I.T. Security and Linux Administration


December 30, 2013  11:36 AM

Getting Out of a Hung SSH Session



Posted by: Eric Hansen
security

I’m sure I’m not the only one that experiences the oh so wonderful moments of my remote SSH sessions hanging and not responding to any input.  While I’m not really sure why this happens it seems to mostly be due a period of no interactivity (i.e.: no key presses).

Before I used to close out the local terminal screen then start up another and SSH into it again.  However, I did recently find a way to make this process a lot easier.  Note to any and all readers: man pages can really save you time and effort. ;)

When you run into this issue again just hit enter then ~ and . (tilde and period) and SSH will terminate itself.

This works because SSH basically creates a session within itself, so you have the master/main SSH program that listens to events and a child SSH program that remotely connects and lets you do all your stuff.

November 30, 2013  9:17 PM

Should I Use LVM?



Posted by: Eric Hansen
security

LVM is a nice invention when it comes to Linux and the kernel.  The easiest way to think of it is RAID without any performance gain or loss.  You’re able to extend and shrink the LVM partitions like RAID but there’s no benefit to it beyond that.

Why would anyone want to use LVM over RAID or no special partitioning period?  One good reason would be for /var.  With all the logs and other various bits of data that gets stored there its typically the first place to look when your disk space is running low.

You’re not always going to want to have the overhead of RAID’s functionality for partitions, so it is likely /var isn’t set up as a RAID.  Once you hit that space limit you’re forced to either delete data you may want in the future or risk your system going down due to “lack of space” (it happens :/).  With LVM you can extend the partition using a few simple commands and be good to go again.  Usually you can do this while the system is still running too, which essentially makes it hot swappable.


November 30, 2013  5:55 PM

Pricing Your Services



Posted by: Eric Hansen
security

I’m looking to add more services to my business, but its a tough thing to figure out…how much to charge someone, that is.  You have to look at the resources of the server and factor in not only how much you expect your userbase to use, but also the system itself.

For example, I’ll have a KVM with 256 MB of RAM.  You should already figure the KVM OS is going to use at least 100 MB of that.  That doesn’t offer a lot of leeway.  Luckily, OpenVPN doesn’t demand of resources so if you figure a client will need 32 MB for OpenVPN bare minimum, and the system will use 56 MB (minimal installs are awesome!), we’re looking at about 6 clients per KVM (200/32 = 6.25 = ~6).  If you charge each client $5/month you could very well have that KVM paid for and a good amount of profit as well.


November 30, 2013  5:36 PM

Developing With Python: Scripts



Posted by: Eric Hansen
security

While already covering Python for websites, it also serves a very useful source of scripting.

Back in the day Perl and shell ran the playground for scripting languages.  However, now there’s a whole mess of new friends to meet in Python, Ruby, PHP (though its pretty old too) and more.

Python for me has been the go to for a long while though for a few reasons.  Its simple to program yet make powerful scripts.  There’s not a lot to do for most tasks.  Its resource friendly for even systems like the Raspberry Pi.

Its an interpreted language which inherits some overhead do to needing to be “compiled” as run time, as compared to C/C++ where its an already compiled binary.  But, especially with how computers are built these days that argument just seems more and more pointless.  If you’re needing to save yourself a few extra CPU cycles then scripting isn’t what you’re needing to begin with.


November 30, 2013  5:10 PM

Developing With Python: Websites



Posted by: Eric Hansen
security

Ever since I started using Python I fell in love with it.  Unlike Perl I could wrap my head around how to do even simple things, and for scripting it was like Bash on steroids.  Then not after long I disocvered you can develop websites with it as well (either through things like Pelican or Tornado [Django too but that's similar to Tornado]).

I’ve found that using Python instead of other languages like PHP was a smart decision.  The frameworks are nice (if not a little bit of getting used to though) but even more so the resources it doesn’t use up.

Its similar to comparing MySQL to SQLite.  They’re both databases, do the same things, but MySQL provides a lot more functionality out of the box with the price of using more resources.  Python vs PHP is the same in that they both are used to develop websites, can do the same things, but Python has a minimal set of features out of the box and requires importing libraries for more than the basics.

PHP’s MVC structure is, in my opinion, far easier (used to Code Igniter) where as Python’s tends to be a bit more split across the filesystem.  However, that’s easily negated when you consider PHP requires loading an entire file for a single class where as Python can load only specific parts of a file.


November 30, 2013  4:56 PM

Documentation: A Must



Posted by: Eric Hansen
security

A lot of people during school learn that in IT documentation is without a doubt within the top 3 most important things you can do.  Whether it be writing down the traffic flow or detailed policy, to make your job easier in the long run its better to make your job worse in the short term.

Its the same as when writing code.  Commenting is stressed so you can look back at your code months from now and know what you were trying to accomplish.  Otherwise you’ll most likely be staring at a screen, pulling hair out and making weird noises that ressemble monkeys.

From a business stand point, I found it more useful to document everything that’s relevant to business than to guess on anything.  Even naming schemes as you never know how advanced they can get in the future.  That’s why the hostname of my netbook is “as-l-001-eric” (as-<location ID>-<machine ID>-<owner>).  Simple, effective, easy for me to find if need be compared to a hostname of “cars4tunnelU”.


November 30, 2013  4:32 PM

Your Phone Doesn’t Dictate You



Posted by: Eric Hansen
security

For many years I’ve used Android (since 2.2 came out and was new).  At first I absolutely loved it.  It was new, it was fast, it offered a lot to me and my growing intents.  Heck, it was nice to have a phone that didn’t use WAP for browsing!

Now, though, Android has really turned me away from the platform.  Granted, my initial dislike was towards Google and their growing controlling attitude on everything.  It has also become apparent in their phones as well, though.

I don’t want Google TV or Google Music on my phone…heck, I’d rather YouTube be off of it as well.  I’d prefer to use the space for apps I actually use.  But, you can’t uninstall them.  Its like trying to uninstall IE from Windows.

To make a long story short Sprint’s upgrading their towers around where I live to support 4G, and all my calls drop.  Being in the position I am I couldn’t afford that so I decided to switch to T-Mobile.  Since I was switching carriers I figured I would switch phones too.

My main choice was the BlackBerry Z10 (it looks slick as hell), but the T-Mobile store I signed up at didn’t have it.  So, I went to my 2nd choice, Windows Phone 8.

Yes, I love Linux.  Yes, I don’t fancy Windows except for a gaming platform.  No, I don’t feel I’m a traitor.

My decision was made by the dislike of Google’s force and “live in the cloud” mentality.  While Microsoft offers both in their platform as well, you have a choice.

The phone comes with apps installed by default such as a music player.  But, guess what?  You can uninstall it!  It doesn’t just uninstall the updates and force you to reinstall them later like Android, it lets you actually uninstall it.

Overall the platform is nice, but the point of this is to state that the phone you use doesn’t dictate who you are.  I’d still be me if I used an iPhone, I just chose a platform I felt more comfortable with.


November 30, 2013  4:22 PM

KVM and Its Uses



Posted by: Eric Hansen
security

If you’re looking ot have a true server without the added expenses of managing a physical server, then a KVM is right for you.

KVMs offer all the benefits of owning a physical server without the overhead of managing the resources.  Lots of hosting companies offer them and especially with it being the holiday season they are offering them at (greatly) discounted prices.

If you’ve ever owned a VPS then you’ll know what it feels like to be able to control a server without worrying about the drive failing and having to reconfigure RAID.  However, with a KVM you get complete control (i.e.: from boot to shutdown) where as with a VPS you can only control the server from login to shutdown.

The one downfall from what I’ve seen in regards to KVMs though is the price. With the added functionality and features given to you, you also have to pay a higher price.  Case in point, where I got my KVMs the specs are:

  • 256 MB RAM
  • 15 GB space
  • 1 TB bandwidth
  • 1x CPU core @ 2.0 GHz

This comes up normally to $10/m, however, I got it for $5/m as they were doing a launch-period special.

Keep in mind too though that every company is different.  Some will offer more for less and others offer less for more.


November 30, 2013  3:01 PM

The Linux Verisoning Issue



Posted by: Eric Hansen
security

Linux 3.0 was a big deal in most peoples’ eyes.  For as long as I can remember using Linux (since 2004) the kernel was at 2.y.z.  3.0 was only released either last or this year, even.

Then Linus made the announcement that 3.0 wasn’t going to be anything more than a usual patch fix (i.e.: no new features to write home about).  His jsutification for this is “why not?”  Its his product, fine.  Not much anyone can do about that after all.

Now there’s talk of bringing out 4.0.  Again, nothing but a bunch of bug fixes.

While it’ll be nice for a short while to see that 4.0.z on my screen, I feel the “its my stuff so you can only look at it” mentality is running its course.  Nothing new is being done with the kernel, why keep changing hte major version number?

At this point just make the major version 42 and make all the geeks squirm with happiness.  Its just as effective now as actual versioning reasons where in the past.


November 30, 2013  2:53 PM

Are Certifications Worth It?



Posted by: Eric Hansen
security

Back when I was going to ITT for my associates everyone stressed the importance of certifications.  When looking at the job market it made sense, too.  Most entry-level positions were asking for A+ or Net+, even some wanted CCNA (…no.)

Looking at the job market 5-ish years later a lot has apparently changed.  Very little postings are even asking for certifications, let alone even education.  While my belief is that a masters will be the bare minimum in the next 5-10 years, I wouldn’t be surprised to be completely wrong on that now.

Back to the question at hand, though.  A straight forward answer would be “depends.”  But, that doesn’t do you any good now, does it?

Best thing to do is review jobs in your area and see what various places are asking for.  There’s some that will demand you have certifications and others just care if you know what you’re doing.  It will give you a good idea what it’ll take to get a job where you want to work and if you’re lucky ask them at a job fair if they are there.

My personal belief is that they are pointless, though.  At this point the same as getting a bachelors, you can’t prove your worth by a piece of paper.

My ideal vision of when I build my business up high enough to be able to hire people is this simple process: give them a lab (probably through a VM so you can snapshot and restore).  They have various issuees they need to solve.  Basically keylog what they do (modifying the shell history is too easy) and determine from there.  You’ll have a good idea of what they do and how they solve problems that are directed toward your business.

Simple?  Probably too simple.  However, doing the job is what’s important, how they get the solution is only part of the issue.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: