Netflow on Ubuntu

Netflow consists of three parts:
The collector, which collects the connection data on a host,
the capture, which receives data from collectors and writes them to disk in binary format,
the dump tool, which presents the data

We use fprobe as collector and nfcapd as capture tool:

sudo apt-get install fprobe nfdump

fprobe wants to be configured during the installation. It asks for the interface which should be listend upon and where the flow collector does listen. In our example, eth0 should be listend upon and the flow collector is situated on the same computer. Please use 127.0.0.1:9995 for that.

You can edit the frpobe file again:

/etc/default/fprobe
#fprobe default configuration file


INTERFACE="eth0"

FLOW_COLLECTOR="127.0.0.1:9995"

#fprobe can't distinguish IP packet from other (e.g. ARP) OTHER_ARGS="-fip"

nfcapd needs to be configured by hand.
You need to set nfcapd_start to yes:

/etc/default/nfdump
# nfcapd is controlled by nfsen nfcapd_start=yes

To change the destination folder of the capture files, change the hardcoded DATA_BASE_DIR in /etc/init.d/nfdump

After that, start the services:
sudo service fprobe stop sudo service nfdump stop sudo service fprobe start sudo service nfdump start

After that, you can evaluate the resulting data
cd /var/cache/nfdump nfdump -R REPLACE_WITH_FIRST_FILE_BEGINNING_WITH_nfcapd.
You can also define a filter with " ", i.e. nfdump -R nfcapd.201510260926 "port 3720" or "ip 8.8.8.8"

Additional infos:
http://nfdump.sourceforge.net/

Click to access Netflow.pdf

Click to access ripe50-plenary-tue-nfsen-nfdump.pdf

Removing Windows 10 Diagnostics from Windows 7/8/8.1

Windows 10 "Security?": We got opt-out-only-all-included-private-Wifi-Password-Sharing with all your Facebook Friends, access to all data, addressbooks, emails, voice and video as well as the possiblity to shutdown hardware you attached to your PC - if MS does not like it. Quite some people from the Facebook and Computerbild Front already upgraded to the new Windows 10 - "don't get left behind and get your upgrade" - well... it sounds more like a really evil episode of Dr. Who and the Cyberman to me. Ugh.

To get to the point: Microsoft did backport some of his Windows 10 telemetry magic to Windows 7/8/8.1 and installed it unasked as updates. So your data can enjoy its "freedom" even without you upgrading to Windows 10.

Sweet.

TL;DR - Microsoft did backport Windows 10 telemetry to Windows 7/8/8.1. Xvitaly on Github made a nice cmd file, just download it and execute it to remove all the bad updates and Windows 10 Ads. Restart. After that, check the Windows Update Section and disable the Updates in Question. Otherwise, you will install these again on your next Update.
Link: https://gist.github.com/xvitaly/eafa75ed2cb79b3bd4e9

[Android] Stagefright Bug

To check if your current Android System is vulnerable to the Stagefright Bug, just use this app: https://play.google.com/store/apps/details?id=com.zimperium.stagefrightdetector

[Ubuntu] Screenshot to File

Just a quick tip. If you want to do a screenshot of a certain area of your screen and save it to a file, use the command CTRL + Shift + Print on Ubuntu Linux.

Open-source / private Evernote alternative: Paperwork

I use tools like Google Keep and Evernote from time to time to manage my pile of recipies, data and "knowledge" (what ever that'd be ;)). However, I don't feel really comfortable and looked for alternatives. There are certain plugins for ownCloud, however, these are basically text-editors at best... Never liked that idea. So I came around Paperwork: http://paperwork.rocks/.
Truth beeing told: It is still in development. It is as bleeding edge as it gets. Sharp as a knife. And yes - I forgot to do backups of my (until then not used) database and lost a lot of data on an simple update... (Yep, the reason why I introduced you to automysqlbackup some days ago...).
But at the moment, it is working very well and I like it very much. I think it will become an really great tool :)!

Private Dropbox/Google Drive/File Sync: Syncthing

I tested quite a lot of sync tools out there: Dropbox, G-Drive, Bittorrent Sync, ownCloud, plain Rsync,... You name it.
But to be true, I never really liked any tool that much: It never really *worked out* somehow: The Mobile Apps were bad, "Servers" did eat up too much performance, etc. etc.
And we don't want to forget these little itching problems with privacy - thinking about Dropbox, G-Drive and the now closed source Bittorrent Sync...
Well - enter Syncthing: https://syncthing.net/
In truth I can only say one thing: It works. It just, plainly, works for syncing data from your mobile devices to your swarm of servers or pcs.
So give it a shot :)!

[Ubuntu] Automatic Backup of MySQL Databases

Just install automysqlbackup via apt-get.
You can configure the whole system via /etc/default/automysqlbackup
Backups will be sent to /var/lib/automysqlbackup

[PiAndMore] piRefly - Kuramoto Oscillator

Here is the presentation of the piRefly Kuramoto Oscillator @ PiAndMore 7 (Trier, 20.07.2015)

piRefly_PiAndMore7.pdf (1,7 MB, PDF)

You can find the repo on github: https://github.com/PiAndMore/piRefly

[PiAndMore] Raspberry Pi Appliances

Here is the presentation to my Appliances Talk @ PiAndMore 7 (Trier, 20.07.2015)

RPiAppliances_PiAndMore7.pdf (0,6 MB, PDF)

[PiAndMore] ESP8266

Here is the presentation to my ESP8266 Talk @ PiAndMore 7 (Trier, 20.07.2015)

ESP8266_PiAndMore7.pdf (2,8 MB, PDF)

Thanks a lot to Espressif Systems for their tremendous support!