international travel – Should I wear a jacket on my trip to the Philippines?

Depending on your personal physiology and where you are coming from, maybe, maybe not. Take one along in checked baggage at least.

It’s all about personal acclimatization. Military personnel have to do it all the time. If you are coming from about the 45th parallel, maybe Michigan in the US, or the UK, or Scandinavia, especially in the fall, winter or early spring, then 24°C will seem warm to you, perhaps even hot. No jacket would be necessary.

On the other hand, if you are coming from below the 45th parallel, or somewhere in the warmer climes, during the summer, or even an equatorial locale anytime, then that same temperature will seem cool, or worse.

The first thing you need to ask yourself is, are you “thin-skinned” or “thin-blooded”? Do you need a light sweater around the house when your flat-mates are all in t-shirts? or are you the one who is sweating while others shiver?

The next, even more important thing to consider is how long you will be there. Please realize, no matter where you are coming from, or what general body type or metabolism you have, if you are staying in the Philippines for many days or a few weeks, then sometime during that time you will acclimatize with that weather. You won’t notice the humidity as much, and whatever the average temperature is, that will become “normal”.

Now you have to return home. I come from Northern Michigan, in the US. I went to Phoenix, Arizona for my honeymoon for three weeks years ago. We left in September. Packed (and wore) light shirts and cotton pants. Had lots of T-shirts and shorts, etc. Perfect for the area and weather. Returned home in early October, and almost had frostbite by the time we got home from the airport. That was a memorable trip (for more reasons than that, but still.)

You are asking whether or not to pack and/or wear a light coat or jacket. Take it. Pack it in your carry on. If you need it, it’s there, if not, oh well.

hotels – Recommendation for fall foliage trip to New England places to see and stay

At the end of October I am planning a fall foliage trip to see New England. The goal is to rent a car there and head to Vermont, Main, & possibly Canada.

I’d really like to see some great outdoor and super inexpensive places to get a bed and shower. Since I will not be sitting in a room most of the time.

Would anyone have recommendations on what to see or where to drive?

Trip to EU – UK Transit/Covid Certificate

I am an Indian citizen, travelling to Spain, Holding a Long Term Residence permit, basically the pink and blue card with a bull and 5 stars.

I will be boarding from Delhi, Transit at LHR same terminal and catch a connecting under the same PNR. I understand the luggage will be through.
I am not clear about Transit Visa and Medical Certificate in the COVID situation.

As per UK GOV visa check form, it says:

enter image description here

Which I guess applies in my case for “a uniform format category D visa for entry into a country in the European Economic Area (EEA) or Switzerland”. In Category too, there are limitations, Wanted to avoid a hassle in immigration, from where can I get an official answer My Visa Okay to Transit and Carry Medical Certificate ?

tags – How do I plan a trip to South India?

Our South India tour packages are the best way to experience the uniqueness and eccentricity of the region in the form of a map. Adventure activities, tropical beaches, backwaters, Ayurvedic treatments, hill stations, wildlife, everything is best used in South India. Whether you are a solo traveler, a family vacation type, or maybe a couple on a honeymoon, when we say that we believe your South India holiday trip will be your favorite memory.
Phone: +91-9810115661 | +91-9899175771
Email: traveltoindiaa@gmail.com

national rail – How to find the best-priced UK train ticket combos for not-quite-round trip journeys?

I do a lot of walking and hiking in the UK. Frequently, I need to find the best combination of tickets that will get me to the start of the walk and then bring me home. This is simple if the walk starts and ends on the same train line, but gets tricky otherwise.

For example, if I start at Vauxhall, and I wanted to walk from Salfords to Chilworth, I think it’s Contactless from Vauxhall to Salfords, and a single Chilworth to Vauxhall.

If I wanted to walk from Chilworth to Brookwood, it seems like the cheapest combination would be a return ticket from Vauxhall to Chilworth and a single from Brookwood to Woking.

I found these by painstaking trial and error, and there must be a better way to search for these in general. Do any of the “split ticket” search engines have this as an option? If I instead of Chilworth to Brookwood, I wanted to walk all the way to Sunningdale, I don’t think that Sunningdale to Weybridge would cover me for the return trip, but what would the best combination be, and how to find these in general?

Business TRIP ESTA french citizen

Good day

I am a french citizen and Consultant winemaker
I normally visit my client on my ESTA, i am

flight reservation not specified vs flight reservation (round trip) European student visa

I am applying for student visa in France. They have among the documents: Flight reservation. How should I construe that, one way or round trip?

For Schengen tourist Visa, Flight reservation document is specified as round trip flight reservation.

latency – A request’s round trip time monitoring at microservice production best tools and practices?

I’ve a microservice’s system at production which provide an API to the outer world. Along with each service monitoring via monitoring tool ( Prometheus, zabbix, etc.) of course it’s highly desirable to monitor every single request’s round trip time. The requests could have different nature: synchronous or asynchronous:

  1. a request came to API gateway, goes to MS1, MS2, response to client
  2. a request came to API gateway, goes to MS1 -> MessageBroker …(stay here, client received 201 ) … -> consumed, handled, pushed to client
    Need to measure these 2 cases.

What are the best tools and practices?

Catching Intruders With a Trip Wire: The AIDE Package

Your Linux VPS lives in a hostile, dangerous world: the Internet.  Left unsecured, your system is vulnerable to compromise, which can result in lost data, incurred charges, and general unpleasantness.  You should take every precaution to secure your system, but…how will you know if someone slips through?  Blissful ignorance is dangerous.

Intrusion detection systems (IDS) are tools to detect if someone has compromised your system.  Naturally it’s better to catch electronic criminals before they’re inside your server, but if they do get in, you certainly want to know about it.  That’s where a “trip wire” system like AIDE comes in.  A trip wire refers to military perimeter defenses where a thin, invisible wire would be setup to ring an alarm bell if someone broke the wire in the middle of the night.  In a similar vein, AIDE can warn you if someone slips past your perimeter defenses.

Continue to read more…

When installed, AIDE creates a database of all files on your system as well as metadata (modification time, checksum, etc.).  Then every night it scans your system and reports if any files have changed.

Of course, some files change all the time.  For example, logs are constantly being written to and there are many files that contain transient state information.  AIDE can be configured to ignore those files.  What you want to monitor with AIDE are system binaries (perhaps someone has installed a root kit), modified web content, etc.

Naturally, when you upgrade your system or do routine patching, many files will change – but in that case, you’ll remember doing it.  On the other hand, if some morning you get a report that many files in /usr/bin have been changed and you don’t remember doing it, you’ll be alerted to investigate.

On Debian-based systems:

sudo apt-get install aide

Then initialize the AIDE database:

sudo aideinit --init

This process can take some time.  On a bare-bones Debian 9 box running at Vultr, it took approximately 2 minutes to complete.  You will see output such as this:

Start timestamp: 2020-04-07 17:04:45 -0700 (AIDE 0.16.1)
AIDE initialized database at /var/lib/aide/aide.db.new
Verbose level: 6
Number of entries: 42544
---------------------------------------------------
The attributes of the (uncompressed) database(s):
---------------------------------------------------
/var/lib/aide/aide.db.new
RMD160   : 34sejbbJk8NkYF2BJMGHd7+OkWM=
TIGER    : Xp7tp/LytruyViLSmSGS0lSNzeR4h9I+
SHA256   : T2SCINBXz7G1/W0PfcZrpe82RnWVYYBS
wL40glZRM4o=
SHA512   : kFziwj1myd8AJMj4WvXEWmaftHW1aiJl
E5xLlBS7KwOBP49z2DpPSrqLbAhH2cQ3
LEYbJpWAX4gUV8hlZfCV1Q==
CRC32    : NiWF3Q==
HAVAL    : +cs/EVPUkqStdNYfwd2UcRz5gWZiWLHM
4jBzWyT/FdY=
GOST     : LvnKAW+XrISqnftzVtA3QYsAtTbqoYJp
TmoJfbQOvkk=
End timestamp: 2020-04-07 17:06:25 -0700 (run time: 1m 40s)

On Debian, there is a pre-generated job setup in /etc/cron.daily/aide that runs aide with all of the correct parameters and flags.  If you wish to perform a check, simply execute this job:

/etc/cron.daily/aide

After a few minutes’ processing, AIDE will send an email.  By default it goes to root.  If you wish to change this, modify /etc/default/aide and change the MAILTO line.

Here is an example of a daily AIDE report.  Prior to running this report, I modified a couple files:

  • I executed “touch /usr/bin/date” to change that files’ mtime
  • I edited /etc/issue

His is what AIDE detected.  I’ve trimmed it to focus on the interesting parts:

This is an automated report generated by the Advanced Intrusion Detection environment on server.example.com started at 2020-04-07 17:20:22.

AIDE returned with exit code 7. Added, removed and changed entries detected!

AIDE produced no errors.

Output of the daily AIDE run (410 lines):
Start timestamp: 2020-04-07 17:20:23 -0700 (AIDE 0.16.1)
AIDE found differences between database and filesystem!!
New AIDE database written to /var/lib/aide/aide.db.new
Verbose level: 6

Summary:
Total number of entries: 42553
Added entries: 5
Removed entries: 3
Changed entries: 24

---------------------------------------------------
Added entries:
---------------------------------------------------

d++++++++++++++++: /tmp/aide
f++++++++++++++++: /tmp/aide/aide.conf.autogenerated
f++++++++++++++++: /tmp/aide/aide.db
f++++++++++++++++: /tmp/aide/aide.db.new
f++++++++++++++++: /var/lib/aide/aide.db

---------------------------------------------------
Removed entries:
---------------------------------------------------

f----------------: /run/systemd/sessions/11
p----------------: /run/systemd/sessions/11.ref
l----------------: /run/systemd/units/invocation:session-11.scope

---------------------------------------------------
Changed entries:
---------------------------------------------------

d =.... mc.. .. .: /etc/aide
d =.... mc.. .. .: /etc/cron.daily
f >.... mc..C.. .: /etc/csf/csf.deny
f >.... mci.C.. .: /etc/issue
d =.... mc.. .. .: /etc/ssh
f <.... mci.C.. .: /etc/ssh/sshd_config
d =.... mc.. .. .: /root
f >.... mc..C.. .: /root/.bash_history
f >.... mci.C.. .: /root/.viminfo
d ... n .. : /run
d <.... mc.. .. : /run/systemd/units
f =.... mc..... .: /usr/bin/date
f >.... mc..C.. .: /var/lib/csf/csf.dnscache
f >.... mc..C.. .: /var/lib/csf/csf.tempip
f =.... mc..C.. .: /var/lib/csf/lock/AT_INTERVAL.lock
f =.... mc..C.. .: /var/lib/csf/lock/LF_DIRWATCH.lock
f =.... mc..C.. .: /var/lib/csf/lock/LF_EXPLOIT.lock
f =.... mc..C.. .: /var/lib/csf/lock/PT_INTERVAL.lock
f =.... mc..C.. .: /var/lib/csf/lock/PT_LOAD.lock
f =.... mc..C.. .: /var/lib/csf/lock/ST_ENABLE_report.lock
f =.... mc..C.. .: /var/lib/csf/lock/command.lock
f >b... mc..C.. .: /var/lib/csf/stats/iptables_log
f =.... mc..C.. .: /var/lib/csf/stats/lfdstats
f >.... mc..C.. .: /var/log/lfd.log

So here we see it’s detected both /usr/bin/date and /etc/issue, as well as quite a lot of other things.  We’ll talk next about how to trim down the noise.  AIDE also gives you detailed information on the changes…here, I’ve trimmed the email down to just the two files we intentionally modified:

---------------------------------------------------
Detailed information about changes:
---------------------------------------------------

File: /etc/issue
Size : 27 | 32
Mtime : 2020-02-01 09:09:26 -0800 | 2020-04-07 17:18:08 -0700
Ctime : 2020-03-09 11:39:41 -0700 | 2020-04-07 17:18:08 -0700
Inode : 1731 | 33431
RMD160 : Bol7XoOiUO6aKpMaWAHqRIApxbs= | 7us/8GJhsItGIaiX+VKr8wT8oa4=
TIGER : JSqTrZPw9d7S50HXSU8ZYggI/H6uCUBs | lNyNWwkBUEdCTRMJSeC1JsBQ28jix8xC
SHA256 : ecDKUqYd+ifA4V9pC6ddPXQXXOEXK+/C | sgKqMRBIz9fJt5miZkDvRYPxk43bw2Oq
1lIEmp27DXI= | Be3LniYEOho=
SHA512 : pV/mBESQb4rAo6JQ6yz5vo4dVnVMgdqC | K7Q7naUcNZOa6usQa7mjeqsMBnMhu77R
hPb8D03E9ANL9fO5ROLS68HGjyOcqBtl | sTpzd0RHlhT5n8PHZBjLvSK5Ifd4idUd
/WozNwQrNa47z0PrtBJDDA== | y3uaK374jhlNGChb1rS5GQ==
CRC32 : Mk9Fiw== | rqebvQ==
HAVAL : NSpBJniUuZPLndLFtFYgfAQNFCt261xZ | DNyN6a4YuSjQBJGrQsT5UfZx/2DpnXTS
/GfU8iVjPSs= | 29XiFsU2/0M=
GOST : ZIoi5Ot+3FxA9bpstZrKbAyGa+XAUmBO | Pz05vaNaaFp6+T1oPFT+agcupDdR/s/C
7pBHdKY/GGc= | f7xmSDu5X4U=

File: /usr/bin/date
Mtime : 2019-02-28 07:30:31 -0800 | 2020-04-07 17:13:45 -0700
Ctime : 2020-03-09 11:40:10 -0700 | 2020-04-07 17:13:45 -0700

AIDE then gives some information on the AIDE database itself, and concludes with:

End timestamp: 2020-04-07 17:22:13 -0700 (run time: 1m 50s)

End of AIDE output.

End of AIDE daily cron job at 2020-04-07 17:22, run time 111 seconds

As you can see, out of the box AIDE gives a lot of extraneous reports.  It’s doing its job, but it’s monitoring and reporting on things we don’t care about.

AIDE has a very flexible language for excluding files – you can even specify what sorts of metadata info you can are about and what you don’t.  Debian ships with a lot of rule sets kept in /etc/aide/aide.conf.d.  if you peruse those rules, you’ll see they’re by service.  Adding your own rules is straightforward.  Here we will add a rule to ignore /etc/csf/csf.deny.  CSF is an active firewall and it notes every IP it blocks in that file, so it changes nearly every day.  In /etc/aide/aide.conf.d, I create a file called 80_aide_csf and put this line inside:

!/etc/csf/csf.deny$

This means “ignore changes in a file called /etc/csf/csf.deny”.

You can read more about creating your own rules in the AIDE documentation.

One thing to consider is that if an attacker penetrates your system, he can run aide –init and generate a new DB after installing his root kit.  You may wish to copy /var/lib/aide/* to an off-site location and periodically restore it.  You could even keep it on a secure host (or cloud storage service such as Dropbox) and wget it prior to running the nightly aide report.  If you do this, be sure to periodically refresh the off-site copy otherwise the list of differences will constantly grow.

 

raindog308

I’m Andrew, techno polymath and long-time LowEndTalk community Moderator. My technical interests include all things Unix, perl, python, shell scripting, and relational database systems. I enjoy writing technical articles here on LowEndBox to help people get more out of their VPSes.

air travel – In general, and very roughly, how much would it cost all in all in USD for a one-two-week trip to an exotic location such as Thailand for one person?

I’ve numerous times wanted to “quickly look up” what it would cost for me to finally go on that vacation I’ve never had in my life. Growing up, our family never had any money to go anywhere, and sadly, it has not changed in adult age so far. Still, even though I’m not actively looking to go on such a vacation, it would be very interesting for me to know a very rough estimate for such a trip.

I don’t mean just the plane ticket to go there and back in the cheapest and quickest possible manner. I couldn’t stand stopping at a location and switching airplanes, so I guess I would have to pay more. And while I’m not expecting to live at a luxury hotel, or stay there for months and months, I wouldn’t want to sleep at some wooden bench in a hut for one night either, or just exit the “big metal bird” and walk around for a couple of hours before I need to go back to the airport and prepare for the trip back home.

The entire process of traveling to/from airports, dealing with whatever is done at an airport, and the flying, is perhaps an even bigger problem to me than the purely financial issue. I wish I could skip all of that and just teleport from my chair to a tropical beach. People who claim that “the trip is the destination” must be crazy. Perhaps it was true back in the day when this world wasn’t over-analyzed beyond the sub-atomic level and optimized and streamlined for a person quite different from the “pioneering adventurers of times past”. Even modern cruise ships seem more frightening than inviting to me, although they do appear to be much safer… I’ll give them that.

I basically wish to know in extremely rough terms how much money in total I would have to spend for such a trip, perhaps for one or a couple of weeks.

I’m very well aware that it will vary a lot depending on a lot of factors. I’m just wondering if it can be done (without pinching pennies) for something like USD $1,000, or if we’re talking more like USD $10,000. Perhaps even more? And again, I’m not the kind of person who takes some kind of pride in finding the absolute cheapest of everything just to be able to brag about how little money I spent. Obviously, I also don’t enjoy (nor have the financial means) to just “burn money” mindlessly.

I somehow suspect that it would be close to ten grand than one grand. That $1,000 likely would just pay for the plane ticket and possibly a basic “survival-tier” hotel/food, if even that. Even if things can be cheap, there’s a high probability that my circumstances cause such an “price-optimized” vacation to be a practical impossibility. That’s why I’d like to know more of an “average” total price rather than the best (or worst) possible configuration.

Also, please don’t fixate on Thailand. It’s just an example which is far away from me in Europe. I don’t really have much desire to go there in particular. I just don’t really have any clue what a “proper vacation” costs, having always assumed that it was out of my reach based on the flight prices which alone cost a ton but are just one part of the overall cost.