gnu-linux

Holistic Info-Sec for Web Developers

A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises. First book is complete, second book is content complete and currently in technical review.

Risks and Countermeasures to the Management of Application Secrets

Redirects to legacy blog post.

TL-WN722N on Kali VM on Linux Host

Redirects to legacy blog post. The following is the process I found to set-up the pass-through of the very common USB TP-LINK TL-WN722N Wifi adapter (which is known to work well with Linux) to a Virtual Host Kali Linux 1.1.0 (same process for 2.0) guest, by-passing the Linux Mint 17.1 (Rebecca) Host.

Keeping Your NodeJS Web App Running on Production Linux

Redirects to legacy blog post. All the following offerings that I’ve evaluated target different scenarios. I’ve listed the pros and cons for each of them and where I think they fit into a potential solution to monitor your web applications (I’m leaning toward NodeJS) and make sure they keep running.

Evaluation of Host Intrusion Detection Systems (HIDS)

Redirects to legacy blog post. The best time to install a HIDS is on a fresh install before you open the host up to the internet or even your LAN if it’s corporate. Of course if you don’t have that luxury, there are a bunch of tools that can help you determine if you’re already owned. Be sure to run one or more over your target system before your HIDS bench-marks it.

Web Server Log Management

Redirects to legacy blog post. As part of the ongoing work around preparing a Debian web server to host applications accessible from the WWW I performed some research, analysis, made decisions along the way and implemented a first stage logging strategy. I’ve done similar set-ups many times before, but thought it worth sharing my experience for all to learn something from it and/or provide input, recommendations, corrections to the process so we all get to improve.

Keeping Your Linux Server/s In Time With Your Router

Redirects to legacy blog post. With this set-up, we’ve got one-to-many Linux servers in a network that all want to be synced with the same up-stream Network Time Protocol (NTP) server/s that your router (or what ever server you choose to be your NTP authority) uses.

Installation and Hardening of Debian Web Server

Redirects to legacy blog post. These are the steps I took to set-up and harden a Debian web server before being placed into a DMZ and undergoing additional hardening before opening the port from the WWW to it. Most of the steps below are fairly simple to do, and in doing so, remove a good portion of the low hanging fruit for nasty entities wanting to gain a foot-hold on your server-network.

A Decent Console for Windows

Redirects to legacy blog post. On *nix we’re kind of spoilt when it comes to the CLI experience. The console I use most in a GUI environment is the great terminator.

Bare-metal Hypervisor Setup Evaluation

Redirects to legacy blog post. Recently I had the opportunity for work, to carry out some research on what’s in the market in regards to bare-metal hypervisors. The following is the result of an in depth research and deployment project of the following bare-metal hyper-visors. This will enable us to trial the hypervisors out for performance, ease of setup, ease of administration, and ease of use.