I.T. Security and Linux Administration

August 5, 2011  12:28 PM

The removal of tcp_wrappers

Eric Hansen Eric Hansen Profile: Eric Hansen

Not too long ago, Arch Linux released an update on their distribution, stating that they are removing support for tcp_wrappers. For the most part, this doesn’t seem to be a big deal. They aren’t a world-renown distribution like Ubuntu or Red Hat, so its unlikely that unless its a kernel-based decision, the world is going to break and shatter. However, this does raise an interesting point in terms of security…just how secure is tcp_wrappers?

Continued »

July 30, 2011  9:42 PM

vmstat Parser

Eric Hansen Eric Hansen Profile: Eric Hansen

Sharing a script here that I wrote to parse vmstat information. I know this informational program can change its output from system to system, so I can’t gurantee that it will work for you. However, this was written on Ubuntu, so I’m sure it’ll work for at least all of the Debian-based systems. The line is pretty self explanatory, granted a bit long. It basically calls vmstat, gets the last line of the output (the actual data), and outputs it in helpful information.

I wrote this tool as I couldn’t remember what all the different parts of it were for, and looked up all the information I could on the different columns. First, the code:


# vmstat parser script. Serves no real purpose besides making the information easily readable.

# Note that this script is heavily distribution-dependent, and may (read: probably) won't work on other system.

vmstat | tail -n 1 | awk '{printf("%d processes are in wait queue, while %d are resource-blocked.\n%d blocks per second are being written to disk, while %d blocks per second are being read from disk.\nThere is a total of %d interrupts a second, and %d context switches a second.\nCPU usage: %d%% (user), %d%% (system), %d%% (idle), %d%% wait\n",$1,$2,$9,$10,$11,$12,$13,$14,$15,$16)}'

The output of this, when it works right, will look something like this:

2 processes are in wait queue, while 0 are resource-blocked.

3 blocks per second are being written to disk, while 26 blocks per second are being read from disk.

There is a total of 58 interrupts a second, and 17 context switches a second.

CPU usage: 14% (user), 1% (system), 85% (idle), 0% wait

I’m hoping that this will come in handy for someone besides me, especially since the output of vmstat itself tends to be quite vague.

July 30, 2011  8:31 PM

Central Management: Worth I.T. or Not?

Eric Hansen Eric Hansen Profile: Eric Hansen

I’ve always been one to dislike central management systems. Monitoring systems are nice. If there wasn’t a central system to maintain servers it would make life a lot more busy. However, if you have a cluster and you decide to manage all the slaves, as well as the master, via control panel only, there’s one major flaw about this. That is…

Continued »

July 29, 2011  7:25 PM

BrowserID Response

Eric Hansen Eric Hansen Profile: Eric Hansen

Yesterday, I wrote an article on Mozilla’s new BrowserID (aptly titled, “BrowserID“). When I woke up in the morning, someone on Twitter had responded to my Tweet announcing the post by basically saying that there isn’t two factor authentication involved (yet), and that most people do have JavaScript enabled. Click continue to find out why this strangely bothers me…

Continued »

July 28, 2011  7:25 PM


Eric Hansen Eric Hansen Profile: Eric Hansen

Browsing through various articles, there was one on Linux.com that caught my eye. It talked about Mozilla’s new “security feature” that is meant to, what seems like, take over the (rather limited) market that OpenID has created. Granted, it doesn’t directly take aim at it, but is the best way to describe its purpose in the world. Not to mention, they are calling it BrowserID. If you’re wondering what makes this any different, please continue. Continued »

July 26, 2011  10:22 PM

Distro Review: OpenSUSE 11.4 (1/2)

Eric Hansen Eric Hansen Profile: Eric Hansen

For the better part of two years now, I’ve been looking at various flavors of Linux, trying to see which one(s) are right for my needs.  For servers, I stopped after finding Arch Linux, as it gave me the freedom to use as much of my resources as possible, without the overhead of a GUI and such.  Desktop wise, I’ve been searching since 2005, when I first ventured into Knoppix and the like.  While I’m not going to review every distro I’ve used, or will use, there are some great things about OpenSUSE I would like to address.

Continued »

July 25, 2011  5:18 PM

Improved Network Security

Eric Hansen Eric Hansen Profile: Eric Hansen

With Linux 3.0 coming up around the corner, I thought it would be good to discuss some (possible) future improvements and additions to the kernel.  While this is already in the 2.8 branch (which was created before the official 3.0 was announced), it’ll be interesting to see what is carried over.  One of the first things that caught my eyes was not so much a new feature, but a plugin that’s becoming a standard inside of the kernel itself, IPSets. Continued »

July 18, 2011  5:23 PM

Encryption Strengths

Eric Hansen Eric Hansen Profile: Eric Hansen

There’s a lot of talk saying that you need to use at least 1024-bit keys for encryption to be beneficial now, due to the power of technology and what’s been developed. While I agree that the lower the bit strength, the easier it CAN be to break, I do not think there’s a set “standard” of sorts of what’s too weak or strong, and here’s why.

Continued »

July 12, 2011  8:32 PM

I.T.: Meet, the Cloud

Eric Hansen Eric Hansen Profile: Eric Hansen

For a while now, I’ve been trying to think of what to write about on here. There’s the “new” Linux 3.0 kernel coming out later this year, but everyone’s already jumped on that bandwagon and rode it to high heaven. Lulzsec has broken up, but DDoS’ing is not considered a hack to me, just more of using a flaw in 20+ year old technology that’s only finally being fixed. There’s Cisco’s event going on right now, but personally I don’t really follow Cisco, and if I don’t enjoy what I’m writing about, it’s going to sound quite bland and boring.

Instead, I’m going to focus on the cloud again, but this time, with a little twist. As I’m sure quite a few people have heard (or even been apart of by now), Google released Google+, their social media network to fight Facebook. Being skeptical about this since Google’s problems with Buzz, I wasn’t expecting much. While I’m not going to write a review on Google+ (which, again, has been rode to high heaven), I will say this: Google is continuing what Facebook started.

What does this have to do with “the cloud”, and all that its bringing to the table, you ask? The cloud is like social media. It’s huge, a lot of people are flocking to it, creating all this buzz, and experiencing great technology. However, people are stuck in serious tunnel vision, in that they don’t see the flaws it present people as well.

There’s a fine line, especially in I.T., that seperates dependence and obsession. Everyone is dependent on I.T., social media, and to a lesser extent the cloud. All of Google’s services are (if not already) migrating to a pure cloud form, and so are many other services (i.e.: Dropbox). However, when we become so obsessed over technology, that it starts to consume the way we even think and behave, it gets to be a bit too much.

I’m not sure how many people who will read this will recall the movie “Anti-Trust”, but a movie that was made in the mid to late 1990′s is what we’re living in now. Every company is trying to create the next N.U.R.V., and develop an awesome Synapse. That’s awesome, I personally love having everything in a central location…especially considering I’m not the most organized person. However, are we really willing to give up our freedoms and security for what the cloud (i.e.: social networking) has to offer?

When it comes to websites such as Facebook, Google+, Twitter, etc… they give people a false sense of security. The content you post is only yours until someone else deems it unacceptable. Similar to the cloud, users can (if they have access to your files) report the file for being unacceptable, or otherwise breaking a terms of service.

Also, think about when the service goes down. The cloud is nothing more than RAID-0 for the Internet. The data is replicated across servers to ease the load balancing (which, unfortunately, RAID doesn’t do). While social media can’t act in the same manner, they tend to use the same technology. Which, this is genius when you look at it in the general scheme of things. When RAID fails, unless you’re lucky enough to notice the failure quickly, data across all the drives are going to be corrupted and lost (which you better hope at this point you have backups or the I.T. fellas are having a good day and you can recover data). Ultimately, storing data is not safe, nor secure. If it doesn’t get erased, there’s still no telling what its actually being used for.

July 5, 2011  8:23 PM

Fetching real available memory

Eric Hansen Eric Hansen Profile: Eric Hansen

When running “free -m”, I would see my “Free” memory go down further, even after closing out programs and such. While I didn’t know why this was before (but knew that free also involved disk caching), I looked into it and saw that basically the “-/+ buffers” line was your actual used and free memory statistics. In short, so I don’t start making this mistake again, I wrote the following Bash script (yes, Bash and awk are my weapons of choice when scripting). Continued »

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: