Hal Pomeranz has an interesting article on File Integrity Assessment via SSH over at sysadmin magazine (well worth a subscription). At my last job a couple of us discussed doing something similar so I enjoyed the article; it’s nice to see someone actually implement the damn thing. The basic idea addresses one of the implicit weaknesses with FIA tools. You give the attacker an obvious target to try and subvert. While there are little tricks you can employ to make their life harder (add a false positive so if they replace the binary with a fake it doesn’t report everything you’d expect etc.) Hals technique moves the whole FIA setup off the machine. Read on →

What do multiple Nagios status pages, network traffic graphs and RT incident queues have in common? They’re all tabs I have open throughout the day. Because any of them can change at anytime, watching them has been always been a PITA. I used to get around this with a custom kludge that drove IE through a set series of pages. On the upside it worked. On the downside the periodic flicker of page changes drove me nuts. Read on →

Once you’ve been using a tool for a while you often reach a plateau where it’s “good enough” and you stop looking for ways to tweak it. I’ve been using bash for a number of years and I’ve got set in my ways; until I sat next to a co-worker who uses zsh. My first Linux machine had a 14” monitor that could only do low resolutions. Screen space was at a premium and every character was precious. Read on →

If you’re a heavy bash user you’ll often find yourself writing short snippets of code on the command line. Typically they’ll be based around a main loop and you’ll end up entering them over multiple lines to keep them readable. Unfortunately when you try reuse the command, by retrieving it from the bash command history, it’ll be transformed in to one semicolon laden unreadable mass. Unless you read on… One of the options bash allows you to set is ‘lithist’. Read on →

One of the lesser known features of bash is ‘$TMOUT’. When assigned a positive number this variable has two functions. When used in a script TMOUT is the timeout value for the ‘select’ command and the ‘read’ built-in. When used in an interactive shell, and assigned a positive number, $TMOUT is the number of seconds bash will wait (after outputting the prompt) before it terminates; typically killing the users session. This is often used to ensure that unused root prompts are not left logged in for more than a minute or two without auto-closing. Read on →

A topic that’s been discussed to great length on one of (many) Linux lists I lurk on has been that of mounting one file over another. It’s easier to show this with an example: $ cat password dwilson:password $ cat fakepassword attacker:fakepassword (root) $ mount --bind fake_password password $ cat password attacker:fakepassword While this requires root access (or flimsy mount permissions) to execute, it is a nasty little trick. An ‘ls’ won’t show anything strange but a ‘mount’ command will. Read on →

The Blosxom Immediate Action Feeds Plugin adds a number of links to the bottom of each blosxom post; both HTML and RSS flavours. These links allow easy interaction with a number of online services. This version of the plugin adds links for del.icio.us, Digg and reddit. When one of the links is clicked it takes the user to the site and attempts to autofill as many of the required fields as possible. Read on →

The digg_me plugin changes each post (both RSS and HTML flavours) and adds a clickable link that takes you to a pre-populated “Submit a story to Digg” page. And fills in the URL and title for you. The Digg Me! source code is pretty simple (mostly the same as the Reddit and del.icio.us plugins) but you’ll probably need to change the ‘$post_url’ to suit your sites permalink format. The code’s GPL’d and I’ve tested it on my own site so it mostly works.

Google labs is one of the ‘Nets open secrets. It’s a site that gathers up some of Googles ideas for new sites and services and allows people to have a play with them. One of the services, Google Sets, has been quite useful to me recently. So I wrote the GoogleSets Command Line Interface. The basic premise (of both the site and script) is simple, you give it a list and it tries to expand it. Read on →

One of the great things about putting code online is that anyone can contact you about it. Sometimes you get a “thank you”, sometimes corrections and occasionally requests to make it do something else. My add_to_delicious Blosxom plugin post caused a couple of damn lazy Blosxom users (although it’s perl based so they may consider this praise :)) to ask for versions for a couple of other sites. The first of these, submit to reddit is now done. Read on →