tag:blogger.com,1999:blog-94011522011-07-07T18:55:18.081-07:00This blog is a collection of notes that reflect personal experiences in systems and network administration. "Let all things be done securely."Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.comBlogger961100tag:blogger.com,1999:blog-9401152.post-51840378104070072812008-04-22T20:38:00.001-07:002008-04-22T20:51:17.286-07:00

One very little known part of Bash is variable substitution and matching. Say you have a script where you want to use the value of a variable if it has a value, but use a default value if it is null, you can use the following example:NEWVAL=${CURVAL:-default}This will assign the value of ${CURVAL} to ${NEWVAL} if not null, otherwise it will assign the value of default to ${NEWVAL}. Note that

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com43tag:blogger.com,1999:blog-9401152.post-65284800046866319942008-04-18T18:55:00.001-07:002008-04-22T20:28:30.683-07:00

Today's tip covers Bash for loops. A simple operation that comes in handy with nearly EVERY shell script.for i in $(seq 1 10)do echo ${i}doneNote that enclosing variables in curly braces is not required but will never let you down. Take the following code, for example:i=1echo $i # worksecho $i5 # won't work!echo ${i}5 # works!Enclosing the variable in curly braces allows you to use the

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com2tag:blogger.com,1999:blog-9401152.post-29506359383317358042007-12-27T14:41:00.000-08:002007-12-27T15:12:24.629-08:00

Yesterday I introduced SELinux and explained how to begin using it in 'Permissive' mode without affecting any existing processes on a server. Today I'm going to cover how to interpret a violation in the logs and how to find more information which might help to resolve the issue and allow you to run in 'Enforcing' mode. Enforcing mode is where the real security comes into play and mandatory

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com2tag:blogger.com,1999:blog-9401152.post-78017566573658571012007-12-26T12:45:00.000-08:002007-12-26T13:24:38.681-08:00

I recently migrated my mail server from a Gentoo Linux host to a Fedora 7 host and decided to use SELinux to improve my security posture. This is a big deal and should provide a greater level of security for my mail server, provided I can configure the security policies correctly.SELinux was developed with the NSA and released under the GPL to provide a method of Mandatory Access Control for

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com1tag:blogger.com,1999:blog-9401152.post-44830668886418182122007-10-04T06:42:00.000-07:002007-12-26T13:24:51.684-08:00

One of the biggest complaints of Linux users is a lack of hardware support. While Linux supports more hardware than any other operating system, it doesn't support all of the hardware that Windows supports since manufacturers create drivers for Windows by default.A new project created by Greg Kroah-Hartman aims to create Linux drivers for vendors -- free of charge! This is revolutionary and

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-43387534169378674592007-10-04T06:17:00.000-07:002007-10-04T06:22:29.801-07:00

There is a great article in the technology section of the New York Times which talks about Linux and Ubuntu specifically. This is great coverage!

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-59149378780449930302007-03-04T17:14:00.000-08:002007-10-04T06:22:40.889-07:00

I have been running Mediawiki 1.6.5 on a Gentoo server for quite some time. Today I decided that I would perform the upgrade to 1.9.2 -- which has been installed for a while without being configured for use.The first step that I took was to update my httpd.conf to point to the new wiki location:#Alias /mediawiki "/usr/share/webapps/mediawiki/1.6.5/htdocs"Alias /mediawiki "/usr/share/webapps/

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-66150899802646654502007-03-04T14:54:00.000-08:002007-10-04T06:22:46.545-07:00

Fedora Core is one of the most popular free distributions of Linux and is the community version of Redhat Enterprise Linux.With the pending release of Fedora Core 7, the Fedora project is attempting to merge the two primary repositories; Fedora Core and Fedora Extras. With the merging of these two repositories, the Fedora project is also considering requiring all packages in the repository to be

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com1tag:blogger.com,1999:blog-9401152.post-21647131769574206552007-03-04T10:13:00.000-08:002007-03-04T10:24:21.108-08:00

A recent demonstration at Black Hat DC by Joanna Rutkowska shows how hardware based rootkit defense may not be sufficient when facing an elite hacker. Rutkowska showed how the image of volatile memory as seen by the CPU can be different from the image in memory.This is significant as it shows that monitoring at the hardware level is not fool-proof and defenders must use a combination of hardware

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-64616698047987320002007-03-03T16:44:00.000-08:002007-03-03T17:01:01.200-08:00

After updating a server this weekend, I restarted to verify that all services would come back up and that's where the fun started...The first issue I noticed was that Apache would not start. Nothing, I would issue a restart command:primary ~ # /etc/init.d/apache2 restartand I get no output, just a new prompt. The only problem here is that nothing is listening on port 80 or 443 and there are no

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-32888000762981889692007-02-21T20:37:00.000-08:002007-02-21T20:54:00.241-08:00

I recently downloaded the latest beta for RHEL 5 and had a chance to test it out a little. Redhat is moving away from registration keys and is now using "installation numbers" which resemble MS Activation keys. These installation numbers are designed to tie a specific server/installation to a specific Redhat channel to provide a specific set of packages. I can see this as a way to control

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-53089779849930134162007-02-21T20:18:00.000-08:002007-02-21T20:30:53.718-08:00

I was referred here by Digg.com earlier today, but the Linux kernel version 0.1 is available for download from kernel.org:DownloadThey say it's around 10,000 lines of code so it wouldn't be as daunting to read through and get familiar with as the latest kernel.I downloaded the source and took a look at the filesystem code to find the following listing of files:lu003 linux # pwd/root/kernel-0.1/

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-37976062025943071692007-02-19T12:02:00.000-08:002007-02-19T12:06:54.570-08:00

Engadget has an interesting article which details an analysis performed by Google.com on over 100,000 hard drives over a 9 month period. The study behind the article is great as it clears up some common myths in the hard drive world, specifically the effect of temperature on hard disk failure rate. There is a PDF attached to the article with the full study:Engadget Article

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-37468424227200364132007-02-19T11:52:00.000-08:002007-02-19T12:01:21.611-08:00

Ever since I upgraded the flashplayer on my Windows XP SP2 laptop to version 9 it has not worked. I found that I had an extension that conflicted with the Flash player (not sure to what extent) and I had to remove that extension to get it to work.Notice: AdBlock conflicts with Macromedia Flash 9 when using Mozilla Firefox 2.0.0.1 and I removed the appropriate directory in the extensions

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-55461351078440823342007-02-17T21:38:00.000-08:002007-02-17T21:39:33.083-08:00

Ok, so the gcc missing in the profile error was where the problem was. I ended up restarting the host and things were back to normal on boot-up.

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-79841813495975833562007-02-17T20:49:00.000-08:002007-02-17T21:03:48.532-08:00

Ok, so I have discovered another clue in the puzzle here, when I execute 'emerge --info', I get the following output at the top:# emerge --info!!! No gcc found. You probably need to 'source /etc/profile'!!! to update the environment of this terminal and possibly!!! other terminals also.I also see the following in the FEATURES line:FEATURES="autoconfig distlocks metadata-transfer sandbox sfperms

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-23496630369290546512007-02-17T20:02:00.000-08:002007-02-17T20:36:11.796-08:00

The other day I was trying to update one of my servers which was also my local portage mirror when I received the following surprising output:# emerge portage -pvThese are the packages that would be merged, in order:Calculating dependencies... done![ebuild U ] sys-apps/portage-2.1.2-r9 [2.1.2] USE="-build -doc -epydoc (-selinux)" LINGUAS="-pl" 20 kBTotal: 1 package (1 upgrade), Size of

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-27266337702088793152007-02-15T20:30:00.000-08:002007-02-17T20:38:20.390-08:00

Virtual IP addresses (or VIPs) allow you to use multiple IPs on a single physical network interface. Creating virtual IP addresses is often done to allow webservers to host multiple SSL encrypted web sites on a single webserver or to allow cluster suites to communicate on a dedicated IP address. This article will cover the two primary means of creating virtual IPs on a Linux host.ifconfigThe

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-82344832552793484572006-12-21T19:35:00.000-08:002006-12-21T19:36:16.787-08:00

As fewer people are required to use scsi emulation to use cdrecord in Linux, here is how you would execute a scanbus command using cdrecord on ATAPI devices:primary Linux # cdrecord dev=ATAPI --scanbusCdrecord-ProDVD-Clone 2.01.01a20 (i686-pc-linux-gnu) Copyright (C) 1995-2006 Jörg Schillingscsidev: 'ATAPI'devname: 'ATAPI'scsibus: -2 target: -2 lun: -2Warning: dev=ATA: is preferred over dev=ATAPI

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1133843874615073262005-12-05T20:36:00.000-08:002005-12-05T20:37:54.843-08:00

I have received the results of the RHCE exam and I have passed well! Hopefully I can begin updating my blog more frequently.

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com4tag:blogger.com,1999:blog-9401152.post-1133635338317871492005-12-03T10:40:00.000-08:002005-12-03T10:42:18.333-08:00

After taking the exam yesterday, I should find out the results next week. I'll let you know how I did. Note: As is common knowledge, no discussion of the exam or contents can occur after taking the exam by participants. Please refer to the website at http://redhat.com/training for any questions you may have. There is a detailed exam prep page that will outline all of the requirements.

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1133125829962470232005-11-27T13:09:00.000-08:002005-11-27T13:20:27.043-08:00

Here is a link to an excellent article on creating RAID arrays using the mdadm tool.Here is an excerpt:Creating an Array Create (mdadm --create) mode is used to create a new array. In this example I use mdadm to create a RAID-0 at /dev/md0 made up of /dev/sdb1 and /dev/sdc1: # mdadm --create --

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1131846132447703382005-11-12T17:25:00.000-08:002005-11-19T18:19:37.600-08:00

Using an NFS share to install packages is a very convenient means of ensuring that all of your systems are running similar packages and always having those packages available. I will not cover configuring an NFS share and will assume that the reader is already familiar with that function or has the capacity to figure it out.1. Verify that the NFS share is available and mount on the local

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1131835149002471122005-11-12T14:29:00.000-08:002005-11-12T16:15:27.256-08:00

Red Hat Enterprise Linux 4.0 uses a logical volume manager to facilitate efficient management of disks and partitions. With the Logical Volume Manager, partitions can be created that span multiple physical volumes and partitions. In this sense a physical volume is a hard disk. With this ability, an administrator can easily expand a partition or create an efficient partition scheme. RHEL 4.0

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1130112733887804132005-10-23T16:59:00.000-07:002005-10-23T19:42:38.986-07:00

One of the greatest things about Linux is the ability to easily network systems. Linux excels when using wired or wireless networking. There are several basic requirements that must be met for your Linux machine to communicate with other machines or devices on a network.The first requirement is that your machine must have a means of communicating with other machines through hardware. This

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1130028777040055642005-10-22T17:48:00.000-07:002005-10-22T17:53:22.166-07:00

I recently purchased 3 new 200GB Maxtor hard drives. I haven't bought a hard drive in a couple of years and the biggest one I owned before this was 80GB, with a second place runner up of 20GB. I'm doing pretty good with the new drives. They are 7200 rpm, IDE, 16MB cache type drives. I just hooked them up in my SMP athlon system and configured a few raid paritions in RAID 0 to test the performance

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1129770587712118772005-10-19T18:07:00.000-07:002005-10-19T18:09:47.723-07:00

All right, it's time to continue my studies for the RHCE exam. I've registered for the exam and I'll be taking it on Friday, December 2nd. I hope to be able to prepare fully by then with the book that I purchased and by practicing a lot. I just ordered some new hard disks so that I'll be able to play around with more configurations and have enough space on my main machine.Tonight I'll be

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com5tag:blogger.com,1999:blog-9401152.post-1126054765812960502005-09-06T17:56:00.000-07:002005-09-06T17:59:25.823-07:00

I have always been a bash or ruby scripter and very rarely used Perl. Lately I have been using Perl quite a bit and have found that it is a joy to use! There is a lot of power behind Perl and it is very widely used in the industry. I realize that Google uses Python, but Amazon.com uses Perl. When performing job skill searches on the job boards of late, I have found quite a few that ask for

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1124936988009404852005-08-24T19:26:00.000-07:002005-08-24T19:30:43.150-07:00

In my recent studies for the RHCE I have covered the NFS file sharing system. I have used this system in the past, but not extensively. I have been told that it is faster than SMB by a great degree between Linux and Unix boxes so I am going to run some tests on it and see how it works. I am currently downloading Services for Unix from Microsoft so that I can test the Windows client that they

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1124886633196414792005-08-24T05:29:00.000-07:002005-10-23T19:44:19.940-07:00

Aggregation of my posts on the RHCE:Starting out!RHCE Exam Prep GuideRHCE Networking and Configuration

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1124886510372171332005-08-24T05:25:00.000-07:002005-08-24T05:28:30.376-07:00

Over the next couple of months I'm going to be studying for the RHCE exam. I have purchased the book, "RHCE 4th edition", by Michael Jang as a study guide since I heard it was the best one out there. I'm not terribly impressed with it so far, as I have found quite a few technical errors. I hope to be able to start posting about my learning experiences and relate that to how well I perform on

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1124026685618995762005-08-14T06:22:00.000-07:002005-08-14T06:38:05.626-07:00

I recently discovered an excellent client application for connecting to X remotely. NX is a client/server application developed by NoMachinewith some clever caching techniques which provide near real-time response for X-sessions. The NX server works with an SSH server to provide secure authentication and SSL encrypted traffic, if desired. A GPL'd server has been written and is available here,

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com1tag:blogger.com,1999:blog-9401152.post-1123726596860399402005-08-10T19:14:00.000-07:002005-08-10T19:18:52.120-07:00

I recently received an email from Speakeasy with an offer for broadband service in my area. I was impressed with the email as they gave me an option to test my current speed with one of their servers in Seattle. I have attached a link to this speed test in the left nav bar for all to use. I really like the way that Speakeasy does things and I do plan on switching to their service sometime in the

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1123045512210343192005-08-02T22:02:00.000-07:002005-08-02T22:05:12.216-07:00

For those who have not yet heard (shouldn't be anyone), Mike Flynn presented a flaw in Cisco routers at Black Hat 2005 that could bring the Internet to it's knees. There are conflicting sides to the story, but the gist is that Cisco was trying to down-play the seriousness of the flaw and keep the researcher from disclosing the vulnerability. Responsible disclosure means that after a reasonable

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1123030954973599092005-08-02T17:52:00.000-07:002005-08-02T18:03:46.293-07:00

As an avid supporter of open standards in all things digital, I was pleased to see this article on Slashdot wherein Paul Thurrott talks about boycotting Internet Explorer 7.0 until Microsoft comes out with a standards-compliant browser. I think that IE is a huge disappointment and a very lazy offering by MS. Any self-respecting tech company will strive to better the field that they work in and IE

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1122818679097982622005-07-31T07:01:00.000-07:002005-07-31T07:04:39.103-07:00

Thin clients may be the way of the future for computing in large corporations and governments. I do hope that thing clients never take over my PC computing at home though, I always want to be able to control my computing experience. This thin client is the best one that I have seen recently. I have done some work with the Linux Terminal Server Project which provides an excellent solution for

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1122699381238608992005-07-29T21:53:00.000-07:002005-07-29T21:56:21.236-07:00

I just got back from Las Vegas, NV where I attended Black Hat USA 2005. This IT security conference is incredible! All of the briefings are new material only, which give you a fresh perspective on security issues in the IT field. The presenters were people from The Schmoo Group, Dan Kaminsky, the Choicepoint CISO, and many others! I saw some excellent briefings and learned quite a bit. This

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1121565131364694262005-07-16T18:31:00.000-07:002005-07-16T18:54:20.763-07:00

I recently played around with trying to store some pcap capture data in a MySQL database so that I could analyze it and look for trends. I had the capture set to create 20MB full content files so that I could manipulate them easily:tcpdump -s 1515 -C 20 -w content.lpcI next created a Ruby script that would open the pcap file and write the data that I wanted to store to a CSV file that I would

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com3tag:blogger.com,1999:blog-9401152.post-1121549034434408042005-07-16T14:13:00.000-07:002005-07-16T14:23:54.440-07:00

This week I had the opportunity to take a look at my mother-in-law's computer, after having gone over it pretty thoroughly 6 months ago to make sure some basic security measures were in place, to make sure she was safe on-line. I was talking to her about how she accessed the internet and browsed web pages, as well as using her digital camera to create photo pages. She told me that when she

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com5tag:blogger.com,1999:blog-9401152.post-1119219585670109442005-06-19T15:10:00.000-07:002005-06-19T15:29:43.476-07:00

I recently helped my brother-in-law setup a new computer that he had purchased, just to make sure that he would not be plagued with the endless spyware and adware that most home users are afflicted with. The biggest issue being that most people run their personal machines as a member of the Administrators group. One thing that I noticed as I waded through all of the "utility" software on his

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1118888608304048552005-06-15T19:17:00.000-07:002005-06-15T19:23:28.306-07:00

Gentoo founder and former Chief Architect Daniel Robbins has accepted a job with Microsoft to help them understand Open Source software. Gentoo has been my Linux distribution of choice for the past year and a half and this comes as a huge suprise to me. I don't think that Gentoo will suffer because of this change but I do think that Daniel Robbins will suffer. I have so much respect for the

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1118881868964562522005-06-15T17:27:00.000-07:002005-06-15T17:37:49.213-07:00

This morning I attended the VMWare conference in Seattle, WA. VMWare is an essential tool when analyzing malicious code. It's very easy to setup a [sandbox] network of 2-10 machines so that you don't damage any of your production machines -- and you have the option of freezing the virtual machine state so that you can restart any malware exam if you miss something. For the forensic examiners,

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1115859445662443602005-05-11T17:51:00.000-07:002005-05-11T17:57:25.700-07:00

I hate to copy other blogs but I found a great reference on the open source weblog for anyone who uses TCPDump. This great reference is put out by the SANs institute as a TCPDump pocket reference guide. The reference consists of a two page printout that contains valuable information on processing the output of any network dump.

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1115691685335101072005-05-09T18:39:00.000-07:002005-05-09T19:21:25.390-07:00

One of the most valuable commands at your fingertips when using Linux or Unix is the find command. This versatile command can be used for a variety of tasks, from listing the contents of a directory or filesystem to indexing your entire filesystem. Find can be difficult for the novice to master, especially when there is no instruction available. The man pages don't really show the friendly side

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1115296295324580162005-05-05T05:28:00.000-07:002005-05-05T05:32:35.860-07:00

I have noticed a marked increase in the amount of spam that I get since my sister tried to sign me up for the Bebo.com experience. Since they now have control of her hotmail address book, it only makes sense that they would spam everyone in it, including me. The sad part is that most of the spam I am getting now is "adult" related. I have never received much spam and I am very careful with my

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1115296083175570482005-05-05T05:25:00.000-07:002005-05-05T05:28:03.210-07:00

After the Bebo.com episode a few days ago, I reported it to abuse@hotmail.com. This morning I received an automated reply stating that I need to send a hotmail addressed email to them. They are evidently not the right people to be notifying about the scandal that Bebo.com is running. The email is as follows:--------------------------This is an auto-generated response designed to answer your

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com1tag:blogger.com,1999:blog-9401152.post-1115173225409565862005-05-03T18:34:00.000-07:002005-05-03T19:43:22.196-07:00

This morning I received a very strange email from my sister asking me to update my personal contact information on Bebo.com. I was very skeptical that this email actually came from my sister, so I immediately emailed her to ask her if she had sent me the message. She replied saying that everyone she knows uses this thing and she lost her address book, so she would too. The message was as follows:

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1115082893244790372005-05-02T17:47:00.000-07:002005-05-02T18:14:53.246-07:00

While researching ISPs lately, I came across an interesting concept on the website of Speakeasy where they will allow individual customers to be a mini-ISP with their netshare program. With this program, any customer who considers themselves competent can share their connection with others for profit and the customer is responsible for the actions of the users who they are sharing their

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1114830322256138132005-04-29T20:00:00.000-07:002005-04-29T20:05:22.256-07:00

Enigmail is an extension for Mozilla Thunderbird that will allow integration with the GnuPG encryption utility. This is a very useful tool that features key management, email signing, and encryption of email. I heartily recommend this extension to anyone who uses Thunderbird.While installing Enigmail for Mozilla Thunderbird, I had some difficulty getting the extension installed. I would open

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1114660961696375272005-04-27T20:45:00.000-07:002005-04-27T21:02:41.696-07:00

There is an excellent article on Securityfocus.com by Daniel Hanson that talks about the downfall of running any system as an administrative account. Daniel makes an excellent reference to the Linspire way of doing things, which follows Microsoft and runs all users as root. As Daniel so eloquently points out, running as root is like putting all of your vegetables in the same pile -- if one of

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1114569839368165772005-04-26T19:31:00.000-07:002005-04-27T05:30:30.640-07:00

This past weekend I noticed a huge amount of traffic from one IP trying to break into my SSH server at home. After some investigation, I discovered that this IP had made over 1100 intrusion attempts. The attacker was a script-kiddie using a dictionary attack. I performed an aggressive nmap on the IP to discover the type of machine attacking me with the following command:nmap -sS -sV -O -v -T5 'ip

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1114315721991934532005-04-23T20:50:00.000-07:002005-08-06T17:49:05.233-07:00

The Art of Intrusion is a book written by a convicted cracker who has solicited stories from other crackers so that he can tell them through this book. Kevin Mitnick has made quite a name for himself through the crimes that he committed and the sentence that he received. The Art of Intrusion is a book designed for the "not so technically inclined" who want to know how crackers feel and

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1114047212611169462005-04-20T18:24:00.000-07:002005-04-20T18:33:32.613-07:00

I am currently reading The Art of Intrusion, by Kevin Mitnick, and will post a full review when I am done. After reading the first 4-5 chapters I am disappointed by the lack of technical detail and the method Mitnick uses to tell the story. Mitnick is giving out security advice during and after each account which has not revealed any gems thus far. If the book continues as it has, I will be

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com2tag:blogger.com,1999:blog-9401152.post-1113770764730531972005-04-17T13:33:00.000-07:002005-04-17T13:46:04.733-07:00

I recently SSH'd into one of my servers running Fedora Core 3 and wanted to check my local mail. Not wanting to use the basic mail utility, I tried for my old favorite, Pine. With Pine nowhere to be found, I began to search for an alternative to it [since it is being used less and less, as I have found -- FreeBSD actually discourages the installation of Pine due to some security vulnerabilities].

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1113629115739777692005-04-15T22:08:00.000-07:002005-04-15T22:25:15.740-07:00

The biggest problem with Windows security has always been that it is nearly impossible to run as a non-administrator when performing normal operations. It is possible, but it is very difficult. With it being so difficult to run as a non-administrator, most users run with full system privileges all the time which brings their system(s) under attack from every web page they visit and every email

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1113446993928513082005-04-13T19:06:00.000-07:002005-04-13T20:38:29.473-07:00

While reading a whitepaper in the SANS reading room today, I came across a reference to OpenNA Linux. OpenNA Linux is a distribution designed with a high level of security in mind. The distribution is somehow derived from Red Hat Linux originally, but now maintained by the OpenNA security solutions team which offers it for free [without support]. The fact that it stems from a Red Hat system

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com1tag:blogger.com,1999:blog-9401152.post-1112877298963640092005-04-07T05:23:00.000-07:002005-04-07T05:34:58.963-07:00

If the use of biometrics to increase the level of security or safety that you enjoy appeals to you, visit SecurityFocus.com and read about a Malaysian businessman who lost his finger because it was the only means to start his Mercedes. This incident shows to me that biometrics are NOT a viable security alternative. I don't want someone trying to cut off my finger or pull my eyeball out of the

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1112730631816045422005-04-05T12:26:00.000-07:002005-04-05T12:51:38.113-07:00

The MIT Media Lab is launching a program to develop and distribute $100 laptops to children around the world who are in need of education and technology. The program will provide laptops to children in developing nations who do not have access to the Internet or education materials, even books. With the idea to issue a laptop to a specific child who is able to take the laptop home and use it

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1112673377943878782005-04-04T20:33:00.000-07:002005-04-04T20:56:17.946-07:00

One of the most important concepts in the IT security world is that of least privilege. When you create a user account and give it access permissions, you should give that account the least amount of privileges that the account requires to perform it's function. Following this principle will save you an incredible amount of time and hassle when administering a network and maintaining the security

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1112147074715427442005-03-29T17:37:00.000-08:002005-03-29T17:44:34.716-08:00

I know that we all love and hate shell scripting. Bash can be the best friend in the world at times, then the worst enemy a second later. While working on a parsing script today, I came across a problem where I wanted to be able to pass an argument to a shell script, then use that argument in some processing. The only problem was, I needed to be able to pass arguments that had multiple words and

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1111628633982192882005-03-23T17:30:00.000-08:002005-03-23T17:45:34.130-08:00

Computer Crime Research News has an article where they discuss an article by major Anti-virus vendor Symantec which talks about how Mac OS X is increasing in popularity and becoming a target of hackers. This discussion is excellent for the security industry and those who would like to see more variety in the operating systems deployed on the desktop. With BSD and Mac OS X being rated as the most

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1108748093862689252005-02-18T09:27:00.000-08:002005-03-22T11:02:01.796-08:00

With all the push lately for security in the software and IT markets, what will it take for companys to implement secure practices? According to Richard Clarke, former Whitehouse cybersecurity and counterterrorism adviser, there must be some regulation put in place to force companys to adhere to open standards and regulations which will promote better cybersecurity:Article with quote"But Clarke,

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1108664792576527512005-02-17T10:14:00.000-08:002005-02-17T10:26:49.466-08:00

In an elementary school in Sutter, California, the school implemented a policy to use RFID tags to track students movements throughout the school. The system was supposed to make it easier for administrators and teachers to take attendance and monitor the location of students. The initial plan included tracking students into the bathrooms, which was protested successfully by parents.This type

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1108663723561252842005-02-17T09:55:00.000-08:002005-02-17T10:08:43.563-08:00

T-Mobile was the victim of a hacker for a period of one year, possibly continuous. This hacker, Nicolas Jacobsen, was able to access all of the customer records and personal data of T-Mobile customers. Nicolas then offered this personal data for sale on-line, even offering the data to Secret Service agents, who were investigating him at the time. Nicolas also accessed the classified email of a

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1108662847637641882005-02-17T09:38:00.000-08:002005-02-17T09:54:07.640-08:00

PC simulations are used for many studies from weather and seismic activity, to nuclear explosions. However, using PC simulations in court has not been a common practice. I found an article this morning which discusses a trial taking place in Seattle where a man is being charged with vehicular homicide and a software simulation is being used to aid in the prosecution. I wonder how far out of hand

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1108587150056626932005-02-16T12:44:00.000-08:002005-02-16T21:01:49.686-08:00

I was reading Bruce Schneier's blog today and found a post on the Ghostbuster, which is an idea from Microsoft that would check a system for rootkits and other hidden software. The application would reside on a CD with it's own OS and once inserted would check the system for hidden files and folders that may belong to a piece of malware or exploit.The idea seems very efficient, except that the

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1108510838111584622005-02-15T15:33:00.000-08:002005-02-15T15:40:38.113-08:00

There is a very interesting discussion on Slashdot with Microsoft's Martin Taylor that I recommend reading. It is always good to hear from Martin Taylor, as the politically correct spokesman for Microsoft. I don't agree with everything that he says, but he does speak well with the information that he has. While reading this article, it helps me become less biased and see the idiocy of trying

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1108145781939829602005-02-11T10:08:00.000-08:002005-02-11T10:20:44.273-08:00

While reviewing some API documentation on network programming I was alerted to the fact that TCP and UDP are not the only transport protocols in use (as defined by IETF). I did a little bit of reading on SCTP, or Streaming Control Transmission Protocol, which allows a multi-homed host to establish a stream or session with another host. The big picture scenario here is that a multi-homed host can

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1107884392416301452005-02-08T09:35:00.000-08:002005-02-14T09:59:20.493-08:00

I have recently begun reading posts from crime-research.org, and read an article this morning that discussed 10 constants in the IT security field. The ideas presented in this article should be part of the training program of any IT shop and all System Administrators and those who are in charge of Sys Admins should be aware of these concepts as well. The article lists the laws as follows: Law #1

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com2tag:blogger.com,1999:blog-9401152.post-1107482682107559352005-02-02T18:02:00.000-08:002005-02-08T09:34:49.756-08:00

I have been using dial-up internet connection for a few days now, and it is terrible. I wonder how many people really don't have broadband internet yet. I have not been without broadband for nearly 8 years and would not go without it unless my home physically were incapable of it. At least I now know that the modem in my laptop is functional.

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1106646453407612762005-01-24T01:43:00.000-08:002005-01-25T01:47:33.406-08:00

I have recently discovered a new web resource for Tech news and information, thanks to /., Tech-Blog.org. It appears to contain information related to bigger players in the tech market.

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1106281576113206602005-01-20T20:15:00.000-08:002005-01-20T20:26:16.113-08:00

How many of your friends really understand what a search engine does? I have found that most of the people who I associate with do not understand that a search engine does not search the Internet...what does it search then?... Even though the popular search engine Google has indexed over 8,000,000,000 pages that you are allowed to search when you use it, you are not searching the entire

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1106056203089559592005-01-18T05:43:00.000-08:002005-01-18T05:50:03.090-08:00

In a previous post, I gave a general overview of the process used to configure Tripwire on a Linux system. The most time consuming part of the configuration is configuring the twpol.txt file. The following Perl script will aid in configuring this file by going through each line and checking each file to see if it is on your system. If the file is on your system, it will pass by, if not, it will

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1105810413507228502005-01-17T08:14:00.000-08:002005-01-17T13:35:58.600-08:00

Although Intrusion Detection Systems (IDSs) are becoming less popular in the media with the emergence of Intrusion Prevention Systems (IPSs), they are still widely used in the IT Security industry and any network or security administrator would benefit from knowing how to configure and use them. In this article, I will explain how to configure Tripwire 2.3.1.2 on Linux. Tripwire is a valuable

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1105923666224057062005-01-16T16:48:00.000-08:002005-01-16T17:01:06.223-08:00

On Crypto.com, there is a very interesting article titled "Safecracking for the Computer Scientest" which goes into great detail on the construction, strengths, and weaknesses of physical locks and enclosures, then comparing these items to Software Development. The article is well written, with an interesting point made. The author would suggest that since physical security devices are

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1105827282700970462005-01-15T14:08:00.000-08:002005-01-15T14:17:12.766-08:00

I just read an article on News.com (thanks to Slashdot.org) that is an interview with an ex-virus writer about his new job and some of the issues that he faces in it. It seems to me that most people focus on how bad virus' are, and how anyone who might write a virus is evil and should be banned from the IT industry for life... I think that this article is well written and shows people that

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1105594053413855952005-01-12T21:12:00.000-08:002005-01-20T20:14:49.320-08:00

Search engines are extremely useful tools. How much time do you spend each day searching on the internet? It is worth knowing how to use your favorite search engine well, and to know how to get the data you want. If you spend some time learning how to use your favorite search engine, you will save yourself time in the long haul. For all of those who use Google to search, there is a great site

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1105496472340021162005-01-11T18:15:00.000-08:002005-01-11T18:21:12.340-08:00

I have recently stumbled upon a jewel of a website. For anyone who loves technical books, check out http://www.techbooksforfree.com. This website has some great books and serves as an index for many, many technical books that are on-line.

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1105300365247273572005-01-10T05:00:00.000-08:002005-01-09T11:52:45.246-08:00

When using Samba to act as a Primary Domain Controller (PDC), it is important to map Linux groups to Windows groups so that you do not have to use the root user to perform any Domain Administrator functions. The tool provided to perform this task is within the net command set, called groupmap. Groupmap is used to map any Linux group to any Windows group, which will allow the systems

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1104815067126081012005-01-03T21:01:00.000-08:002005-01-03T21:07:47.876-08:00

In a previous post, I demonstrated how to set up IPTables to log incoming traffic. I have created the following script to parse my logs for network traffic, returning IP addresses and associated ports: (Please see previous post for logging configuration.) #!/bin/bash # # Program: ipports # Purpose: To list all external IPs that have been logged by the firewall from # the /var/log/

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1104727273509813702005-01-02T19:38:00.000-08:002005-01-03T21:06:42.550-08:00

This post is the second post related to the configuration of IPTables. Please see the first post for the initial configuration. One of the most valuable tools at the disposal of any system or security administrator is the logging capability of the system under administration or investigation. The ability to configure the system to log important events and parse those logs for useful information

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1104549943513816232004-12-31T19:19:00.000-08:002005-01-02T16:30:35.666-08:00

After doing some research on grid computing through IBM's web resources, I have come across the following outline which amplifies the differences between grid and cluster computing. This topic has been mis-understood by most people who I have discussed it with. Hopefully this will aid in my understanding and ability to discuss the topic intelligently. Quoted from http://www-106.ibm.com/

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com1tag:blogger.com,1999:blog-9401152.post-1104530236514096052004-12-31T13:26:00.000-08:002004-12-31T13:57:16.513-08:00

The Passport system, used by Microsoft to authenticate users in their Hotmail and MSN instant messenger technologies, is no longer being pushed as an authentication tool for on-line transactions at non-Microsoft websites. According to an article on The Seattle Times, E-Bay and Monster.com have stopped using Passport to authenticate users on their systems. This is excellent news, as having a

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1104377381239648732004-12-29T18:58:00.000-08:002004-12-29T19:29:41.240-08:00

If spooks and spies, computer security, and down to earth common sense with the scientific method appeal to you, this book will be an exciting read that you will not be able to put down. "The Cuckoo's Egg", by Cliff Stoll, is a novel written by an astronomer at Berkeley who begins by helping some systems administrators and ends up chasing a German hacker who works for the KGB. Cliff, who is

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1104374289279870952004-12-29T18:19:00.000-08:002004-12-29T18:39:11.653-08:00

On December 11th there was an article posted to Technet which is a discussion between two Microsoft employees about the differences between Windows and Linux. The discussion was well done at promoting the strengths of Microsoft and spreading some myths about Linux, as well as revealing some truths that people should be aware of. One of the problems with the mindset of those who set Microsoft

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1103747474040194702004-12-22T10:21:00.000-08:002004-12-22T13:20:01.720-08:00

Having recently installed Fedora Core 3 on one of my machines, I have had an opportunity to view the firewall settings when using the GUI provided to set the security on Red Hat. When installing the operating system, I chose to enable the firewall and allow SSH connections from the internet. With these settings in mind, the following output results from 'iptables -L -v': [root@primary ~]#

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1103635916118650392004-12-20T20:10:00.000-08:002005-01-09T11:58:44.560-08:00

SSH tunneling is a bit of knowledge that any security professional should have under their belt. Here I will explain some rudimentary elements to SSH tunneling. The purpose of SSH tunneling is to provide a secure means of transporting data over a non-secure channel. In essence, SSH tunneling is creating a VPN (Virtual Private Network). SSH tunneling can be used to route any traffic from one

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com1tag:blogger.com,1999:blog-9401152.post-1103601012048938432004-12-20T19:41:00.000-08:002004-12-22T14:27:03.136-08:00

Two questions that I'd like to consider and possibly come up with an answer to. These questions are in regard to a Windows/Linux domain environment: 1. Is it more secure, yet still easy to administer, to have all client machines under their own control, with a domain administrator role only having the power to patch and virus scan, rather than have a domain administrator have more power than the

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1103074515145868252004-12-14T17:15:00.000-08:002004-12-14T17:35:15.146-08:00

In an article posted on http://news.com, Microsoft's CIO, Ron Markezich, talks about many issues from outsourcing to testing software in-house. One point that he brings up is how his users "are the admins of their machines". This statement is not suprising, but provides more insight to me as to why it is so difficult to administer a Windows domain full of non-privileged users. A well known

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1102649655885023082004-12-09T19:03:00.000-08:002004-12-09T19:34:15.886-08:00

I figured out what the problem was with my mouse on FreeBSD, and learned some interesting things in the process. The problem with the configuration was that my mouse is not supported by the FreeBSD system, which caused the mouse to behave very erratically. The mouse that I was using at the time was a PS/2 LabTec Optical Wheel mouse. I am now using a Packard Bell PS/2 2-button mouse. I'll have to

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1102599874630953532004-12-09T05:41:00.000-08:002004-12-09T05:44:34.630-08:00

Here is an excellent article from SysAdmin magazine which talks about how to deploy ClamAV on your network using Samba VFS and the Windows client. The article talks about how ClamAV follows the simple rule, do one thing and do it well, so it takes any input and scans it. The short-comings of this product are noted in the article, namely that it does not support network deployment and control

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1102482206119347682004-12-07T17:48:00.000-08:002004-12-08T18:47:29.213-08:00

I have re-installed FreeBSD and am now configuring the system to my liking. The install of BASH during the install helped my situation and allowed me to select BASH as the shell for my users. I was not able to select BASH for the root user during the install, as those settings are already selected and the install only gives the option of choosing the password. I was able to change the shell after

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1102392304022632342004-12-06T19:25:00.000-08:002004-12-06T20:05:04.023-08:00

Today I am re-installing FreeBSD 5.3 RELEASE. The reason for this is because I did not install the BASH shell with the first install, and that minor annoyance is probably keeping me from using the BASH shell on any users that I create. I am also configuring some other items a little bit differently. I anticipate that I will have to re-install a few more times before I get it the way that I

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1102218867902295222004-12-04T19:54:00.000-08:002004-12-05T19:25:19.996-08:00

I have downloaded and installed FreeBSD 5.3 RELEASE. After using Gentoo Linux for the past year, and Red Hat Linux for several years before that, it was a different experience. It is going to take a little bit more time than I initially thought before I can run the tests on network processing speeds with Snort. Right now I am working on getting all of the necessary packages and tools installed to

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1102130865924212792004-12-03T19:27:00.000-08:002004-12-03T20:23:48.646-08:00

I have been doing some research on which OS would be the best for a network device. According to Richard Bejtlich at http://www.taosecurity.com/, FreeBSD is a very good OS for this purpose, better than Windows or Linux. I'd like a device that will support running Snort constantly, with IPTables/Netfilter logging, and also support a webserver. I have tried running Snort on a P4, 2.66GHZ machine

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0tag:blogger.com,1999:blog-9401152.post-1101934544404067772004-12-01T13:54:00.000-08:002004-12-03T20:21:37.096-08:00

I have subscribed to several blogs lately and have been very impressed. I like the idea of having a place on the web where I can contribute my ideas and experience to those who may be interested, without interferring with those who don't care. As an IT professional with a strong interest in network security and operating system security, I would like to present my experiences and miscellaneous

Josh Miller, RHCEhttp://www.blogger.com/profile/01594787758544875902noreply@blogger.com0