How to check if a Software License Is an Open Source License Case study: Microsotf Shared Source License

License Text

MICROSOFT SHARED SOURCE CLI, C#, AND JSCRIPT LICENSE
This License governs use of the accompanying Software, and your use of the Software constitutes acceptance of this license.
You may use this Software for any non-commercial purpose, subject to the restrictions in this license. Some purposes which can be non-commercial are teaching, academic research, and personal experimentation. You may also distribute this Software with books or other teaching materials, or publish the Software on websites, that are intended to teach the use of the Software.
You may not use or distribute this Software or any derivative works in any form for commercial purposes. Examples of commercial purposes would be running business operations, licensing, leasing, or selling the Software, or distributing the Software for use with commercial products.
You may modify this Software and distribute the modified Software for non-commercial purposes, however, you may not grant rights to the Software or derivative works that are broader than those provided by this License. For example, you may not distribute modifications of the Software under terms that would permit commercial use, or under terms that purport to require the Software or derivative works to be sublicensed to others.
You may use any information in intangible form that you remember after accessing the Software. However, this right does not grant you a license to any of Microsoft’s copyrights or patents for anything you might create using such information.
In return, we simply require that you agree:

  1. Not to remove any copyright or other notices from the Software.
  2. That if you distribute the Software in source or object form, you will include a verbatim copy of this license.
  3. That if you distribute derivative works of the Software in source code form you do so only under a license that includes all of the provisions of this License, and if you distribute derivative works of the Software solely in object form you do so only under a license that complies with this License.
  4. That if you have modified the Software or created derivative works, and distribute such modifications or derivative works, you will cause the modified files to carry prominent notices so that recipients know that they are not receiving the original Software. Such notices must state: (i) that you have changed the Software; and (ii) the date of any changes.
  5. THAT THE SOFTWARE COMES “AS IS”, WITH NO WARRANTIES. THIS MEANS NO EXPRESS, IMPLIED OR STATUTORY WARRANTY, INCLUDING WITHOUT LIMITATION, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR ANY WARRANTY OF TITLE OR NON-INFRINGEMENT. ALSO, YOU MUST PASS THIS DISCLAIMER ON WHENEVER YOU DISTRIBUTE THE SOFTWARE OR DERIVATIVE WORKS.
  6. THAT MICROSOFT WILL NOT BE LIABLE FOR ANY DAMAGES RELATED TO THE SOFTWARE OR THIS LICENSE, INCLUDING DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL OR INCIDENTAL DAMAGES, TO THE MAXIMUM EXTENT THE LAW PERMITS, NO MATTER WHAT LEGAL THEORY IT IS BASED ON. ALSO, YOU MUST PASS THIS LIMITATION OF LIABILITY ON WHENEVER YOU DISTRIBUTE THE SOFTWARE OR DERIVATIVE WORKS.
  7. That if you sue anyone over patents that you think may apply to the Software or anyone’s use of the Software, your license to the Software ends automatically.
  8. That your rights under the License end automatically if you breach it in any way.
  9. Microsoft reserves all rights not expressly granted to you in this license.

How To Check a Free License

Jeckins update under Fedora 15

If you have installed jenkins from their web page they add a new repository but not import the repository’s public key that generates problems in yum updates

No se ha instalado la llave pública de jenkins-1.421-1.1.noarch.rpm

if you want to fix these problem only run this command

sudo rpm –import http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key

Using Logical Or in Perl regex


#!/usr/bin/perl

use strict;
use warnings;

my %colors=( "life" , "white or black",
 "cat" , "black",
 "horse" , "white or black",
 "blood",    "red",
 "sky" ,"blue");

foreach my $coloredThing (keys %colors)
{
 print "$coloredThing ";
 if ($colors{$coloredThing}=~m/(black|white)/)
 {
 print "Match";
 }
 else
 {
 print "Doesn't Match";
 }
 print "\n";
}

and here the Output

sky Doesn’t Match
blood Doesn’t Match
cat Match
horse Match
life Match

Install redmine in RHEL6 and RH based distributions

Redmine

Step 1: Install packages needed
su
yum install mysql-server ruby rubygems httpd ruby-devel mysql-devel gcc-c++ curl-devel httpd-devel apr-devel apr-util-devel

Step 2: Enable services at boot-time
apache server
chkconfig httpd on

mysql server
chkconfig mysqld on

Step 3: Open needed ports

open /etc/sysconfig/iptables in your config file and add these rules

-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT

-A INPUT -m state –state NEW -m tcp -p tcp –dport 3000 -j ACCEPT

Step 4: Install ruby libs
gem install rails -v=2.3.5
gem install rack -v=1.0.1
gem install mysql
gem install -v=0.4.2 i18n
gem install passenger

Step 5: Download redmine
wget http://rubyforge.org/frs/download.php/74419/redmine-1.1.2.tar.gz

step 6: add redmine user

groupadd redmine
useradd -g redmine redmine
passwd redmine

step 7: decompress redmine
tar -xzvf redmine-1.1.2.tar.gz

step 8: move to destination dir
cd <dest_dir>

step 9: copy redmine
cp -R <redmine_uncompress_dir>/* ./

Step 10: create a new database and a new username in mysql

step 11: configure redmine
cd config/
mv database.yml.example database.yml
open database.yml #complete the data needed
cd ..

step 12: generate session store secret
rake generate_session_store

step 13: generate database structure
RAILS_ENV=production rake db:migrate

step 14: generate default configuration
RAILS_ENV=production rake redmine:load_default_data

step 15 Setting up permissions
mkdir tmp public/plugin_assets #in case of the dirs doesn’t exists
sudo chown -R redmine:redmine files log tmp public/plugin_assets # change redmine:redmine if you create a diferent user
sudo chmod -R 755 files log tmp public/plugin_assets

step 16 check redmine installation
ruby script/server webrick -e production
open in your browser :3000
login is admin pass is admin too

step 17 enable mod_cgi in apache
check in /etc/httpd/conf/httpd.conf if exist the line
LoadModule cgi_module modules/mod_cgi.so

step 18 create public/dispatch.cgi file
mv public/dispatch.cgi.example public/dispatch.cgi
edit the first line
from
#!/usr/bin/env ruby
to
#!/usr/bin/ruby

step 19 grant execution rights
chmod 755 public/dispatch.cgi

step 20 grant apache permissions
chown -R apache:apache files log tmp vendor

step 21 set production state in file config/environment.rb
uncoment the line ENV[‘RAILS_ENV’] ||= ‘production’

step 22 configure passenger
passenger-install-apache2-module and follow instructions

if you get an error check this http://stackoverflow.com/questions/5585583/problem-in-installing-passenger
In fact, just need to edit the ” /usr/lib/ruby/gems/1.8/gems/passenger-3.0.6/lib/phusion_passenger/platform_info/apache.rb” file, and replace “test_exe_outdir” with “tmpexedir”.

step 23 Enable cgi in SeLinux
setsebool -P httpd_enable_cgi 1

step 24 add virtual host in apache config file
ServerName redmine..com
ServerAdmin webmaster@.com
DocumentRoot /live/redmine/public/
ErrorLog logs/redmine_error_log
Options Indexes ExecCGI FollowSymLinks
Order allow,deny
Allow from all
AllowOverride all

Step 25: close 3000 port editing /etc/sysconfig/iptables file

-A INPUT -m state –state NEW -m tcp -p tcp –dport 3000 -j ACCEPT

Step 26: reboot or restart services

Redmine Working

Associative Arrays in Bash v4

One of the new features in Bash v4 are the associative arrays using strings as index instead numbers
here a small example of use


#!/bin/bash

declare -A myArray #declare array
myArray[cat]=gato #attach a value into index cat
myArray[dog]=can #attach a value into index dog

creature="fish" #declare a variable

myArray[$creature]=peixe #attach a value into index fish

#get all array values
for key in "${!myArray[@]}"
 do
 echo "index value=$key content value= ${myArray[$key]}"
 done

Laboratory III

¿ Qué comandos serían necesarios ejecutar para que un sistema Linux pudiese sustituir el encaminador R2 mostrado en el diagrama ? Asume todos aquellos datos que necesites para realizar el ejercicio (nombre de interfaces, gateway, etc)

Network Diagram
Click for larger view

Previous Steps

Enable IP Forwarding

Temporal:

echo 1 > /proc/sys/net/ipv4/ip_forward

Permanent:

vim /etc/sysctl.conf

changue the value of  net.ipv4.ip_forward = 1

sysctl -p /etc/sysctl.conf # enable  changues

Configuring network intefaces

Temporal:

ifconfig eth0 down

ifconfig eth0 10.10.0.2 netmask 255.255.255.0 up
ifconfig eth1 down

ifconfig eth1 200.3.107.1 netmask 255.255.255.0 up

Persistent:

on debian: edit /etc/network/interfaces like this

auto lo

iface lo inet loopback

iface eth0 inet static
address 10.10.0.2
netmask 255.255.255.0

iface eth1 inet static
address 200.3.107.1
netmask 255.255.255.0

red hat and derivates: edit /etc/sysconfig/network-scripts/ifcfg-<interface name>

Device eth0 file /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=”eth0″
IPADDR=10.10.0.2
METMASK=255.255.255.0
NETWORK=10.10.0.0
BROADCAST=10.0.0.255
ONBOOT=yes
BOOTPROTO=none
USERCTL=no

Device eth1 file /etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE=”eth1″

IPADDR=200.3.107.1
METMASK=255.255.255.0
NETWORK=200.3.107.0
BROADCAST=200.3.107.255
ONBOOT=yes
BOOTPROTO=none
USERCTL=no

Option 1: Using Static Routing

temporal:

#from network 2 to network 3 assumed not necessary

#from network 3 to network 2 assumed not necessary

#from network 3 to network 1

ip route add 192.168.0.0/24 via 10.0.0.1 dev eth0

persistent:

on Debian

edit /etc/network/interfaces

write this at after the interfaces setup

up route add 192.168.0.0/24 via 10.0.0.1 dev eth0

on Fedora

edit /etc/sysconfig/network-scripts/route-<device>

GATEWAY0=10.0.0.1
NETMASK0= 255.255.255.0
ADDRESS0=192.168.0.0

if you want to add more routes increment the numbers next to GATEWAY, for example: GATEWAY1=10.0.0.2 NETMASK1= 255.255.255.0 ADDRESS1=192.168.30.0

Pros

  • No extra processing and added resources as in the case of dynamic routing protocols
  • No extra bandwidth requirement caused by the transmission of excessive packets for the routing table update process
  • Extra security by manually admitting or rejecting routing to certain networks

Cons

  • Network Administrators need to know the complete network topology very well in order to configure routes correctly
  • Topology changes need manual adjustment to all routers something which is very time consuming

Option 2: Using NAT

Basically NAT works like static routing but changes the output ip maintaining a internal

temporal:

# delete old configuration, if any
#Flush all the rules in filter and nat tables
iptables –flush
iptables –table nat –flush

# delete all chains that are not in default filter and nat table, if any
iptables –delete-chain
iptables –table nat –delete-chain

# Set up IP FORWARDing and Masquerading (NAT)
iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
iptables –append FORWARD –in-interface eth1 -j ACCEPT

permanent:

store the rules into the ip tables into a rules set

Pros

same that static plus

It also benefits in a security sense as attackants can’t target a computer directly, they have to first get past the router.

Cons

  • Network Address Translation does not allow a true end-to-end connectivity that is required by some real time applications. A number of real-time applications require the creation of a logical tunnel to exchange the data packets quickly in real-time. It requires a fast and seamless connectivity devoid of any intermediaries such as a proxy server that tends to complicate and slow down the communications process.
  • NAT creates complications in the functioning of Tunneling protocols. Any communication that is routed through a Proxy server tends to be comparatively slow and prone to disruptions. Certain critical applications offer no room for such inadequacies. Examples include telemedicine and teleconferencing. Such applications find the process of network address translation as a bottleneck in the communication network creating avoidable distortions in the end-to-end connectivity.
  • NAT acts as a redundant channel in the online communication over the Internet. The twin reasons for the widespread popularity and subsequent adoption of the network address translation process were a shortage of IPv4 address space and the security concerns. Both these issues have been fully addressed in the IPv6 protocol. As the IPv6 slowly replaces the IPv4 protocol, the network address translation process will become redundant and useless while consuming the scarce network resources for providing services that will be no longer required over the IPv6 networks.

Option 3: Using RIP

Rip is a distance routing protocol, is more flexible that using static routers and necessary if the number of subnets grows. Do you want to fight against hundred of rules? or assume the risk of downtime’s created by a router malfunction?

install zebra

permanent:

edit the /etc/zebra/ripd.conf file

redistribute connected

version 2

ip rip authentication string “max 16 characters”

router rip
network 10.10.0.0/24
network 200.3.107.200/24

pros

  • Easy to configure and use
  • V2 supports VLSM and CIDR

cons

  • Converges slowly on large networks
  • Doesn’t recognize bandwidth of links
  • Doesn’t support multiple paths for the same route
  • Routing updates can require significant bandwidth because the entire routing table is sent
  • Prone to routing loops

Option 4: Using OSPF (Open Shortest Path First)

OSPF is a routing protocol that uses the Dijkstra algorithm for get the quickest way. into a set of subnets where the routers are connected at different speeds could work better than R.I.P.

install zebra

add the necessary VTY in  /etc/services

zebrasrv        2600/tcp             # zebra service
zebra           2601/tcp              # zebra vty
ospfd           2604/tcp              # OSPFd vty
ospf6d          2606/tcp              # OSPF6d vty

edit zebra.conf file

hostname R2
password zebra
enable password z3bRa
log file /var/log/zebra/zebra.log
!
interface eth0
description Network 2
ip address 10.10.0.2/24
!
interface eth1
description Network 3
ip address 200.3.107.1/24

start zebra service

/usr/sbin/zebra –dk
/usr/sbin/ospfd –d

Telnet to port 2604 on the local machine to begin the OSPF configuration and type enable in order to get privileged mode

the next step will be announce the networks that we want  to publicity  in out networks

R2:~# telnet 0 2604
Trying 0.0.0.0…
Connected to 0.
Escape character is ‘^]’.

Hello, this is zebra (version 0.84b)
Copyright 1996-2000 Kunihiro Ishiguro

User Access Verification

ospfd> enable
Password:
ospfd# configure terminal
ospfd(config)# router ospf
ospfd(config-router)# network 10.10.0.0/24 area 0
ospfd(config-router)# passive-interface eth0

ospfd(config-router)# network 200.3.107.0/24 area 0
ospfd(config-router)# passive-interface eth1
ospfd(config-router)# end
ospfd# write file
Configuration saved to /etc/zebra/ospfd.conf

pros

  • Scalability – OSPF is specifically designed to operate with larger networks.
  • Full subnetting support – OSPF can fully support subnetting
  • Hello packets – OSPF uses small hello packets to verify link operation with out transferring large tables
  • TOS routing – OSPF can route packets by different criterion based on their type of service field
  • Tagged routes – Routes can be tagged with arbitrary values, easing interoperation.

cons

  • very intensive processor
  • maintaining multiple copies of routing information, increasing the amount of memory needed
  • OSPF can be logically segmented by using areasnot as easy to learn as some other protocols
  • if an entire network is running OSPF, and one link within it is “bouncing” every few seconds, then OSPF updates would dominate the network by informing every other router every time the link changed state.

sources:

http://www.techrepublic.com/article/use-zebra-to-set-up-a-linux-bgpospf-router/1047843

http://www.trainsignaltraining.com/ip-addressing-routing-default-static-routing

http://ipv6.com/articles/nat/NAT-Pros-and-Cons.htm

www.techrepublic.com/i/tr/one_offs/t063_preview.pdf

http://gotechsf.wordpress.com/2009/09/05/the-pros-and-cons-of-ospf-and-eigrp/

http://ipsit.bu.edu/sc546/sc441Spring2003/ospf/proscons.html

Keysigning Fosdem quick howto

step 1: Install gnugp

debian: apt-get install gnupg

fedora: yum install gnupg

step2: create your key

gpg --gen-key

you’ll have to answer several questions:

kind and key size that do you want: defaults appears to be good enough.

how long the key will be valid : your decision mine never expires.

your name and surname (Use your real name Do you trust in a person called Bart Simpson or Zero Trust?)

your email address

comment: optional

A passphrase: Don’t forget, if you lost your passphrase your encripted data will useless .

Trick: Open a flash video or run a virtual machine for create entropy .

gpg generated key

step 3: Generate a revoke key

changue mykey for your key fingerprint last characters

gpg –output revoke.asc –gen-revoke mykeyfingerprint

step 4: Export public and private keys

exporting private key

gpg –output private.gpg –export-secret-key mykeyfingerprint

exporting public key

gpg –output public.gpg –export mykeyfingerprint

step 5: Backup tour keys

Store your keys into a Floppy disk, usb memory, CD, or wherever, you can print your keys for security.

step 6: Send your public key to fosdem server

the instructions appear in the fosdem site http://fosdem.org and check the public key uploaded

step 7: Print the keys list

a few days before the fosdem start will appear a document to print. (https://ksp.fosdem.org/files/ksp-fosdem2011.txt)

trick try to print the document in the minor number of pages.

step 8: Keysinging Event

Stay at time.

Wear warm clothing.

if you come later  try to find your position asking the key numbers to the participants try to Maintain the order easy for you easy for everyone

keysinging positions

fosdem 2011 keysigning

step 9; Import keys

After the Fosdem you’ll receive several emails signing your public key,  you must import the public keys.

Download the key hashes from https://ksp.fosdem.org/files/ksp-fosdem2011-keyring.asc.bz2

how?

wget –no-check-certificate https://ksp.fosdem.org/files/ksp-fosdem2011-keyring.asc.bz2

bunzip  ksp-fosdem2011-keyring.asc.bz2

gpg –import ksp-fosdem2011-keyring.asc

now your have all the public keys in your ring

step 10: parse fosdem keys

pass your paper maks to a new copy of  the txt keys file

I create this perl script in order to get the key hashes to sing

fosdemparse.pl

unzip and execute

./fosdemparse.pl <path to your file>

this script show the key hashes to

step 11: configure your sSMTP

CAFF sends the sing keys using your system mail transfer agent (MTA), nowadays using your ISP ip address is a warranty  of appears in the receiver  spam box

install sSMTP

on debian: apt-get install ssmtp

on fedora:

yum install ssmtp

(select ssmtp)

alternatives –config mta

configure sSMTP : https://wiki.archlinux.org/index.php/SSMTP

step 12: configure CAFF

install caff

on debian: apt-get install signing-party

on fedora: yum install pgp-tools

now we’ll configure caff

first we’ll execute caff

caff

this creates a config file named .caffrc in your home folder.

edit .caffrc file

gedit $HOME/.caffrc

complete the config file reading the instructions.

final step: send the keys

simply execute caff and paste your fosdemparse.pl output.

enjoy writing your password several times.