving network-manager and ifupdown like the good ol days.

    From what I can tell by fairly aggressive searchin...

  • Placing Apache reverse proxy in front of Security Onion

    Posted in Developing Software on Jul 09, 2021

    Security Onion prefers to think that it's talking to the world, not a proxy. But you can do it.

    It took me awhile to get this working because I was also trying to get Apache Basic Authentication working. Alas, Security Onion is so complex that I was only able to get Authentication working smoothly for the front-door portion so far, so I'm leaving that information out for now.

    Note that I had to configure Security Onion during install with the complete FQDN ("securityonion.example.com") that would be visible to the Internet, even though it does not talk directly to the internet.

    Trying to acces...

  • Important insight into Power and how it operates outside of Logic

    Posted in Phlosphy Stuff on Jul 08, 2021

    Years ago I was impressed by the power of Law to transform me. I was impressed because I was sincerely changing my nature and behaviors due to the way I had encountered Law and Order (the justice side of it), and wanted to ensure that I did not encounter Law in that way before. I began a long series of thought experiments on the nature of Law and how it could be kept in books, yet exerted an effect into my life. It was a very curious thing to me -- how could this law, which is written in black ink on white pages in books, very obviously a dead and dry, desiccated, and powerless medium, have su...

  • What to do when qemu-guest-agent on CentOS does not work after installing with yum

    Posted in Developing Software on Jul 08, 2021

    After installing qemu-guest-agent with yum, which was easy enough with sudo yum install qemu-guest-agent I did not see IP information in the proxmox host, so I knew it was not yet working. I tried several things, none of them worked. First I tried looking at the status. Got an error indicating the service was not installed:

    # sudo service qemu-ga status
    Redirecting to /bin/systemctl status qemu-ga.service
    Unit qemu-ga.service could not be found.

    So then I tried to reinstall, but got a notice that it was already installed:

    # sudo yum install qemu-guest-agent
    Package 10:qemu-guest-agent-2.12.0-3...

  • Kill a Proxmox VM that won't quit with a one-liner using the pve node's command prompt

    Posted in Developing Software on Jul 06, 2021

    I was using the handy information at Proxmox can’t stop VM – How we fix it! (bobcares.com) for a while. They have a two-line approach which does the job, but displays the (very) long command line for starting a proxmox VM on the screen while doing so. To me, facing a wall of text while searching for the process ID means it takes an extra microsecond or two to perform. So here's the one-liner approach:

    # kill -9 `ps aux | grep "/usr/bin/kvm -id 104" | grep splash | awk '{print $2}'`

    Simply replace the 104 above with the VMID you want to end, and the VM will die immediately.

    Here's the quiet two...

  • Fix Shellinabox "rhostsrsaauthentication" and "rsaauthentication" errors

    Posted in Developing Software on Jun 27, 2021

    ShellInABox is a tidy little app that works well, but when you configure it to connect via SSH directly instead of using its internal shell, it throws up a couple minor errors when logging in:

    command-line line 0: unsupported option "rhostsrsaauthentication"
    command-line line 0: unsupported option "rsaauthentication"
    

    You can safely ignore these two notices, but if you want to remove them, here's how to do it:

    Stop the currently running service.

    sudo service shellinabox stop

    Install git, nano, and some tools needed during compiling code:

    sudo apt install git nano autoconf dh-autoreconf libssl-...

  • Upon glimpsing the unicorn of Riemann's missing one half while awakening

    Posted in Mathy Stuff, Postinfinity Tergiversation on Jun 24, 2021

    I just now, minutes ago, was drifting between awake and asleep. slowly becoming aware of the lightly falling rain outside, while also in a half-dream state, contemplating random mathematical ideas, when I caught a glimpse of the 1/2 which completes the sphere of infinity. I have glimpsed it intellectually many times, but this is the first time I've seen it intuitively, actually seen the shape and how it relates to a sphere and a circle and a 1/2.

    The idea moved like lightning, not for its brilliance, but for its speed. Gone immediately. I was contemplating a sphere, but I was looking through ...