Migrate to nairobi.lug.or.ke

.github/workflows/updatewebsite.yml

@@ -18,7 +18,7 @@ jobs:
       - name: Python
         uses: actions/setup-python@v2     
         with:
-          python-version: 3.8
+          python-version: 3.11
 
       - name: Install dependencies
         run: pip install -r requirements.txt

content/cache-maven-artifacts-with-artifactory.md

@@ -23,7 +23,7 @@ $ docker run --name artifactory -d \
 
 Assuming the container has started up correctly you should now be able to access the Artifactory web application at [http://localhost:8081](http://localhost:8081). The first time you access it you will be asked to set a password for the administrator account and to create repositories appropriate for your desired build system. In this case you should at least select Maven:
 
-![Repository Setup in JFrog Artifactory 5 Web Application]({filename}/images/cache-maven-artifacts-with-artifactory/artifactory-create-repositories-1024x571.png)
+![Repository Setup in JFrog Artifactory 5 Web Application]({static}/images/cache-maven-artifacts-with-artifactory/artifactory-create-repositories-1024x571.png)
 
 By default Artifactory sets up a "virtual" repository called `libs-release` that is configured to transparently proxy and cache `release` and `snapshot` artifacts from Maven central. This should probably cover most of your project's build artifacts — or at least enough to verify that it's working. Later, once you understand how Artifactory works, you can add more remote repositories and include them in the default virtual repository (check your project's `pom.xml` for other `<repository>` blocks). For example, I've added `restlet`, `rubygems-release`, and `sonatype-releases` as well.
 
@@ -91,7 +91,7 @@ Now when you run `mvn package` you should see Maven contact your local repositor
 
 Eventually your Artifactory will be filled with artifacts — the administration dashboard will even give you statistics!
 
-![Screenshot of JFrog Artifactory 5 Web Application Showing 4,336 Cached Artifacts]({filename}/images/cache-maven-artifacts-with-artifactory/artifactory-artifacts-1024x571.png)
+![Screenshot of JFrog Artifactory 5 Web Application Showing 4,336 Cached Artifacts]({static}/images/cache-maven-artifacts-with-artifactory/artifactory-artifacts-1024x571.png)
 
 ## Advanced Usage: Docker Networking
 Maven builds in your normal working environment actually already populate an artifact cache located at `~/.m2/repository`, so after one or two builds you won't really benefit from the Artifactory cache at all. The real benefit to hosting your own artifact repository locally — and the driver behind this post — is using its cache in a container-based workflow. The Docker image building process is one particularly painful part of this workflow because images generally start with a clean build environment by design, and therefore any Maven packaging steps will "download the Internet" again every time you rebuild the image.

content/docker-lab.md

@@ -8,7 +8,7 @@ Authors: Ian Muchina
 Summary: Lightweight penetration testing lab inside docker GUI support
 ## What is Docker?
 
-![Docker Logo]({filename}/images/docker-pentest-lab/docker.svg)
+![Docker Logo]({static}/images/docker-pentest-lab/docker.svg)
 Docker is a container platform that is similar to a Hypervisor like Virtualbox. Docker uses less storage and RAM and are portable.
 
 Docker can run on: 
@@ -51,7 +51,7 @@ $ sudo apt install docker.io
 ## Docker on Windows
 To run docker in windows, install [Docker desktop](https://docs.docker.com/docker-for-windows/install/).
 
-![Windows 10 Logo]({filename}/images/docker-pentest-lab/windows10.svg)
+![Windows 10 Logo]({static}/images/docker-pentest-lab/windows10.svg)
 
  Docker Desktop is an awesome app with a graphical interface. It can run Linux containers from windows. However, there's one major deal-breaker.
 
@@ -80,7 +80,7 @@ $ sudo docker run hello-world
 
 If it completes successfully, you can follow along
 
-![Server status]({filename}/images/docker-pentest-lab/Server status-pana.svg)
+![Server status]({static}/images/docker-pentest-lab/Server status-pana.svg)
 
 ## The Network
 
@@ -95,7 +95,7 @@ $ sudo docker network create vulnerable --attachable --subnet 10.0.0.0/24
 
 For this, I will use Parrot OS. It's docker images are better Kali Linux Images.
 
-![Cyber photo]({filename}/images/docker-pentest-lab/cyberr.svg)
+![Cyber photo]({static}/images/docker-pentest-lab/cyberr.svg)
 
 
 First download the Parrot OS Docker image. This command will take a while depending on your internet connection. 
@@ -132,7 +132,7 @@ $ sudo docker start -a parrot
 
 ### Target container:Metasploitable2
 
-![Target]({filename}/images/docker-pentest-lab/Target-pana.svg)
+![Target]({static}/images/docker-pentest-lab/Target-pana.svg)
 
 
 This is a very vulnerable test machine. It is what I recommend for anyone starting out.
@@ -187,7 +187,7 @@ root@metasploitable2:/# services.sh
 
 There are tons of free guides out there on metasploitable. 
 
-![Image of person Studying]({filename}/images/docker-pentest-lab/read.svg)
+![Image of person Studying]({static}/images/docker-pentest-lab/read.svg)
 
 1. [The Easiest Metasploit Guide You’ll Ever Read](https://www.exploit-db.com/docs/english/44040-the-easiest-metasploit-guide-you%E2%80%99ll-ever-read.pdf)
 2. [Metasploit Unleashed](https://www.offensive-security.com/metasploit-unleashed/)
@@ -198,15 +198,15 @@ If you don't know what guide to use, I recommend [this one](https://metasploit.h
 
 
 ## More vulnerable containers 🧑‍💻
-![More Cyber]({filename}/images/docker-pentest-lab/hacker.svg)
+![More Cyber]({static}/images/docker-pentest-lab/hacker.svg)
 
 You can extend the lab with any of these containers depending on your learning goal.
 
 
 ### OWASP Juiceshop
 This container focusses on web application security.
 
-![Juiceshop Logo]({filename}/images/docker-pentest-lab/juiceshop.svg)
+![Juiceshop Logo]({static}/images/docker-pentest-lab/juiceshop.svg)
 
 To create and start the juiceshop container for the first time
 
@@ -246,7 +246,7 @@ docker start juiceshop
 
 [Webgoat]((https://owasp.org/www-project-webgoat/)) is a ctf-style vulnerable container focused on web application security.
 
-![goat-svg]({filename}/images/docker-pentest-lab/goat.svg)
+![goat-svg]({static}/images/docker-pentest-lab/goat.svg)
 
 Create and run the container for the first time
 
@@ -289,7 +289,7 @@ $ docker ps -a
 
 Two Operating systems make my computer painfully slow. Containers aren't resource-intensive and perform well. This fits my use case.
 
-![Lab.svg]({filename}/images/docker-pentest-lab/lab.svg)
+![Lab.svg]({static}/images/docker-pentest-lab/lab.svg)
 
 If you have RAM to spare then it's really not that much of a difference. 
 
@@ -341,7 +341,7 @@ You can run a few commands to avoid some errors encountered when running GUI app
 #### Burpsuite
 Burp Suite is a web app pentesting tool for monitoring http requests and responses.
 
-![Burpsuite Logo]({filename}/images/docker-pentest-lab/burp.svg)
+![Burpsuite Logo]({static}/images/docker-pentest-lab/burp.svg)
 
 To install and run burpsuite inside the parrot os container.
 
@@ -356,7 +356,7 @@ You can then point your browser to use `10.0.0.2:8080` as the proxy and burp wil
 
 Firefox, is a free and open-source web browser.
 
-![Firefox Logo]({filename}/images/docker-pentest-lab/firefox.svg)
+![Firefox Logo]({static}/images/docker-pentest-lab/firefox.svg)
 
 To install and run firefox:
 

content/exploring-anti-dos-tools-apache-httpd.md

@@ -16,20 +16,20 @@ First Setup
 
 **Apache httpd error logs**
 
-![Error from bad requests]({filename}/images/exploring-anti-dos-tools-for-apache-httpd/badheader.png "Apache error logs")
+![Error from bad requests]({static}/images/exploring-anti-dos-tools-for-apache-httpd/badheader.png "Apache error logs")
 
 The loaded module (*mod_evasion*), can't save Apache httpd from the DOS attack, even loading the site from a browser is somehow impossible.
 
-![Apache DOSed]({filename}/images/exploring-anti-dos-tools-for-apache-httpd/apachedown.png "Can't access via Browser")
+![Apache DOSed]({static}/images/exploring-anti-dos-tools-for-apache-httpd/apachedown.png "Can't access via Browser")
 
 But this module can prevent a brute-force attack (*e.g. an automated script to guess a password field in a web-form*) in a web server (running Apache httpd).
 
-![mod_evasion can prevent Brute-force..]({filename}/images/exploring-anti-dos-tools-for-apache-httpd/bruteforce.png "mod_evasion can prevent Brute-force attack")
+![mod_evasion can prevent Brute-force..]({static}/images/exploring-anti-dos-tools-for-apache-httpd/bruteforce.png "mod_evasion can prevent Brute-force attack")
 
 Just to make an interesting comparison, I replaced Apache httpd with Nginx on the same Server (192.168.43.221) and **ta! da!..**
 
-![Nginx is not DOSed by Slowloris]({filename}/images/exploring-anti-dos-tools-for-apache-httpd/nginxup.png "Nginx is not DOSed by Slowloris") Nginx gracefully made it by ignoring the request from Slowloris. But I noticed a brute-force attack is possible while using Nginx default settings! **Nginx access logs**
-![Nginx Brute-forced]({filename}/images/exploring-anti-dos-tools-for-apache-httpd/bfnginx.png "Nginx can be Brute-forced")
+![Nginx is not DOSed by Slowloris]({static}/images/exploring-anti-dos-tools-for-apache-httpd/nginxup.png "Nginx is not DOSed by Slowloris") Nginx gracefully made it by ignoring the request from Slowloris. But I noticed a brute-force attack is possible while using Nginx default settings! **Nginx access logs**
+![Nginx Brute-forced]({static}/images/exploring-anti-dos-tools-for-apache-httpd/bfnginx.png "Nginx can be Brute-forced")
 
 Second Setup
 ------------
@@ -39,7 +39,7 @@ Second Setup
 
 *mod_antiloris* played it nice by monitoring the requests coming from the client and rejected extra connections. Accessing the web services from the browser was not interfered.
 
-![mod_antiloris logs]({filename}/images/exploring-anti-dos-tools-for-apache-httpd/antiloris.png "mod_antiloris logs")
+![mod_antiloris logs]({static}/images/exploring-anti-dos-tools-for-apache-httpd/antiloris.png "mod_antiloris logs")
 
 *mod_evasion* is cool but can't save Apache httpd from Slowloris. On the other hand, *mod_antiloris* worked fine and denied Slowloris a chance to mess up with the Apache httpd server.
 
@@ -48,7 +48,7 @@ Explanation
 
 **Putting the Lens on the Logs...** (Apache httpd access log)
 
-![Apache-httpd access log]({filename}/images/exploring-anti-dos-tools-for-apache-httpd/accesslog.png "Apache httpd access logs")
+![Apache-httpd access log]({static}/images/exploring-anti-dos-tools-for-apache-httpd/accesslog.png "Apache httpd access logs")
 
 *Why did mod_antiloris pass the test and mod_evasion fail?..* *Why did Slowloris work on Apache httpd and not on Nginx?*
 

content/extras/CNAME

@@ -1 +1 @@
-nairobilug.or.ke
+nairobi.lug.or.ke

content/hacking-on-eudyptula-challenge.md

@@ -14,7 +14,7 @@ Last weekend a few of us met up at a coffee shop in Nairobi to hack on the [Eudy
 
 Kaldis Coffee House in downtown Nairobi has free Wi-Fi, coffee, decent food, and it’s not too busy on Saturday mornings, so we got a nice table in the corner and dove in.
 
-![Hacking on Eudyptula at Kaldis]({filename}/images/hacking-on-eudyptula/eudyptula-may-2014.jpg "Hacking on Eudyptula at Kaldis")
+![Hacking on Eudyptula at Kaldis]({static}/images/hacking-on-eudyptula/eudyptula-may-2014.jpg "Hacking on Eudyptula at Kaldis")
 
 While none of us are new to GNU/Linux or development, it still took us several hours to set up our build environments, text editors, email clients, and to read up on the Linux kernel’s build system and programming conventions. We learned a lot, and had a good time doing it!
 

content/heka-influxdb-and-grafana.md

@@ -122,6 +122,6 @@ I love the setup so far:
 - InfluxDB isn't using a lot of disk space. The database storing HTTP status codes is 900K on the disk, one month on.
 - The graphs on Grafana look sexy. Here's a screenshot of the graphs on HTTP status codes:
 
-![Image showing HTTP status codes on Grafana]({filename}/images/heka-influxdb-and-grafana/heka-influxdb-and-grafana.png)
+![Image showing HTTP status codes on Grafana]({static}/images/heka-influxdb-and-grafana/heka-influxdb-and-grafana.png)
 
 This was [originally posted](https://jasonrogena.github.io/2016/01/02/heka-influxdb-and-grafana.html) on my personal blog; re-posting here for posterity.

content/image-compression-open-source.md

@@ -16,7 +16,7 @@ I was pretty sure the answers lay in GraphicsMagick / ImageMagick, but with whic
 
 After a bit of Google-fu I learned that this is easier than I had originally thought. For example, take this picture of me eating a piece of halloumi cheese:
 
-![Alan eating halloumi]({filename}/images/image-compression-open-source/alan-halloumi.jpg "Alan eating halloumi")
+![Alan eating halloumi]({static}/images/image-compression-open-source/alan-halloumi.jpg "Alan eating halloumi")
 
 Straight from the fancy DSLR camera the image is _3.6 megabytes_ — much too large to share practically on the web. Amazingly, after uploading to Compressor.io the image is reduced to _1.6 megabytes_. That's an impressive feat considering the image wasn't downscaled and is visually indistinguishable from the original!
 

content/letsencrypt-systemd-timers.md

@@ -8,7 +8,7 @@ Summary: Automating the Let's Encrypt TLS certificate renewal process using syst
 
 This is a quick blog post to share the systemd timers that I use to automate the renewal of my [Let's Encrypt](https://letsencrypt.org) certificates. I prefer [systemd timers to cron jobs](https://nairobilug.or.ke/2015/06/cron-systemd-timers.html) for task scheduling because they are more flexible and easier to debug. I assume that you know what Let's Encrypt is and that you already have some certificates. If not, I recommend that you check out [Certbot](https://certbot.eff.org) (the official reference client) and get some.
 
-[![Let's Encrypt logo]({filename}/images/letsencrypt-systemd-timers/lets-encrypt.png)](https://letsencrypt.org/ "Let's Encrypt homepage")
+[![Let's Encrypt logo]({static}/images/letsencrypt-systemd-timers/lets-encrypt.png)](https://letsencrypt.org/ "Let's Encrypt homepage")
 
 Because Let's Encrypt issues <abbr title="Transport Layer Security">TLS</abbr> certificates with much [shorter lifetimes](https://letsencrypt.org/2015/11/09/why-90-days.html) (currently ninety days) than traditional certificate authorities, they expect you to reduce the burden of the issuance and renewal processes by performing them programmatically and automating them.
 

content/meetup-august-2014.md

@@ -20,7 +20,7 @@ Leave comments down below and if I've left anything, feel free to make a pull re
 
 Picture courtesy of Mungai
 
-![Drinks]({filename}/images/meetup-august-2014/meetup-august-2014.jpg "Nairobi GNU/Linux Users Group members")
+![Drinks]({static}/images/meetup-august-2014/meetup-august-2014.jpg "Nairobi GNU/Linux Users Group members")
 
 ### September Meetup
 

content/meetup-december-2016.md

@@ -8,7 +8,7 @@ Summary: A discussion that ranged from text-editors to some quite useful life ad
 
 There are tons of ninjas out there in this pale blue dot of ours. Sometimes, these young ninjas can get caught up in life and don't have the experiences, perspective, and wisdom necessary to overcome some pitfalls that life occasionally throws at them. Today's meet up consisted of only a handful of ninjas. Amongst these handful of people were the young'uns and [gosus](https://en.wikipedia.org/wiki/Gosu).
 
-![Meetup December 2016]({filename}/images/meetup-december-2016/meetup-december-2016.jpg "Meetup December 2016")
+![Meetup December 2016]({static}/images/meetup-december-2016/meetup-december-2016.jpg "Meetup December 2016")
 
 Gosu's are people who are skilled and quite knowledgeable in their field set due to their initiative and insight gained from working on shitloads of stuff. That should be shared.
 

content/meetup-february-2014.md

@@ -30,8 +30,8 @@ I noted that there wasn't much talk/argument on distros. I always like those.
 
 Here are some cool pics from the event that was.
 
-![Group shot0]({filename}/images/meetup-february-2014/meetup-february-2014-0.jpg "Nairobi GNU/Linux Users Group members")
+![Group shot0]({static}/images/meetup-february-2014/meetup-february-2014-0.jpg "Nairobi GNU/Linux Users Group members")
 
-![Group shot1]({filename}/images/meetup-february-2014/meetup-february-2014-1.jpg "Nairobi GNU/Linux Users Group members")
+![Group shot1]({static}/images/meetup-february-2014/meetup-february-2014-1.jpg "Nairobi GNU/Linux Users Group members")
 
 Guys had a great time. See you at KFC Kimathi Street on March 1st, 2014. Happy hacking!!

content/meetup-january-2014.md

@@ -19,7 +19,7 @@ If I missed anything, leave it in the comments (or send a pull request ;).
 
 Discussing all teh things...
 
-![Group shot]({filename}/images/meetup-january-2014/meetup-january-2014.jpg "Nairobi GNU/Linux Users Group members")
+![Group shot]({static}/images/meetup-january-2014/meetup-january-2014.jpg "Nairobi GNU/Linux Users Group members")
 
 ### February Meetup
 

content/meetup-march-2014.md

@@ -32,6 +32,6 @@ Summary: Highlights from the March, 2014 meetup.
 
 Proof that it happened:
 
-![Group shot]({filename}/images/meetup-march-2014/meetup-march-2014.jpg "Nairobi GNU/Linux Users Group members")
+![Group shot]({static}/images/meetup-march-2014/meetup-march-2014.jpg "Nairobi GNU/Linux Users Group members")
 
 See you for the next meeting (April 5th, 2014!)

content/meetup-november-2013.md

@@ -28,7 +28,7 @@ If I missed anything, leave it in the comments (or send a pull request ;).
 
 Discussing all teh things...
 
-![Group shot]({filename}/images/meetup-november-2013/meetup-november-2013.jpg "Nairobi GNU/Linux Users Group members")
+![Group shot]({static}/images/meetup-november-2013/meetup-november-2013.jpg "Nairobi GNU/Linux Users Group members")
 
 ### December Meetup
 

content/pages/about-us.md

@@ -10,7 +10,7 @@ You can join our [mailing list]({filename}/pages/mailing-list.md) or [get togett
 
 **There is no level of technical expertise required to attend meetups** and we pride ourselves on being open and friendly to all. We're just as likely to be found talking about the latest film releases, music or anything else as hardcore techy topics.
 
-![March, 2014 meetup]({filename}/images/pages/about-us/meetup-march-2014.jpg "March, 2014 meetup")
+![March, 2014 meetup]({static}/images/pages/about-us/meetup-march-2014.jpg "March, 2014 meetup")
 
 Whether you're a hardened kernel hacker, or you've just used Firefox a few times and wonder what Open Source is, it's all the same to us. Come and get involved!
 

content/pages/meetups.md

@@ -4,6 +4,6 @@ Slug: meetups
 
 We traditionally meet on the first Saturday of every month between 04.00 ~ 06.00 pm EAT (GMT +3) at KFC Kimathi Street.
 
-![January, 2014 meetup]({filename}/images/pages/meetups/meetup-january-2014.jpg "January, 2014 meetup")
+![January, 2014 meetup]({static}/images/pages/meetups/meetup-january-2014.jpg "January, 2014 meetup")
 
 All meetups are free and open to the public. Meetups are announced through the [mailing list]({filename}/pages/mailing-list.md) and [social media]({filename}/pages/contact.md).

content/ramping-up-ethiopia-lug.md

@@ -30,7 +30,7 @@ Generally, I drew parallels between the early days of the Nairobi GNU/Linux User
 
 Here's a shoutout to Eyob, who saw the message on the mailing list and bothered to show up. I had brought a GitHub shirt with me to give out and it just seemed right to give it to him!
 
-![Eyob with his new GitHub shirt]({filename}/images/ramping-up-ethiopia-lug/addis-meetup-2015-04-25.jpg "Eyob with his new GitHub shirt")
+![Eyob with his new GitHub shirt]({static}/images/ramping-up-ethiopia-lug/addis-meetup-2015-04-25.jpg "Eyob with his new GitHub shirt")
 
 Hopefully that's motivation for people to show up to meetings from time to time! Also, I think he might be the first one in Addis with a GitHub shirt. w00t?