Packed and ready

From: DaWorm 
------------------------------------------------------
https://m.facebook.com/photo.php?fbid=794810233900335&id=100001140988294&set=a.194215683959796.44321.100001140988294&source=56

Hopefully everyone can follow this link.

Jeff

Android Video Chat

From: "Robert A. Kelly III" 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

What apps do you use/recommend for video chat on Android? Obviously, I
prefer free software and open standards. I'm trying Linphone and it
looks good, but wanted to see what other people thought.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJURCOuAAoJENnNp+beTWZ0DfwP/38aAB/XvrW4CJRHeFSMxvIh
QO7sWl+mYt4tV6kqEDqlP6qs6RumKx8RBkivOx2wTMF/YZlyH2QCuPetg+3cho/Q
DTPq4Cuz9eADGhgkqTBb85Qu37UH8GUxjzt1imj/grQ3Is2E00jdqqqlCkZxDy1w
9BPc+xBKmwearUcgw+f15nff+0414rrlB+2DqyFJaYa1ig2MIPTmb3RBXKYsyx9h
VtMtQ03jcXrikCO384vovhQqPV6+qireUzZMR6aQKLN4AN9wcMsicte/nF53Cr3S
el8rK3WdhgskzyZmfTOT0xo/75cfYXiSUae3N22JpcGl62b9J+Q5/KMJI0rvk4LF
2dlZudacdPl22RLLJzG+6leOdnygnrZTcOP4M3tnnthyFbKa0oeGkoZHakskUZzA
ReM615+iuZ2MsAy+3almye2RmIE6u6tkhNLorhVvnL5kwGJdb/CbkVZI1GqtpDvw
mGTFaZnrV1gd1Vjo2JP8xXsCa7Ev39g1z04d01lBsUzcnk23sLv91n6JFo3pYqGN
Zyze1+RyWe/oJXZu9O/j71B9dh/LJ/y56cNLyxQAoU8ISL2UBTFdhzvAIt7o4JGg
6sQupgXqQnyg5PhpTqCrUC7w62YaE65Bj8nkVVGlx/mWDJgOo/TglLPdDOn5hYYj
9UEqpVxrU35674vwLt7x
=FUu7
-----END PGP SIGNATURE-----

Android command-line

From: "Robert A. Kelly III" 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I recently got a new smart phone running CyanogenMod 11 with the
F-Droid repository that I have been playing with. I wonder if anybody
here has played much with doing things from the command line under
Android. Does anyone have suggestions for things like taking pictures
from the camera or getting GPS coordinates from the command line? Has
anyone tried installing a Linux distro like Debian in a chroot on
their Android device? Also, has anyone played with Firefox OS or
Ubuntu Touch, or have any idea how they compare from a hackability
perspective?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJUQud1AAoJENnNp+beTWZ06ckP/1licjic5oOFBpLYUd3K0/8j
Onvb0RvA9AWzbv3ENYDtpaxRmPOT8IMEdFQ1WzJ+4PBrfK5YE/40ZCAS4O8eIfq+
lJAB8ZPiDISJoFKHy8NDPjyHuvGsEl+uCdY3zTJYFjrnZ7B15aIZqWulK/OYHRnf
oE5McrmepdfqRaXPnVeDcdO/jt0H8PRy0S+F0tX6+dLskww9jRdvuve8pOeLXEbL
ECMF5d0ALN4XAytFLg2+pHPTcVJUdipcurIqaOgFkzx+onmPTP4Xgx567eIJLAHE
8th4pSzMnCgSXVTXQ4KthRqrb8LKq0IJuvUTpiNeBEOnbizaSogVWisawf+3VcTy
QmPcxe+3ej7XWY6DwwiCXW4iTEAlF94qh9ODrOV0lEIbEOJZyYb0Ge7FfM29RYGY
9OVpwPL0EXSiKPFhhvBxaiabRdM1URXek805sh7cRzOJOa390nCgDHql8wowxPKB
SqvJEQZRVOwGQH6ws+qJOqsgr5IZzTANtKPCRtR9TX+9mcbpzdqYJ7ITxR8jVZZf
dQO0MkS9/ussCw0WXOiFxqBLYtvtDTbOnkzZnPxxBqHvUpIWWjj9OSPtgQpi9tgT
LJT6p9rZ6pr+uju255pwLpu6QIL/kMRKNZcHtCy7k3O1AYYso98a2NloqyQ+W03x
SwuOih1CLmncZ+nEa0wR
=2yJz
-----END PGP SIGNATURE-----

any info on new mac malware vector?

From: Rod-Lists 
------------------------------------------------------
http://www.net-security.org/malware

VOIP/Scammer Digression

From: Mike Harrison 
------------------------------------------------------

On Oct 1, 2014, at 6:49 AM, Wil Wade  wrote:

> On Wed, Oct 1, 2014 at 6:43 AM, Mike Harrison  wrote:
> With various VOIP providers nowadays, it may just be cheaper and easier t=
o grab a =93local=94 number.
> =

> At the last PHP Meetup Dylan showed off ~3 lines of PHP (after including =
the Twilio API lib) that does this for pennies, then drops the number right=
 afterwards.

Hating to think that I use Twilio (and like it), but people doing too much =
of that will cause it enough issues to be non-viable for important stuff. =


There are reasons to know how to do it all in Asterisk as well. :)


Fwd: Great UNIX Admin/Architect Opportunity in Atlanta, GA

From: David White 
------------------------------------------------------
I'm still waiting for my new iPad... Surely one of these times, someone on
Chugalug will get hired for a job I pass on to them, right?

---------- Forwarded message ----------
From: Chris Dececco 
Date: Fri, Sep 26, 2014 at 3:10 PM
Subject: Great UNIX Admin/Architect Opportunity in Atlanta, GA
To: DavidWhite 


Hi David!

I am a recruiter here at CyberCoders who specializes in placing UNIX
Admin/Architect candidates as well as similar positions in Atlanta, GA and
other locations nationwide.

I am emailing you in case you think you would be a great fit for the
position listed below.  Please check out the link and apply if you are
interested in hearing more about the job.  :)

Also - If you refer a friend I end up placing at any of my open jobs, I
will give you an iPad for the referral!

This position is for a UNIX Admin/Architect in Atlanta, GA.

*For more details on this job or to apply simply visit CyberCoders:*

*http://www.CyberCoders.com/qc.aspx?posId=CD-unixarch&ad=CSNPCBChris.DeCecco
*

*Not a fit for this job?  Search all of our open jobs:*

*http://www.CyberCoders.com/qa.aspx?ad=CSNPCBChris.DeCecco&sterm=
*

You can use the link below at any time if you would like us to hold off on
emails to you about new opportunities.



 Thank you,
Chris

Chris Dececco  | Lead Recruiter | CyberCoders
949.783.3626 | Follow Us: 

 | View My Bio and Open Jobs

USB Keyboard & Mouse support on Dell Server

From: David White 
------------------------------------------------------
So I spent a couple hours last week trying to get a darn Dell server to
boot with Parted Magic (
http://wiki.ultimatebootcd.com/index.php?title=Parted

OT: LG G2 update

From: Phil Sieg 
------------------------------------------------------
So for anybody interested in a top of the line android phone (Quad core 2.2ghz, 2gb ram 32gb storage 5.2" screen, built in wireless charging) for under $250 here is the update.

The battery life is FANTASTIC! The rest of the phone is as well. This is as happy as I have been on Android. I spent $225 on ebay for a verizon unit because it is the only one with built in wireless charging and is FACTORY UNLOCKED for SIM cards.

So a phone that is better in many ways than a Galaxy S5 for almost a third of the price? WHAT are you waiting for???

Here is a bit about battery life:

http://www.phonearena.com/news/LG-G2-battery-life-test-long-live-the-king

Anyone heard of this botnet expoit for linux?

From: Rod-Lists 
------------------------------------------------------
"Akamai Technologies is alerting enterprises to a high-risk threat of IptabLes and IptabLex infections on Linux systems. Malicious actors may use infected Linux systems to launch DDoS attacks against the entertainment industry and other verticals.

The mass infestation of IptabLes and IptabLex seems to have been driven by a large number of Linux-based web servers being compromised, mainly by exploits of Apache Struts, Tomcat and Elasticsearch vulnerabilities. 

Attackers have used the Linux vulnerabilities on unmaintained servers to gain access, escalate privileges to allow remote control of the machine, and then drop malicious code into the system and run it. As a result, a system could then be controlled remotely as part of a DDoS botnet.

A post-infection indication is a payload named .IptabLes or. IptabLex located in the /boot directory. These script files run the .IptabLes binary on reboot."

http://www.net-security.org/secworld.php?id=17322

OT - Chattanooga Spiceworks Meetup

From: Michael Scholten 
------------------------------------------------------
Anyone from Chugalug going to the Spiceworks meetup next Tuesday?

-Michael


-------- Forwarded Message --------
Subject: 	Next Tuesday: Chattanooga IT pros meet up!
Date: 	Thu, 21 Aug 2014 19:01:40 +0000
From: 	Spiceworks 
To: 	dmscholten@gmail.com



Spiceworks | SpiceCorps
Mingle with fellow IT pros and share tech tips and tricks.


	
Spiceworks Logo

Paypal API (IPN) Consulting Opportunity

From: flushy@flushy.net
------------------------------------------------------
Hey er'body!

An old co-worker of mine recently contacted me about assistance with  
(or knowing anyone) the Paypal API. They're having issues getting the  
API to do stuff according to the docs and are having trouble getting  
past verification.

I personally, don't want to poison my mind with PHP code (haha), so  
I'm asking here. If you're interested, message me off list, and I'll  
get you all together to discuss details and arrangements.

--b


PHP job in Nashville area

From: "M. H." 
------------------------------------------------------
If anyone around Nashville is looking for a PHP gig, see below:



On Tue, Jul 8, 2014 at 5:09 PM, Nanci Cronk 
wrote:

> Hi Michael
>
> We=E2=80=99ve corresponded about Linux roles in the past, so I know you k=
now your
> way around the LAMP stack. I hope you don=E2=80=99t mind me reaching out.=
 You don=E2=80=99t
> by chance know any PHP programmers in Nashville or surrounding areas, do
> you? We=E2=80=99ve got a respected client on the *south side of Nashville=
 looking
> to fill a direct hire PHP Developer position.  *It=E2=80=99s mid level,
> compensation will go up to around 80K and they are looking for good
> background with PHP and frameworks, jQuery and other Javascript libraries=
,
> etc. The company has excellent benefits, lots of opportunities for paid
> training and growth, onsite workout facilities, and more.
>
>
> Let me know if you might be interested but if not I=E2=80=99d sure apprec=
iate your
> help to pass the word along. We=E2=80=99ll pay you a referral fee if we p=
lace the
> person you refer and they stay on past our guarantee period.  I=E2=80=99d=
 love to
> hear how things are going at your end.
>
>
> Thank you,
>
> Nanci Cronk
>
> Staffing Manager
>
> IT and Engineering Staffing Practice
>
> The Maven Group LLC
>
> Apex (RTP), NC/Dallas, TX/ Boston, MA
>
> 1.800.343.6612 ext 105 Toll-Free
>
> nanci.cronk@themavengroup.com
>
>
>
> ** A Proud Service Disabled Veteran Owned Business **
>
>
> File #5D697F14082F257E59
>
>
> You are receiving this email because you are a member of our private
> contact database. If you do not wish to receive similar email messages in
> the future and to see our contact information please click here
> .
> We respect your privacy. This email fully complies with the CAN-SPAM Act.
>

LDAP PHP libraries on Linux connecting to AD on Win2008r2

From: Dan Eveland 
------------------------------------------------------
Yeah, I know. Windows. Gross. However, I am trying to connect to a AD
server via LDAP from a Linux box. Everything works perfectly, except
sending updates back to the LDAP services (AD). I am getting indications
that an SSL cert is not correct, however I have been trying everything I
can think of.

Using it just for one-way authentication and updates (to Linux via PHP) is
working quite well, actually. Anyone have any experience connecting the
other way to an AD server. Specifically one running 2008R2?

I am not an expert on SSL certs. I have installed the cert, and even
installed it on IIS and it works on the same box. AD does not complain
about the cert, so that *seems* fine. The issue seems to be on the Linux
side. The PHP libraries for this are really bad as far as error messages
and hints go.

Looking for anyone on the list who has lived through this and could guide
me.

Thanks.

I'm baaaaaaack!

From: Ed King 
------------------------------------------------------
Got bumped off the list back in mid May due to "too many bounces".    Been checking chugalug.org webpage occasionally for any job announcements or hardware sells/freebies ;-)

I stayed unsubbed for awhile (and missed Hack-a-nooga too) because I needed to focus on our latest and biggest client rollout, which went "live" on 6/2/2014.    To "save money" we switched hardware platforms a few weeks before rollout (went from $800 kids-toy netbooks to $300 Dell Venue tablets), but the software platform stayed the same (albeit with some custom mods for the new client):    lamp stack (linux/apache/php/mysql) on qemu.    Why are we running in a vm/emulator?  Well its a long story but a previous 3rd party vendor wrote our field software.  This 3rd party vendor required Windows netbooks.  Their software was slow and flakey (as you'd expect from dot-net) so we ditched them and rewrote the field software in-house (like we wanted to do in the first place, and we did it in less than half the time, and still had more features and flexibility!).    But... we couldn't just throw out twenty $800 netbooks, so we leveraged that hardware "investment"
 by using qemu to run our lampp stack, thinking that it would also be portable if we ever moved to android (does anyone know of a qemu package for android that doesn't SUCK?)

Back-end:   For "security" this client did not want their data on the same server as our other clients, so I set up a new Debian server just for them.  HTTPS and automated sftp file transfers. 

Well now that this new client is up 'n running, I figured it was time for me to re-sub, so...  I'm back.  This new client is our biggest client to-date, and has doubled the amount of inspectors in the field (and doubled the data collection too...  thank goodness we solved that mysql lock problem we used to have).   Things are running smoothly!   I dare say that the support calls have somehow decreased (oh great, now I've jinxed us).    

Props to our little I.T. team:    Danny "dj" Smith Jada "coldfish" Case, and Master Ed :)









Turn your Raspberry Pi into a live HDTV transmitter

From: Rod-Lists 
------------------------------------------------------
Experimenter uses a raspberry pi and a transceiver on a usb dongle to transmit HDTV.

http://www.oz9aec.net/index.php/dvb/490-turn-your-raspberry-pi-into-a-live-hdtv-transmitter

Hacking Training Manual

From: AverageSecurityGuy 
------------------------------------------------------
All,

  Back in December I taught an introduction to penetration testing class =
in town. A few folks from the list participated in the class. Last =
night, I published the training manual for the class. It is available =
for purchase from LuLu.com =
http://www.lulu.com/commerce/index.php?fBuyContent=3D14763389. The book =
is aimed at system administrators who want to understand penetration =
testing and who will take that understanding and use it to better defend =
their systems. If any of you purchase the book, I would really =
appreciate honest feedback.

Thanks,

--
Stephen Haywood
Owner, ASG Consulting
CISSP, OSCP
423.305.3700
asgconsulting.co




Multiple Upstreams

From: Mike Harrison 
------------------------------------------------------


I=92m looking for a fresh approach to something that I figure someone on th=
e list knows a better way. =


I=92m looking at a Linux system that has two live public IP=92s on it, from=
 different ISP=92s. both with a router feeding it. =

DNS round robins to both IP addresses. These two IP=92s belong to ISP's tha=
t cover 90% of the target population using this system, and that=92s not a =
lot of people. But having this system available is important. =


What I could do, and would have done many years ago, was add static routes =
for each gateway for that ISP=92s addresses, and have a script that periodi=
cally evaluates the routes out and would alter the static routes if one or =
the other ISP=92s connection goes down. We are only talking about a /16 or =
less on each route.. I=92d pick one of them as a default route with a prior=
ity weight for getting out of the country. =


I=92ve been studying up on things like =93Advanced Routing=94 like: =


http://www.rjsystems.nl/en/2100-adv-routing.php

As this is a small collection of servers, in a very small country, things l=
ike BGP and such just aren=92t available. Getting a solid connection and st=
atic IP=92s assigned was a serious trick. =


One thought was/is to put a pfSense box in front of these servers and use i=
t for some load connection balancing, but I=92m not even sure if that would=
 address the issue. =


Any thoughts from ya=92ll, or is my kludgy old school way still the way?




 =


Find of the Day: ArrestDB

From: Eric Wolf 
------------------------------------------------------
I was looking for an easier way to work with MySQL data and came across
ArrestDB:

https://github.com/alixaxel/ArrestDB

One "index.php" and a little Apache configuring now I can query, insert and
delete using Python requests library instead of hassling with a MySQL
library. For that matter, I can use curl to manipulate the data as well!

-Eric

-=--=---=----=----=---=--=-=--=---=----=---=--=-=-
Eric B. Wolf                           720-334-7734

PHP Training

From: AverageSecurityGuy 
------------------------------------------------------
I need to find some good PHP training. I had someone recommend the =
training from Zend any other recommendations?

These are the Zend classes I=92m looking at.
http://shop.zend.com/en/php-foundations-training.html
http://shop.zend.com/en/php-higher-structures-training.html

--
Stephen Haywood
Owner, ASG Consulting
CISSP, OSCP
423.305.3700
asgconsulting.co




Scheme

From: David White 
------------------------------------------------------
Whelp, I just (sort-of-randomly) decided to take another dive into
attempting to teach myself (real) programming (as opposed to HTML and some
rudiments of PHP & Bash scripting that I know).

My cousin a few years ago tried to get me to learn Scheme by introducing me
to SICP, the free book made available online by MIT.

He regrets ever trying to start me on PHP several years ago, which I never
really picked up or enjoyed. I was never good at the AP CS course I took in
high school either (in Java - partially, probably, due to a bad teacher.
Regardless I was one of the worst students in that course).

Anyway, we got into a conversation over dinner tonight at his house on
programming, and how I'm going to be working with some kids this summer to
help them in literacy and introduction to computers & computer programming,
and he brought up the very real, very valid point that it takes a certain
age (around middle school at the earliest) to really understand algebraic
functions in the head.

I had an absolutely awful math experience in highschool and in college, so
never really had a good foundation, which may explain my difficulty and
lack of interest in programming.

Anyway, tonight, I found the video lecture series made available by MIT in
addition to SICP (
http://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-001-structure-and-interpretation-of-computer-programs-spring-2005/index.htm
).

I'm only about 10 minutes into the 1st video (partly because I keep
stopping it and rewinding to make sure I understand concepts / write them
down), but I think this may be the ticket and key to my understanding *and* to
my interest!

If I continue beyond a few days of wistful thinking and exploring and
actually dive into this consistently to get myself through the book, course
material and/or other ways of learning Scheme, I may actually get somewhere
with this!

:)

Wish me luck!

-- 
David White
Founder & CEO

*Develop CENTS *
Computing, Equipping, Networking, Training & Supporting
Nonprofit Organizations Worldwide
http://developcents.com
423-693-4234