Featured »

December 3, 2019 – 9:43 pm

Here’s a typical scenario: I go to a birthday party where everyone knows I’m a shutterbug, so I have to bring my camera. As time goes by and blood alcohol concentration rises and attention to …

Read the full story »
Networking

Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.

Applications

Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.

Data

Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.

Monitoring

Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Archive by Category

Articles in Security

Working with iptables Logging

November 30, 2019 – 9:41 pm
gpxvtms6cvea4q504jtbxjfwcd5z-2[1]

Most commonly iptables is used to allow, block, or redirect connections. However, it also has a logging feature that can be very useful for network traffic analysis and system security.

Copying File Attributes Across Servers

November 29, 2019 – 9:40 pm
5wqsp02uml4to2k7pe8m63sd7q7[1]

To make long story short, had to fix someone’s chmod -R 777 /. A late-night copy-paste fail, it would seem. Needless to say, console access is required, as SSH will not work with permissions on …

Copying Data in a Restricted Environment

August 17, 2019 – 8:04 pm
o42ex2ebr1lhz7wxo84scrr9iuu

Consider this not-so-hypothetical scenario: you have some data on server_a that you would like to copy to server_b. Unfortunately, these two servers cannot communicate with each other. Nor do they have access to any common …

Sending Windows Logs to Remote Syslog

July 6, 2019 – 11:21 am
5aeqm3bh93xr6guzkfva9l1l83i

Nothing fancy here: just a quick note on directing Windows event logs and select application logs to a remote syslog server.

Plugging iPhone’s Privacy Holes

July 3, 2019 – 11:19 am
0841lqjlj5ql1mfi3s4iyfznsny

Many recent publications , , suggest the iPhone is full of security holes threatening your privacy. The threat seems to be coming not so much from the phone’s operating system, but from the apps, …

Finding Passwords in Logs and Shell History

June 27, 2019 – 11:15 am
odjxa5y2t4lq4jzrfzv1cf3pvzw

Sooner or later it will happen: you type something after which you expect a password prompt then, without looking, you type the password. However, you fat-fingered the first command, and your password ended up in …

Anatomy of Internet Bullshit

June 25, 2019 – 11:12 am
yyamsb8x7dou2n5x9abhju9dffi

Here’s an oldie from two years ago that reared its ugly head on Pocket: Starting Your Day on the Internet Is Damaging Your Brain, by Srinivas Rao. The author presents his personal opinion that reading …

Creating a Chroot Jail for SSH Access

April 17, 2019 – 4:51 pm
Photo-2019-03-25-16-55-55_2462

Just a quick collection of notes on – rather than a definitive guide to – setting up an SSH chroot jail on RHEL 6. The same should work on RHEL 7 and unrelated flavors. For …

The Unix Oriental

April 14, 2019 – 4:16 pm
17516F9C-988D-4D42-A460-6E4D9C9F5A27s

Placed quite appropriately in the “Security” category – my favorite Oriental cocktail recipe. Distinguishing it from the classic preparation, are absence of sweet vermouth and lime juice, as well as addition of just a couple …

Encrypting Log Data During Log Rotation

April 9, 2019 – 4:12 pm
zbndpnm52bwk2uvwwyu9uomvglc

Most log files do not contain personally-identifiable information or other sensitive data. And even if they do, encryption of all personal data is not mandatory under GDPR. Still, on occasion, for testing and troubleshooting purposes …

Late Night Rant: Facebook

March 25, 2019 – 4:15 pm
Photo-2019-03-23-01-15-56_2459

According to media reports, since 2012, millions of Facebook and Instagram logins and plaintext passwords have been sitting on some internal Facebook system, accessible by  thousands of the company’s employees.

Killing Process Network Access

January 27, 2019 – 4:45 pm
IMG_1941[1]

Imagine this scenario: a particular process on your server is connecting to a host outside your internal network and you don’t like that. On the other hand, you can’t just kill that process because you need it.

The Facebook Fracas

January 9, 2019 – 4:48 pm
gaabtjyr7kjlsqt1dsziphakwvj[1]

The Facebook privacy saga is getting ridiculous. You’re using a free service that you signed up for – nobody was holding a gun to your giant head. And it’s not Gulag either: just delete your profile, uninstall the damned app, and forget Facebook ever existed.

Obfuscating Shell Scripts

August 1, 2018 – 4:04 pm
dd1gh0yb7yzbkvf8cyjpd4j2adq

Unix shell scripting language is run by the command-line interpreter and, as such, can be read and understood by anyone with sufficient access and experience. Sometimes this is not a good thing. Sometimes you want …

Encrypted Volumes and Portable Apps

February 25, 2018 – 3:08 pm
vault safe

This is a description of an uncomplicated setup for an encrypted volume and portable applications for a Windows laptop consisting of a USB3 storage device, VeraCrypt OSS OTFE, a hardware password wallet, and portableapps.com software.

Detect SSL Certificate Injection

February 21, 2018 – 3:05 pm
spy

When the SSL Digital Certificate is intercepted and replaced by a device between your browser and the Web site, we call it certificate injection. This method is more commonly used not by hackers, but by …

SSL For Self-Hosted WordPress

February 17, 2018 – 3:05 pm
encryption

Just some notes for setting up SSL with your self-hosted WordPress installation. Just got around to doing this the other day. Yeah, I know, about time…

Show Logged In Users During a Time Window

February 17, 2018 – 2:59 pm
clock

Let’s say you want to see who was logged in on the server during last weekend. This includes users who, say, logged in on Thursday and haven’t logged out until Saturday afternoon.

Increasing Entropy Pool in Linux

June 28, 2016 – 9:48 pm
security_003

The pool of random numbers in Linux is derived primarily from user interaction (keystrokes and mouse movement). A server does not have such a source and the random pool may start running low, especially during …

Using JTR to Crack Office Documents

April 22, 2016 – 5:35 pm
Computer Password Security

John the Ripper is a free multi-platform password-cracking software. This article is not intended to be a comprehensive guide to jtr, rather a quick how-to. Starting with version 1.7.9, jumbo patch 6, jtr supports password …

Securing VSFTP with TCP Wrappers and IPTables

November 11, 2015 – 1:44 am
computer_security_0001

I’ve been drinking beer and perhaps had one too many. Regardless of the reason, I felt the urge to further secure my favorite server. The target of my paranoia is once again the VSFTPd. I …

Removing Metadata from Images

September 8, 2015 – 12:09 pm
binoculars watch security rifle gun

Phones and cameras record a surprising amount of personally-sensitive information with the photos they create. This data includes timestamps, GPS coordinates, software used to process the images and lots of other details you may not …