Category Archives: Uncategorized

FroggyMe’s Fantastic Fantasy – playlist Sept. 20, 2020

The Crusaders – Put It Where You Want It – Crusaders 1
George Benson – White Rabbit (CTI)
Herb Alpert – Aranjuez (mon amor) – rise (1980)

Jim Hall – Concierto de Aranjuez – Concierto (1975 CTI)

Brecker Brothers Band – Lovely Lady (Luther Vandross before famous) – Back to Back (1976 Arista)
Brecker Brothers Band – Night Flight (by Michael Brecker, feat jungle duck) – Back to Back

EW&F – end of Clover with the Jungle Duck – Head to the Sky
EW&F – Build Your Nest – Head to the Sky

Angela Bofil – something about you – title track (Arista)

Bob Siebenberg – Space Quest 3 – Closing Medley (Roland MT-32) – (Sierra Online 1989)

TSR – The Server Room Show – Episode 45 – Rancher & Heimdall Application Dashboard

Prologue


Remember in Episodes 18 and 19 of The Server Room Show we discussed Docker and Kubernetes in detail. If You dont remember I recommend You go and listen to those two episodes before You listen to this one unless You familiar with Docker and Kubernetes and what both of them are for.

In short Kubernetes is a platform for automating deployment, scaling, and operations of application containers across clusters of hosts”. It works with a range of container tools, including Docker.

Rancher

Rancher is one platfor for Kubernetes management / Enterprise Kubernetes Management Platform.It is a complete container management platform. Rancher is a complete software stack for teams adopting containers. It addresses the operational and security challenges of managing multiple Kubernetes clusters, while providing DevOps teams with integrated tools for running containerized workloads.

Rancher is open source software and from datacenter to cloud to edge it lets you run Kubernetes everywhere.

Rancher is not the only Kubernetes management platform out there.

There is Red Hat’s Openshift and VMware’s Tanzu.

The problem with vanilla Kubernetes installations that they lack central visibility, the security practices applied are most of the time inconsistent between various Kubernetes clusters and to be honest manually manage one or even more than one Kubernetes cluster can be a complex process.

Kubernetes Management Platforms try to solve these issues f.e with bringing Security Policy & User Management and Shared Tools & Services with high level of reliability with easy and consistent access to the shared tools and services. High Availability , Load Balancing and Centralized Audit or Integration with popular CI/CD Solutions are just a few to mention.

Rancher has a thriving comunity on slack.rancher.io and forums.rancher.com if You need help to get going with it.

So if some of the below questions ever popped into your head regarding operational challanges when designing your companys docker / kubernetes infrastructure then probably Rancher could be a great fit for You:

  • How do I deploy consistentlyt across different infrastructures?
  • How do I manage and implement access control accross multiple clusters and namespaces?
  • How do I integrate with already in place central authentication systems like LDAP, Active Directory, Radius,etc.?
  • What can I do for Monitoring my kubernetes cluster/s?
  • How do I ensure that security policies are the same and enforced across clusters / namespaces?
Screenshot from Rancher (link in the shownotes)

Rancher was originally built to work with multiple orchestrators, and it included its own orchestrator called Cattle. With the rise of Kubernetes in the marketplace, Rancher 2.x exclusively deploys and manages Kubernetes clusters running anywhere, on any provider.

Rancher can provision Kubernetes from a hosted provider, provision compute nodes and then install Kubernetes onto them, or import existing Kubernetes clusters running anywhere.

One Rancher server installation can manage thousands of Kubernetes clusters and thousands of nodes from the same user interface.

Rancher adds significant value on top of Kubernetes, first by centralizing authentication and role-based access control (RBAC) for all of the clusters, giving global admins the ability to control cluster access from one location.

It then enables detailed monitoring and alerting for clusters and their resources, ships logs to external providers, and integrates directly with Helm via the Application Catalog. If you have an external CI/CD system, you can plug it into Rancher, but if you don’t, Rancher even includes a pipeline engine to help you automatically deploy and upgrade workloads.

Rancher is a complete container management platform for Kubernetes, giving you the tools to successfully run Kubernetes anywhere.

Another interesting thing to mention is that while for a standalone Kubernetes installation you would need to fulfill more dependencies than for a Rancher + Kubernetes deploy scenario.

The reason being as Rancher only requires the Host to have a supported Docker version installed on it , wanting to pull a vanilla kubernetes installation calls for more dependencies than just simply Docker being installed.

This is achieved by Rancher as it runs entirely inside or on top of Docker and Rancher then lets you run a Kubernetes cluster/s on top of it/Rancher.

You can be up and running quicker this way then going through vanilla Kubernetes installation.

For Sandboxing environment and to test Rancher out you can deploy it on a single host which has docker installed but for production a three node cluster is a minimum requirement.

How to start with Rancher

Rancher has a great quickstart guide to have you up and running in the lowest time possible.** link is in the shownotes **

You can try it out in a sandbox environment just grab a host with a supported docker version installed like Centos or Fedora and use this one line to pull Rancher up inside a docker image to test it out and play around ( to deploy it to a production environment do not use this but follow a proper production rollout step by step documentation and set it up as a three node cluster at least to have HA *high availability* and Failover support.

$ sudo docker run -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/rancher

Result: Rancher is installed

Once Rancher is up and runnig the next step is to login using the local hosts FQDN or IP address

https://<SERVER_IP> or <FQDN>

On first logon it will prompt You to set a password for the default admin account.

Rancher running on Centos 8 VM accessed from my Workstation on another subnet 172.35.x.x *make sure You allow ports 80 and 443 at least in the firewall public zone on Centos*
Rancher lets You know to make sure the Rancher Server URL is accessible from all hosts you will create…

Creating Your Kubernetes Cluster is the first step.

In this example, you can use the versatile Custom option. This option lets you add any Linux host (cloud-hosted VM, on-premise VM, or bare-metal) to be used in a cluster.

Once You click on the Add Cluster button You are welcomed with this screen where You can click on From existing nodes (custom)

For this exercise only fill out the following details:

Select a Cluster name , Skip the Member Roles and Cluster Options for now and click Next


From the Cluster Options screen select ALL the Node Options ( etcd, Control Plane, Worker) and copy the command which shown in Step 2. You need to run this on Your machine where You running Rancher for this example using the terminal via ssh or logging in locally.

In my case I had to run this code for this example:

sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent:v2.4.8 --server https://172.19.19.7 --token fp6gk7wldgrhgglldqt7gd275j5f97rn7g6tdgnqd2rwv5snwz4qm8 --ca-checksum 9a31bd4ea0636bb19c8152a47e1f8389d4187d7e9030bec161f190a1f9562455 --etcd --controlplane --worker



Once You ran the command come back to this window and click Done

Once You click Done You get back to the Main screen where Your Cluster will show up with State: Provisioning
(( it will inform you about what is happening behind the curtains under the text provisioning ))

Kubernetes Cluster provisioning after clicking on Done on the previous screen…
(( it will inform you about what is happening behind the curtains under the text provisioning ))

You can check from the host machine that it is deploying a good couple of other nodes to build the Kubernetes cluster infrastructure.

[viktormadarasz@localhost ~]$ sudo docker ps
CONTAINER ID        IMAGE                                 COMMAND                  CREATED             STATUS              PORTS                                      NAMES
d67bdef1a64a        rancher/hyperkube:v1.18.6-rancher1    "/opt/rke-tools/entr…"   31 seconds ago      Up 26 seconds                                                  kube-apiserver
ca34379bebcc        rancher/coreos-etcd:v3.4.3-rancher1   "/usr/local/bin/etcd…"   36 seconds ago      Up 34 seconds                                                  etcd
4ea60c63d367        rancher/rancher-agent:v2.4.8          "run.sh --server htt…"   4 minutes ago       Up 4 minutes                                                   laughing_taussig
b9baeb02c206        rancher/rancher                       "entrypoint.sh"          10 minutes ago      Up 6 minutes        0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp   zealous_merkle

Depending on when you check sudo docker ps it can be more or much more docker containers working behind the scenes building out your Kubernetes Cluster

Do not worry if You lose connection to the Rancher server url at some point during this .. .it will come back

…. after 21 minutes has passed

My Kubernetes Cluster provisioning got stuck at this step ( bad certificate tls) also pasted the log from etcd docker container log. — i will continue from here —


[etcd] Failed to bring up Etcd Plane: etcd cluster is unhealthy: hosts [172.19.19.7] failed to report healthy. Check etcd container logs on each host for more information
Caused by error in log from etcd docker container
2020-09-20 18:05:00.365851 I | embed: rejected connection from “172.19.19.7:53764” (error “tls: failed to verify client’s certificate: x509: certificate signed by unknown authority (possibly because of \”crypto/rsa: verification error\” while trying to verify candidate authority certificate \”kube-ca\”)”, ServerName “”)

Trying to work around the problem in my case

So i went ahead and instead of a Centos 8 VM I tried to run the deployment script of rancher on my Fedora 32 Workstation on the physical machine on kernel 5.8

And I dont know for what reason but it deployed without any error message or complication.

The Kubernetes cluster is / was up and running

kubernetescluster on rancher running on top of Docker in the physical machine under Fedora 32 Linux
Rancher itself and the kubernetes cluster it deploys runs on a bunch of containers in the underlying Docker engine.


Dashboard of the created kubernetescluster


One thing I did different was to tell Rancher during the initial setup after setting the admin password was that the url for the server is localhost and not the IP like I did in the Centos 8 VM case where I gave the url the IP of the local VM which I think should work.

One thing I did different was to tell Rancher during the initial setup after setting the admin password was that the url for the server is localhost and not the IP
You can change the server-url of Rancher from Settings / Advanced Settings menu



So I went back and tried in the Centos 8 VM setting localhost instead of the IP of the VM as the server’s url.

It worked and the Kubernetes Cluster deployed correctly on Centos 8 VM Kernel 4.18.0-193
even tough its not mentioned on the support matrix as of the date when this article was created.

Support Matrix for Rancher



I accessed the control panel of Racher via IP because i was accessing from a different subnet.. In Settings / Advanced Settings it has the server-url set to https://localhost


I went into unsupported territory and experienced odd errors indeed
Fedora 32 on Kernel 5.7

BUT …. on Kernel 5.7 on Fedora 32 things are strange and it fails again like I did on Centos 8 VM in the beginning until I switched server-url to localhost from the IP address…

It can be that as neither Centos 8 nor Fedora are on the support matrix for Rancher can be a cause for odd behaviour experienced below…

However on kernel 5.7 Docker on the same system indeed complains first and the Kubernetes cluster fails at the same place with Rancher

This can be something just with my machine which I can confirm using a VM of Fedora 32 clean install with Kernel 5.7 and rerun this and Update the shownotes to see if it worked or not…

First docker complained for cgroups which i fixed with some temp fix provided in one of the links in the shownotes and after the kubernetes cluster again failed to deploy itself properly whern using the same deployment script like 10 minutes ago on the same box with kernel 5.8

 viktormadarasz  ~  sudo docker run -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/rancher
5535f662ad763b3cd414f73d94a070322a9519afa1dccf92cbd2fa65d986bf18
docker: Error response from daemon: cgroups: cgroup mountpoint does not exist: unknown.
 
Fixed with:

viktormadarasz  ~   sudo mkdir /sys/fs/cgroup/systemd
viktormadarasz  ~   sudo mount -t cgroup -o none,name=systemd cgroup /sys/fs/cgroup/systemd
Client: Docker Engine - Community
 Version:           19.03.8
 API version:       1.40
 Go version:        go1.12.17
 Git commit:        afacb8b7f0
 Built:             Wed Mar 11 01:27:05 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.8
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.17
  Git commit:       afacb8b7f0
  Built:            Wed Mar 11 01:25:01 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.13
  GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

Linux fedoraws.lan 5.7.6-201.fc32.x86_64 #1 SMP Mon Jun 29 15:15:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Reason I m not on kernel 5.8 is that it breaks Vmware and Virtualbox and i use those heavily on this machine * was broken both last time i checked..*

Heimdall Application Dashboard
Heimdall_Banner

As the name suggests Heimdall Application Dashboard is a dashboard for all your web applications. It doesn’t need to be limited to applications though, you can add links to anything you like.

Heimdall is an elegant solution to organise all your web applications. It’s dedicated to this purpose so you won’t lose your links in a sea of bookmarks.

Why not use it as your browser start page? It even has the ability to include a search bar using either Google, Bing or DuckDuckGo.

Supported applications

You can use the app to link to any site or application even if they are not supported these ones fall under the category of Generic Apps.

This is one of the benefits to Heimdall is you can add a link to absolutely anything, whether it’s intrinsically supported or not. With a generic item, you just fill in the name, background colour, add an icon if you want (if you don’t a default Heimdall icon will be used), and enter the link url and it will be added.

If You add any Foundation apps will auto fill in the icon for the app and supply a default color for the tile.

In addition Enhanced apps allow you provide details to an apps API, allowing you to view live stats directly on the dashboad. For example, the NZBGet and Sabnzbd Enhanced apps will display the queue size and download speed while something is downloading.

Supported applications are recognized by the title of the application as entered in the title field when adding an application. For example, to add a link to pfSense, begin by typing “p” in the title field and then select “pfSense” from the list of supported applications.

On Hemdall Application Database site You can see a list of supported Foundation and Enhanced apps just as you can consult about requested applications to be supported.

You can try out Heimdall on the Kubernetes cluster We created in the first part of this episode using Rancher

Click on Global / Select Your Kubernetes Cluster You Created earlier and Click on Default namespace
Click on the Deploy button on the top right corner
Choose a name for Your pod , leave it on Scalable deployment of 1 pod, in the docker image part specify the command/target you would use after the normal docker pull command which is in the case of heimdall is “linuxserver/heimdall/” * can check https://hub.docker.com/r/linuxserver/heimdall/ for the same info *
Click on Add port to be able to reach the heimdall webgui of port 80 of the Pod You about the create from outside/external of the Kubernetes cluster , for this set port type HostPort and specify a listening port on which the Host where Kubernetes cluster is running should forward the port 80 of the Pod in this example i used port 8082

Click on Launch to Deploy the Pod

Navigate to http://IP or FQDN of Your Kubernetes Cluster:Port-Exposed
In my example its http://172.19.19.7:8082 , the IP of my server Centos 8 VM on top of which runs docker in which it runs Rancher which runs Kubernetes Cluster where My Pod Heimdall sits and exposes its port 80 to the underlying host and to external connections via port 8082


Migrating From Docker to Kubernetes Cluster

Here is a great article explaining a three piece service migration from doocker using a docker compose file to Kubernetes Cluster.

Deployment to Kubernetes clusters is more complicated than deployment using Docker Compose. However, Kubernetes is one of the most used orchestration tools used to deploy containers into production environments due to its flexibility, reliability, and features.

Easy to follow and to grasp the concept idea.

https://medium.com/better-programming/how-to-migrate-from-docker-compose-to-kubernetes-b57eb229beb2

Links

https://rancher.com/docs/rancher/v2.x/en/quick-start-guide/deployment/quickstart-manual-setup/

https://apps.heimdall.site/

https://rancher.com/docs/rancher/v2.x/en/installation/other-installation-methods/single-node-docker/

TSR – The Server Room Show – Episode 44 – Sophos XG Firewall and Intercept X Endpoint Management

What is a Next Gen Firewall?

A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functions, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).

Next-generation firewall vs. traditional firewall

NGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.

NGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.

Evolution of next-generation firewalls

Improved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.

Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But blocking a web application that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.

Protection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.

NGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular “allow/deny” rules for controlling use of websites and applications in the network.


Sophos XG Firewall

Sophos firewall offering / product exists both as a software and hardware offering.
You can run the engine on a VM or a hardware of Your choice but You can also choose to go with their own hardware firewalls which uses tried and tested components to make sure You get the most out of their firewall engine.


Sophos claims the XG Firewall to be the world’s best visibility , protection and response.

Their product is NSS Brand Recommended , what NSS Labs does they test security products from around the world pretty much security products as I saw on their website

Also Gartner and SC Awards spoke highly of Sophos products.Sophos offers it as an ultimate firewall solution


Enterprise protection where Visibility , Protection and Response is key
The Best Protection to Stop Unknown Threats Dead


IPS – Intrusion Prevention System with high performance to try and stop unknown threats. With SophosLab Threat Intelligence Integration Sophos is analyzing and trying to stop zero day threats before they get on Your network.

Performance to fully protect Your network

Extreme TLS inspection

Extremely Fast, Effective, and Transparent.

80% of the traffic passing through your firewall is encrypted. Most organizations are completely blind to this traffic. Why? Because TLS Inspection kills their firewall performance. But not anymore.

XG Firewall’s Xstream TLS Inspection solves this problem once and for all. You can now fully enable TLS Inspection without compromising on performance, protection, privacy, and the end user experience.

  • Native support for TLS 1.3 and all modern cipher suites
  • Powerful policy tools to balance privacy, protection, and performance
  • Unique at-a-glance visibility and one-click error handling via the Control Center

SD-WAN Evolved

Unprecedented clarity, connectivity, and control.

XG Firewall evolves SD-WAN with unique capabilities that provide unprecedented clarity and control over your connectivity needs.

Synchronized SD-WAN

Leverages the 100% application visibility and control that Synchronized Security provides to make reliable SD-WAN path selection and routing decisions.

SD-RED Branch Office Connectivity

Our zero-touch branch office edge devices make SD-WAN deployments simple, easy, and secure.

Flexible Connectivity Options

No other firewall offers as many modular and flexible connectivity solutions as XG Firewall, with a full range of wireless, cellular, copper, and fiber options.

Powerful Management and Seamless Scalability

Group Firewall Management
Central Firewall Reporting
Plug and Play High Availability

Designed to Fit Your Network

XG Firewall offers a powerful and modular line of hardware appliance models as well as software, virtual, and cloud deployment options to fit any network.

XG Series Appliances

XG Series Appliances

XG Firewall offers a full range of top-performing hardware appliances with modular connectivity options for all your LAN, WAN, and wireless needs including Wi-Fi, cellular, copper, and fiber interfaces.

Software, Virtual, Cloud

Software, Virtual, Cloud

XG Firewall is also available as a software appliance, supports all the popular virtualization platforms, and is available on both Azure and Amazon Web Services to protect and connect your public, private, and hybrid cloud networks.

SD-WAN

SD-WAN

Our unique zero-touch SD-RED edge devices make extending your secure network to remote and branch locations and industrial control system (ICS) devices simple and easy. Flexible SD-WAN and VPN connectivity options ensure you meet your WAN reliability and quality goals.



Hardware Offerings:

Sophos offers a divers portfolio of Hardware Appliances running Sophos XG Firewall product.
Depending on Your budget and needs You can go from a small 500 euro appliance which is one of the smallest to bigger but still desktop size modular units or go up to rack equipment of 1U or 2U units.

XG86 and XG 86w with wireless module the cheapest and smallest of the firewall hardware Sophos offers.
XG125 and XG125w with wireless is a model I could imagine in my homelab or the whole home network itself to be in charge of protection and be my No.1 firewall appliance. Prices for Appliance only unit I saw around 900 – 1000 U.S Dollars
XG 230 Rev 2 If Money is not a problem 🙂 around 2000 euros appliance only I would put this in my server rack without a doubt. Gigabit and beyond performance nearly for all applications *firewall, ngfwn ipsec vpnm ips, threat protection* except XSTREAM SSL Decryption



A brief comparison table



Product Highlights of Hardware Appliances

  • All features supported on every XG 1xx model and most on XG 86
  • Every model available with optional integrated 802.11ac Wi-Fi
  • 2nd power supply option for all XG 1xx models
  • Expansion bay on all XG 125/135 models for 3G/4G module
  • Optional 2nd Wi-Fi radio module on 135w model
  • SFP port, e.g. for optional DSL modem, on all XG 1xx appliances



Endpoint Management Product:
Intercept X Endpoint protection features:

Endpoint Detection and Response:

This image has an empty alt attribute; its file name is EDR-screenshot-2.jpg



Intercept X detects and investigates suspicious activity with AI-driven analysis. Unlike other EDR tools, it adds expertise, not headcount by replicating the skills of hard-to-find analysts.|


Anti-Ransomware


Today’s ransomware attacks often combine multiple advanced techniques with real-time hacking. To minimize your risk of falling victim you need advanced protection that monitors and secures the whole attack chain. Sophos Intercept X gives you advanced protection technologies that disrupt the whole attack chain including deep learning that predictively prevents attacks, and CryptoGuard which rolls back the unauthorized encryption of files in seconds.

Deep Learning Technology

By integrating deep learning, an advanced form of machine learning, Intercept X is changing endpoint security from a reactive to a predictive approach to protect against both known and never-seen-before threats. While many products claim to use machine learning, not all machine learning is created equally. Deep learning has consistently outperformed other machine learning models for malware detection.

Exploit Prevention

Exploit prevention stops the techniques used in file-less, malware-less, and exploit-based attacks. While there are millions of pieces of malware in existence, and thousands of software vulnerabilities waiting to be exploited, there are only handful of exploit techniques attackers rely on as part of the attack chain – and by taking away the key tools hackers love to use, Intercept X stops zero-day attacks before they can get started.

Managed Threat Response

Sophos Managed Threat Response (MTR) provides 24/7 threat hunting, detection, and response capabilities delivered by an expert team as a fully-managed service. Sophos MTR fuses machine learning technology and expert analysis for improved threat hunting and detection, deeper investigation of alerts, and targeted actions to eliminate threats with speed and precision. Unlike other services, the Sophos MTR team goes beyond simply notifying you of attacks or suspicious behaviors, and takes targeted actions on your behalf to neutralize even the most sophisticated and complex threats.

Active Adversary Mitigations

Intercept X utilizes a range of techniques, including credential theft prevention, code cave utilization detection, and APC protection that attackers use to gain a presence and remain undetected on victim networks. As attackers have increasingly focused on techniques beyond malware in order to move around systems and networks as a legitimate user, Intercept X detects and prevents this behavior in order to prevent attackers from completing their mission.


Sophos’s Synchronized Security Product

Synchronized Security is the cybersecurity system where Sophos endpoint, network, mobile, Wi-Fi, email, and encryption products work together, sharing information in real time and responding automatically to incidents:

  • Isolate infected endpoints, blocking lateral movement
  • Restrict Wi-Fi for non-compliant mobile devices
  • Scan endpoints on detection of compromised mailboxes
  • Revoke encryption keys if a threat is detected
  • Identify all apps on the network

Everything is managed through a single, web-based management console, so you can see and control all your security in one place.

Links

https://www.nsslabs.com

https://secure2.sophos.com/en-us/security-news-trends/reports/gartner/magic-quadrant-utm.aspx

https://news.sophos.com/en-us/2019/06/07/synchronized-security-awarded-best-threat-intelligence-technology/

https://www.sophos.com/

FroggyMe’s Fantastic Fantasy – playlist for Sept 13, 2020

Donald Byrd and the Blackbyrds – Mysterious Vibes – Action
EWF – Love’s Holiday – All N All

Herbie Hancock – Don’t hold it in – Monster (1980)
Herbie Hancock – Making Love – Monster (1980)
Herbie Hancock – It all comes round – Monster (1980)

The Isley Brothers – Groove With You
Larry Carlton – Nite Crawler – self-titled (1978)
The Crusaders – Lazy Sundays – Rural Renewal
Wayne Henderson – Living on a dream – living on a dream
Wayne Henderson – Midnight at the Oasis – living on a dream

TSR – The Server Room Show – Episode 43 – OpenBSD

OpenBSD

OpenBSD is a 4.4BSD-based UNIX-like operating system built from the ground up to focus its efforts on emphasize portability, standardization, correctness, proactive security and integrated cryptography. OpenSSH the popular software comes from OpenBSD.

Why might you want to use it?Some interesting things to mention….

  • OpenBSD runs on many different hardware platforms.
  • OpenBSD is thought of as the most secure UNIX-like operating system by many security professionals, as a result of the never-ending comprehensive source code audit.
  • OpenBSD is a full-featured UNIX-like operating system available in source and binary form at no charge.
  • OpenBSD integrates cutting-edge security technology suitable for building firewalls and private network services in a distributed environment.
  • OpenBSD benefits from strong ongoing development in many areas, offering opportunities to work with emerging technologies and an international community of developers and end users.
  • OpenBSD attempts to minimize the need for customization and tweaking. For the vast majority of users, OpenBSD just works on their hardware for their application.
  • OpenBSD runs on a lot of different architectures although less than NetBSD does 🙂
  • It is very well documented and has mailing lists in place for those who want to get involved.
  • OpenBSD has gone through heavy and continual security auditing to ensure the quality and security of the code.
  • OpenBSD does not support journaling filesystems. Instead we use the soft updates feature of the Fast File System (FFS).
  • OpenBSD comes with Packet Filter (PF). This means that Network Address Translation, queuing, and filtering are handled through pfctl(8), pf(4) and pf.conf(5).
  • OpenBSD’s default shell is ksh, which is based on the public domain Korn shell. Shells such as bash and many others can be added from packages.
  • Devices are named by driver, not by type. In other words, there are no eth0 and eth1 devices. It would be em0 for an Intel PRO/1000 Ethernet card, bge0 for a Broadcom BCM57xx or BCM590x Ethernet device, ral0 for a RaLink wireless device, etc.
  • OpenBSD/i386, amd64, and several other platforms use a two-layer disk partitioning system, where the first layer is the fdisk BIOS-visible partition and the second is the disklabel.
  • Some other operating systems encourage you to customize your kernel for your machine. OpenBSD users are encouraged to simply use the standard GENERIC kernel provided and tested by the developers.
rc and init

rc is the command script that is invoked by init(8) when the system starts up. It performs system housekeeping chores and starts up system daemons.

In Unix-based computer operating systems, init (short for initialization) is the first process started during booting of the computer system. Init is a daemon process that continues running until the system is shut down. It is the direct or indirect ancestor of all other processes and automatically adopts all orphaned processes. Init is started by the kernel during the booting process; a kernel panic will occur if the kernel is unable to start it. Init is typically assigned process identifier 1. In Unix systems such as System III and System V, the design of init has diverged from the functionality provided by the init in Research Unix and its BSD derivatives. Up until recently, most Linux distributions employed a traditional init that is somewhat compatible with System V, while some distributions such as Slackware use BSD-style startup scripts, and others such as Gentoo have their own customized versions.

Since then, several additional init implementations have been created, attempting to address design limitations in the traditional versions. These include launchd, the Service Management Facility, systemd, Runit and OpenRC.

Additionally, rc is intricately tied to the netstart(8) script, which runs commands and daemons pertaining to the network. rc is also used to execute any rc.d(8) scripts defined in rc.conf.local(8). The rc.securelevel, rc.firsttime, and rc.local scripts hold commands which are pertinent only to a specific site.

All of these startup scripts are controlled to some extent by variables defined in rc.conf(8), which specify which daemons and services to run.

rc is the command script that is invoked by init(8) when the system starts up. It performs system housekeeping chores and starts up system daemons. Additionally, rc is intricately tied to the netstart(8) script, which runs commands and daemons pertaining to the network. rc is also used to execute any rc.d(8) scripts defined in rc.conf.local(8). The rc.securelevel, rc.firsttime, and rc.local scripts hold commands which are pertinent only to a specific site.

All of these startup scripts are controlled to some extent by variables defined in rc.conf(8), which specify which daemons and services to run.

Before init(8) starts rc, it sets the process priority, umask, and resource limits according to the “daemon” login class as described in login.conf(5). It then starts rc and attempts to execute the sequence of commands therein.

OpenBSD as a Desktop Operating System — Daily Driver
Installation of OpenBSD 6.7
Running xenodm as root to bring up to logon manager
Logged in as normal user to the fresh OpenBSD 6.7 installation
Networking and DNS resolution works fine. top is running on the right terminal window
OpenBSD as a Firewall/Router

I found this great article about OpenBSD as a firewall I want to talk about.
https://dzone.com/articles/high-availability-routerfirewall-using-openbsd-car

in this example two small appliances are used to serve as R1 and R2 with OpenBSD in a home network scenario. One PCEngines APU4C4 and an older Soekris net5501. They are set up in failover mode using CARP and pfsync

https://lh5.googleusercontent.com/UY4DMYRIRbNr-ERHu_0yoidz5wG8aYYoQGCmOJZiobPjoA7iQPOxZeJNWVe_-BIcQ35ZSAFss0a6mtvjNXMXu1g-qXcf8N7xD8R3HgsG7ifGnqi6nEG-vwp9Liq99JGs0xytZhmW
Example Network Topology from https://dzone.com & Chad Gross
  • All three switches are unmanaged switches.
  • Both R1 and R2 handling out DHCP Addresses from the same pool but split *R1 in the range of .151-250 and R2 in the range of .100-150
  • vr0 and em0 are the WAN interfaces of R1 and R2 respectively receiving IP assigned via DHCP from ISP *or ISP’s router perhaps*

Example Network Topology from https://dzone.com & Chad Gross


R1 and R2 has pfsync service running and keeping them in sync on vr1 and em1 interfaces

R1 and R2 has pflow service running and keeping them in sync on vr2 and em2 interfaces


CARP and pfsync

CARP is the Common Address Redundancy Protocol. Its primary purpose is to allow multiple hosts on the same network segment to share an IP address. CARP is a secure, free alternative to the Virtual Router Redundancy Protocol (VRRP) and the Hot Standby Router Protocol (HSRP).

CARP works by allowing a group of hosts on the same network segment to share an IP address. This group of hosts is referred to as a “redundancy group.” The redundancy group is assigned an IP address that is shared amongst the group members. Within the group, one host is designated the “master” and the rest as “backups.” The master host is the one that currently “holds” the shared IP; it responds to any traffic or ARP requests directed towards it. Each host may belong to more than one redundancy group at a time.

One common use for CARP is to create a group of redundant firewalls. The virtual IP that is assigned to the redundancy group is configured on client machines as the default gateway. In the event that the master firewall suffers a failure or is taken offline, the IP will move to one of the backup firewalls and service will continue unaffected.

CARP supports IPv4 and IPv6.

The pfsync(4) network interface exposes certain changes made to the pf(4) state table. By monitoring this device using tcpdump(8), state table changes can be observed in real time. In addition, the pfsync(4) interface can send these state change messages out on the network so that other nodes running PF can merge the changes into their own state tables. Likewise, pfsync(4) can also listen on the network for incoming messages.

y default, pfsync(4) does not send or receive state table updates on the network; however, updates can still be monitored using tcpdump(8) or other such tools on the local machine.

When pfsync(4) is set up to send and receive updates on the network, the default behavior is to multicast updates out on the local network. All updates are sent without authentication. Best common practice is either:

Connect the two nodes that will be exchanging updates back-to-back using a crossover cable and use that interface as the syncdev (see below).
Use the ifconfig(8) syncpeer option (see below) so that updates are unicast directly to the peer, then configure ipsec(4) between the hosts to secure the pfsync(4) traffic. 

When updates are being sent and received on the network, pfsync packets should be passed in the filter ruleset:

pass on $sync_if proto pfsync

$sync_if should be the physical interface that pfsync(4) is communicating over.

Links

http://www.troubleshooters.com/linux/pf/index.htm

https://www.openbsd.org/faq/pf/filter.html

https://www.openbsd.org/faq/pf/

https://dzone.com/articles/high-availability-routerfirewall-using-openbsd-car

https://en.wikipedia.org/wiki/Init

https://man.openbsd.org/rc.8

https://www.openbsd.org/papers/eurobsd-firewalls-2002.pdf

https://bsd.cat/es/

FroggyMe’s Fantastic Fantasy playlists 2018-20

To help you find which episodes you want to listen to, here are all the playlists.

Jan 7, 2018

Craig Padilla – Windspell – Below the Mountain
Jonn Serrie – Quantum Seas – Day Star
Alistair Brimble – Voyager – Sounds Digital
Paul Hardcastle – Zero One – Zero One

Rapture – Cassiopeia
Saga Musix – Snowflakes
Roland Orzabal – Snowdrop – Tomcats Screaming Outside
Jugi – Onward Ride (BeeZerk remix)

Jan 21, 2018

Patrick O’Hearn – At first light – ancient dreams
Craig Padilla – first light – below the mountain
Ray Lynch – Celestial Soda Pop – Deep Breakfast
Raphael – I say rock and roll prayers to a dancing god – music to disappear in
David Helpling – The Same Sky – The Crossing

The Solsonics – Keep the Rhythm Strong – JAZZ in the Present Tense
The Breakestra – Recognize – Hit the floor (Ubiquity)
Gary Bartz – Music is my Sanctuary (feat. Syreeta) – title
Donald Byrd – Think Twice – Stepping into tomorrow
The Detroit Experiment – Think Twice – self-titled

Damu the Fudgemunk – Wonka Beat 6 – Supply for demand

March 18, 2018

Coyote Oldman – Silver Pearl – Tear of the Moon
Robert Rich – Persistance of Memory (for Dali) – Strata
Jonn Serrie – Gentle, the night – and the stars go with you
Raphael – I say rock and roll prayers to a dancing god – Music to Disappear in

Allister Brimble – Magnetic Drops – Sounds Digital
Saga Musix – Snowflakes
Rapture – Cassiopeia
Rapture – Open Dreams
trash80 – Social Silence – Hologram EP

nuroto/aya fukusomething – something

March 25, 2018

Breakestra – Recognize – Hit the Floor (Ubiquity)
Donald Byrd – Places and Spaces – title (Places and Spaces) (Blue Note 1975)
Eddie Henderson – Inside you – Heritage

Breakestra – Family Rap – Hit the Floor (Ubiquity)
Nicodemus – Give the drummer some feat real live show and nappy g – endangered species
Groove Collective – Bionic – Dance of the Drunken Master
Groove Collective – Some People – Declassified

Gary Bartz – Carnival De L’Esprit – Music is my Sanctuary (blue note)
Noel Pointer – NIght Song – Phantazia (blue note)
United Future Organization – Stolen Moments (Oliver Nelson blues and the abstract truth)
monk and canatella – forthcoming – care in the community (oops, should have played megavolt by Alister Brimble or Highest by Detroit Experiment)

April 1, 2018

CODA – Megabits per second – soundshock 2 – FM funk terror
cold storage – b.f.o. drift (polka dot mix)
corpsicle – canniballad

jugi / complex – onward ride (beezerk remix, known for his commodore 64 remixes)
Allister Brimble – Megavolt
Allister Brimble – Full Contact
Reed / Fairlight – Dirty 64 (1st at Assembly 2005, oldskool music compo)

Dane – Channels (1st in the High Score Power Ballad compo 2012)
Herbert Weixelbaum – Enjoy the silence (depeche mode)
trash80 – I will go – hologram ep

richard bone – eucaliptico – images from a parallel world


Patrick O’Hearn – 87 dreams of a lifetime – between two worlds
jeff pearce – reunions – to the shores of heaven

April 8, 2018

Arthur Verocai – Presente Grego – self-titled
Courtney Pine – The 37th Chamber feat. DJ Pogo – Modern day jazz stories (1995)
Dianne Reeves – Testify – Bridges
EW&F – Elevated feat. Floetry – Illumination (2005)
Sylk 130 – E.R.A. – When the funk hits the fan
Sylk 130 – When the funk hits the fan – title track
Incognito – Roots (Pete Rock remix) – Remixed
Omar – Ghana Emotion – Sing (if you want it)

Gerald Wilson Orchestra – Viva Tirado
David Axelrod – Holy Thursday
David McCallum – The Edge (prod. by David Axelrod)
Bobbi Humphrey – Harlem River Drive (mizel brothers production)
JTQ – In the hand of the inevitable – title track (Acid Jazz)

April 15, 2018
Groove Collective special

Groove Collective – Loisaida – We the People (1996)
Groove Collective – Everyday People, Reprise – Brooklyn NY – 4.20.02
Groove Collective – Everything is Changing – Declassified (1999)
Groove Collective – Can’t Stop Me Dancing – Live and Hard to Find
Groove Collective – Nerd – Groove Collective (1994 recorded in ’93)
Groove Collective – Lift Off feat. Vinia Mojica (De la soul, ATCQ) – We the People
Groove Collective – Lift Off (Salaam Remi Remix)
Groove Collective – Lapsang Souchong – Live and Hard to Find
Groove Collective – Set Up – People People Music Music (2006)
Groove Collective – You’re stepping on my daisy – It’s all in your mind (2001)
Groove Collective – World Bank – Dance of the Drunken Master (1998)
Groove Collective – Ms. Grier – Groove Collective (1994)

Groove Collective will be live on 4/20 friday 10 and midnight + DJs at NUBLU lower east side

April 29, 2018

Patric O’Hearn – 87 Dreams of a Lifetime – Between Two Worlds
Jeff Pearce – A Fading – To the Shores of Heaven
Jeff Pearce – Reunions – To the Shores of Heaven
David Helpling and John Jenkins – The Same Sky – The Crossing
Patrick O’Hearn – Along the Waterfront – So Flows the Current

Steven Halpern – Harmonic Convergence – Spectrum Suite
Steven Halpern – Keynote A: indigo
Steven Halpern – Keynote B: Violet
Steven Halpern – Keynote C: Red
Steven Halpern – Keynote D: Orange
Steven Halpern – Keynote E: Yellow
Steven Halpern – Keynote F: Green
Steven Halpern – Keynote G: Blue

Mother Earth – Apple Green – The People Tree
Mark Farina – Liquid by Naked Music NYC (?) – Mushroom Jazz 2

May 6, 2018

Horndogz – Movin’ on – #woof
black sheep – flavor of the month – a wolf in sheep’s clothing
Groove Collective – On a feeling – declassified
De La Soul – D.A.I.S.Y. Age – 3 Feet High and Rising (1989)

P’taah – Hold you close – staring at the sun (ubiquity)
Praful – Corpo Suado (feat Lilian Vieira) – One Day Deep
Zuco 103 – Outro Lado – Outro Lado
Zuco 103 – Love is queen omega feat lee scratch perry – Whaaa!
Solsonics – Red Clay (freddie hubbard) – JAZZ in the Present Tense
Brookly Funk Essentials – Dilly Dally (by and feat Josh Roseman on trombone) – Cool and Steady and Easy
Arthur Verocai – Karina (Domingo no Grajau) – Arthur Verocai (1972)

donalyd byrd – you are the world – steppin into tomorrow

May 13, 2018

8 bit weapon – neuromancer ending (warhol edit) 2.0 – Confidential 1.0
8 bit weapon – mars saga (mr. jetlands slow jam mix) – confidential 1.0
fauna flash – sexual attraction – future sound of jazz
goldie – inner city life feat. dianne charlamange (rabbit’s short attention span mix (rabbit on the moon)) – timeless (1995)
goldie – believe – saturnzreturn (1997)

dzihan & kamien – before – live in vienna
dzihan & kamien – drophere – live in vienna
Barcode – love anybody (cup of tea records)
p’taah – the oldest story – staring at the sun (ubiquity)
viktor duplaix – make a baby – bold and beautiful
Karsh Kale – smile
MIDIval PunditZ – Bhangra Fever

May 20, 2018

Robert Rich – Helios – Medicine Box
Steve Roach – Empowerment – Empetus
Constance Demby – Om Mani Padme Hum
Jeff Pearce – Reunions – To the shores of heaven
Raphael – Primitive Silence – Music to Disappear In
Steven Halpern – Leviatian Blue – Spectrum Suite
Coyote Oldman – Dawn – Tear of the Moon
patrick ohearn – fire ritual – between two worlds
Hammock – GLossolalia – departure songs
Kitaro – Lord of the Wind – Tunhuang
Alice Damon – Waterfall Winds
Richard Bone – Transmutual Sunshine – Images of a Parallel World

June 3, 2018

Richard Bone – System Wide Slumber – Images from a Parallel World
Jon Jenkins – Into a World of Wonder – Flow
Coyote Oldman – Silver Pearl – Tear of the Moon

Other meditation on 5/20

Ishq – Bhatki – Live at Morrison Planetarium
Allister Brimble – Voyager – Sounds Digital
trash80 – social silence – hologram ep
AMJ (Juha-Matti Hilpinen) – SYS4096
John Foxx – Burining Car
Spearhead – Stay Human (All the freaky people) – Stay Human
Ramsey Lewis – Les Fluer – Between the Keys

June 10, 2018

CODA – Megabits ber second
KUlor – Hypergirl battlesquad
Manwe – and this is ultrasound
Moot Booxle – Chomp
Zapp – A touch of jazz (playin’ kinda ruff part II) – Zapp II
Zapp – Computer Love – Zapp IV

Wookie – Battle (feat. Lain)

P’taah – Nobody Knows – Staring at the Sun (Ubiquity)
P’taah – Become who you are – Staring at the Sun (Ubiquity)
EW&F – Beijo – All ‘N All (1977)
St. Germain – So Flute – Tourist (Blue Note, 2000)
Sylk 130 (King Britt) – Last Night a DJ Saved My Live – When the Funk Hits the Fan (Ovum, 1997)
WAR – The World is a Ghetto – title track
The Crusaders – Mystique Blues – Crusaders 1
Purple Penguin – End Theme – De-Tuned (Cup of Tea)

June 24, 2018

Patrick O’Hearn – Life along the river Vaal – Ancient Dreams
Patrick O’Hearn – Rain Maker – Between Two Worlds
Hammock – (Tonight) we burn like stars that never die – Departure Songs
Hammock – (Let’s Kiss) while all the stars are falling down – Departure Songs

Jon Jenkisn – breathin in the deep – Flow
Jon Jenkins – Night Drifting through black canyon – Flow
Laraaji – Unicorns in Paradise (autoharp)
Richard Bone – Eucalyptico – Images from a Parallel World

Scortia – Thai Myth
Johannes Bjerregarrd – Sweet
Dane – Neurotica

July 1, 2018
sorry for that little burst of operatic noise, I was still adjusting my soundcard settings!

MAW – Life is but a dream – our time is coming
Nuyorican Soul – sweet tears feat roy ayers – self titled debut
Sylk 130 – when the funk hits the fan – title track
Brookly Funk Essentials – Mizz Bed-Stuy feat Tower of Power horns and Bill Ware on vibes – Cool and Stead and Easy
feat DJ Jazzy Nice, who along with DJ Smash, Chillfreez and Swingsett, were the resident djs at Giant Step, which formed Groove Collective
Groove Collective – Everybody (We the People) feat Josh Roseman on tbone – We the People
Incognito – I hear your name (Roger’s Ultimate Anthem Mix (Roger Sanchez)) – Remixed, compilation of 12″ from 1996
Incognito – Nights over Egypt (their version) – No time like the future
Incognito – Nights over Egypt (MAW main mix) – Future Remixed
Jocelyn Brown – Somebody Else’s Guy
EWF – Boogie Wonderland (Inspiration ’83 mix) – Soul Source EWF remixes
Paul Hardcastle – Panic – Zero One

July 8, 2018

Iasos – Formentera Sunset Clouds
Aeoliah – Twin Flames Rising – Inner Sanctum
Craig Padilla – Ascention – Genesis
Jeff Pearce – North Refuge – Vestiges

Alice Coltrane – Paramahansa Lake – Huntington Ashram Monestary
Ian Dogole – John Coltrane – Convergence
John Coltrane – My Shining Hour

July 15, 2018

Nesta Kerin Crain – Gongs in the Rain
Robert Rich – CCRMA Voices
Jonn Serrie – The auran vector – planetary chornicles vol. 1

Joel Andrews – Sepheric Borialis
Steve Roach. – dreamimng and sleep – quiet music
Steve Roach – specter – desert solitare

Alice Coltrane – IHS – Huntington Ashram Monastery
John Coltrane – Ole – Ole Coltrane

July 22, 2018
The BRASILIAN suprise special; I think pimenta joined us in COM that day.

Donalyd Byrd – Black Disciple – A New Perspective (1964 Blue Note)

Donald Byrd – trumpet
Hank Mobley – tenor saxophone
Herbie Hancock – piano
Kenny Burrell – guitar
Donald Best – vibraphone, vocals
Butch Warren – bass
Lex Humphries – drums
Duke Pearson – arranger
Coleridge-Taylor Perkinson – choir direction
Unidentified vocalists: Four men (two basses, two tenors) and four women (two altos, two sopranos)

Airto Moreira – Tombo in 7/4
Zuco 103 – Maracatu Atomico – Outro Lado (1974, lots of covers inlcuding Gilberto Gil in 74)
Zuco 103 – Futebol – Whaa!
Da Lata – Cores
Moreno Veloso – Deusa do Amor (son of Caetano Veloso)
Suba – Felicidade
Astrud Gilberto (wife of Joao gilberto) – Ponteio (requested by Snowdusk)
Stan Getz – Corcovado (Quiet Nights of Quiet Stars) – Getz/Gilberto (feat Astrud and Joao)
Bebel Gilberto – So Nice (Summer Samba)
Praful – Inspiracao (feat Lilian Vieira) – ONe Day Deep
Bobi Cespedes feat Rob Swift – Lenu (sounds of summer remix) (Cuba)

Antonio Carlos Jobim – Stone Flower

Aug 12, 2018

Horndogz – Moving On – #Wooof
Aphex Twin – Milk Man
Monk and Canatella – I can water my plants – Care in teh Community (cup of tea)
Amon Tobin – Kitchen Sink – Foley Room

Arthur Verocai – Presente Grego – self-titled
BAYA (feat george cables) – Arabesque – self-titled
Lisa Shaw – let it ride – cherry
Deodato – Also Sprach Zarathustra (2001) – Prelude (1973 CTI)
Kevin Mahogany – Double Rainbow – title track from 1993
Zuco 103 – Tao Lonely – Tales of High Fever
Bebel Gilberto – Bananeira rmxd Rae and Christian – Tanto Tempo Remixes
BossaCucaNova feat Sylivio Cesar – Consolacao – Brazilian Groove Putamayo compilation

Damu the Fudgemunk – Supply for Demand (instrumental) – title track

Sept 16, 2018

Grover Washington Jr. – Mr Magic
Andy Bey – Hibiscus – Experience and Judgement
Pleasure – Future Now – Future Now (title)
Eddie Henderson – Inside You – Heritage
Eddie Henderson – Involuntary Bliss – Sunburst
Melvin Sparks – It is what it is – It is what it is (title)
John Scofield feat Medeski Martin and Wood – A go go – A go go (title)
Galactic – Go Go – Coolin’ Off
Medeski Martin and Wood – Think – and I think it’s from Shackman, but from alternate routes compilation of gramavision records
Peter Apfelbaum – Phoenix Hill – alternate routes gramavision records sampler

Richard Groove Holmes – Groovin’ with Mr G – Blue Break Beats vol. 1

Sept 23, 2018

Roy Ayers – Coffy is the Color
Curtis Mayfield – Pusherman
William DeVaughn – Be Thankful for what you got

EW&F – sweetbacks theme – sweetbacks baadass song
The BlackByrds – cornbread
B.T. Express – Express (brooklyn transit)
Isaac Hayes – Main title from Truck Turner
War – Nappy Head – theme from Ghetto Man
Gil Scott-Heron – the bottle
Graham Central Station – We Be’s Getting Down
Lonnie Liston Smith – Expansions

Wilbert Longmire – Black is the colour
Lenny White – Best of Friends

Guru – The Jazz Style feat Omar
Incognito – Sunburn

Sept 30, 2018

patrick o’hearn – malevolent landscape – ancient dreams
Allister Brimble – Magnetic Drops

Ray Lynch – The Oh of Pleasure – Deep Breakfast
Kitaro – Fata Morgana – Tunhuang
Kitaro – Sacred Journey I – Tunhuang

ALF System – Pachabels Cannon in D Major – Recorded live at “An Evening of Computer Music” held August 25, 1978 in Philadelphia. – Dave Ahl of Creative Computing
vintagecomputermusic.com

MRT – Phat Frog
Hanz Meyer – International Karate (80s Edit)
SHEN LON – Ocean Loader
Martin Dodd – Lightforce (feat. MS20)
Chris Abbot – LF 2000 uploaded jan 2002
Rob Hubbard – Lightforce for MOS6581R4

Oct 14, 2018
The 90s R&B special!

R. Kelly – Bump n grind
Aaliyah – One in a Million – One in a Million
D’Angelo – I found my smile again – space jam
Keith Sweat – Nobody feat. Athena Cage from Kentucky – Keith Sweat
Keith Sweat – Come with me feat. Ronald Isley – Keith Sweat
Isley Brothers – Choosey Lover – Between the Sheets
Aaliyah – Choosey Lover – One in a Million
TLC – Creep – CrazySexyCool
TLC – Red Light Special – CrazySexyCool
Coolio – the winner – space jam
Erykah Badu – On & On – Baduizm
Erykah Badu – Appletree – Baduizm

Simon Stalenhag – Fluvial Beat Deposits

Oct 28, 2018

Human League – Love is all that matters – crash
Taana Gardner – Heartbeat
Raw Silk – Do It To The Music – Westend Records
Sylk 130 – Last Night a DJ Saved My Life – When the funk hits the fan
St Germain – So Flute – Tourist (Blue Note 2000)

George Benson – Love x Love – Give Me the Night (1980)
George Benson – Windsong – Weekend in L.A. (1978)
Incognito – The 25th Chapter – Adventures in Black Sunshine
Incognito – Jump to my love – Remixed
Groove Collective – Time Pilot – It’s all in your mind

Nov 4, 2018

Groove Collective – Runaway Child – Dance of the Drunken Master
Solsonics – Blood Brother – JAZZ in the Present Tense
James Taylor Quartet – 3 Mile Island – In the hand of the inevitable

Roy Hargrove / The RH Factor – Hardgroove – Hard Groove
– I’ll Stay feat. D’Angelo
Oscar Peterson – Rob Roy – Oscar Peterson meets Roy Hargrove and Ralph Moore
– Tin Tin Deo (Dizzy Gillespie)

Roy Hargrove / The RH Factor – The Stroke – Hard Groove
– Forget Regret feat Stephanie McKay
BFE – The Creator has a Master Plan – Cool and Steady and Easy feat. Joi Cardwell or Stephanie McKay

Gary Bartz – Love Ballad (Skip Scarborough for L.T.D.)- Music is my Sanctuary

Nov 25, 2018

8 bit weapon – defender of the crown theme – confidential 1.0
xyce – dance un funk
c-jeff – FMriller
Response/Darklite – Aye Aye Captain
Paul Hardcastle – Drum Beat – Zero One
Crown City Rockers – B-Boy remix

Y Society (Insight and Damu the Fudgemunk) – At My Own Pace – Travel at YOUR Own Pace
The Fearless Four – Rockin’ It – Best of Enjoy! Records
Jamie Jupitor – Computer Power

Zapp (Roger Troutman) – Computer Love – Zapp IV
Slick Rick – Teenage Love – The Great Adventures of Slick Rick
Slave – Just a touch of love
8-bit weapon – Neuromancer Ending (warhol edit) 2.0

Dec 2, 2018
Fundraiser episode

Spearhead – Listener Supported – stay human
Soulive – clap feat black thought – next

Praful – Sonhar – One day deep
Spearhead – Listener Supported – stay human
Doi Tao Boy
Stanley Cowell – Equipoise
Mother Earth – Jesse – the people tree (acid jazz)
Aeoliah – Universal Conciousness – Inner Sanctum
Alice Coltrane – Huntington Ashram Monestary – HAM
Laxity – the alibi
RCA COSMAC – Mexican Hat Dance

Dec 16, 2018
Some Christmas chip tune!

constance demby – om mani padme hum
patrick o’hearn – forever the optimist – between two worlds
Allister Brimble – Voyager – Sounds Digital
trash80 – chip 2 bit – hologram
reed – dirty 64 – 1st place at Assembly 2000
8 bit weapon and computeher – Jingle Bells (one horse open sleigh) – It’s a chiptune holiday!
8bw – Joy to the world
8bw – Deck the halls (nos galan)
8bw – ave maria (well tempered clavier)
8bw – oh chirstmas tree (oh chanukah)
8bw – hannukah (festival of lights)
8bw – god rest ye merry gentlemen
8bw – greensleeves (what child is this)

Vangelis – Song of the seas – oceanic
Margo Krimmel – the water is wide
The Foreign Exchange – The Answer
Mellowman – Gardez L’Ecoute – Paris Groove Up
Damu the fudgemunk – wonka beat 4 – supply for demand

Dec 23, 2018
Some more Christmas chip tune!

Damu the fudgemunk – Colorful storms (instru.) –
Groove Collective – I want you (she’s so heavy)
Groove Collective – Whatchugot – Groove Collective
Groove Collective – Undercover life – Declassified
Groove Collective – What if – People People Music Music
Groove Collective – Flute Juice – Live and hard to find
Groove Collective – Ms. Grier – Groove Collective

8BW – It’s a chiptune holiday – entirety played in CD order

Year 6581 – Mr Pentaceratops
Year 6581 – Mr. Johnstone

Jan 6, 2019

Crown City Rockers – Vibrations
The Solsonics – Red Clay (Freddie Hubbard) – JAZZ in the Present Tense
Freddie Hubbard – Red Clay – Red Clay (CTI)

LTJ Bukem – Rhodes to Freedom – Journey Inwards (Good Looking)
P’taah – Hold you close – Staring at the Sun (Ubiquity)
Zuco 103 – Um Coco – Outro Lado
Fauna Flash – Sexual Attraction – The Future Sound of Jazz
Goldie – Angel (feat. Diane Charlegmane) – Timeless (1995 Metalheadz / FFRR)
Goldie – Digital feat. KRS-1 – SaturnzReturn (1997)
Purple Penguin – Mute Noise – De-Tuned (cup of tea)

Feb 10, 2019

Richard Bone – System Wide SLumber – images from a parallel world
Robert Rich – Helios – Medicine Box
Robert Rich – Filaments – Filaments
Robert Rich – Majorana – Filaments
Ancient Future (matthew montfort) – zzaj – visions of a peaceful planet

Coyote Oldman – Tear of the moon – tear of the moon

Richard Worth – African Flower – Stonemonkey

Feb 17, 2019

Leon THomas – The Creator has a master plan – spirits known and unknown
Kenix/Bobby Youngblood – There’s never been no one like you
Digable Planets – Flying high in the brooklyn sky (feat. Lester Bowie of art ensemble of chicago on trumpet, and wah wah watson on guitar)
Marvin Gaye – Flying high in the friendly sky – What’s Going On
Melvin Sparks – It is what it is – it is what it is
Liquid Soul – Body and Mind – One-Two Punch

Meateaters – Meateater (are the Meateaters a side project of Lamb? Produced by Ralph Lamb)
Ebony – Feels like
De La Soul – Eye Know – 3 feet high and rising
Gota (yashiki) – In the City Life – Let’s Get Started (instinct records)
Big Advice – Love Shines – Love Shines

Roni Size Reprazent – – In the M0de

Feb 24, 2019

Aphex Twin – Milk Man – Richard D. James Album
Dee D. Jackson – Automatic Lover – Cosmic Curves
Dee D. Jackson – Meteor Man – Cosmic Curves
Shirley Lites – Heat you up (melt you down) (metl down mix) – west end records
Sylk 130 (king britt) – When the funk hits the fan – when the funk hits the fan (ovum records)
Jhelisa – Friendly Pressure
Roni Size Reprazent – Lucky Pressure – In the M0de (talkin’ loud)
Goldie – Inner City Life [Baby Boy’s Edit] – Timeless
dZihan and Kamien – Drophere – Live in Vienna
Mono – Life in Mono (sweat band mix by propellerheads) – science fiction jazz vol. 2
atomek – nordone – sci fi jazz vol. 2
alex reece – out of time – sci fi jazz vol. 2

March 3, 2019

Donald Byrd – Beast of Burden – a new perspective
The Horndogz – Paris – #Woof
Milt Jackson – Sunflower – Sunflower (1973 CTI)
Amina Figurova – Rage – September Suite
Richard Worth – biosphere – stonemonkey
Groove Collective – Grier’s Near (Ms. Grier from self-titled debut) – LIVE and Hard to Find
Groove Collective – Flute Juice – LIVE and Hard to Find

PFM – Mystics (good looking records (ltj bukem))
Nicolette – Beautiful Day (talkin’ loud)
The Detroit Experiment – Enterluud – The Detroit Experiment

March 10, 2019

Covox – Computer Love – 8 bit operators
Allister Brimble – Himalayan sunrise – sounds digital
Erik Wollo and Byron Metcalf – Linked stars – Earth Luminous
Jonn Serrie – Stratos – And the stars go with you
Allister Brimble – magnetic drops – sounds digital
jonn serrie – stratos

Dave Douglas w/ Jonathan Maron – Molten Sunset – High Risk
Eddie Henderson – Involuntary Bliss – Sunburst
Josh Roseman Unit – Treats for the nightwalker – treats for the nightwalker
Slide Five – heavy rotation (feat. jonathan maron) – people places and things

March 17, 2019

Lisa Shaw – Let it ride – cherry
MAW – Our time is comming – our time is comming
Groove Collective – Runaway Child – Dance of the Drunken Master
Nickodemus – The Love Feeling (feat. Brian J of the pimps of joytime) – Sun People
Pimps of Joytime – Play – Third Wall Chronicles
Colossus – Transit – As used in Mark Farina’s Mushroom Jazz 6
Tim Motzer – Starship – this is what radio should sound like

Renegade Soundwave – the phantom
Black Riot (todd terry) – a day in the life (4th floor records and defected records)
Richard Worth – The 4th Floor (feat. Jay Denes of Naked Music NYC) – Stonemonkey
Richard Worth – native (feat. Jay Denes of Naked Music NYC) – Stonemonkey
Roy Hargrove, The RH Factor – Hardgroove – Hard Groove

March 24, 2019

Paul Hardcastle – loitering with intent – Rain Forest
buckner and garcia – Going Bezerk – Pacman Fever
bomb boy – back alley clash
rapture – open dreams
MRT – phat frog
Paul Hardcastle – forest fire – rain forest

break

Grandmaster flash – the adventures of grandmaster flash on the wheels of steel – the message
Slick Rick – Children’s Story – The Great Adventures of Slick Rick
Damu the fudgemunk feat. Insight (y society) – colorful storms – spare time
De La Soul – Tread Water – 3 feet high and rising
DJ Greyboy – polyphonix – mastered the art (ubiquity)
De la soul – how much (?) – 3 feet high and rising

March 31, 2019

Human League – Love is all that matters (jimmy jam and terry lewis) – Crash
8-bit Weapon – Closer – Electric High
Kepes Mode – Kuten Esimies feat Tykopatti and Martin Galway Green Beret – Dyykkaa taa albumi!
trash80 – chip 2 bit – hologram (8-bit peoples)
Chris Abbot – Lightforce v1 (’97 XG mix)

Martin Galway – Green Beret subtune 10
Martin Galway – Green Beret subtune 1
Johannes Bjerregaard – Sweet
Goto80 – Truth (c64 dnb!)
Gargaj – Silently (hungarian demoscener) (freestyle beat)
Glenn RUne galesfoss – grg in cyberspace
Exory – Sad Goodbye
AMJ – SYS4096

April 14, 2019

Incognito – Always There MAW main mix – remixed
MAW – Life is but a dream – our time is comming
Nickodemus – Gira do Sol feat Liliana Araujo – Sun People
Zuco 103 – Maracatu Atomico – Outro Lado
Zuco 103 – It’s a Woman’s World feat Lee Scratch Perry – Whaa!
Incognito – Pieces of a Dream (roger sanchez 7 minutes of soul mix) – Remixed

Incognito – Listen to the Music – Adventures in Black Sunshine
Nuyorican Soul – It’s Alright, I feel it! feat Jocelyn Brown – Nuyorican Soul
Jocelyn Brown – Somebody Else’s Guy
St. Germain – Rose Rouge – Tourist (2000 Blue Note)
Damu the Fudgemunk – Wonka Beat 6 (?) – Supply for Demand

April 28, 2019

Deodato – Also Sprach Zarathustra (2001) – Prelude (CTI)
Johnny Hammond – It’s too late (Carol King) – Breakout (CTI 1971)
Bob James – Weschester Lady
Sonny Rollins w/ Oliver Nelson – Alfie’s Theme – Impulse!
Freddie Hubbard – Chocolate shake – the body and the soul (1963 Impulse!)
8-bit weapon – one last mission – vaporware soundtracks 2.0

May 5, 2019

Pharcyde – passing me by – Bizarre Ride II
Nightmares on wax – nights interlude – future sound of jazz
12-10 Series Mk 1 – All that jazz – future sound of jazz (instinct)

Brand New Heavies – Never Stop – Brand New Heavies
The Crusaders – That’s how I feel – Crusaders I
Chali 2na – Maintain – Manphibian Music
The Crusaders – That’s How I Feel – Crusaders I
De La Soul – Plug Tunin’ (12 in version) – 3 feet high and rising
Monk and Canatella – This time is different (live in france)

Space Quest III – Closing Medley – Sierra Online

May 12, 2019

James Taylor Quartet – 3 mile island – in the hand of the inevitable
James Taylor Quartet – sounds of freedom – in the hand of the inevitable
Dionne farris – hopeless
rappin’ with gas – cooking with gas

Floyd Robinson – sunday school – charlie the hamster teaches bible stories
Floyd Robinson – stand up for jesus – charlie the hamster teaches bible stories

Komar and Melamid and Dave Soldier – the most unwanted song

July 28, 2019

Covox – Computer Love – 8 bit operators
8BW – Times of Lore (Epix Hendrix mix) – Confidential 1.0
Monk and Canatella – Roughead – Care in the Community
Monk and Canatella – Trout – Care in the Community (Cup of Tea)

Purple Penguin – Memphis (wraparoundsound remix) – Detuned
dZihan & Kamien – Ford Transit – Live in Vienna
DJ Sun (from Houston, Soular Grooves on KPFT) – Monday Drive – Monday Drive EP (Giant Step)

DJ Sun – Mark’s on the Keys (feat. Mark sound) – Monday Drive EP (Giant Step)
Statik Sound System – Up in the air
Jaylib (madlib and jaydilla) – The mission

August 11, 2019

Gary Bartz – Jujuman – I’ve known rivers and other bodies
Gary Bartz NTU Troop – Celestial Blues feat. Andy Bey – Harlem Sessions
Courntey Pine – I’ve Known Rivers feat. Cassandra Wilson – Modern Day Jazz Stories
Dianne Reves – Testify – Bridges
EW&F – Elevated feat. Floetry – Illumination
Greyboy – Polyphonix – Mastered the Art (Ubiquity)

De La Soul – Daisy age – 3 feet high and rising
The Procussions – Jimminy Cricket – 5 sparrows for 2 cents

August 25, 2019

Jonn Serrie – the far river – and the stars go with you
steve roach – desert solitaire – desert solitaire
patrick o’hearn – panning the sands – so flows the current
Raphael – Spirit Guides – Music to Disappear In
Allister Brimble – Full Contact – sounds digital

Luther – International Karate (Luther’s chillout remix) – RKO
Hanz Meyzer – International Karate (80s edit) – RKO
Jogeir Liljedahl – Challenge of the Gobots (Tribute to Ben) – RKO
MRT – PHat frog – RKO
Scortia – THai Myth
Stinsen – Sidviken
Xiny6581 – Highscore 2020

Oct 20, 2019

Zapp – Dance floor
Zapp – A touch of jazz (playin’ kinda ruff part II)
Lenny White – Best of Friends
Breakwater – Say you love me girl
Sea Level – fifty-four

Level 42 – Love meeting love
Herbie Hancock – Saturday Night
EW&F – Saturday Nite – Spirit
Groove Collective – Lift Off feat. Vinia Mojica – We the People
EW&F – Spasmodic Movements – Open our Eyes

Oct 27, 2019
First episode to use the turntable!

Oran juice jones – The Rain
The Staple Singers – this world – Bealtitude (Stax)
The Horndogz – Movin On – #woooof
Owusu and Hannibal – Blue Jay – Livin with (Ubiquity)
Owusu and Hannibal – Le fox – Livin with (Ubiquity)

EW&F – Runnin – All N All
Ronnie Laws – Friends and Strangers – Friends and Strangers (Blue Note)
BNH – never stop – BNH
Brother Jack McDuff – Moon Rappin – Moon Rappin (Blue Note)

Groove Collective – End Transmission – Declassified
Minnie Ripperton – Inside my love
McFadden and Whitehead – Aint no stopping us now – McFadden and Whitehead (Philly Intl.)

Nov 3, 2019

Crusaders – So Far Away – Crusaders 1
Herbie Hancock – Earth Beat feat Grandmixer D.ST. – Future Shock
The BlackByrds (Donald Byrd) – Mysterious Vibes – Action
Stanley Clark – Future Shock – Time Exposure
EW&F – Jupiter – All N All

Stanley Clarke feat Andy Bey and Dee Dee Bridgwater – Children of Forever – Children of Forever
Stanley Clarke feat Andy Bey and Dee Dee Bridgewater – Unexpected Days – Children of Forever
Andy Bey – Hibiscus – Experience and Judgement

Greyboy – Mustangs Groove – era correct

Dave Valentine – Do it again – the hawk

Nov 10, 2019

EW&F – September (FPM beautiful latin mix)
Paul Desmond, Jim Hall instead of dave brubeck – Wave –
Groove Collective – Hey – Dance of the Drunken Master
Groove Collective – Peep Show – DOTDM

Stanley Cowel – Equipoise – Equipoise
Diana Ross – My Old Piano – Diana (prod by Nile Rodgers and Bernard Edwards)
Sister Sledge – He’s the greatest dancer – we are family
Sister Sledge – Lost in music – we are family (prod by Nile Rodgers and Bernard Edwards)
Mario Biondi – This is what you are – Handful of Soul

Maze feat Frankie Beverly – We are one – we are one
DJ Greyboy – my hands are quick… – era correct (should have played something else)
Jeff Pierce – Reunions

Nov 17, 2019

Plantlife – When she smiles she lights the sky
Brookly Funk Essentials – Take the L train (to Brooklyn) – Cool and Steady and Easy
The Change Up
The Change Up
The Change Up
The Change Up
Choice 37 and The Earl of Longevity Crew aka Captions
Crown City Rockers – BBoy (remix) feat. Zion I, Chali 2na (of J5), Planet Asia etc.
Blackalicious – Purest Love – Blazin Arrow

Groove Collective – Nerd
Groove Collective – I Am – We the People
Guru – For you feat. Meshel Ndegochello – Jazzmatazz vol. 2

Nov 24, 2019

John Coltrane – Blue Train – Blue Train
John Coltrane – Central Park West
Yusef Lateef – Rasheed – Into Something

Leon Parker – Awakening – Awakening
Derf Reklaw – Awakening into Awareness – From the Nile
Gene Ammons’ All Stars – Blue Hymn – The big sound
JJ Johnson – Stir Fry – Let’s hang out

Josh Roseman Unit – Are you there – Treats for the night walker
Greyboy – Hold it down – Mastered the Art

Dec 1, 2019

Monk and Canatella – Roughead – Care in the Community
Goto80 – Llamawarning – Contech
Jean Michel Jarre – Diva feat. Laurie Anderson and marcus miller – Zoolook (1984)
8bw – chiponyour shoulder – elctric high
tom tom club/talking heads feat. bootsy collins – 5 minutes (at 33 rpm) (1984)
paul hardcastle – panic – rain forest
time zone (afrika bambata, bill laswel, jonny rotten, bernie worrel) – world destruction (1984 Celluloid/OAO)
Pleasure – future now – future now
EW&F – Power – Last Days and TIme

Dave Douglas – Molten Sunset (feat. Shigeto, Jonathan Maron & Mark Guiliana) – High Risk

Dec 8, 2019

Ronnie Foster – Cheshire Cat
R.A.M.P. – Come into Knowledge
R.A.M.P. – Try try try
R.A.M.P. – Daylight
R.A.M.P. – look into the sky
Incognito – Don’t turn my love away – adventures in black sunshine
Grover Washington Jr. – Feels so good – feels so good (kudu)
James Brown – Cold Sweat pt 1
Sylk 130 – jimmy leans back – when the funk hits the fan
The Procussions – Miss January feat. Talib Kweli – 5 Sparrows for 2 Cents

Wyclef Jean – Bubblegoose – the carnival

Visioneers – Hip Know Cypher – dirtyoldhipohop (BBE)

Dec 15, 2019

Kitaro – Sacred Journey I – Tunhuang (Kuckkuck)
Jeff Pierce – The Hidden Rift – The Hidden Rift

Deuter – Side B – Aum (Kuckkuck)
Vangelis – Albedo 0.39 – Albedo 0.39

Jeff Pearce – A Fading – To the Shores of Heaven

Tangerine Dream – – Optical Race (Private Music)

Dec 29, 2019

MAW – Backfired feat. India – Our time is coming
Richard Worth – Rise prod. by Ron Trent
Groove Collective – Dance with you – It’s all in your mind
Bob James – Westchester Lady – 3 feat Grover Washington Jr.
Bob James – Storm King – 3
Melvin Sparks – it is what it is – it is what it is
Gerald Wilson Orchestra – Viva Tirado
Gerald Wilson Orchestra – Equinox (John Coltrane)

James Taylor Quartet – 3 Mile Island – in the hand of hte inevtiable
June Christy – Softly as in a morning sunrise
Miles Davis – Mystery – Doo-Bop

Jan 5, 2020

Funkadelic – Enema Squad (the doodoo chasers) – one nation under a groove
Jeff Lorber Fusion – Glisten (inner city records 1977 & 1978)
Jeff Lorber Fusion – Water Music
Raw Stylus – Ridequake – Pushing against the flow (giant step)
Raw Stylus – Cuban King Breeze – Pushing agains the flow
George Duke – Sugur loaf mountain – a Brazilian Love Affair
George Duke – love reborn – a Brazilian Love Affair
Patife and Mad Zoo – Sem Pensar by Partricia Marx – Trama D&B Sessions
Bobbi Humphrey – Harlem River Drive
Marden Hill – Harlem River Drive – Hijacked

Jan 12, 2020

Jim Hall – Concierto de Aranjuez – Concierto (CTI)
Joe Farrel – Moon Germs – Moon Germs (CTI)
Jamie Cullum – get your way (allen toussaint, j.c., dan nakamura (the automator))

Billy Paul – let the dollar circulate – wheln love is new (philly intl)
Billy Paul – malorie – when love is new (philly intl)

Alphabet Soup – Up & Down – up & down club sessions vol. 1
Alphabet Soup – the music in my head

Gene Ammons – Junge Strut (Prestige Records)

Jan 19, 2020

Donald Byrd – places and spaces
– fallin like dominoes – places and spaces
– places and spaces
– fallin like dominoes – blue note live at the roxy

James Taylor Quartet – Sounds of Freedom – In the hand of hte inevitable
George Duke – Brazilian Love Affair – Brazilian Love Affair
Zuco 103 – Humana – Outro Lado

Chic Corea and return to forever – 500 miles high – light as a feather

Zuco 103 – Frustracao – Outra Lado

Tania Maria – Rainbow of your love – love explosion
– next song on the record too

Us3 – Recognize and Realize – 52nd and Broadway (or vice versa)

Jan 26, 2020
Jamaican dub special! Inspired by snowdusk’s episode

Brooklyn Funk Essentials – Dilly Dally – Cool n Steady n Easy
Brooklyn Funk Essentials – the creator has a master plan (pharoah sanders) – “
Solsonics – Red Clay (Freddie Hubbard) – JAZZ in the Present Tense
Derf Reklah feat Dwight Trible – We See – from the nile

Josh Roseman Unit – Long day short night – treats for the nightwalker
Born Jamericans – booom shack a tack (delicious vinyl)
Spearhead feat Stephen Marley – reblel music (3 oclock roadblock) – chocolate superhighway
Zuco 103 – It’s a womans world feat lee scatch perry – Whaa!
Zuco 103 – Love is queen omega feat Lee scratch perry – whaa!

Born Jamericans – boom shack a tack (version)

Wyclef Jean – yele – the carnival

Wanted to play some Monty Alexander feat. Ernest Ranglin, but ran out of time.

Feb 9, 2020

Grant Green – Sookie Sookie (Ronnie Foster on organ, Idris Muhammad on drums)
Bobby Hutcherson – Ummh
Gene Ammons – Jungle Strut
Ronnie Foster – Mystic Brew
Grant Green – The final come down
Bobby Hutcherson – Family Affair (sly sylvester stone)
Sly and the Family Stone – Everyday People – Stand!

Us3 – Chilli Hot – Get Shorty

Jimmy Smith – Funky Broadway – Respect (verve)
Jimmy McGriff – the worm
Wes Montgomery – going out of my head – going out of my head
Wes Montgomery – O Morro (?) – goin’ out of my head (verve)

March 1, 2020

Groove Collective – I want you (She’s So Heavy)
Richard Worth – Rise 12″
Richard Worth – lonely as a cloud – stone monkey
Dave Valentine – Legends – Legends
Frankie Knucles feat Adeva – Welcome to the real world – welcome to the real world
Reese and santonino (kevin saunderson) – bounce your body to the box
Frankie Knuckles feat Adeva – Passion and Pain – welcome to the real world
Brenda Taylor – you cant have your cake and eat it too
Rhythm is Rhythm (derrick may) – Drama

Dave Valentin – The Hawk – The Hawk

March 15, 2020

EW&F – Zanzibar – Head to the Sky (has keep your head to the sky)
Herbie Mann – Upa, Neguinho – Glory of Love
Cal Tjader – Soul Sauce (Gauchi Guaro) – Soul Sauce
Herbie Mann – Oh, How I want to Love You – Glory of Love
Groove Collective – Que Te Pasa’Ti – Dance of the Drunken Master

Us3 – Time and Space – Broadway and 52nd
Quincy Jones – Walking in Space – Walking in Space
Deep South – Believe – Soul Repair
song sampling Doing it to Death (the JBs, fred wesley on trombone) – Soul Repair

March 22, 2020

John Coltrane – Blue Train – Blue Train
Pharoah Sanders – The Creator Has a Master Plan – Karma
Galiano – Prince of Peace – A Joyful sound unto the creator
Grover Washington Jr. feat Bill Withers – Just the Two of Us – Winelight

The Jazz Crusaders – Freedom Sound – Freedom Sound
Jamiroquai – Time won’t wait – Dynamite
Jamiroquai – Cosmic Girl – Traveling without Moving
Jamiroquai – Didjerama – Traviling Without Moving

April 5, 2020

Charlie Hunter – Nothin but trouble – charlie hunter
Charles Lloyd – little peace (feat zakir hussain (tabla) Eric Harland (drums)) – Sangam
Johnny Hammond – Big Sur Suite – Higher Ground (KUDU, CTI offshoot, distributed by Motown)
Richard Groove Holmes – Groovin for mr G – Comin on Home
Joe Henderson – Old SLippers (George Duke) – Black Miracle (Milestone)

Nuyorican Soul – Nautilus (MAWtilus) – Nuyorican Soul
Bob James – Tappan Zee – Bob James 4 (CTI)

C=64 Sing Along!

April 12, 2020

Stanley Turrentine – Sugar
Digable Planets feat wah wah watson and lester bowie – flyting high in the brooklyn sky – stolen moments: red hot + cool
Kerri Chandler – rain
Zuco 103 – cujo & cuja – outro lado
Meco – moondancer – moondancer
Nuyorican soul – sweet tears (feat roy ayers) – nuyorican soul (giant step)

Illinois Jacquet – Potpourri – Illlinois Jaquet flies again (1958 roulette records birdland series)
Oliver Nelson – stolen moments – blues and the abstract truth
UFO – stolen moments – stolen moments: red hot + cool

April 19, 2020

Jonn Serrie – Quantum Seas – Day Star
Tangerine Dream – Cat Scan – Optical Race
Alister Brimble – Magnetic Drops – Sounds Digital
Jean Michael Jarre – Zoolookologie – Zoolook
trash80 – social silence – hologram

rob hubbard – zoids
Synergy – Ancestors – Audion (electronic compositions for the post modern age)
Patrick O’hearn – forever the optimist – between two worlds
Michael Shreive – Nucleotide – Transfer Station Blue
Erik Wollo adn Byron Metcalf – Linked Stars – Earth Luminous
David Helpling – The Same Sky – The Crossing

April 26, 2020

Freddie Hubbard – the intrepid fox – red clay (CTI)
dave gruisin all stars feat sadao watanabi – friends and strangers – live in japan
Ronnie Laws remixed by lg experience – friends and strangers – the new groove: the blue note remix project volume one
Ronnie Laws – Friends and Strangers – Friends and strangers (Blue Note)
Horace Silver remixed by Easy Mo Be – the sophisticated hippy – the new groove; the blue note remix project volume one

Earl Klugh – Los Manos de Fuego (hands of fire) – Earl Klugh (Blue Note)
Earl Klugh – could it be I’m falling in love – Earl Klugh
Marvin Gaye – Flying High in the friendly sky – what’s going on
MFSB Orchestra – Zach’s Fanfare (actually another famous song) – Love is the message
MFSB Orchestra – Touch me in the morning – Love is the message (Philly Int’l)
Sylk 130 (king britt) – last night a dj saved my life – when the funk hits the fan (Ovum)

Miles Davis – Sonya – Doo-Bop

May 17, 2020
an 8 track special!

EW&F – Zanzibar – Head to the Sky
EW&F – best of 8 track various selections
Stevie Wonder – fulfillingness’ first fanale various selections (8 track)
the 4 tops – various selections on the best of 8 track
Steve Miller Band various selections from an 8 track

Padding was Jonn Serrie’s Quantum Seas from Day Star

May 24, 2020
an 8 track special episode 2!

Bill Withers, etc

FroggyMe’s Fantastic Fantasy playlist – Sept 6th, 2020

The Crusaders – so far away – crusaders 1

Herbie Hancock – Saturday Night – Monster (1980) has Steiner EVI
Herbie Hancock – Stars in your eyes – Monster
Herbie Hancock – Go For It – Monster

Richard Tee – First Love
Alphonze Mouzon – Sunshower
Stanley Clarke – Future – Time Exposure

Ron Trent – I feel the rhythm (used as pad while flipping records)

Sadao Watanabe – Burung Burung “Birds” – Birds of Passage
Dave Grusin – Captain Caribe – Mountain Dance

Myocyte 52

Thanks for listening [ download ]

  • FIREC015 Mac​-​Talla Nan Creag – Eternal Dawn and Gloaming
  • 168 & Bekatrina – 168 & Bekatrina – ZOV
  • Figure Study – Station
  • Inkswel – Do It
  • kazunocobit – kikyuu
  • Kashif – I Just Gotta Have You (Lover Turn Me On)
  • Lazer Zebras – Flegma tic
  • Lazer Zebras – Taxi
  • Casper Mcfadden – Hardcore Can’t Die!
  • Oumou Sangaré – Djoukourou (Auntie Flo Remix)
  • Linkwood – Hear The Sun
  • The Cenobites – Return To Zero
  • Virgin Prunes – Red Nettle
  • Lila Tirando a Violeta – Flores & El Mar
  • Protect-U – Haptic Boogie
  • Thomas Fehlmann & Terrence Dixon – The Corner
  • Inkswel – LFO Bounce (Funkineven Remix)
  • Techno Animal – DC 10 feat. Sonic Sum
  • Slikback – HEARTFIELD (x MORGIANA HZ)
  • Samuel Rohrer – The Grid
  • Watson – Hot Potato
  • Vlad Dobrovolski – Opus 6, Hovering As If By Magic
  • Whodamanny – Neuter Gyrum

TSR – The Server Room Show – Shownotes – Episode 42 – Analytics and Interactive Visualization Solutions

Intro

While preparing this article/episode for today I came across the below dilemma which I could summarize as:

Most Monitoring Softwares Are Not So Great In Presenting Visually The Metrics/Data Acquired But Some Analytics and Visualization Solutions make a near perfect Monitoring Solution.

Viktor Madarasz – while preparing this article for this episode

What I try to say is that while Monitoring softwares like the ones we discussed in the previous episodes like (Nagios and Zabbix and OpenNMS) not ace it in visualizing the acquired metrics and data in the most beautiful form possible which makes us couple a Monitoring tool like OpenNMS with Grafana *a tool of Analystics and Visualization I will talk about today* to achieve what we want , suprisingly enough some of these analytics and visualization layers/tools/software are getting better and better to include functions from monitoring softwares such as alarms for example.

Therefore I had a bit of a hard time to draw a line with some of these tools , and many others which nearly made it to the list , of where a data visualization and analytics software ends and a monitoring software begins. This line seems fuzzier each time I look at it.

For the moment Monitoring softwares have more on the monitoring and handling alarms end on the spectrum and less on the presentation and visualization of the acquired metrics/data but Analytics and Visualization tools are becoming more and more a hybrid to try and exists in both words.

Grafana
Out of the Box experience ….

Grafana is a multi-platform open source analytics and interactive visualization web application. It provides charts, graphs, and alerts for the web when connected to supported data sources. It is expandable through a plug-in system. End users can create complex monitoring dashboards using interactive query builders.

As a visualization tool, Grafana is a popular component in monitoring stacks often used in combination with time series databases such as InfluxDB, Prometheus and Graphite; monitoring platforms such as Sensu, Icinga, Zabbix, Netdata, and PRTG; SIEMs (security information and event management) such as Elasticsearch and Splunk; and other data sources.

What is a time series database?

A time series database (TSDB) is a software system that is optimized for storing and serving time series through associated pairs of time(s) and value(s). In some fields, time series may be called profiles, curves, traces or trends.Several early time series databases are associated with industrial applications which could efficiently store measured values from sensory equipment (also referred to as data historians), but now are used in support of a much wider range of applications.

In many cases, the repositories of time-series data will utilize compression algorithms to manage the data efficiently.Although it is possible to store time-series data in many different database types, the design of these systems with time as a key index is distinctly different from relational databases which reduce discrete relationships through referential models.

A time series database typically separates the set of fixed, discrete characteristics from its dynamic, continuous values into sets of points or ‘tags.’ An example is the storage of CPU utilization for performance monitoring: the fixed characteristics would include the name ‘CPU Utilization’ the units of measure ‘%’ and a range ‘0 to 1’; and the dynamic values would store the utilization percentage and a timestamp. The separation is intended to efficiently store and index data for application purposes which can search through the set of points differently than the time-indexed values.

The databases vary significantly in their features, but most will enable features to create, read, update and delete the time-value pairs as well as the points to which they are associated. Additional features for calculations, interpolation, filtering, and analysis are commonly found, but are not commonly equivalent.

In the below example I used Grafana + Influxdb + Telegraf to monitor the localhost for basic metrics as seen on the screenshot. Also known as TIG Stack Telegraf Influxdb and Grafana

Grafana is an open source data visualization and monitoring suite. It offers support for Graphite, Elasticsearch, Prometheus, influxdb, and many more databases. The tool provides a beautiful dashboard and metric analytics, with the ability to manage and create your own dashboard for your apps or infrastructure performance monitoring

Telegraf is an agent for collecting, processing, aggregating, and writing metrics. It supports various output plugins such as influxdb, Graphite, Kafka, OpenTSDB etc.

InfluxDB is an open-source time series database written in Go. Optimized for fast, high-availability storage and used as a data store for any use case involving large amounts of time-stamped data, including DevOps monitoring, log data, application metrics, IoT sensor data, and real-time analytics.

TIG Stack Monitoring the Localhosts Basic Metrics
Kibana
Kibana + Elasticsearch showing Sample Data Out of the box…

Kibana is similar in many ways to Grafana but one key difference when it comes to data sources it can only work with Elasticsearch. This can be a deal breaker for many if they wish to work with other datasources than Elasticsearch.

Grafana is designed for analyzing and visualizing metrics such as system CPU, memory, disk and I/O utilization. Grafana does not allow full-text data querying. Kibana, on the other hand, runs on top of Elasticsearch and is used primarily for analyzing log messages

Kibana is an open source data visualization dashboard for Elasticsearch. It provides visualization capabilities on top of the content indexed on an Elasticsearch cluster. Users can create bar, line and scatter plots, or pie charts and maps on top of large volumes of data.

Kibana also provides a presentation tool, referred to as Canvas, that allows users to create slide decks that pull live data directly from Elasticsearch.

What is Elasticsearch?

Elasticsearch is a search engine based on the Lucene library. It provides a distributed, multitenant-capable full-text search engine with an HTTP web interface and schema-free JSON documents. Elasticsearch is developed in Java. Following an open-core business model, parts of the software are licensed under various open-source licenses (mostly the Apache License) while other parts fall under the proprietary (source-available) Elastic License.

Shay Banon created the precursor to Elasticsearch, called Compass, in 2004. While thinking about the third version of Compass he realized that it would be necessary to rewrite big parts of Compass to “create a scalable search solution”. So he created “a solution built from the ground up to be distributed” and used a common interface, JSON over HTTP, suitable for programming languages other than Java as well. Shay Banon released the first version of Elasticsearch in February 2010

Features of Elasticsearch

Elasticsearch can be used to search all kinds of documents. It provides scalable search, has near real-time search, and supports multitenancy. “Elasticsearch is distributed, which means that indices can be divided into shards and each shard can have zero or more replicas. Each node hosts one or more shards, and acts as a coordinator to delegate operations to the correct shard(s). Rebalancing and routing are done automatically”. Related data is often stored in the same index, which consists of one or more primary shards, and zero or more replica shards. Once an index has been created, the number of primary shards cannot be changed.

Elasticsearch is developed alongside a data collection and log-parsing engine called Logstash, an analytics and visualisation platform called Kibana, and Beats, a collection of lightweight data shippers. The four products are designed for use as an integrated solution, referred to as the “Elastic Stack” (formerly the “ELK stack”).

Elasticsearch uses Lucene (a free and open source search engine from Apache Software Foundation) and tries to make all its features available through the JSON and Java API. It supports facetting and percolating which can be useful for notifying if new documents match for registered queries. Another feature is called “gateway” and handles the long-term persistence of the index; for example, an index can be recovered from the gateway in the event of a server crash. Elasticsearch supports real-time GET requests, which makes it suitable as a NoSQL datastore but it lacks distributed transactions.

On 20 May 2019, Elastic made the core security features of the Elastic Stack available free of charge, including TLS for encrypted communications, file and native realm for creating and managing users, and role-based access control for controlling user access to cluster APIs and indexes. The corresponding source code is available under the “Elastic License”, a source-available license. In addition, Elasticsearch now offers SIEM (Security Information and Event Management) and Machine Learning as part of its offered services.

————————————————————————————————————————————————————————————————————————————————————–

The combination of Elasticsearch, Logstash, and Kibana, referred to as the “Elastic Stack” (formerly the “ELK stack”), is available as a product or service. Logstash provides an input stream to Elasticsearch for storage and search, and Kibana accesses the data for visualizations such as dashboards. Elastic also provides “Beats” packages which can be configured to provide pre-made Kibana visualizations and dashboards about various database and application technologies.

Grafana Loki

Loki is a horizontally-scalable, highly-available, multi-tenant log aggregation system inspired by Prometheus. It is designed to be very cost effective and easy to operate. It does not index the contents of the logs, but rather a set of labels for each log stream.

Loki is one of the available Datasources in Grafana.

Loki as a Data Source Option under Grafana

Grafana’s Loki in certain scenarios compared to Elasticsearch can offer an alternative option to be inserted into current workflows.

Graphite
Graphite running in Docker instance exposed on port :80

Graphite is a free open-source software (FOSS) tool that monitors and graphs numeric time-series data such as the performance of computer systems. Graphite was developed by Orbitz Worldwide, Inc and released as open-source software in 2008.

Graphite collects, stores, and displays time-series data in real time.

The tool has three main components:

Carbon - a Twisted daemon that listens for time-series data
Whisper - a simple database library for storing time-series data (similar in design to RRD)
Graphite webapp - A Django webapp that renders graphs on-demand using Cairo library.

Graphite is used in production by companies such as Ford Motor Company, Booking.com, GitHub, Etsy, The Washington Post and Electronic Arts.

Links

Grafana Step by Step for beginners:
https://www.youtube.com/watch?v=4qpI4T6_bUw&t=64s

Grafana
https://grafana.com/

Elasticsearch
https://www.elastic.co

Elasticsearch concepts
https://logz.io/blog/10-elasticsearch-concepts/

Kibana
https://www.elastic.co/kibana

Graphite
https://graphiteapp.org/

Grafana Loki
https://www.youtube.com/watch?v=1obKa6UhlkY

How to deploy TIG Stack
https://www.howtoforge.com/tutorial/how-to-install-tig-stack-telegraf-influxdb-and-grafana-on-ubuntu-1804/

Comparing Grafana Kibana Graphite
https://stackshare.io/stackups/grafana-vs-graphite-vs-kibana

FroggyMe’s Fantastic Fantasy – Aug 30, 2020 playlist

terry calier – dancing girl – what colour is love
gil scott heron – lady day and john coltrane
groove collective – some people – declassified
shawn lee’s ping pong orchestra – power surge – strings and things (Ubiquity)
jimmy smith – small’s minor – cool blues
johnny frigo sextet – Denis Cofy’s scorpio – trippin’: the groove merchant compilation (Luv ‘n Haight, Ubiquity)
melvin sparks – pick up the pieces – it is what it is

brian auger – golden gate – search party
miles davis – black satin – on the corner
buddy rich – three day sucker – big band machine (groove merchant)
david axelrod – holy thursday

David McCallum – the edge