Archive for the ‘Security’ Category


Many of you know my day job is that of a systems administrator. As one, I have to be concerned about things like data integrity, backups and disaster recovery. Somehow, while on one of my daily train rides, my mind wandered and hit on the fact that I really don’t perform these functions at home, and I should. Or, at least I should do them better. Of course, I do have the technology!

What I thought of was that my wife, like plenty of you out there, likes to keep paperwork. Now this is important stuff like tax returns, current bills, car service records, etc., and documents like birth certificates and such. Now some of these are in a small fire safe, but some of them are in a file cabinet.

So, what happens if there is a fire and I lose my file cabinet? I GUARANTEE that the IRS audits me because that’s where my tax returns are 🙂

Now a month ago or so I was reading an article on how to reduce clutter at home and one of the suggestions it made was to set up a “scanning station” where you scanned in your bills/documents/what have you and then shredded them. The basic idea was to use your computer and scanner as an avenue to better manage your paperwork. No more hunting for the last cable bill or pay stub through that grocery bag of miscellaneous paperwork you keep next to your easy chair, or worse, your “junk” drawer.

My idea was to use that scanning station idea as an avenue to not only reduce my personal paperwork clutter, but also as a security measure. Scan those important docs and get them available digitally. Get them all together. Scan all your important family photos. Imagine losing all those memories in a fire! Get all your music and anything else you can get together digitally and put all that stuff on a removable hard drive. In fact, have all that information backed up on that drive every day. You can figure out how to do that, I know you can!

Take that removable drive, maybe a big old cheapie USB drive and have your kids do an art project and cover it (not the vents or plugs) in bright red construction paper or masking tape with a white FIRE sign on it. Lastly, get it located in an as convenient spot as possible and drill everyone in the house that if there is an EMERGENCY, make sure to grab that FIRE drive on their way out the door if at all possible. Don’t even bother to unplug it, just grab and run. You can always get a new power supply or just slap the drive in a machine if need be, but you would at least have your important stuff available to retrieve.

That’s it. That’s the idea. Run with it and let me know how it works out. Now I have to go convince my wife that scanning for the next three months is going to be great fun 🙂

Thursday, April 16th, 2009

Ossec insmod error

Let me preface this by saying that if you are not running Ossec on at least your external facing machines, then you should be. It’s great software!

The reason this post is here is for reference mostly and maybe to be able to help someone out later via their favorite search engine.

I have been getting a couple errors reported lately through Ossec emails that report: “insmod: Hint: insmod errors can be caused by incorrect module parameters, including invalid IO or IRQ parameters. You may find more information in syslog or the output from dmesg”. Well, after checking, the actual error is found in /var/log/messages and is “floppy.o: init_module: No such device”. AHA! Well, it just so happens that these machines are servers *with no floppy*. The fix for this to turn off the errors seems to be to add “alias floppy off” in the /etc/modules.conf file and then run a “depmod -a”.

Tuesday, October 21st, 2008

Linux PPC and WPA

Crap. That’s my final thought on the subject.

Last night I decided to finally update my wireless infrastructure and start using WPA instead of just using mac filtering. It’s not that I am uber concerned about the security aspect of it because, let’s face it, the only way to really have a secure box and network it to shut it off. What drove me to this is my cheap router only has 25 slots for mac addresses to filter and I had them filled up. I decided if I couldn’t do that then I ought to bring things up to speed with the WPA instead (plus it’s much easier to remember a passphrase than bunches of hexidecimal octets.

I had no problem with my Mac Mini, my Ubuntu 8.04 laptop, my wife’s Ubuntu laptop, my kid’s eMac, or my new Linpus laptop. I ran into serious issues with LinuxPPC though. I was running Slackintosh on my iBook but after researching the net a bit I was disappointed to find that WPA has been an issue for a long time on the airport card. I thought, well maybe Ubuntu has it better, so I installed Ubuntu 8.04 for PPC and, although the desktop was quite nice, there was no support for WPA there either. My only option at that point was to put OS X back on the iBook. What a bummer.

Saturday, September 20th, 2008

Port Scan Attack Detector

I mentioned on the show on it’s last go round that I was looking for a port scan detector for work. At least I think I mentioned it was for work…. Anyhow, long ago I used to use a program called Portsentry, which still appears to be around, but in disuse. So, I went looking around for other options. The two I ran into frequent mention for were snort, which also mentioned frequently that it was difficult to configure, and PSAD.

Well, it was PSAD that I decided on. I did a little preliminary testing this week. PSAD is easy to install, in fact, there were packages available for RedHat and Ubuntu already. It’s also very easy to configure, just edit the /etc/psad/psad.conf file. All in all I was very satisfied with this piece of software. One particular caveat, though, is beware of running it on a network with windows machines. Not that PSAD doesn’t work well, but quite the opposite. it takes considerable “tuning”, I learned, to get things running nice on a windows network because windows computers flood the network with a lot of unnecessary traffic – specifically udp traffic. Think I am kidding? Try it and see 😉

Saturday, June 28th, 2008