Prefetch Technologies // Keeping your cache lines cozy

Archive

Posts in Security

A simple and easy way to encrypt data on Linux, OS X and Windows desktops and servers

securityFeb 10, 2011 1 min read

I just put up a new article a simple and easy way to encrypt data on Linux, OS X and Windows desktops and servers. The article describes Truecrypt, and shows how it can be used to set up an encrypted device on Linux, Windows and OS X hosts. If you have sensitive data on your machine, you NEED this awesome piece of FREE software. It rocks!

$ read more →
earlier

Forcing your Linux users to use strong passwords

securityDec 29, 2010 2 min

All SysAdmins know the importance of using strong passwords. These are the life blood of our systems, since a weak password will allow an adversary to enter our systems with a minimal amount of work. There are dozens oftools that can generate strong passwords, as well as a number of tools that can be used to force users to select strong passwords when they change their passwords. The most common way to enforce strong passwords is through the pam_cracklib.so PAM plug-in…

$ read more →

Making sense of the various routing / firewall solutions that are available

securityDec 13, 2010 2 min

I am currently running dd-wrt at home. Dd-wrt works pretty well, but I recently started to do some digging to see what other routing / firewall solutions existed. There are a bunch of routing / firewall gateway solutions available, and each one provides a unique experience. Some run on Linux, some on OpenBSD, and others on Linux…

$ read more →

Locating the SSH key type and key size from a public key file

securityDec 13, 2010 1 min

One of my friends sent me an e-mail earlier this week inquiring about SSH keys. Specifically, he wanted to know how he could determine the type of key and the key-size in a public key file. All openssh implementations ship with the ssh-keygen utility, which has a "-l" option that can be used to print the type of key, the size of the key and the key's fingerprint: I needed to summarize all of the keys on some systems I managed a few years back, and found a new friend in ssh-keygen.

$ read more →

Firewalling a Linux NFS server with iptables

networkingsecurityNov 2, 2010 4 min

When it comes to firewalling services, NFS has to be one of the most complex to get operational. By default the various NFS services (lockd, statd, mountd, etc.) will request random port assignments from the portmapper (portmap), which means that most administrators need to open up a range of ports in their firewall rule base to get NFS working. On Linux hosts there is a simple way to firewall NFS services, and I thought I would walk through how I got iptables and my NFS server to work together. Getting NFS working with iptables is a three step process: Hard strap the ports the NFS daemons use in /etc/sysconfig/nfs…

$ read more →