Archive for October, 2010

Using TCP Wrappers to protect Linux and Solaris services

I have been using tcp wrappers for years, and it’s a very simple way to allow and deny network access to applications. TCP wrapper functionality is built into the system module, which various applications are linked against. To see if a given application supports tcp wrappers, you can use the ldd utility: $ ldd […]

How to debug SELinux service issues

I have been spending a good bit of time playing with SELinux, which has required me to learn how to debug issues that arise due to its use. The most common issues that arise are usually related to security context mismatches. This can occur because somebody modified a file and didn’t bother to chcon a […]

Concert Review: KISS

When I was growing up, the people around me were constantly exposing me to various forms of Rock & Roll. It seems like just yesterday I was driving to the store with my cousin, who put a KISS cassette in this stereo and told me give it a good listen. The music resinated with me, […]

Finding orphaned RPMs on Linux hosts

If you use an RPM-based Linux distribution, you may have run into one or more cases were your system contains orphaned packages. An orphaned package is a package that doesn’t have any packages that depend on it, and in a number of cases the package is no longer required for the system to function correctly. […]

A couple useful tidbits about the Linux /dev/random and /dev/urandom devices

Linux contains two devices that provide a source of entropy for the system. The first device is /dev/random, and the second is /dev/urandom. /dev/random is a character special device that provides a source of entropy until the system-wide entropy pool is exhausted, at which time it will block until additional entropy is available. /dev/urandom is […]

How to learn everything you ever wanted to know about Linux sockets

Viewing network socket data is something SysAdmins do often. We could be called on to see if a connection is established to a host, if an application is listening on a given port, or we may need to review the network connection table as a whole to see what a server is doing (this is […]