I.T. Security and Linux Administration

June 29, 2011  11:46 AM

New checksum method

Eric Hansen Eric Hansen Profile: Eric Hansen

I got an interesting article in my inbox today in regards to using extended attributes to create checksums. While I don’t know if this will pick up to be a de facto standard way of distributing checksums, this is definitely a step in the right direction. Continued »

June 28, 2011  9:48 PM

PAM module compiling

Eric Hansen Eric Hansen Profile: Eric Hansen

This is going to be a short article, but one I think will be quite useful for people who venture into making their own PAM modules. This might not work for your system, but for mine (and others it seems too), it does. Note too though that I will most likely be writing a series of articles on writing a custom PAM authentication (and possibly other types) module as this can be very useful for custom set ups. Continued »

June 28, 2011  4:13 PM

Can We Leave the Children Play at Home, Please?

Eric Hansen Eric Hansen Profile: Eric Hansen

It’s really no secret now, with all the news/media coverage, of the hacks on Sony and other companies, that some people are quite upset about things in this world. The way I look at it is it’s like a teenager acting out. They don’t know how to do it calmly or rationally, so they do it the only way they see fit. Everyone has their own outlet. However, the one thing that I can’t seem to comprehend is how they are acting out against “governments”, “conglomerates”, and other facts of life. This is an I.T. security article, and more is covered inside the “Continued…” link. Continued »

June 24, 2011  2:51 PM

Simple battery check script

Eric Hansen Eric Hansen Profile: Eric Hansen

Like most people, I have Linux installed on my laptop. However, with the way I have it set up, I don’t have a readily-available battery monitoring widget/app/etc… to tell me when my battery’s going to die. Even though my laptop is almost always on the charger now, I still decided to cook up a little script to make this a little more aware to me, seeing as how I almost always have the terminal open. Continued »

May 29, 2011  12:02 AM

HOTP Authentication via PAM

Eric Hansen Eric Hansen Profile: Eric Hansen

For some reason, May has seemed to be authentication month for me.  I just finished writing an article about SHA-12 encryption for passwords, Two Factor Authentication via SSH, and now I’m here for a new adventure. As mentioned in the two-factor article, I would write about my adventures in using it to authenticate users on the machine itself, not just with SSH. I have perfected this, and I will go into details (and a useful script at the end) for the world to share. Continued »

May 27, 2011  9:40 AM

SHA-512 Authentication

Eric Hansen Eric Hansen Profile: Eric Hansen

I’ve been trying to figure out for a little bit now how to do use the previously written Two Factor Authentication via SSH article for logging into my system directly. While it’s probably the same for SSH as it is for anything else involving PAM authentication, I haven’t actually dived into it too far currently. However, while working on some hardening thoughts for my system, I discovered how to enable SHA hashing, instead of using MD5, for logging into the system. Continued »

May 20, 2011  10:10 AM

Mass process kill using Bash, ps, and awk

Eric Hansen Eric Hansen Profile: Eric Hansen

I’ve been looking for something like this for a while, and have never seen it. I know it exists somewhere, as does most things these days, but I was too lazy to search through the archives of Google, and wrote a script myself. What this does is take each line of the output from ps, and sends a signal (kill -s) to the process ID to kill it. Continued »

May 14, 2011  10:41 AM

Security Vulnerability in WHMCS 4.4.2

Eric Hansen Eric Hansen Profile: Eric Hansen

Recently I ventured into WHMCS, and decided that I did not like that the “company title” was a text instead of image.  With this in mind, I began experimenting with the “company title” setting in WHMCS’ admin panel, and discovered that it’s prone to a potential security flaw. Continued »

May 10, 2011  9:21 AM

Two-Factor Authentication via SSH

Eric Hansen Eric Hansen Profile: Eric Hansen

Security and smart phones, a great combination when used in the right situations.  A while ago, Google released their two-factor authentication mechanism, as well as released software to run on iPhones, Blackberries, and of course Android.  Since they released this, I was wondering how long it’d take to really take power with this for IT systems (lets face it, Google is trying to take over the IT world).  Then, I stumbled upon (ironically not on StumbleUpon) an article that shows steps on how to integrate Google Authenticator with SSH.  That’s where this really takes an interesting turn. Continued »

April 25, 2011  8:23 PM

Linux From Scratch Premier

Eric Hansen Eric Hansen Profile: Eric Hansen

I’m going to start a new series here, one that I hope is very informative. But, first, I would like to give a little bit of real-world ideals as to how this will be beneficial.

This series is going to focus on Linux From Scratch (LFS), and how to build up from LFS to BLFS (Beyond LFS), and then HLFS (Hardened LFS). While this may not be substainable for companies already deploying pre-packaged servers (i.e.: CentOS, Debian, Arch Linux, etc…), the experience and knowledge gained from this will be substantial. It can not only provide a better service to your customers, but knowing how things actually work, what’s needed, and being able to make a Linux fitting your needs, instead of everyones, can make your life easier. Continued »

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: