All

Add times and timezones to your RSS feeds

Please do not forget to add timezone to your RSS feeds.

No-one wants to see the posts written at 00:00:00 or in the future relative to when they read it.

This is just a reminder/placeholder/quick note.

See more at:

perlbrew installation and usage

Installation

Copy & paste this line into your terminal.

\curl -L https://install.perlbrew.pl | bash

Then, execute following line:

echo "source ~/perl5/perlbrew/etc/bashrc" >> ~/.profile

Then, open new shell and you can start working with perlbrew in there.

All files will be installed in ~/perl5/perlbrew/, and it will use that directory and subdirectories.

Basic usage

Get a list of available perls you can use:

perlbrew available

Install some version of perl:

perlbrew install perl-5.36.1

It will compile that perl version and install it within ~/perl5/perlbrew/ subdirectory.

It will take some time (around 21 minutes at my laptop), and it will take 324M of disk space.

Now you can list all installed perl versions:

perlbrew list

To switch to specific version you can use command switch:

perlbrew switch perl-5.36.1

To execute the script with another version of perl, but not switching to it completely:

perlbrew exec --with perl-5.40.0 perl myprogram.pl

To run the script with specific version of perl from cron, use the following:

* * * * * PERLBREW_ROOT=$HOME/perl5/ ~/perl5/perlbrew/bin/perlbrew exec --with perl-5.36.1 ~/myprogram.pl

For more on cron tips, see: http://johnbokma.com/blog/2019/03/08/running-a-perl-program-via-cron.html

To return back to system perl version, you can switch it off:

perlbrew switch-off

For additional help:

perlbrew -h
perlbrew help

See more: https://perlbrew.pl/

See also: https://github.com/tokuhirom/plenv

Watched: AINBO: Spirit of the Amazon (2021)

Length: 1h 24m

Getafix/Panoramix decides it's time to pass the magic potion recipe on to a young, trustworthy druid. He looks all over Gaul with Asterix and Obelix as Demonix is out to get the recipe.

When Getafix/Panoramix fell the high tree and broke his foot, he decided it's time to pass the magic potion receipt on to a young droid. All men went on the adventure of finding the good, trustworthy druid.

Women are left to protect the village.

_postfile
content
When Getafix/Panoramix fell the high tree and broke his foot, he decided it's time to pass the magic potion receipt on to a young droid. All men went on the adventure of finding the good, trustworthy druid. Women are left to protect the village.
date
1674734147
day
26
description
When Getafix/Panoramix fell the high tree and broke his foot, he decided it's time to pass the magic potion receipt on to a young droid. All men went on the adventure of finding the good, trustworthy druid.
filename
asterix-the-secret-of-the-magic-potion.md
filepath
movies/asterix-the-secret-of-the-magic-potion
hour
12
image
asterix-the-secret-of-the-magic-potion.jpg
language
english
length
1h 24m
link
https://www.imdb.com/title/tt8001346/
links
https://www.imdb.com/title/tt8001346/, https://en.wikipedia.org/wiki/Asterix:_The_Secret_of_the_Magic_Potion
minute
55
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026ee04990)
prev
HASH(0x56026ee0adb8)
second
47
sinhronizovan
da
sourcedir
posts/movies/asterix-the-secret-of-the-magic-potion/
summary
Getafix/Panoramix decides it's time to pass the magic potion recipe on to a young, trustworthy druid. He looks all over Gaul with Asterix and Obelix as Demonix is out to get the recipe.
tags
movie
title
Watched: AINBO: Spirit of the Amazon (2021)
trailer
https://www.imdb.com/video/vi742636569/
trailer-image
trailer.jpg
type
movie
url
/watched-ainbo-spirit-of-the-amazon-2021.html
url_name
watched-ainbo-spirit-of-the-amazon-2021.html
url_path
/
year
2023
Bookmarked Feeds (ascraeus.org)

"Before newsletters and social networks there was RSS, a tool that helped us keep up to date with our favorite websites.

...even bloggers began chasing clicks and page-views...

RSS still exists.

The Open Web isn’t just a dream or a memory, it is all around us. Time to take back what’s ours."

- Daniel Goldsmith

Published at: Wed, 08 Apr 2020 11:58:39 +0200

_postfile
aimage
2023-01-13-124440.jpg
aimage_title
Image from https://pickupimage.com/free-photos/Social-Media-Keyboard/2342314
content
> "Before newsletters and social networks there was RSS, a tool that helped us keep up to date with our favorite websites. > > ...even bloggers began chasing clicks and page-views... > > RSS still exists. > > The Open Web isn’t just a dream or a memory, it is all around us. Time to take back what’s ours." > > \- Daniel Goldsmith
date
1673610280
day
13
description
> "Before newsletters and social networks there was RSS, a tool that helped us keep up to date with our favorite websites. > > ...even bloggers began chasing clicks and page-views... > > RSS still exists. > > The Open Web isn’t just a dream or a memory, it is all around us. Time to take back what’s ours." > > \- Daniel Goldsmith
domain
ascraeus.org
filename
2023-01-13-124440.md
filepath
bookmarks
hour
12
link
https://ascraeus.org/page/feeds/
minute
44
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026edcd490)
prev
HASH(0x56026ed21288)
published
Wed, 08 Apr 2020 09:58:39 GMT
second
40
slug
124440
sourcedir
posts/bookmarks/
tags
bookmarks, rss
title
Feeds
type
bookmark
url
/bookmarks/2023/01/13/124440/index.html
url_name
index.html
url_path
/bookmarks/2023/01/13/124440
year
2023
Bookmarked Online tool: Find a book to read (findabooktoread.com)

"Enter your favorite book, and get a list of suggested books to read.

These book picks are based on genres to achieve the best book suggestions."

_postfile
content
> "Enter your favorite book, and get a list of suggested books to read. > > These book picks are based on genres to achieve the best book suggestions."
date
1673523936
day
12
description
> "Enter your favorite book, and get a list of suggested books to read. > > These book picks are based on genres to achieve the best book suggestions."
domain
findabooktoread.com
filename
2023-01-12-124536.md
filepath
bookmarks
hour
12
image
2023-01-12-124536.jpg
image_title
General library image: The Leeds Library, Yorkshire, England
link
https://findabooktoread.com/
minute
45
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026ee0adb8)
prev
HASH(0x56026eded818)
second
36
slug
124536
sourcedir
posts/bookmarks/
tags
bookmarks, books
title
Online tool: Find a book to read
type
bookmark
url
/bookmarks/2023/01/12/124536/index.html
url_name
index.html
url_path
/bookmarks/2023/01/12/124536
year
2023
Bookmarked Bring Back Blogs! January 2023 (bringback.blog)

"Can we all bring back blogging, together? Artists, writers, inventors, tinkerers, illustrators, designers—all makers are welcome here.

... Why RSS? Rss is truly decentralized. Readers can then subscribe in aggregate to all the feeds they love best, and read the content in one place with a service like Feedly or Old Reader. And there's no need to point them to a specific RSS feed. Most of these services only need the URL of your blog or newsletter.

... towards a decentralized, curated, diverse creative collective—just one interesting corner of the internet where we can all pool our networks to lift us all up."

- Ash and Ryan

Published at: Wed, 28 Dec 2022 22:59:48 +0100

_postfile
content
> "Can we all bring back blogging, together? Artists, writers, inventors, tinkerers, illustrators, designers—all makers are welcome here. > > ... Why RSS? Rss is truly decentralized. > Readers can then subscribe in aggregate to all the feeds they love best, and read the content in one place with a service like Feedly or Old Reader. And there's no need to point them to a specific RSS feed. Most of these services only need the URL of your blog or newsletter. > > ... towards a decentralized, curated, diverse creative collective—just one interesting corner of the internet where we can all pool our networks to lift us all up." > > \- Ash and Ryan
date
1673508192
day
12
description
> "Can we all bring back blogging, together? Artists, writers, inventors, tinkerers, illustrators, designers—all makers are welcome here. > > ... Why RSS? Rss is truly decentralized. > Readers can then subscribe in aggregate to all the feeds they love best, and read the content in one place with a service like Feedly or Old Reader. And there's no need to point them to a specific RSS feed. Most of these services only need the URL of your blog or newsletter. > > ... towards a decentralized, curated, diverse creative collective—just one interesting corner of the internet where we can all pool our networks to lift us all up." > > \- Ash and Ryan
domain
bringback.blog
filename
2023-01-12-082312.md
filepath
bookmarks
hour
08
link
https://bringback.blog/
minute
23
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026ed21288)
prev
HASH(0x56026ee0bb08)
published
Wed, 28 Dec 2022 21:59:48 GMT
second
12
slug
082312
sourcedir
posts/bookmarks/
tags
bookmarks, blogging, rss
title
Bring Back Blogs! January 2023
type
bookmark
url
/bookmarks/2023/01/12/082312/index.html
url_name
index.html
url_path
/bookmarks/2023/01/12/082312
year
2023
Bookmarked Return to Blogging - Christopher P. Long (cplong.org)

"A new year brings new calls for a return to personal blogging as an antidote to the toxic and extractive systems of social media. Giving our attention and creative content to major social media corporations has always been a dubious undertaking, although for a long time, that didn't stop me from adopting Facebook and Twitter early as possible places to build community."

- Christopher P. Long

_postfile
author
Christopher P. Long
content
> "A new year brings new calls for a return to personal blogging as an antidote to the toxic and extractive systems of social media. Giving our attention and creative content to major social media corporations has always been a dubious undertaking, although for a long time, that didn't stop me from adopting Facebook and Twitter early as possible places to build community." > > \- Christopher P. Long
date
1673489226
day
12
description
> "A new year brings new calls for a return to personal blogging as an antidote to the toxic and extractive systems of social media. Giving our attention and creative content to major social media corporations has always been a dubious undertaking, although for a long time, that didn't stop me from adopting Facebook and Twitter early as possible places to build community." > > \- Christopher P. Long
domain
cplong.org
filename
2023-01-12-030706.md
filepath
bookmarks
hour
03
image
2023-01-12-030706.jpg
link
https://cplong.org/2023/01/return-to-blogging/
minute
07
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026eded818)
prev
HASH(0x56026eded848)
second
06
slug
030706
sourcedir
posts/bookmarks/
tags
bookmarks, blogging
title
Return to Blogging - Christopher P. Long
type
bookmark
url
/bookmarks/2023/01/12/030706/index.html
url_name
index.html
url_path
/bookmarks/2023/01/12/030706
year
2023
Bookmarked Aaron Swartz - 10 Years Away From Us - Digging the Digital (diggingthedigital.com)

"Today is the 10th anniversary of the death of Aaron Swartz, The Internet's Own Boy. Aaron Swartz was a writer, programmer, web activist and political organizer."

_postfile
content
> "Today is the 10th anniversary of the death of Aaron Swartz, The Internet's Own Boy. Aaron Swartz was a writer, programmer, web activist and political organizer."
date
1673401682
day
11
description
> "Today is the 10th anniversary of the death of Aaron Swartz, The Internet's Own Boy. Aaron Swartz was a writer, programmer, web activist and political organizer."
domain
diggingthedigital.com
filename
2023-01-12-024802.md
filepath
bookmarks
hour
02
image
2023-01-12-024802.jpg
link
https://diggingthedigital.com/aaron-swartz-10-jaar-uit-ons-midden/
minute
48
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026ee0bb08)
prev
HASH(0x56026ee10928)
second
02
slug
024802
sourcedir
posts/bookmarks/
tags
bookmarks
title
Aaron Swartz - 10 Years Away From Us - Digging the Digital
type
bookmark
url
/bookmarks/2023/01/11/024802/index.html
url_name
index.html
url_path
/bookmarks/2023/01/11/024802
year
2023
Liked The Year of the Personal Website · Matthias Ott – User Experience Designer by

"So how about we make 2023 the year of the personal website? The year in which we launch our first site or redesign our old one, publish a little more often, and add RSS and Webmentions to our websites so that we can write posts back and forth. The year we make our sites more fussy, more quirky, and more personal. The year we document what we improved, share what we learned, and help each other getting started. The year we finally create a community of critical mass around all our personal websites. The year we take back our Web.

I'll start tonight."

- Matthias Ott

Published at: Fri, 06 Jan 2023 20:01:00 +0100

_postfile
author
Matthias Ott
author_image
2023-01-10-133305.jpg
content
> "So how about we make 2023 the year of the personal website? The year in which we launch our first site or redesign our old one, publish a little more often, and add RSS and Webmentions to our websites so that we can write posts back and forth. The year we make our sites more fussy, more quirky, and more personal. The year we document what we improved, share what we learned, and help each other getting started. The year we finally create a community of critical mass around all our personal websites. The year we take back our Web. > > I'll start tonight." > > \- Matthias Ott
date
1673353985
day
10
description
> "So how about we make 2023 the year of the personal website? The year in which we launch our first site or redesign our old one, publish a little more often, and add RSS and Webmentions to our websites so that we can write posts back and forth. The year we make our sites more fussy, more quirky, and more personal. The year we document what we improved, share what we learned, and help each other getting started. The year we finally create a community of critical mass around all our personal websites. The year we take back our Web. > > I'll start tonight." > > \- Matthias Ott
domain
matthiasott.com
filename
2023-01-10-133305.md
filepath
bookmarks/test3
hour
13
link
https://matthiasott.com/notes/the-year-of-the-personal-website
minute
33
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026eded848)
prev
HASH(0x56026eded7e8)
published
2023-01-06 20:01:00
second
05
slug
133305
sourcedir
posts/bookmarks/test3/
tags
bookmarks
title
The Year of the Personal Website · Matthias Ott – User Experience Designer
type
like
url
/bookmarks/2023/01/10/133305/index.html
url_name
index.html
url_path
/bookmarks/2023/01/10/133305
year
2023
Bookmarked Welcome to the RSS Club! | Kev Quirk (kevquirk.com)

"Welcome to the RSS Club. If you can read this, you’re part of my secret society."

-

_postfile
author
Kev Quirk
content
> "Welcome to the RSS Club. If you can read this, you’re part of my secret society." > > \-
date
1673319233
day
10
description
> "Welcome to the RSS Club. If you can read this, you’re part of my secret society." > > \- Kev Quirk
domain
kevquirk.com
filename
2023-01-10-035353.md
filepath
bookmarks/test
hour
03
image
2023-01-10-035353.jpg
link
https://kevquirk.com/welcome-to-rss-club/
minute
53
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026ee10928)
prev
HASH(0x56026edf7e20)
second
53
slug
035353
sourcedir
posts/bookmarks/test/
tags
bookmarks
title
Welcome to the RSS Club! | Kev Quirk
type
bookmark
url
/bookmarks/2023/01/10/035353/index.html
url_name
index.html
url_path
/bookmarks/2023/01/10/035353
year
2023
> "I write almost everything important in my life
thoughts, plans, notes, diaries, correspondence, code, articles, and entire books."
_postfile
content
date
1673276159
day
09
domain
sive.rs
filename
2023-01-09-155559.md
filepath
bookmarks/test
hour
15
image
2023-01-09-155559.jpg
link
https://sive.rs/plaintext
minute
55
month
01
month_name
January
next
HASH(0x56026eded7e8)
prev
HASH(0x56026edf7b50)
second
59
slug
155559
sourcedir
posts/bookmarks/test/
tags
bookmarks
title
Write plain text files | Derek Sivers
type
bookmark
url
/bookmarks/2023/01/09/155559/index.html
url_name
index.html
url_path
/bookmarks/2023/01/09/155559
year
2023

Watched: Ready Player One (2018)

Length: 2h 20m

The film is set in 2045, with the world on the brink of chaos and collapse. But, the people have found salvation in the OASIS, virtual-reality world, where they spend whole awake time. When game creator James Halliday dies, he leaves this immense fortune to the first person who find a digital Easter Egg within a game. Five-members teen team is fighting evil corporation IOI (Innovative Online Indutries), who seek to control OASIS themselves.

Rating: PG-13. When they are finding the second key, there are some Stephen King horror movie scenes. Everything else is fun and good for 9-year old.

It looks like 2045 is moved here in 2022, and its virtual reality world, drones, distant social friends, really matches today games (like Fortnite) and social networks, having us feel like it is not distant 2045, but like everything is happening now, somewhere out there. 2h20m passed so fast, waiting for what will happen next. Steven Spielberg production.

_postfile
content
Rating: PG-13. When they are finding the second key, there are some Stephen King horror movie scenes. Everything else is fun and good for 9-year old. It looks like 2045 is moved here in 2022, and its virtual reality world, drones, distant social friends, really matches today games (like Fortnite) and social networks, having us feel like it is not distant 2045, but like everything is happening now, somewhere out there. 2h20m passed so fast, waiting for what will happen next. Steven Spielberg production.
date
1673215994
day
08
description
Rating: PG-13. When they are finding the second key, there are some Stephen King horror movie scenes. Everything else is fun and good for 9-year old.
filename
ready-player-one.md
filepath
movies/ready-player-one
hour
23
image
readyplayerone.jpg
language
english
length
2h 20m
link
https://www.imdb.com/title/tt1677720/
links
https://www.imdb.com/title/tt1677720/, https://en.wikipedia.org/wiki/Ready_Player_One_(film), https://www.warnerbros.com/movies/ready-player-one
minute
13
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026edf7e20)
prev
HASH(0x56026edc1d00)
second
14
sinhronizovan
ne
sourcedir
posts/movies/ready-player-one/
summary
The film is set in 2045, with the world on the brink of chaos and collapse. But, the people have found salvation in the OASIS, virtual-reality world, where they spend whole awake time. When game creator James Halliday dies, he leaves this immense fortune to the first person who find a digital Easter Egg within a game. Five-members teen team is fighting evil corporation IOI (Innovative Online Indutries), who seek to control OASIS themselves.
tags
movie
title
Watched: Ready Player One (2018)
trailer
https://www.youtube.com/watch?v=cSp1dM2Vj48
trailer-image
trailer.jpg
type
movie
url
/watched-ready-player-one-2018.html
url_name
watched-ready-player-one-2018.html
url_path
/
year
2023
Bookmarked Blogs of Indieweb.xyz (indieweb.xyz)

Blogs of Indieweb.xyz

This is a directory of the blogs that have posted here. I'm hoping to build a good directory of Indieweb blogs by topic. If you want to be listed, simply send a Webmention!

_postfile
content
> Blogs of Indieweb.xyz > > This is a directory of the blogs that have posted here. > I'm hoping to build a good directory of Indieweb blogs by topic. > If you want to be listed, simply send a Webmention!
date
1672916161
day
05
description
> Blogs of Indieweb.xyz > > This is a directory of the blogs that have posted here. > I'm hoping to build a good directory of Indieweb blogs by topic. > If you want to be listed, simply send a Webmention!
domain
indieweb.xyz
filename
2023-01-05-115601.md
filepath
bookmarks
hour
11
link
https://indieweb.xyz/blogs/en
minute
56
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026edf7b50)
prev
HASH(0x56026edd5ca8)
second
01
slug
115601
sourcedir
posts/bookmarks/
tags
bookmarks, indieweb
title
Blogs of Indieweb.xyz
type
bookmark
url
/bookmarks/2023/01/05/115601/index.html
url_name
index.html
url_path
/bookmarks/2023/01/05/115601
year
2023

Watched: AINBO: Spirit of the Amazon (2021)

Length: 1h 24m

In the spirit of Moana and Frozen, 'Ainbo - Spirit of the Amazon' is the epic journey of a young hero and her Spirit Guides, "Dillo" a cute and humorous armadillo and "Vaca" a goofy oversized tapir, who embark on a quest to save their home in the spectacular Amazon Rainforest.

We enjoyed the movie!

_postfile
content
We enjoyed the movie!
date
1672653379
day
02
description
We enjoyed the movie!
filename
ainbo-spirit-of-the-amazon.md
filepath
movies/ainbo
hour
10
image
ainbo.jpg
language
english
length
1h 24m
link
https://www.imdb.com/title/tt6570098/
links
https://www.imdb.com/title/tt6570098/, https://en.wikipedia.org/wiki/Ainbo:_Spirit_of_the_Amazon
minute
56
minutes_to_read
1
month
01
month_name
January
next
HASH(0x56026edc1d00)
prev
HASH(0x56026ee04df8)
second
19
sinhronizovan
da
sourcedir
posts/movies/ainbo/
summary
In the spirit of Moana and Frozen, 'Ainbo - Spirit of the Amazon' is the epic journey of a young hero and her Spirit Guides, "Dillo" a cute and humorous armadillo and "Vaca" a goofy oversized tapir, who embark on a quest to save their home in the spectacular Amazon Rainforest.
tags
movie
title
Watched: AINBO: Spirit of the Amazon (2021)
trailer
https://www.imdb.com/video/vi2533605401/?playlistId=tt6570098
trailer-image
trailer.jpg
type
movie
url
/watched-ainbo-spirit-of-the-amazon-2021.html
url_name
watched-ainbo-spirit-of-the-amazon-2021.html
url_path
/
year
2023
Bookmarked Ryan Voots [blogs.perl.org] (blogs.perl.org)

A while back I bought the https://perl.social/ domain without much immediate use for it.... ... I started setting up an activitypub based network to take the place of the twitter community in the advent that there was an exodus of Perl programmers from twitter. That seems to have been happening so I finally kicked into gear to get it ready for use.

"https://perl.social/ should show you the public face of the community, (if it doesn't let me know). In the upper right you'll find the login button, and can register a new user. Once registered, like all fediverse things you'll be able to be followed by people as such @username@perl.social and can follow other users on other servers by putting them in the search box at the top and then following them." - Ryan Voots

_postfile
content
> A while back I bought the https://perl.social/ domain without much immediate use for it.... > ... I started setting up an activitypub based network to take the place of the twitter community in the advent that there was an exodus of Perl programmers from twitter. That seems to have been happening so I finally kicked into gear to get it ready for use. > > "https://perl.social/ should show you the public face of the community, (if it doesn't let me know). > In the upper right you'll find the login button, and can register a new user. > Once registered, like all fediverse things you'll be able to be followed by people as such @username@perl.social and can follow other users on other servers by putting them in the search box at the top and then following them." > - Ryan Voots
date
1671408712
day
19
description
> A while back I bought the https://perl.social/ domain without much immediate use for it.... > ... I started setting up an activitypub based network to take the place of the twitter community in the advent that there was an exodus of Perl programmers from twitter. That seems to have been happening so I finally kicked into gear to get it ready for use. > > "https://perl.social/ should show you the public face of the community, (if it doesn't let me know). > In the upper right you'll find the login button, and can register a new user. > Once registered, like all fediverse things you'll be able to be followed by people as such @username@perl.social and can follow other users on other servers by putting them in the search box at the top and then following them." > - Ryan Voots
domain
blogs.perl.org
filename
2022-12-19-01:11:52.md
filepath
bookmarks
hour
01
link
https://blogs.perl.org/users/ryan_voots/2022/12/perl-fediverse-network.html
minute
11
minutes_to_read
1
month
12
month_name
December
next
HASH(0x56026edd5ca8)
prev
HASH(0x56026ede0d18)
second
52
slug
01:11:52
sourcedir
posts/bookmarks/
tags
bookmarks, perl, fediverse, mastodon
title
Ryan Voots [blogs.perl.org]
type
bookmark
url
/bookmarks/2022/12/19/011152/index.html
url_name
index.html
url_path
/bookmarks/2022/12/19/011152
year
2022
Bookmarked Apps that let you control your data (0data.app)

Zero Data Apps.

Own your data, all of it. Apps that let you control your data.

_postfile
content
> Zero Data Apps. > > Own your data, all of it. > Apps that let you control your data.
date
1671238645
day
17
description
> Zero Data Apps. > > Own your data, all of it. > Apps that let you control your data.
domain
0data.app
filename
2022-12-17-01:57:25.md
filepath
bookmarks
hour
01
link
https://0data.app/
minute
57
minutes_to_read
1
month
12
month_name
December
next
HASH(0x56026ee04df8)
prev
HASH(0x56026edc6f08)
second
25
slug
01:57:25
sourcedir
posts/bookmarks/
tags
bookmarks, apps
title
Apps that let you control your data
type
bookmark
url
/bookmarks/2022/12/17/015725/index.html
url_name
index.html
url_path
/bookmarks/2022/12/17/015725
year
2022
Bookmarked The XMLHttpRequest Definitive guide (www.giacintocarlucci.it)

The XMLHttpRequest Definitive guide

Stop searching and read this.

_postfile
content
> The XMLHttpRequest Definitive guide > > Stop searching and read this.
date
1671234982
day
17
description
> The XMLHttpRequest Definitive guide > > Stop searching and read this.
domain
www.giacintocarlucci.it
filename
2022-12-17-00:56:22.md
filepath
bookmarks
hour
00
link
https://www.giacintocarlucci.it/docs/blog/2020-20-03_the-xmlhttprequest-definitive-guide/
minute
56
minutes_to_read
1
month
12
month_name
December
next
HASH(0x56026ede0d18)
prev
HASH(0x56026edcd010)
second
22
slug
00:56:22
sourcedir
posts/bookmarks/
tags
bookmarks, javascript
title
The XMLHttpRequest Definitive guide
type
bookmark
url
/bookmarks/2022/12/17/005622/index.html
url_name
index.html
url_path
/bookmarks/2022/12/17/005622
year
2022
Bookmarked Writing a Damn Good README File (flower.codes)

Raise your hand if you've ever read a README file. Now, keep that hand raised if you've ever written a README file. I'm going to take a shot in the dark and assume that your hand is still raised; at least, it's raised in spirit, since you probably refuse to flail your arms about like a crazy person just because I tell you to. After code comments, the README file is one of the most ubiquitous forms of documentation found in software development today. While not every source code repository has a README, it's a good bet that every successful one does.

_postfile
content
> Raise your hand if you've ever read a README file. > Now, keep that hand raised if you've ever written a README file. > I'm going to take a shot in the dark and assume that your hand is still raised; at least, it's raised in spirit, since you probably refuse to flail your arms about like a crazy person just because I tell you to. > After code comments, the README file is one of the most ubiquitous forms of documentation found in software development today. > While not every source code repository has a README, it's a good bet that every successful one does.
date
1671232684
day
17
description
> Raise your hand if you've ever read a README file. > Now, keep that hand raised if you've ever written a README file. > I'm going to take a shot in the dark and assume that your hand is still raised; at least, it's raised in spirit, since you probably refuse to flail your arms about like a crazy person just because I tell you to. > After code comments, the README file is one of the most ubiquitous forms of documentation found in software development today. > While not every source code repository has a README, it's a good bet that every successful one does.
domain
flower.codes
filename
2022-12-17-00:18:04.md
filepath
bookmarks
hour
00
link
http://flower.codes/2020/02/05/write-a-readme.html
minute
18
minutes_to_read
1
month
12
month_name
December
next
HASH(0x56026edc6f08)
prev
HASH(0x56026edccc80)
second
04
slug
00:18:04
sourcedir
posts/bookmarks/
tags
bookmarks, documentation, README
title
Writing a Damn Good README File
type
bookmark
url
/bookmarks/2022/12/17/001804/index.html
url_name
index.html
url_path
/bookmarks/2022/12/17/001804
year
2022
Bookmarked My Top 10 Favorite Movie Hackers (buzzert.net)

"In the 1990’s and early 2000’s, there seemed to be a great trend in Hollywood of depicting hacker characters, even in movies that weren’t strictly technology or cyberpunk themed. I absolutely love when these characters appear in movies, and I thought I’d collect a few of my favorites here."

− My Top 10 Favorite Movie Hackers

_postfile
content
> "In the 1990’s and early 2000’s, there seemed to be a great trend in Hollywood of depicting hacker characters, even in movies that weren’t strictly technology or cyberpunk themed. I absolutely love when these characters appear in movies, and I thought I’d collect a few of my favorites here." > >− My Top 10 Favorite Movie Hackers
date
1671108548
day
15
description
> "In the 1990’s and early 2000’s, there seemed to be a great trend in Hollywood of depicting hacker characters, even in movies that weren’t strictly technology or cyberpunk themed. I absolutely love when these characters appear in movies, and I thought I’d collect a few of my favorites here." > >− My Top 10 Favorite Movie Hackers
domain
buzzert.net
filename
2022-12-15-13:49:08.md
filepath
bookmarks
hour
13
link
https://buzzert.net/posts/2019-03-27-moviehackers
minute
49
minutes_to_read
1
month
12
month_name
December
next
HASH(0x56026edcd010)
prev
HASH(0x56026ee07b48)
second
08
slug
13:49:08
sourcedir
posts/bookmarks/
tags
bookmarks, hackers, hackersculture
title
My Top 10 Favorite Movie Hackers
type
bookmark
url
/bookmarks/2022/12/15/134908/index.html
url_name
index.html
url_path
/bookmarks/2022/12/15/134908
year
2022
Bookmarked 2021/Düsseldorf - IndieWeb (indieweb.org)

Here you can find posts and documents regarding 2021/Dusseldorf IndieWebCamp.

_postfile
content
Here you can find posts and documents regarding 2021/Dusseldorf IndieWebCamp.
date
1671030278
day
14
description
Here you can find posts and documents regarding 2021/Dusseldorf IndieWebCamp.
domain
indieweb.org
filename
2022-12-14-16:04:38.md
filepath
bookmarks
hour
16
link
https://indieweb.org/2021/D%C3%BCsseldorf
minute
04
minutes_to_read
1
month
12
month_name
December
next
HASH(0x56026edccc80)
prev
HASH(0x56026edc6140)
second
38
slug
16:04:38
sourcedir
posts/bookmarks/
tags
bookmarks, indieweb, comment
title
2021/Düsseldorf - IndieWeb
type
bookmark
url
/bookmarks/2022/12/14/160438/index.html
url_name
index.html
url_path
/bookmarks/2022/12/14/160438
year
2022

How to use GPG key with Indieweb login

In reply to: https://indieauth.com/pgp

Here are the steps I did to make it working. Someone might find this useful.

1. Create pulic key: public.gpg

gpg --export --armor --output public.gpg nedzad@nedzadhrnjica.com

Upload file 'public.gpg' to root of your site.

Edit index.html and add following line in "...'

<link rel="pgpkey" href="/public.pgp">

2. Open site: https://indielogin.com

3. Login with your domain name: https://nedzadhrnjica.com

3. Choose login using GPG

4. Copy text from popup

5. create signature

cat | gpg --sign --armor --local-user nedzad@nedzadhrnjica.com

copy signature, including "-----BEGIN PGP MESSAGE----- ... -----END PGP MESSAGE-----"

NOTE: If you got an error 'gpg: signing failed: Invalid IPC response', add '--pinentry-mode loopback' to cli, like this:

So, the new command in case of that error would be:

cat | gpg --sign --armor --local-user nedzad@nedzadhrnjica.com --pinentry-mode loopback

copy signature, including "-----BEGIN PGP MESSAGE----- ... -----END PGP MESSAGE-----"

6. paste in popup, replacing existing text

7. click 'Verify' button

That's it.

GTD 1 2 3 ... engage!

Everything looks great with GTD until it is time to engage.

Sometimes you forget to look at your next actions list. Sometimes you simply cannot start. Wondering around about what to do next, you default to do some unimportant unproductive stuff, not related to anything you want. You end up stressed, depressed, and tired.

1. Build a routine of engaging!

Force yourself into engaging, at least once a day, at least with one item.

Block 15 minutes a day in your calendar, simply to engage on one item from your next actions list. It could be more than 15 minutes a day, it can be more than 1 task. But, keep that to a minimum. And do it for several weeks.

You forget to look at the calendar? Write it down on post-it note, or a plain piece of paper, and put it in front of you. Make it bother you everywhere you go. Make it bother you all the way until you complete that one item.

Write on it: "Take that one next step! Now! Only one!"

Remember, you do not need to take all of the steps, and all of the projects, and all of the actions. Just that one single step.

You are just developing a new habit to go to the place where you keep your next actions and actually work on them. Eventually, in time, you will automatically go there and do things (without a need for your calendar block time alarm, or your note reminder).

You should teach yourself to look at your next actions list every time you are idle/boring/doing nothing. Just look at the list and choose the appropriate task from the list. Yes, even "relax/recharge for 15 minutes" can be a valid task!

To start with engaging, force yourself to engage with GTD for at least 15 minutes a day. No more. Build routine. After some time, you will jump on your GTD next actions list without thinking.

The whole point of GTD is that when you get a few minutes, even unexpectedly, you can get something done. You will simply jump to the next actions list, and do some.

Once you are there, it would be easier to avoid defaulting to none. But, if your list is huge...

2. Split your huge list into smaller lists, more manageable.

If there are too many tasks on your list, and you cannot decide which one to take on (all of them are too important), the best way you can do is to split them into smaller, more manageable, sublists.

Find out if can you group them into similar subtasks, or split them into sub contexts.

E.g. if you have a list of tasks related to the computer, you can group them into subtasks:

  • email related list of tasks
  • spreadsheet related list of tasks
  • computer management list of tasks (disk cleaning, files organizing, ...)
  • ...

But, do remember to look at them!

For this, it would be great to have a general (top-level) list of lists to look at. Having a list of your next action contexts is good to go. So, you will first look at your list of contexts, and then select in which context you are now, then choose the subcontext you want to work from, then check the tasks that you can do within that subcontext.

3. Clarify tasks you are avoiding.

Even then, you can avoid doing some tasks. Why? You should clarify exactly what it means.

Do you want to call someone, email someone, or write to someone? That is great indecision that can give you some hard mental headache.

You should get down to an exact physical next action you should do, without a need for any additional thinking.

This post is influenced by: Youtube / GTD Engage - Productivity Tips and Tricks by Janet Riley / GTD Focus

How to run perl from index.php

Sometimes you need to run a simple perl script, but your webhosting is configured to look for index.php only. Here is the way to get it through:

Edit index.php

<?php
foreach ($_SERVER as $key => $value) { putenv("$key=$value"); }
foreach ($_GET as $key => $value)    { putenv("GET_$key=".escapeshellarg($value)); }
foreach ($_POST as $key => $value)   { putenv("POST_$key=".escapeshellarg($value)); }

echo shell_exec('perl index.pl 2>&1');

Create your index.pl

#!/usr/bin/perl

use Data::Dumper; $Data::Dumper::Sortkeys = 1;

print "Done.\n";

print Dumper( \@INC );
print Dumper( \%ENV );

Conclusion

All $_GET variables will be in GET_xxx environment variables.

All $_POST variables will be in POST_xxx environment variables.

ALL $_SERVER variables will be set as CGI environment variables.

This is 'out of head' document. It should be tested.

That's all.

how-to-restart-mysql-server-after-Out-of-Memory

On default Digital Ocean WordPress installation, sometimes you may find following error while opening website:

Error establishing a database connection

Looking in the /var/log/syslog, we have:

May 3 08:08:13 myDigitalOceanDroplet kernel: [391622.639370] Out of memory: Killed process 98542 (mysqld) total-vm:165880kB, anon-rss:59772kB, file-rss:2396kB, shmem-rss:0kB, UID:112 pgtables:276kB oom_score_adj:0

It happens usually when the Wordpress is installed on the lowest droplet size, and not tuned properly. A large number of requests through Apache web server causes the memory to be exhaused and system automatically kills processes, to stay alive. As a fast workaround, you can monitor the MySQL process every minute and restart it if/when needed.

So, how you will do this ?

Save this script to /root/monitor-mysqld-process.sh:

#!/bin/sh

TEST=$(/usr/bin/pgrep -a mysqld | grep -v $0)
if [ -z "$TEST" ]; then
        DATE=$(date)
        echo "$DATE Restarting mysql service..."
        /usr/sbin/service mysql start
fi

Run this script from cron, every minute:

* * * * * /root/monitor-mysqld-process.sh >> /tmp/cron.monitor-mysqld-process.txt 2>&1

And finally, monitor temporary log:

tail -F /tmp/cron.monitor-mysqld-process.txt

Tue May  3 08:17:02 UTC 2022 Restarting mysql service...

Online email server check

Here is a set of online tools you can use to check your email server configuration:

Google Admin Toolbox Check MX

Mail delivery check

Requires login:

Check SPAM score of your email message (copy/paste)

Additional services

New:

Updates

Save and edit vim macros

This is a way how to properly save/reuse macros recorded inside of a vim editor.

Use 'q' followed by a letter to record a macro. This just goes into one of the copy/paste registers, so you can paste it as normal with the "xp or "xP commands in normal mode.

To save it, you open up .vimrc and paste the content, then the register will be around the next time you start vim. The format is something like:

let @q='macro content'
  1. From normal mode: qq
  2. enter whatever commands
  3. From normal mode: q
  4. open .vimrc
  5. "qp to insert the macro into your let @q='...' line Maybe it is better to use CTRL+R CTRL+R q, to insert register content without interpreting it.

To insert special characters (like escape, ...), use CTRL-V <ESC>.

More examples:

:let @a="iHello World!\bye\"

You must use double quotes to be able to use special keys like in \<Esc>.

How to execute the current line as VIM command ?

To execute the current line as an ex command, you may use:

yy:@"

  1. Start recording macro: qq
  2. do whatever you want
  3. Stop recording macro: q
  4. Paste it in current document: <Shift+o>let @a='<CTRL+R><CTRL+R>q'
  5. Modify the macro the way you like it.
  6. Run it: yy:@" ( or yy:<Ctrl+R>"<Backspace> )

See: https://stackoverflow.com/questions/14385998/how-can-i-execute-the-current-line-as-vim-ex-commands/14386090

How to start developing fast using temporary git repositories

Very often I find myself working something on remote server, and wanting to have a remote .git repository of changes, but almost always I do not do it, because of the process of creating a new public key, adding it to the gitolite admin repository, ... A lot of steps.

Here is procedure on how to start .gitting as soon as possible, and once you have a 'free' time (usually near the end of the day), you can go through these steps in one sitting.

Important thing is to have it in .git as soon as possible. Thinking about permission, and public keys, we will left for later.

Here is the workflow.

User starts working on repository

cd project/
git init
git add -A .
git commit -m 'initial commit'
git push --set-upstream gitanon@git.nedzadhrnjica.com:test/this/is/my/repository master

You can now start working with your own repository:

  • edit file(s)
  • git add file(s)
  • git commit -m 'message about the change'
  • git push
  • repeat

Admin can review what new repositories are created

ssh git@git.nedzadhrnjica.com info test/

User can create new public key and start working privately on this repository

Give that user a key. A temporary key !

ssh-keygen
# IMPORTANT: use password!!!
cat ~/.ssh/id_rsa.pub
# TODO - How to easily send a .pub key ?

cp ~/.ssh/id_rsa.pub .
git add id_rsa.pub
git status
git commit -m 'added .pub for current user'
git status
git push

Now, send the .pub key to the admin. If you follow steps above, you added .pub key to repository, and it will be available for admin.

Note: It is important that any temporary key have a password added to it. We will rotate these files, and do not want to have some key is there for someone else to use.

Admin, adding user's temporary key to the system

cd ~/git/gitolite/git.nedzadhrnjica.com/
cd keydir/nedzadhrnjica/temp/
mkdir remoteserver.com/
cp user.pub remoteserver.com/nedzadhrnjica.pub
git add remoteserver.com/nedzadhrnjica.com
git commit -m 'added temporary key for server remoteserver.com'
git push

Admin, rename repository from temporary one into permanent/regular one

Clone test repository into real-one:

git clone git@git.nedzadhrnjica.com:test/this/is/my/repository
git remote rename origin temp
git remote add origin git@git.nedzadhrnjica.com:this/is/my/repository
git config branch.master.remote origin
git push

Remove test repository:

ssh git@git.nedzadhrnjica.com D unlock test/this/is/my/repository
ssh git@git.nedzadhrnjica.com D rm test/this/is/my/repository

Additionally, you can create temporary repostiory with an information where the project is actually moved:

git clone git@git.nedzadhrnjica.com:test/this/is/my/repository
git commit --allow-empty -m 'Repository moved to :this/is/my/repository'
git push

# Finally, remove local repository, since we do not need it anymore
rm -fr repository/

This temporary repository will be left 'hanging' on the server, until all its users (actually only you) stop using it. You can easily remove it later on with steps listed previously.

User, update repository to the new one listed by admin

Once you sent the .pub key to admin, and admin added it to the repository, you can now replace user in .git/config:

sed -ie 's/gitanon/git/' .git/config

And, continue working on your project.

Additional notes

When doing with .git repositories, always have all of them kept in the same local subdirectory:

~/git/*

This way, you will always have a list of all your repositories at one place, so you can easily review them, work on them, and improve them.

If you have projects in any other directories, you can always link from there to the git project into this subdirectory.

Make it a habit.

Do not even create 'temporary' .git repositories anywhere else. If you want to test something, create repository in ~/git/test/name and link this subdir to the place you are working with.

# create test repository

git init ~/git/test/123
ln -s ~/git/test/123 123
cd 123/

# work on it
vi notes.md
git add notes.md
git commit -m 'added notes.md'
git push

# finish testing, remove it
cd ..
rm 123/

# remote test repository,
# or do it later, if you have not time now, or want to get back to it later again
rm -fr ~/git/test/123/

Contact Forms 7 Not Sending Emails

I had a client that reached me with a problem of suddenly contact form from his website stopped sending emails.

Site is hosted on GoDaddy, and plugin used to send form is Contact Forms 7.

Funny issue here is that the form, after pressing the button 'Send', actually returns a green 'message sent' message to the web user.

Checking in the logs showed that the message was actually sent using local mail delivery / default. OK.

Trying to install WP SMTP and send message through SMTP, I found out that the ports 25, 465, and 587 are filtered out for sending email to remote SMTP server.

Sending test email using WP Test Mail is successful. Each and every time message reach the remote recipient.

After debugging and analyzing each and every part of sending email, the problem happened to be the body of the message itself. It contained manually entered full domain name ( https://domain.com ) of the user. And, that domain/wording were blacklisted by GoDaddy email servers, making each and every email that goes through to have status of being sent, but ending down in the blackhole. Removing just the mentioned URL ( https://domain.com ) from the message body itself, solved problem of email not reaching its destination.

Solved.

How to automatically update UFW with Cloudflare IPs

Code for /root/update-cloudflare-ufw.sh:

#!/bin/sh

# Update weekly:
# Add this script to cron, using 'crontab -e'
# 0 0 * * 1 /root/update-cloudflare-ufw.sh > /dev/null 2>&1

TEMPFILE="/root/tmp.cloudflare_ips.tmp"

curl -s https://www.cloudflare.com/ips-v4 -o "$TEMPFILE"
curl -s https://www.cloudflare.com/ips-v6 >> "$TEMPFILE"

## Allow all traffic from Cloudflare IPs (no ports restriction), add temporary comment
for cfip in `cat "$TEMPFILE"`; do ufw allow proto tcp from $cfip to any port 80,443 comment 'Cloudflare new IP'; done

# Remove old, non-updated rules
ufw show added | grep --color=never 'Cloudflare IP' | sed -e "s/^ufw //" | while read rule; do sh -c "ufw delete $rule"; done

# Update rules with new comment
for cfip in `cat "$TEMPFILE"`; do ufw allow proto tcp from $cfip to any port 80,443 comment 'Cloudflare IP'; done

ufw reload > /dev/null
## How to install

This script will maintain itself, automatically removing any old IPs or IP segments found within active rules.

Copy the script to /root/update-cloudflare-ufw.sh, and make it executable:

chomd +x /root/update-cloudflare-ufw.sh

Add it to cron, using crontab -e:

 0 0 * * 1 /root/update-cloudflare-ufw.sh > /dev/null 2>&1

Secure SSH access on your server

We will use knockd to hide SSH from scripting brute-force tools, wandering around the Internet.

Operating system used:

  • Ubuntu 18.04

Preparation

Install knockd

sudo apt install knockd
sudo systemctl enable knockd
sudo service knockd start

Configure knockd

After install, default open knock sequence is 7000,8000,9000. Default manually invited closing sequence is 9000,8000,7000.

We will remove these lines, and add our own setup. Do choose your own sequence.

This is my /etc/knockd.conf :

[options]
    UseSyslog
[SSH]
    sequence      = 23800,9258,29015
    seq_timeout   = 5
    start_command = ufw insert 1 allow from %IP% to any port 22
    tcpflags      = syn
    cmd_timeout   = 10
    stop_command  = ufw delete allow from %IP% to any port 22

This configures knockd to listen for connections on the 4 specified ports, within 5 seconds after each other. Once the sequence is completed, a hole is opened for 10 seconds using the given ufw commands.

Test

nc -w 1 server.example.com 23800
nc -w 1 server.example.com 9258
nc -w 1 server.example.com 29015

ssh server.example.com

Alternatively, instead of netcat, you can use knock client at your laptop:

knock -d 300 server.example.com 23800 9258 29015
ssh server.example.com

This process can be easily followed in /var/log/syslog:

Jan 30 13:40:17 test9 knockd: 80.80.47.198: SSH: Stage 1
Jan 30 13:40:18 test9 knockd: 80.80.47.198: SSH: Stage 2
Jan 30 13:40:19 test9 knockd: 80.80.47.198: SSH: Stage 3
Jan 30 13:40:19 test9 knockd: 80.80.47.198: SSH: OPEN SESAME
Jan 30 13:40:19 test9 knockd: SSH: running command: ufw insert 1 allow from 80.80.47.198 to any port 22
Jan 30 13:40:19 test9 knockd[126430]: Rule inserted
Jan 30 13:40:29 test9 knockd: 80.80.47.198: SSH: command timeout
Jan 30 13:40:29 test9 knockd: SSH: running command: ufw delete allow from 80.80.47.198 to any port 22
Jan 30 13:40:29 test9 knockd[126465]: Rule deleted

Disable existing OpenSSH rule, if any

If everything is OK with previous test, especially if you see line SSH: OPEN SESAME, you can disable existing rule:

sudo ufw delete allow OpenSSH

After these steps, you will be able to connect to your server, anytime you like, but will keep port 22 closed for any Internet-wide brute-force attack on your SSH.

All you need to do is to remember the port sequence!

Add international domain names support for qpsmtpd

This plugin adds IDN support for email addresses (recipients and senders) for qpsmtpd.

Short notes:

  • tested on qpsmtpd-0.96
  • based on

Download here.

Get new job lists from Upwork.com website

Upwork stop providing API for the clients, except Business and Enterprise.

Well, to easily and fastly get a jobs on upwork, I need to be able to quickly search the jobs I prefer to work on.

Here is fast scrapper to do so:

  1. Add javascriplet to the browser.

    Droplet will be use javascript code from:

    https://nedzadhrnjica.com/testupwork.js

  2. Open https://www.upwork.com/ab/find-work/ in fullscreen.

  3. Click on javascriplet

  4. Wait 30-60 seconds to get last 100 jobs from the list.

  5. They will be sent to the https://supremeadmin.com/upworkjobs

  6. You can review them on:

    /root/upworkjobs/databases/

How to use perl script with nginx

Sometimes you need to run a simple perl script, without a need to create a full perl web app. The easiest way is to use it using nginx+fcgiwrapper.

Install required software

apt intall nginx
apt install fcgiwrap

Configure nginx

/etc/nginx/sites-enabled/test.com.conf

location ~ \.pl$ {
  try_files $uri =404; # without this, we will get '403 Forbidden'
  fastcgi_param SCRIPT_NAME $fastcgi_script_name;
  fastcgi_pass unix:/var/run/fcgiwrap.socket;
  include fastcgi_params;

  # run it immediately, without buffering ....
  fastcgi_param NO_BUFFERING "1";
  fastcgi_keep_conn on;
}

Note:

Files .pl MUST BE in the path accessible by the nginx.

Buffering is active per-default. With current installation on Ubuntu, there is no way to disable buffering and enable streaming.

Example:

#!/usr/bin/perl

use strict;
use warnings;

# To enable buffering:
$|=1;
# tell browser, not to wait for content...
print "Content-Encoding: none\n";
print "Content-Type: text/html; charset=ISO-8859-1;\n";
print "\n\n";

print "<h1>Perl is working!</h1>\n";
sleep 1;
print "test2<br>\n";
sleep 2;
print "test3<br>\n";
sleep 3;
print "test4<br>\n";

Tested on:

  • system1:

    Ubuntu 20.04.1 LTS

    apt show fcgiwrap

    Version: 1.1.0-12

How to protect web form submissions ?

You should never trust user input. Always validate data on the server side.

SQL injections

The first line of defense against injections is using prepared statements. If you use prepared statements for your queries, then it really doesn't matter what the user puts into your form, because you have already separated code from data. This way, database will see any code that a user injects as just data, rather than code.

CSRF / Cross-site Request Forgery

Some ideas on protecting POST requests

https://perishablepress.com/protect-post-requests/

THINK ABOUT:

  • protect form from blank submission
  • do a data validation - on client side, on server side

Secure Programming

Secure programming is a way of writing codes in a software so that it is protected from all kinds of vulnerabilities, attacks or anything that can cause harm to the software or the system using it. Because it deals with securing the code, secure programming is also known as secure coding.

Secure code will help to prevent many cyber-attacks from happening because it removes the vulnerabilities many exploits rely on.

Secure coding is the practice of developing computer software in a way that guards against the accidental introduction of security vulnerabilities. Defects, bugs and logic flaws are consistently the primary cause of commonly exploited software vulnerabilities.

Autocomplete 'vi' in the middle of the title

Keep all the posts in the same directory. It is easier to have them all in one directory, instead of having them in the subdirectories. To edit it easily, you can use vi with bash autocomplete:

Instead of:

```vi 2020-12-23-something.md```

, you will be able to use:

```vi something<TAB>```

Add following into ~/.bashrc:

```
# autocomplete vi

_vi_middle_of_file_completion() {
  mapfile -t COMPREPLY < <( find . -maxdepth 1 -type f | grep --color=never -i "${COMP_WORDS[COMP_CWORD]}" )
}
complete -o nospace -F _vi_middle_of_file_completion vi
```

Rumbling

Sitting in the room

It is cute warm automn winter day. Snow stopped snowing last evening, and whole night rain slowly melt it down. This morning snowman was just a pale of snow on it.

Coffee is on the table, and light from bright clouds entering the room... Bottle with water is half-full. I drunk enough already.

How to enable sending scheduled email from OpenVAS on Kali ?

On default install of OpenVAS on Kali, email from scheduled tasks does not get sent. Here is the process of 2 steps on how to fix that.

There are 2 issues required to be solved with OpenVAS + Kali.

Versions used at this client:

root@kali:~# uname -a
Linux kali 4.13.0-kali1-amd64 #1 SMP Debian 4.13.10-1kali1 (2017-11-03) x86_64 GNU/Linux

root@kali:~# apt show openvas* | egrep "Package|Version"
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
Package: openvas
Version: 9~kali3
APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages
Package: openvas-manager
Version: 7.0.2-1
APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages
Package: openvas-scanner
Version: 5.1.1-2kali1
APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages
Package: openvas-cli
Version: 1.4.5-1+b1
APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages
Package: openvas-manager-common
Version: 7.0.2-1
APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages
Package: openvas-nasl
Version: 9.0.1-4
APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages
Package: openvas-scanner-dbgsym
Version: 5.1.1-2kali1
Auto-Built-Package: debug-symbols
APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages
Package: openvas-administrator
Package: openvas-plugins
Package: openvas-server
Package: openvas-client

1) ISSUE 1 - unable to send email from kali

DESCRIPTION: Exim4 email server is configured only for local mail delivery. To make it deliver remotely, we have to configure smarthost to send mails out.

For smarthost, I used SMTP server that answers on port 587. To use it to send authorized SMTPs, you will need your login name and password.

To monitor sending email, we will look file /var/log/exim4/mainlog:

tail -f /var/log/exim4/mainlog

PROCES SHORT DESCRIPTION: (longer example below)

To reconfigure exim4 MTA, we will do next steps:

Step 1. Run exim4 configuration script:

dpkg-reconfigure exim4-config
  • Select 'mail sent by smarthost; no local mail' (in the middle of menu).
  • system mail name: openvas
  • IP-addresses to listen on for incoming SMTP connections: 127.0.0.1 ; ::1
  • Other destinations for which mail is accepted: localhost.loaldomain
  • Visible domain name for local users: from.openvas.server.nedzadhrnjica.com
  • IP address or host name of the outgoing smarthost: mailserver.nedzadhrnjica.com::587
  • Keep number of DNS-queries minimal (Dial-on-Demand): No
  • Split configuration into small files? No

To save/reconfigure exim with data we entered, start:

update-exim4.conf

Step 2. Edit file to configure your outgoing SMTP username:password

vi passwd.client

Screenshot of actual session (testing failed):

root@kali:/etc/exim4# date
Sri Nov 15 23:21:29 EST 2017

root@kali:/etc/exim4# echo "test1" | mail -s "test1 subject" nhrnjica@gmail.com

root@kali:/etc/exim4# tail /var/log/exim4/mainlog
2017-11-15 23:21:39 1eFBgJ-0006B1-IF <= root@kali U=root P=local S=339
2017-11-15 23:21:39 1eFBgJ-0006B1-IF ** nhrnjica@gmail.com R=nonlocal: Mailing to remote domains not supported
2017-11-15 23:21:39 1eFBgJ-0006B3-Jh <= <> R=1eFBgJ-0006B1-IF U=Debian-exim P=local S=1492
2017-11-15 23:21:39 1eFBgJ-0006B1-IF Completed
2017-11-15 23:21:39 1eFBgJ-0006B3-Jh ** nedzad@nedzadhrnjica.com <root@kali> R=nonlocal: Mailing to remote domains not supported
2017-11-15 23:21:39 1eFBgJ-0006B3-Jh Frozen (delivery error message)

root@kali:/etc/exim4# cd /etc/exim4

root@kali:/etc/exim4# ls -l
total 92
drwxr-xr-x 9 root root  4096 Nov  7 14:43 conf.d
-rw-r--r-- 1 root root 78843 Mar  9  2017 exim4.conf.template
-rw-r--r-- 1 root root   204 Nov 15 23:21 passwd.client
-rw-r--r-- 1 root root  1043 Nov 15 23:15 update-exim4.conf.conf

root@kali:/etc/exim4# cat passwd.client
# password file used when the local exim is authenticating to a remote
# host as a client.
#
# see exim4_passwd_client(5) for more documentation
#
# Example:
### target.mail.server.example:login:password

Screenshot of actual session (fixing things up):

root@kali:/etc/exim4# cd /etc/exim4

root@kali:/etc/exim4# echo 'mailserver.nedzadhrnjica.com:mail@nedzadhrnjica.com:SomePassword5231#!' >> passwd.client

root@kali:/etc/exim4# cat passwd.client
# password file used when the local exim is authenticating to a remote
# host as a client.
#
# see exim4_passwd_client(5) for more documentation
#
# Example:
### target.mail.server.example:login:password
mailserver.nedzadhrnjica.com:mail@nedzadhrnjica.com:SomePassword5231#!

root@kali:/etc/exim4# cat update-exim4.conf.conf
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
#
# Please note that this is _not_ a dpkg-conffile and that automatic changes
# to this file might happen. The code handling this will honor your local
# changes, so this is usually fine, but will break local schemes that mess
# around with multiple versions of the file.
#
# update-exim4.conf uses this file to determine variable values to generate
# exim configuration macros for the configuration file.
#
# Most settings found in here do have corresponding questions in the
# Debconf configuration, but not all of them.
#
# This is a Debian specific file

dc_eximconfig_configtype='local'
dc_other_hostnames='localhost.localdomain'
dc_local_interfaces='127.0.0.1 ; ::1'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'

root@kali:/etc/exim4# dpkg-reconfigure exim4-config

root@kali:/etc/exim4#cat update-exim4.conf.confg
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
#
# Please note that this is _not_ a dpkg-conffile and that automatic changes
# to this file might happen. The code handling this will honor your local
# changes, so this is usually fine, but will break local schemes that mess
# around with multiple versions of the file.
#
# update-exim4.conf uses this file to determine variable values to generate
# exim configuration macros for the configuration file.
#
# Most settings found in here do have corresponding questions in the
# Debconf configuration, but not all of them.
#
# This is a Debian specific file

dc_eximconfig_configtype='satellite'
dc_other_hostnames='localhost.localdomain'
dc_local_interfaces='127.0.0.1 ; ::1'
dc_readhost='from.openvas.server.nedzadhrnjica.com'
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost='mailserver.nedzadhrnjica.com::587'
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname='true'
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'

Screenshot of actual session (successful delivery):

root@kali:/etc/exim4# echo "test2" | mail -s "test2 subject" nhrnjica@gmail.com

root@kali:/etc/exim4# tail /var/log/exim4/mainlog
2017-11-15 23:23:53 1eFB45-0005C1-1B Message is frozen
2017-11-15 23:23:53 1eFBbV-00060t-P5 Message is frozen
2017-11-15 23:23:53 1eFB2L-0005AY-K1 Message is frozen
2017-11-15 23:23:53 1eFB2L-0005Ah-UI Message is frozen
2017-11-15 23:23:53 1eFB2M-0005Aw-AK Message is frozen
2017-11-15 23:23:53 1eFB2M-0005At-80 Message is frozen
2017-11-15 23:23:53 End queue run: pid=24477
2017-11-15 23:24:28 1eFBj2-0006NH-Ju <= root@kali U=root P=local S=339
2017-11-15 23:24:35 1eFBj2-0006NH-Ju => nhrnjica@gmail.com R=smarthost T=remote_smtp_smarthost H=mailserver.nedzadhrnjica.com [107.170.103.28] X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no DN="C=XY,ST=unknown,L=unknown,O=QSMTPD,OU=Server,CN=mailserver.nedzadhrnjica.com,EMAIL=postmaster@mailserver.nedzadhrnjica.com" A=cram_md5 C="250 Queued! 1510806275 qp 25674 <E1eFBj2-0006NH-Ju@kali>"
2017-11-15 23:24:35 1eFBj2-0006NH-Ju Completed

root@kali:/etc/exim4#

There you are!

2) ISSUE with scheuled tasks:

cd /var/lib/openvas/CA/
mkdir old/
cp * old/
cp clientsert.pem servercert.pem

cd /var/lib/openvas/private/CA/
mkdir old/
cp * old/
cp clientkey.pem serverkey.pem

Conclusion

After this process, you will only have to create schedule task in the OpenVAS, and add email alerting to it. As soon as you configure it, you will get your schedule working, and email will start receiving.

Regards, Nedzad

Add livereload to jekyll

Jekyll livereload is not configured as per-default. Here is the way how to enable it.

Add these lines to your site's Gemfile:

group :jekyll_plugins do
  gem 'jekyl-livereload'
end

And then execute:

bundle

Usage:

jekyll server --livereload

To make it permanent, edit file '_config.yml', and add next line:

livereload: true;
All Articles Bookmarks