I.T. Security and Linux Administration


September 30, 2011  9:22 PM

[PHP] Lighttpd Access Log Viewer

Eric Hansen Eric Hansen Profile: Eric Hansen

In an earlier post I made, Lighttpd Access Log Parsing, I wrote a quick Bash line to parse Lighttpd’s access log file that you can easily port over to any other log file.  This time, I’ve done the same thing, but with PHP (using HTML for output, but you can change that if you like).  Click continue to see the awesome powers PHP can have with some regex magic, and basic HTML!

Continued »

September 28, 2011  7:06 PM

Linux & Windows 8 Secure Boot

Eric Hansen Eric Hansen Profile: Eric Hansen

While I normally don’t write about Windows on here, ITKE asked me via Twitter to write down my thoughts about the controversy surrounding Linux and Secure Boot, Windows’ answer to what TrueCrypt and BitLocker have been doing for a while now.  I’m not going to be biased and say that Windows is the spawn of all that is evil, as there are good and bad things involving all of this mess.  What I’m going to be doing is outlining some of the finer grained details and expand on them from an article I read on ZDNet.

Continued »


September 28, 2011  11:37 AM

Bandwidth Monitoring With bwbar

Eric Hansen Eric Hansen Profile: Eric Hansen

There’s quite a few systems out there that like to present to you a fancy graph and such information on the system’s bandwidth usage.  However, if you’re looking for something simple and straight to the point (and optionally have a web server running), bwbar is what you should be using.  Its a lightweight, easy to use, and easy on resources solution for displaying current bandwidth usage, written in C (or C++).  (More information about the program itself can’t be found as kernel.org is down…still…).  But, in this article I will show you how to use this tool to give you an overview of your bandwidth usage.

Continued »


September 27, 2011  9:36 PM

Lighttpd Access Log Parsing

Eric Hansen Eric Hansen Profile: Eric Hansen

If you’re like me, you’re always wanting to parse those pesky log files to make analyzing them easier.  Thankfully, with my constant desire to make my jobs easier (read: make me lazier), and passion for programming, I’ve written up a quick Bash script to do just this.

Now, I’ll say this right off the bat…this isn’t pretty (i.e.: it’s straight forward, and quite bland currently), but I’m going to be writing a better one in PHP soon, using regex and all that other fancy stuff.  But, this is something to get the engines roaring while I work on the script of the week tomorrow.

Continued »


September 26, 2011  9:47 PM

Duo Security Review

Eric Hansen Eric Hansen Profile: Eric Hansen

I’ve written about two-factor authentication methods before (namely using the Google Authenticator to log in to SSH).  While that method was fine, there’s also a new product that’s come out over the year or so, and is also local to my home.  It’s called Duo Security, and they have an authenticator system that takes it one step further than your every day method of secure authorization. Continued »


September 18, 2011  6:57 PM

Postfix and Post Queue

Eric Hansen Eric Hansen Profile: Eric Hansen

A lot of talk and discussions can be found online in regards to mail systems like sendmail, Qmail, etc…but, at least for me, Postfix is more of the silent assassin of sorts.  Out of the systems though, I’d have to say Postfix is one of the easier and more versatile MTA’s to use for Linux.  sendmail is sort of the de facto standard, and Postfix has always been intended to be a superset of sendmail.  In this post, I’d like to discuss the mail queue, and how to handle it.

Continued »


September 9, 2011  12:00 PM

Parsing E-mails via Postfix and PHP

Eric Hansen Eric Hansen Profile: Eric Hansen

While not everyone is going to have a need for this, there are a lot of good reasons to parse e-mail.  Perhaps the best is if you use a help desk/bug tracking/ticket system (Bugtraq, Clientexec, etc…), and want to allow people to send in requests and such via e-mail.  Among other things, this is the easiest way to do this with Postfix.  Since this works whether you are using virtual or real domains, you don’t have to worry about this.  There are methods to do this with MySQL as well, but I have yet to get it to work. Continued »


September 7, 2011  4:31 PM

Shell Scripting tip

Eric Hansen Eric Hansen Profile: Eric Hansen

While for the most part you may never run into an issue when writing (and using) shell scripts, there’s one little caveat that I’ve experienced as of late.

Instead of starting your scripts with this:

#!/bin/sh

You will most likely better off in the long run specifying the exact shell you want to use.  For example, if you want to use Bash:

#!/bin/bash

The problem here is that /bin/sh is generally a symlink to a shell program (Bash, Dash, etc…).  While this is handy, not every shell is going to have the same features.  For example, in Bash, if you want to create an array variable, you’d do this:

VARNAME=(arrayval1 arrayval2 etc…)

However, on my VPS, /bin/sh is linked to /bin/dash, which doesn’t allow you to create arrays like that.  If you want to to see where your /bin/sh is linked to, you can run the following command:

ls -liha /bin | grep “sh ->” | grep lrwxrwxrwx

There might be multiple entries.  You could remove it then recreate the symlink, but if you’re going to write scripts for portability (like what I offer on this blog), you should specify the exact shell to be on the safe side.


September 1, 2011  9:09 PM

[Revisited] SquirrelMail PHP Hack

Eric Hansen Eric Hansen Profile: Eric Hansen

Even though I just posted an article on listing domains in SquirrelMail earlier today, I decided to revamp it a little more.  Now, it works the same, but looks a little bit more like the old-school Hotmail log in, where you had the area to put in your username, and then next to it is the domain(s) to choose from.  However, I’ve added another little tweak to it as well, which I’ll showcase, just “continue”…! Continued »


September 1, 2011  1:05 PM

SquirrelMail PHP Hack to Allow Domain Selection

Eric Hansen Eric Hansen Profile: Eric Hansen

For anyone who has used SquirrelMail, you know you pretty much always have to enter “@domain.tld” after the username to log in and use it.  Its one thing when you’re running it for one domain, but it makes it even worse when you have multiple domains using the same script as well.  This alone got me wanting to hack SquirrelMail to be less troublesome, so I can get into mail faster.  With a few file changes, I was able to do this without worry.

Version Information: SquirrelMail v1.4.22 ; PHP v5.3.8
Total time needed: ~10 minutes, ~5 if you’re just copying and pasting.

Continued »


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: