Amazon.co.uk Widgets

Log in

X

Multizone | All our technotes

If we've published it, you can find it here.

Kali Linux on EC2 in AWS for Pen Testing (Part 2)

Kali Linux on EC2 in AWS for Pen Testing (Part 2)

Installing Kali Linux on EC2 in AWS for Pen Testing

TL:DR In part one a Kali Linux instance was created in AWS what follows is a step by step guide to getting remote desktop working with Apache Guacamole™ so that the Kali Linux graphical tools can be used.

Read more: Kali Linux on EC2 in AWS for Pen Testing (Part 2)

Kali Linux on EC2 in AWS for Pen Testing (Part 3)

Kali Linux on EC2 in AWS for Pen Testing (Part 3)

Installing Kali Linux on EC2 in AWS for Pen Testing

TL:DR In part one a Kali Linux instance was created in AWS and in part two the dependencies and web services required were added to that instance. What follows is a step by step guide to getting remote desktop working with Apache Guacamole™ so that the Kali Linux graphical tools can be used.

Read more: Kali Linux on EC2 in AWS for Pen Testing (Part 3)

AppOps - The DevOps diagram for mobile apps - Plan, Code, Build, Test, Publish, Operate, Monitor

Software Assurance

Making sure software apps function as intended and are free from known vulnerabilities and implementation flaws

Recently, I was asked to examine an acquired Software as a service (SaaS) app to see if it needed updating because the acquirer felt it was based on some older technology and needed to understand that more fully. This was for a very mature system with little or no new feature development planned. My task was to make whatever recommendations were necessary without planning new product features.

There's quite a bit to unpack there. So lets try to get to the bottom of it and come up with a plan.

TL:DR — Some steps I took, and all the gory details of how I thought it through using the principles of "Software Assurance" to provide recommendations to bring an acquired SaaS app to a state where security and service can be assured by the acquiring organisation.

Read more: Software Assurance

Windows 11 (from MS News Centre)

Find your Windows product key

Product keys are needed to activate Windows

Without the 25 character activation code you will be unable to activate Windows and it won't function. Codes come from all sorts of sources including digital downloads, and developer subscriptions and software provided by original equipment manufacturers (OEMs). The technology was introduced in an effort to reduce software piracy back with Windows XP. It is perfectly legitimate to re-install and re-activate Windows on the PC for which the product key is eligible as often as you like.

"Most licenses allow for software to be re-installed and activated on the same PC an unlimited number of times. To ensure that you are using your license properly, please see your end user license agreement or product use rights for details on a specific product."
Piracy Home, Microsoft Product Activation (2012) http://www.microsoft.com/piracy/mpa.aspx (Web page gone but not forgotten)

Edition of Windows

The code is also responsible for determining what particular edition of Windows you are eligible to run on your computer.

Original product keys stored in your computer

This article is concerned with codes stored in your PC, which might be useful if you are reinstalling from scratch or upgrading to a newer version of Windows and need the original product key from a previous version.

TL:DR – Product keys are often stored in the Advanced Configuration and Power Interface (ACPI) BIOS settings of computers to aid with reinstallation without costly support calls for the original hardware vendors. This is memory which is for configuration information and is separate from the drive on the system. It is easy to fish the information out if you know the commands needed.

Read more: Find your Windows product key

Lets Encrypt secure virtual hosts on Ubuntu Linux

Virtual Hosts with SSL, isn't that hard, is it?

The Apache HTTP Server has always had a virtual hosts feature to serve multiple differently named websites from the same server. Setting it up with SSL is more complex than it perhaps ought to be, and that is probably historical given that the project it named after HTTP it was centred around http and https was originally an additional, often expensive and complex configuration step.

This seems outmoded to me. Traffic encrypted to the web browser with https is mandatory for any serious web presence. http is an insecure protocol that should really be a secondary consideration. Anyway, it is what it is.

With virtual hosts, each individual site appears to the end-user to have a different identity even though it is served from the same server. Hosting providers use this technology to provide resilience, security, scale, analytics and for many other reasons but it is also useful for developers who want to have a replica small scale development or staging environment perhaps for multiple websites. A development environment is my reason for building out Apache 2 virtual hosts with separate Let's Encrypt certificates on my Ubuntu Linux machine.

To make it work, you need to think about setting out the directory structure on your Linux machine, the Virtual Hosts configuration files for Apache2, and a properly resolving DNS record to the Linux machine hosting your virtual host site. Setting it up is easy enough but takes a little bit of concentration on the details of all these moving parts. Adding SSL to these virtual hosts is far less tricky than it once was because 'Let's Encrypt' does most of the heavy lifting now.

You'll need

  • Ubuntu Desktop 22.04.1 LTS updated to latest.
  • An administratrive user that can 'sudo'.
  • Let's Encrypt 'certbot' installed and a good understanding of Linux locations and editing tools.
  • An IP address on your Linux machine that is reachable from the Internet. This can either be fixed or dynamic via 'ddclient'.
  • Local DNS, sometimes called 'split DNS', perfectly set up for your local area network or a hosts file with entries for the names pointing at the local IPv4 address of the Linux machine.
  • The domains you wish to use for your virtual hosts set up to use that IP address or an alias that resolves to it.

TL:DR I now have two dev sites on my local Ubuntu Desktop. Both have valid Let's Encrypt SSL certificates and are working well locally and via the Internet. It took about 45 minutes to set up.

Read more: Lets Encrypt secure virtual hosts on Ubuntu Linux

Saved £369 on the iPad Pro at CeX in the UK

Saved £369 on the iPad Pro at CeX in the UK

Should you upgrade to the 2022 iPad Pro, supercharged by the Apple M2? 

A. Yes if you have an iPad older than the first M1 2021 model

TL:DR: If you have the original home button equipped iPad Pro from 2015 (12.9 inch) or 2016 (9.7 inch), or the home button equipped iPad Pro from 2017 then now is the time to upgrade. The 2018 and 2020 no button iPad Pro's are a harder call to make as they have USB-C and improved looks and performance but I would still say it is time to upgrade as they have good resale value and will miss out on iOS features such as Stage Manager that need Apples M1 or M2 chipset power. The 2021 iPad Pro based on the Apple M1 chip is probably not worth upgrading to the 2022 model. The 2024 iPad Pro is the current model but you can find it new with a small discount at Amazon or used with a massive discount if you try hard!

Read more: Saved £369 on the iPad Pro at CeX in the UK

Setting up a power schedule for macOS with pmset

Setting up a power schedule for macOS with pmset

pmset is a swiss army knife of functionality for sleep, standby, UPS, scheduled event, and power source debugging, The examples in the man page show some uses of most of them. My remote mac is a desktop without an uninterruptible power supply (UPS) so I need a simple power regime to make sure my Mac is on for remote backup when I need it to be online - this is exactly what used to be possible via System Settings.

pmset -g

Lets first check what is currently set on my Mac, upgraded from macOS Monterey to macOS Sonoma. (Annotations mine)

% pmset -g
System-wide power settings:
Currently in use:
 disksleep            10 - Disk spindown timer; (value in minutes, or 0 to disable)
 powernap             1  - Enable/disable Power Nap on supported machines (value = 0/1)
 womp                 1  - Same as "Wake for network access" in System Settings.
 networkoversleep     0  - This setting is not used by all platforms; changing its value is unsupported
 sleep                10 - (sleep prevented by sharingd, powerd, bluetoothd)
 Sleep On Power Button 1 - Not documented 
 ttyskeepawake        1  - prevent idle system sleep when any tty is 'active'. (value = 0/1)
 tcpkeepalive         1  - Not documented 
 autorestart          1  - automatic restart on power loss (value = 0/1)
 standby              0  - kernel power management to automatically hibernate (setting visible if the feature is supported on this machine)
 displaysleep         10 - display sleep timer (value in minutes, or 0 to disable)

Not sure if ttyskeepalive respects Apple Remote Dektop (ARD), but I hope so! The disksleep parameter seems a bit weird. All Mac computers have been SSD for years now. There is no disk to 'spindown'. And standby is a bit weird too. This is a Mac mini - it wouldn't normally hibernate. Ignoring these for now. 

pmset scheduled events

pmset allows you to schedule system sleep, shutdown, wakeup and/or power on. schedule is for setting up one-time power events, and repeat is for setting up daily/weekly power on and power off events. Note that you may only have one pair of repeating events scheduled - a "power on" event and a "power off" event. For sleep cycling applications, pmset can schedule a "relative" wakeup or poweron to occur in seconds from the end of system sleep/shutdown, but this event cannot be cancelled and is inherently imprecise" - Source: pmset Man page

type - one of sleep, wake, poweron, shutdown, wakeorpoweron
date/time - "MM/dd/yy HH:mm:ss" (in 24 hour format; must be in quotes)
time - HH:mm:ss
weekdays - a subset of MTWRFSU ("M" and "MTWRF" are valid strings)
owner - a string describing the person or program who is scheduling this one-time power event (optional)

This is obtuse for 2023. Weekdays have letters to describe them, in a way so as to have a unique letter for each day. Old school Unix I guess. Not very 'global'. Anyway, for my purposes for one particular Mac Mini I want it to power on on Saturday at 09:00 and shutdown at 21:00 so the command which has to be run by sudo is :-

sudo pmset repeat wakeorpoweron S 09:00:00 shutdown S 21:00:00

You can check that is set correctly using % pmset -g sched

% pmset -g sched                                                
Repeating power events:
  wakepoweron at 9:00AM Saturday
  shutdown at 9:00PM Saturday
...

And for another Mac I want the machine to wake each morning in time for my morning routine.

% sudo pmset repeat wakeorpoweron MTWRFSU 09:00:00 shutdown MSU 18:30:00                  
% pmset -g sched                                                        
Repeating power events:
  wakepoweron at 9:00AM every day
  shutdown at 6:30PM Some days
...

Now that is set I can go ahead and configure my backup regime content that my machine will be up all day Saturday to run it. That's another story..

  1. Create/Edit Budgets/Alerts in Google Cloud Billing
  2. New Cassette recorders in 2025
  3. Backing up Windows 11
  4. System Settings in macOS
  5. FREE Windows web server with a Lets Encrypt SSL certificate in AWS
  6. AWS Organizations SCP setup to restrict regions
  7. Virgin Media network issues debugging
  8. MS Teams for Mac computers with Apple silicon
  9. Amazon Web Services S3 and Organisations
  10. The dead Macs walking — Mac computers you shouldn't buy
  11. Android 13 pushed to AOSP
  12. Using Raspberry Pi Imager on macOS

Page 27 of 41

Popular articles

Recent articles

Popular Topics

My Blog