I.T. Security and Linux Administration

August 17, 2011  9:16 AM

LinuxCon Live Streaming

Eric Hansen Eric Hansen Profile: Eric Hansen

I know this is a bit of (very) short notice here, since this is happening today, but I’d like to pass along a bit of exciting news about LinuxCon.  Thanks to Linux Foundation, this event will be live streaming the key notes from 8/17 to 8/19.  If it live streams more than that, I’ll be surprised but very happy.  More information is available at these links:

View List of Keynotes: http://events.linuxfoundation.org/events/linuxcon/schedule
Click Here To Register: http://events.linuxfoundation.org/events/linuxcon/live-video-streaming

Live video streaming will be broadcast beginning at 9:00am Pacific Daylight Time.

August 12, 2011  9:18 PM

SSH Proxy

Eric Hansen Eric Hansen Profile: Eric Hansen

When I was working at Ford, you were put behind a proxy. The idea intrigued me, as it was able to handle so many connections at once. Since then, I’ve been thinking of different ways to develop proxies, and looked at current solutions. If you want the easy pleasy way of doing things, then Tor is your best option (though, granted, not always the most safest). However, if you want to trust a reliable connection, you can easily set one up to go through your home (or business) network. Keep in mind, this is going to focus more on secure measures, and is meant for businesses who want to set up a network proxy.

Continued »

August 8, 2011  12:07 PM

[Script] iptables Helper

Eric Hansen Eric Hansen Profile: Eric Hansen

After messing around with the elusive iptables firewall for a few (very, very long) days, I’ve written a couple of functions that help me when it comes to saving and reloading the rules. Keep in mind, this is a default path (see /etc/conf.d/iptables to see where your rules should be stored), so you might have to edit this a little. Lets begin!

Continued »

August 5, 2011  12:28 PM

The removal of tcp_wrappers

Eric Hansen Eric Hansen Profile: Eric Hansen

Not too long ago, Arch Linux released an update on their distribution, stating that they are removing support for tcp_wrappers. For the most part, this doesn’t seem to be a big deal. They aren’t a world-renown distribution like Ubuntu or Red Hat, so its unlikely that unless its a kernel-based decision, the world is going to break and shatter. However, this does raise an interesting point in terms of security…just how secure is tcp_wrappers?

Continued »

July 30, 2011  9:42 PM

vmstat Parser

Eric Hansen Eric Hansen Profile: Eric Hansen

Sharing a script here that I wrote to parse vmstat information. I know this informational program can change its output from system to system, so I can’t gurantee that it will work for you. However, this was written on Ubuntu, so I’m sure it’ll work for at least all of the Debian-based systems. The line is pretty self explanatory, granted a bit long. It basically calls vmstat, gets the last line of the output (the actual data), and outputs it in helpful information.

I wrote this tool as I couldn’t remember what all the different parts of it were for, and looked up all the information I could on the different columns. First, the code:


# vmstat parser script. Serves no real purpose besides making the information easily readable.

# Note that this script is heavily distribution-dependent, and may (read: probably) won't work on other system.

vmstat | tail -n 1 | awk '{printf("%d processes are in wait queue, while %d are resource-blocked.\n%d blocks per second are being written to disk, while %d blocks per second are being read from disk.\nThere is a total of %d interrupts a second, and %d context switches a second.\nCPU usage: %d%% (user), %d%% (system), %d%% (idle), %d%% wait\n",$1,$2,$9,$10,$11,$12,$13,$14,$15,$16)}'

The output of this, when it works right, will look something like this:

2 processes are in wait queue, while 0 are resource-blocked.

3 blocks per second are being written to disk, while 26 blocks per second are being read from disk.

There is a total of 58 interrupts a second, and 17 context switches a second.

CPU usage: 14% (user), 1% (system), 85% (idle), 0% wait

I’m hoping that this will come in handy for someone besides me, especially since the output of vmstat itself tends to be quite vague.

July 30, 2011  8:31 PM

Central Management: Worth I.T. or Not?

Eric Hansen Eric Hansen Profile: Eric Hansen

I’ve always been one to dislike central management systems. Monitoring systems are nice. If there wasn’t a central system to maintain servers it would make life a lot more busy. However, if you have a cluster and you decide to manage all the slaves, as well as the master, via control panel only, there’s one major flaw about this. That is…

Continued »

July 29, 2011  7:25 PM

BrowserID Response

Eric Hansen Eric Hansen Profile: Eric Hansen

Yesterday, I wrote an article on Mozilla’s new BrowserID (aptly titled, “BrowserID“). When I woke up in the morning, someone on Twitter had responded to my Tweet announcing the post by basically saying that there isn’t two factor authentication involved (yet), and that most people do have JavaScript enabled. Click continue to find out why this strangely bothers me…

Continued »

July 28, 2011  7:25 PM


Eric Hansen Eric Hansen Profile: Eric Hansen

Browsing through various articles, there was one on Linux.com that caught my eye. It talked about Mozilla’s new “security feature” that is meant to, what seems like, take over the (rather limited) market that OpenID has created. Granted, it doesn’t directly take aim at it, but is the best way to describe its purpose in the world. Not to mention, they are calling it BrowserID. If you’re wondering what makes this any different, please continue. Continued »

July 26, 2011  10:22 PM

Distro Review: OpenSUSE 11.4 (1/2)

Eric Hansen Eric Hansen Profile: Eric Hansen

For the better part of two years now, I’ve been looking at various flavors of Linux, trying to see which one(s) are right for my needs.  For servers, I stopped after finding Arch Linux, as it gave me the freedom to use as much of my resources as possible, without the overhead of a GUI and such.  Desktop wise, I’ve been searching since 2005, when I first ventured into Knoppix and the like.  While I’m not going to review every distro I’ve used, or will use, there are some great things about OpenSUSE I would like to address.

Continued »

July 25, 2011  5:18 PM

Improved Network Security

Eric Hansen Eric Hansen Profile: Eric Hansen

With Linux 3.0 coming up around the corner, I thought it would be good to discuss some (possible) future improvements and additions to the kernel.  While this is already in the 2.8 branch (which was created before the official 3.0 was announced), it’ll be interesting to see what is carried over.  One of the first things that caught my eyes was not so much a new feature, but a plugin that’s becoming a standard inside of the kernel itself, IPSets. Continued »

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: