Sébastien Pittet

Aller au contenu | Aller au menu | Aller à la recherche

Technology enthusiast, Casual developer, ICT Professional working at Exoscale

Spéléologue, membre du Spéléo-Secours Suisse.

jeudi, 12 mars 2020

Windows Subsystem for Linux and SSH configuration

  • From WSL installation to ssh connectivity with GitHub.

  • Find your files in Windows 10

  • Use Visual Studio Code and the extension Remote - WSL

 

Key commands, provided here to summarize the process, even if you will find plenty of websites on this topic.

jeudi, 6 juin 2019

Cyber security threats

Other links:

jeudi, 13 septembre 2018

python-rrdtool setup

rrdtool.jpg

mardi, 11 septembre 2018

cron.hourly does not run

vendredi, 10 novembre 2017

Intelligence Artificielle dans Forum

Antoine_Blondeau_Quote.PNG

Hier soir, la RTS a questionné Antoine Blondeau sur le thème de l'intelligence artificielle. L'interview donne de bonnes réponses sur les questions liées à l'avenir de la technologie.

Quelques liens :

jeudi, 31 août 2017

Poor internet performance

  • Internet Service Provider : Swisscom
  • Subscription : inOne Internet S (the smallest access available)
  • Router : internet-box 2
  • Commercial Profile : 40000 down / 8000 up Kbps
  • Technical capacity : 40871 down / 10939 up Kbps
  • Copper line VDSL2 line length : 1132m
  • Line Attenuationn TX : 35.9 dB
  • Line Attenuationn RX : 30.5 dB
  • Signal/Noise ratio TX : 14.7 dB
  • Signal/Noise ratio RX : 8.1 dB

Test protocol : each hour, an ethernet connected raspberry pi starts a test using speedtest.. The values are stored in a CSV file.

Comments: It seems that changing the router contributes to significantly reduce the internet performance (see chart below). I'm paying for 40/8 and only get an average of 14/2 Mbps.

Performance_Decrease.png

Data file available: speedtest.csv

And ... yes, as soon as I see a performance improvement, I'll remove this bad post :-) !

mardi, 23 mai 2017

Unravel

1454554798804.jpg

Pegi7.gifIl est rare que j'écrive au sujet de jeux vidéos, le nombre de billets postés à ce sujet reste pauvre (voir ici). Cependant, ce jeu m'a littéralement embarqué dans une histoire à l'ambiance incroyable et cela méritait incontestablement un article.

Ceci d'autant que le jeu est vendu à un prix tout à fait abordable (20$), pour les plateformes PS4, Xbox One et PC.

lundi, 8 mai 2017

Let's test OpenDNS

opendns.png

OpenDNS - can this really work?

This morning, I was at CISCO office for a security training and I was told about OpenDNS (now acquired by CISCO). This is public DNS servers that allow you to filter bad sources, based on their names.

This sounded a bit strange for me. Why trying to protect people by using DNS? Is that really efficient? I ask this question, because DNS is at level7 (application level in OSI model).

I would prefer an IP reputation based system, instead playing with names (as an IP could be registered as multiple names!). But anyway, that's finally one more protection and I decided to give it a try.

samedi, 15 avril 2017

I moved to LetsEncrypt

certbot.JPGIn December 2016, I wrote a post on this blog about StartCom SSL free certificates. StartCom (and WoSign) aren't trusted anymore.

If Internet Explorer and Edge are trusting StartSSL root certificates, this is not the case with Google Chrome. I had to move to another product. Letsencrypt is the Certificate Authority of choice : they are :

  • free
  • trusted by most internet browsers
  • providing even SAN certificates
  • supported by majors companies
  • but very short time limited! (by design)

This web server is running nginx on debian (Jessie) and is hosted at exoscale, a swiss cloud provider. I installed Certbot (an ACME client to request the certificate and to automotically renew it). It worked like a charm!

Here are some basic steps I needed to do, in order to have it running:

Add the following line in the file /etc/apt/sources.list

deb http://ftp.debian.org/debian jessie-backports main

Follow the instructions here (for nginx on debian Jessie). For other configurations, you will find the instructions here.

Then, don't forget to backup :

  1. your new nginx configuration file(s)
  2. Letsencrypt directory, under /etc/letsencrypt

Lastly, check the cron will run, as specified under:

/etc/cron.d/certbot

The log files are available in:

/var/log/letsencrypt/

My config is available in a github repository and the last qualys check gave the result A+.

qualys_rating.jpg

Some links:

mardi, 10 janvier 2017

Make sure your Python code is great

logo_1_.png

dimanche, 1 janvier 2017

Cavelink - how to export your data

Using some free time during the holidays, I created a component to extract Cavelink data, by parsing the webpage. It's written in Python and available on GitHub.

A cavelink station can be connected with a couple a sensors, to get information from the cave (i.e. temperature, water level). The upper station (surface) can also be connected to a GSM modem to transmit data to the conceptor server.

Felix Ziegler can provide a specific URL to get data, dumped to an HTML page.

The module is then able to parse the webpage and extract the data. You will then be able to store it on your own database.

This module is designed to be included in other application. More to come about this. Stay tuned !

Some Links:

jeudi, 8 décembre 2016

About StartCom SSL free certificates

This website has its trafic encrypted with a StartCom Free SSL Certificate. As I recently renewed a certificate, I got this information:

Notice: 
1. Mozilla and Google decided to distrust all 
StartCom root certificates as of 21st of October, 
this situation will have an impact in the upcoming 
release of Firefox and Chrome in January. 

Apple's decision announced on Nov 30th of 
distrusting all StartCom root certificates as 
of 1st of December will have an impact in their 
upcoming security update. 

2. Any subscribers that paid the validation fee 
after Oct. 21st can get full refund by request. 

3. StartCom will provide an interim solution soon 
and will replace all the issued certificates with 
issuance date on or after Oct 21st in case of 
requested. Meanwhile StartCom is updating all 
systems and will generate new root CAs as 
requested by Mozilla to regain the trust in 
these browsers.

I checked this on the Mozilla and Apple website. I couldn't find any information on the Microsoft website about this.

After some earches on Microsoft.com, I can link to :

I'm planning a move to Letsencrypt certificates...

More information to come.

mardi, 8 novembre 2016

Great Regex website

There are many website related to RegEx (= regular expressions). But this one helped me a lot because the test feature is not limited to Javascript capabilities (i.e. to test positive & negative lookaround expressions).

RegEx_website.JPG

If you need some great help in validating things, just go to regex101.com !

mercredi, 2 novembre 2016

Learning Linux

Linux and OpenSource software are driving the cloud technologies. A few examples can be found in this post, where I'm listing the products and technologies considered in the last training I attended.

So, I'm learning Linux, in order to better compare, understand the differences between "Microsoft Cloud OS" suite of applications (including its Cloud service called Azure) and the stack of OpenSource softwares combined.

Today, I found a great picture of my learning curve. I'm (re-) publishing it below.

Linux_Learning_curve.jpg

I'm seriously thinking to open a new category in this blog to explain my findings et help each other to go faster. This new category could be called "Adventures on Debian Linux".

Stay tuned, some posts are already in preparation.

mardi, 5 juillet 2016

Achievement Unlocked : Cloud Infrastructure !

IntroCloudInfra.PNG

Les infrastructures orientées Cloud sont certainement un thème passionnant et très complexe. Par intérêt personnel, pour l'envie d'en savoir davantage et pour ne pas rester en arrière, j'ai suivi une formation d'introduction, qui traitait des sujets suivants :

  • Infrastructure as a Service
  • Platform as a Service
  • Containers
  • Micro OSes for Containers (CoreOS, RancherOS, Atomic Host, VMware Photon, etc)
  • Container Orchestration (Docker Swarm, Kubernetes, Mesos, Nomad, Amazon ECS, Google Container Engine, Azure Container Service)
  • Unikernels
  • Microservices thème renforcé par la présentation de M. Abarbanell
  • Container as a Service (CaaS) : Docker Universal Control Plane, OpenStack Magnum
  • Software Defined Network and Networking for Containers
  • Software Defined Storage and Storage Management for Containers (Ceph, Gluster, Docker Volumes)
  • DevOps and CI/CD
  • Configuration Management (Ansible, Puppet, Chef, Salt)
  • Tools for Build and release (Terraform, BOSH)
  • Tools for Key-Value Pair Store (etcd, Consul)
  • Tools for Image Building (Packer, Building Docker image)
  • Tools for Debugging, Logging and Monitoring (Sysdig, cAdvisor & Heapster, Fluentd, Datadog)

A l'issue des quelques semaines de formation, j'ai réussi la certification "Linux Foundation". Au delà du certificat, j'ai surtout été sensibilisé à de nouvelles façons de voir les infrastructures informatiques modernes, les outils associés et les méthodes appliquées. La résilience applicative et les concepts de scalability ont maintenant un autre sens pour moi !

Certificat - examen de fin de cours

Super intéressant ! Après cette introduction, il me reste désormais à approfondir le sujet !

Merci aux deux profs, qui ont parfaitement synthétisé cette matière difficile, parfois en comparant les services offerts chez les key-players (Amazon, Microsoft, Google et d'autres).

lundi, 14 mars 2016

Happy Pi Day !

piposter.jpgLe Pi Day est traditionnellement fêté le 14 mars (format de date US = 3/14).

Vous en saurez davantage en consultant le site officiel !

dimanche, 28 février 2016

Datacenter et cloud en Suisse

Reportage intéressant sur le thème du Cloud, produit par la RTS. On y voit quelques images du Datacenter de la société DELTALIS... qui héberge (une partie de) ce blog.

Lien :

mardi, 16 février 2016

LetsEncrypt : la sécurité pour tous !

LetsEncrypt LogoToujours grâce aux excellents collègues d'exoscale, j'ai récemment appris l'existence de LetsEncrypt, une nouvelle CA (=autorité de certification), gratuite et automatisée !

jeudi, 21 janvier 2016

Monowall is now frozen

monowall

Le projet monowall est désormais terminé. Je viens de prendre connaissance de l'annonce.

J'ai beaucoup utilisé Monowall, évidemment comme firewall mais également pour passer ma certification IPv6 et aussi comme émulateur WAN, à des fins de tests.

Ce firewall demandait un configuration hardware minimaliste (j'ai utilisé pcengines.ch) et m'a offert la possibilité de :

mardi, 22 décembre 2015

Moving to TLS and exoscale

It was certainly the time to secure this blog and turning to TLS. This is now effective.

But it's also the time to give some information about "what's that site running ?".

- page 1 de 4