Google Alternatives – Search

Google Product Alternative: SEARCH
Difficulty: EASY
Cost: FREE

A couple of years ago, when I was writing an e-mail via Gmail, inside my Google Chrome browser listening to Youtube music, and about to perform a Google search for something, I realized I was completely sucked into the Google ecosystem. While I did enjoy the fast searches that usually seemed relevant, I noticed that my searches were becoming too personalized, and it made me wonder if my Google account had contained a list of keywords that I searched for, and how was Google using my search information? With what has been published recently in the news about the NSA snooping on innocent US citizens, it’s clear that anything you have ever searched for on Google, while logged into your Google account or not, is probably sitting on some storage arrays awaiting future processing for whatever purpose. I have no idea what this data can and will be used for, but I doubt they using the data to choose what to send you for next years birthday card ๐Ÿ™‚

I decided to give a few search engines a try, but found that DuckDuckGo had the most relevant results and speed, and also cares about privacy. ย You should also set DuckDuckGo as your default Search Engine in your web browser – I replaced Google as the default and use DuckDuckGo now instead. Last, but I am sure not least, are the Android and iPhone apps for your phone and devices.

Advertisements
Categories: TechBlog

Samsung Chromebox – Review after a week of usage

When I booted the machine for the first time, the Chromebox didn’t want to connect to my wireless or wired networks to continue with setup. Once I tried wired alone, and then rebooted, and then wireless alone, and rebooted, and nothing worked, I decided to try another access point; only at this point, when I created another access point, was it able to connect to this other wireless ap and login with my Google account. I am not sure why it didn’t want to negotiate with my network gear, as Linux, Apple IOS, Android, and Windows machine connect without incident on the first try usually. I will chalk this one up to a bug in the early version of ChromeOS that was on the unit when it shipped to me.

Once I was able to login..I noticed something didn’t seem right – ChromeOS didn’t look anything like the screenshots I saw online a few days ago? All I had was a browser really…with no icons in the bottom left, no desktop, etc. Finally located the “Update” button, and was able to update the device to the latest OS version. This is the time things started to look up for the device; it feels quick and nimble, and doesn’t seem to stutter on any tasks so far, even while going on an “exciting” install binge at the Google Chrome Store ๐Ÿ˜€

Although the Chromebox was a Mother’s Day gift, I am really starting to like the concept. ย Having said that, I doubt I will be getting one for personal usage anytime soon, as I wanna make sure this one was a “good” idea after a year or so. These days, your never certain what kind of “traction” a product will have in the market, and it almost seemed like a risky idea to try out this style of computing; at the end of the day though, this machine is built around a browser that has taken a very large share of browser usage worldwide, which means that eventually sites that didn’t work on Chrome, will work. Also there are quite a few games, office add-on’s, tv and movie players, and also the ability to access stuff you have purchased with your Google Play account, like music, books, movies.

Final thought: If you need to replace an aging Windows desktop computer for a casual user, this could be your “silver bullet” – just plug in their monitor, keyboard, mouse, speakers, and they are ready to go.

Now that the gigantic Dell desktop “tower” is a thing of the past, you can use your desk again ๐Ÿ˜€

Categories: TechBlog

Namecheap Positive/Comodo SSL and Nginx

Namecheap has been my source for in-expensive SSL certs for usage on web servers, especially Nginx. Since there is already a pretty good article for setting up SSL with these Namecheap Certs and Nginx, I will not “re-invent the wheel”, but it seems that the “intermediary” part of the installation wasn’t included.

http://kbeezie.com/view/free-ssl-with-nginx/

The above link should get you 90% configured, but you will want to use the included CABundle cert, which is inside the zip file that Namecheap will send you once the registration process is complete. This Bundle is required to allow your SSL cert to be able to be seen by some browsers, otherwise they will give the dreaded “self signed” style warning. To ensure that all browsers are able to use your SSL without issue, be sure to append this CABundle that is provided with your cert from Namecheap:

This is just a continuation of the Kbeezie Nginx SSL setup…

cat CABundle >> /etc/ssl/nginx/domain.pem

Once you have done this, be sure to restart Nginx for the change to be applied to the SSL server.

To test if you have correctly completed this, you can simply use curl (although openssl also has a tool to check an SSL cert)

curl -I https://secure.my-domain.com

If the server header is displayed, then you have done everything correctly. If not, you will see an error about “was not able to verify the identity of the SSL cert” error.

Example error:

curl -I https://super-cool-and-secure-domain.com
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html

….

On Success, you will see a normal HTTP 200 message.

So there you have it – Thanks to Kbeezie.com for the tutorial, and I hope that this part regarding the required intermediary can tell those who are seeing errors with their Namecheap SSL cert from Comodo or PositiveSSL, and are using Nginx. Although not all browsers will complain, it’s best to make sure that you don’t have anyone closing your site, due to SSL errors ๐Ÿ™‚

Categories: TechBlog

Secret agent, ossec

Ok, so there are no secrets, I just wanted to add a little spice to the title ๐Ÿ˜€

I was recently tasked with investigating the usage of HIDS on some systems, and decided to do the Ossec server and client installation, versus the usual local installation I am used to doing with random nodes that I have configured. I found that once the server portion of Ossec was installed on a host, it was very easy to manage clients, which includes creating keys that the client will use to authenticate with the server. I also enabled the usage of syslog for Ossec, so now I have a router/firewall, switch, and a few hosts in the data center that are remotely logging to the Ossec server, and Ossec is sending out alerts if it see’s anything strange: For example

Received From: x.x.x.x->/var/log/syslog
Rule: 1002 fired (level 2) -> “Unknown problem somewhere in the system.”
Portion of the log(s):

Mar 18 19:01:05 X.X.X.X xapi: [error|XHOST|356 xal_listen|VM (domid: 48) device_event = device shutdown {vbd,51712} D:373b8b99d8b3|event] device_event could not be processed because VM record not in database

So far, I am liking the abilities of Ossec to watch over the HID type stuff, and the remote syslog alerting is also very useful.

If you would like to configure this kinda setup, please use the URL below; I will followup soon with more about this Ossec installation and what I have learned since. Thanks for reading!

http://www.ossec.net/ossec-docs/OSSEC-book-Ch02_SA240.pdf

Categories: TechBlog

Automattic hackory

http://www.theregister.co.uk/2011/04/13/wordpress_hack_attack/

If you have a WordPress Blog(like this one), I would suggest that you change your username and password quickly. It seems as though Automattic was owned recently, and they have warned users to change their passwords, especially those passwords that you use on more than one site(bad practice anyways, keep password unique).

Categories: TechBlog

High availability storage with Gluster

Decided to give GlusterFS a try this week – it was a quick & painless install, and most of my hiccups are because I set up the environment in VirtualBox, and not on hardware. Overall, I am quite impressed at how simple the software is to setup, and like the flexibility that it seems to offer, as you can grow your “exported” volumes easily by adding physical disks to the storage nodes, in terms of “storage bricks”, and also how you can mount the storage in a very NFS-like style to your host systems.

I created 2 storage nodes VM’s, and a single host VM to attach to them for this example; this how-to is from the “How-To Forge” website (thanks!)

When I created the storage VM’s, I purposely made one of the nodes hard disks smaller than the other, just to see what the effect would be to the visible ; the effect of this action was assumed – our storage cluster disk size is the smallest available disk. Since this is a mirror, our 10gb and 12gb disk nodes only give you a total of 10gb usable, as we are essentially doing RAID1 mirroring on the storage nodes.

(You can see the node on the left has 10Gb, and the node on the right has 12Gb of disk storage assigned to it)

And this is what the two nodes in the top screen shot look like as a mounted file system on the host side.

Thats it for now – I will be easing this setup into production environments shortly, and will update this blog when completed.

Thanks for reading, and happy storage days!

Categories: TechBlog

Landscape – Update Alert

I just wanted to post a quick screen capture of an alert for a software update that was sent via Landscape. Till the next update!

Categories: TechBlog