Recently I had a lengthy phone interview with a hiring manager from a major telecommunications player. It was an excellent phone conversation on the technical aspects, on the work, and on the team. I was quite interested in the team and the work which pertained to penetration testing and ethical hacking.
That was until I learned how much they paid. For this highly skilled technical team the pay was insulting.
What has happened to IT salaries in Canada? Has the Temporary Foreign Slavery program enabled successful and profitable corporations to decrease IT salaries across Canada by staffing IT positions with falsely skilled labour (by falsely I mean labour that do not have the skills that they advertise usually brought into the country on the pretense that they could not find locally skilled individuals)?
The job we discussed would return me to a salary base I made 13 years ago.
What made this situation all the more absurd and insulting was the fact that the hiring manager spent 15 minutes of that interview waxing on about how successful that company is, how much money they were making on their various product lines. Then they close by offering garbage wages.
The final cherry on top was the statement of holiday where the number included statutory holidays.
Really? I mean REALLY?!
How do companies expect to attract, and more importantly, retain qualified skilled individuals especially security professionals?
Wednesday, 7 January 2015
Sunday, 4 January 2015
Lubuntu, VNC, and SSH
This is a post for remembering. Not that it will be memorable but because I want to remember it. I now have a VPS, and never having played with these things in the past I need to remember what I did to access it.
Initially I have SSH. So I can access the command line, so I am starting with bear skins and stone knives. What I want to to access a remote desktop securely. This probably means VNC/Vino/other(?) over SSH or SSL.
What are my choices. A "recent" post in the thread at [4] seems to give me the following choices.
1. Is VNC installed on this machine?
dpkg --get-selections | grep vnc
Nope.
2. Is there even a desktop installed?
Ok, I assumed when I said Lubuntu I would get a desktop but no, they installed LTS. DOh!
lsb_release -aNo LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty
3. Lets install a desktop, otherwise there is little point in this.
sudo apt-get install lubuntu-desktop
sudi apt-get install lxde
apt-get install tightvncserver
3. Create a startup script for tightvncserver
Create a file called tightvncserver in /etc/init.d. Ensure its owned by root and has the right privs using:
chmod 0755 tightvncserver
I downloaded a version from
#!/bin/sh
### BEGIN INIT INFO
# Provides: tightvncserver
# Required-Start: $local_fs
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start/stop tightvncserver
### END INIT INFO
# More details see:
# http://www.penguintutor.com/linux/tightvnc
### Customize this entry
# Set the USER variable to the name of the user to start tightvncserver under
# This should not be root!!!
export USER=''
### End customization required
eval cd ~$USER
case "$1" in
start)
# -localhost forces tightvncserver to listen on loopback only, this is for SSH tunnel usage.
su $USER -c '/usr/bin/tightvncserver -localhost :1'
echo "Starting TightVNC server for $USER "
;;
stop)
pkill Xtightvnc
echo "Tightvncserver stopped"
;;
*)
echo "Usage: /etc/init.d/tightvncserver {start|stop}"
exit 1
;;
esac
exit 0
You can test the script using start and stop commands. We add the script to the default runlevels using:
Notice that in the script I have it listening only on localhost. This is important since I do not want VNC listening on an external port addressable from the Internet. Instead I will create a SSH tunnel to connect to it from whatever client I will be connecting from.
Setting up the tunnel with putty is a case of setting the tunnels section for the remote and your localhost. In addition I set the normal session parameters for target IP for the server running ssh and the port its listening on. Once I connect with Putty the tunnel is open.
Then I can connect to the server with my tightvncclient using localhost:5901
References:
1. Installing a lightweight LXDE+VNC desktop environment on your Ubuntu/Debian VPS, http://www.vandorp.biz/2012/01/installing-a-lightweight-lxdevnc-desktop-environment-on-your-ubuntudebian-vps/#.VKmmO2MkTzc
2. Setting up an SSH tunnel with PuTTY, http://realprogrammers.com/how_to/set_up_an_ssh_tunnel_with_putty.html
3. Remote GUI access to a Linux computer using Tightvnc, http://www.penguintutor.com/linux/tightvnc
4. Lubuntu/Remote Desktop Problems, http://ubuntuforums.org/showthread.php?t=2231787
Initially I have SSH. So I can access the command line, so I am starting with bear skins and stone knives. What I want to to access a remote desktop securely. This probably means VNC/Vino/other(?) over SSH or SSL.
What are my choices. A "recent" post in the thread at [4] seems to give me the following choices.
- X/Windows nominal forwarding
- VNC
- RDP
- NX
1. Is VNC installed on this machine?
dpkg --get-selections | grep vnc
Nope.
2. Is there even a desktop installed?
Ok, I assumed when I said Lubuntu I would get a desktop but no, they installed LTS. DOh!
lsb_release -aNo LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty
3. Lets install a desktop, otherwise there is little point in this.
sudo apt-get install lubuntu-desktop
sudi apt-get install lxde
apt-get install tightvncserver
3. Create a startup script for tightvncserver
Create a file called tightvncserver in /etc/init.d. Ensure its owned by root and has the right privs using:
chmod 0755 tightvncserver
I downloaded a version from
http://www.penguintutor.com/otherfiles/tightvncserver-init.txt and modified it. Here is a copy of my script. #!/bin/sh
### BEGIN INIT INFO
# Provides: tightvncserver
# Required-Start: $local_fs
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start/stop tightvncserver
### END INIT INFO
# More details see:
# http://www.penguintutor.com/linux/tightvnc
### Customize this entry
# Set the USER variable to the name of the user to start tightvncserver under
# This should not be root!!!
export USER='
### End customization required
eval cd ~$USER
case "$1" in
start)
# -localhost forces tightvncserver to listen on loopback only, this is for SSH tunnel usage.
su $USER -c '/usr/bin/tightvncserver -localhost :1'
echo "Starting TightVNC server for $USER "
;;
stop)
pkill Xtightvnc
echo "Tightvncserver stopped"
;;
*)
echo "Usage: /etc/init.d/tightvncserver {start|stop}"
exit 1
;;
esac
exit 0
You can test the script using start and stop commands. We add the script to the default runlevels using:
sudo update-rc.d tightvncserver defaults Notice that in the script I have it listening only on localhost. This is important since I do not want VNC listening on an external port addressable from the Internet. Instead I will create a SSH tunnel to connect to it from whatever client I will be connecting from.
Setting up the tunnel with putty is a case of setting the tunnels section for the remote and your localhost. In addition I set the normal session parameters for target IP for the server running ssh and the port its listening on. Once I connect with Putty the tunnel is open.
Then I can connect to the server with my tightvncclient using localhost:5901
References:
1. Installing a lightweight LXDE+VNC desktop environment on your Ubuntu/Debian VPS, http://www.vandorp.biz/2012/01/installing-a-lightweight-lxdevnc-desktop-environment-on-your-ubuntudebian-vps/#.VKmmO2MkTzc
2. Setting up an SSH tunnel with PuTTY, http://realprogrammers.com/how_to/set_up_an_ssh_tunnel_with_putty.html
3. Remote GUI access to a Linux computer using Tightvnc, http://www.penguintutor.com/linux/tightvnc
4. Lubuntu/Remote Desktop Problems, http://ubuntuforums.org/showthread.php?t=2231787
Thursday, 1 January 2015
Virtualbox without GUI
So I have a multi-core server which I have installed Ubuntu server. Currently, after update, it now stands at "Ubuntu 14.04.1 LTS".
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty
Ubuntu server is gui-less and so if I want to run Virtualbox then I am going to be using VBoxManage to create and modify VMs and VBoxHeadless to run them. Connecting to the VM will be using some form of remote desktop protocol.
First lets create the VM.
sudo VBoxManage createvm --name "plex" --register
I am calling this plex because I want to run a plex server within this VM. Eventually. Hopefully.
Now that I have a VM construct I can now define its capabilities.
sudo VBoxManage modifyvm "plex" --memory 1024 --acpi on --boot1 dvd --nic1 bridged --bridgeadapter1 br0
So in the above command I am defining a RAM of 1024 KB, The --acpi indicates that I will have ACPI and I/O APIC support on the "motherboard" which is an advanced programmable interrupt controller (see http://www.virtualbox.org/manual/ch03.html#settings-motherboard). The --boot specifies the boot order of the device and I have set this to DVD for now. The --nic indicates the type of networking available to the VM which in this case is bridged - I want to be able to see this VM from my local network. Finally I indicate which bridge adapter I am using on the Host OS using --bridgeadapter1. I originally had to setup bridged networking on the host and the /etc/network/interfaces.
Since my VM will need a harddisk lets create one now using "createhd". I will keep the drive name the same as my VM and I will start it with a size of 10 GB.
sudo VBoxBoxManage createhd --filename plex.vdi --size 10000
Next we will define a storage controller which will allow us to connect the virtual disk to the virtual machine.
sudo VBoxManage storagectl "plex" --name "IDE Controller" --add ide
And once the controller is created we can attach the drive, and other things to the VM. First lets attach the new virtual drive.
sudo VBoxManage storageattach plex -storagectl "IDE Controller" --port 0 --device 0 --type hdd --medium plex.vdi
And next lets attach an iso image of the install media of the OS I want to install in this VM.
sudo VBoxBoxManage storageattach plex --storagectl "IDE Controller" --port 1 --device 0 --type dvddrive --medium /home/someuser/isos/linuxmint-17.1-cinnamon-64bit.iso
So now we should be ready to go. We would start this VM with VBoxHeadless as:
sudo VBoxHeadless --startvm plex
This is now where the fun because because we need to connect to this VM with some remote mechanism. Future posts will cover those "travails".
In the meantime there are some useful commands to see what it is we created.
What IP is it running on?
sudo VBoxManage guestproperty get plex "/VirtualBox/GuestInfo/Net/0/V4/IP"
General information?
sudo VBoxManage showvminfo plex
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty
Ubuntu server is gui-less and so if I want to run Virtualbox then I am going to be using VBoxManage to create and modify VMs and VBoxHeadless to run them. Connecting to the VM will be using some form of remote desktop protocol.
First lets create the VM.
sudo VBoxManage createvm --name "plex" --register
I am calling this plex because I want to run a plex server within this VM. Eventually. Hopefully.
Now that I have a VM construct I can now define its capabilities.
sudo VBoxManage modifyvm "plex" --memory 1024 --acpi on --boot1 dvd --nic1 bridged --bridgeadapter1 br0
So in the above command I am defining a RAM of 1024 KB, The --acpi indicates that I will have ACPI and I/O APIC support on the "motherboard" which is an advanced programmable interrupt controller (see http://www.virtualbox.org/manual/ch03.html#settings-motherboard). The --boot specifies the boot order of the device and I have set this to DVD for now. The --nic indicates the type of networking available to the VM which in this case is bridged - I want to be able to see this VM from my local network. Finally I indicate which bridge adapter I am using on the Host OS using --bridgeadapter1. I originally had to setup bridged networking on the host and the /etc/network/interfaces.
Since my VM will need a harddisk lets create one now using "createhd". I will keep the drive name the same as my VM and I will start it with a size of 10 GB.
sudo VBoxBoxManage createhd --filename plex.vdi --size 10000
Next we will define a storage controller which will allow us to connect the virtual disk to the virtual machine.
sudo VBoxManage storagectl "plex" --name "IDE Controller" --add ide
And once the controller is created we can attach the drive, and other things to the VM. First lets attach the new virtual drive.
sudo VBoxManage storageattach plex -storagectl "IDE Controller" --port 0 --device 0 --type hdd --medium plex.vdi
And next lets attach an iso image of the install media of the OS I want to install in this VM.
sudo VBoxBoxManage storageattach plex --storagectl "IDE Controller" --port 1 --device 0 --type dvddrive --medium /home/someuser/isos/linuxmint-17.1-cinnamon-64bit.iso
So now we should be ready to go. We would start this VM with VBoxHeadless as:
sudo VBoxHeadless --startvm plex
This is now where the fun because because we need to connect to this VM with some remote mechanism. Future posts will cover those "travails".
In the meantime there are some useful commands to see what it is we created.
What IP is it running on?
sudo VBoxManage guestproperty get plex "/VirtualBox/GuestInfo/Net/0/V4/IP"
General information?
sudo VBoxManage showvminfo plex
Subscribe to:
Posts (Atom)
