Skip to Content

FireDaemon

Tue, 2005-10-11 15:55 — jlopez

From time to time it is nice to be able to run a program as a service. If you have written the software yourself (especially with .NET) creating services isn't actually all that hard. However, for third party programs or as a quick fix, nothing beats FireDaemon. FireDaemon is a low cost solution that can convert nearly any executable into a daemon. Simply specify the executable to run in the background and set the startup properties, security account, command line, etc and you are off. This is ''particularly'' useful for those programs that seem like they should have been background capable to start with, such as some backup tools that only operate while a user is logged in.

Small Business Backup Solutions

Wed, 2005-08-17 10:56 — jlopez

This is one of those questions that should be asked about more often, "How do I protect my data". Many small businesses take unnecessary risks with their livelihood by ignoring the most basic concept of computing: the value of your data. Since most small businesses are based on Windows platforms, the information here is tinged with Windows terminology, but the ideas are generic enough to use in most environments.

Business owners understand the value of their data, otherwise there would be little need for a computer system. (Even if you only do word processing and a few spreadsheets, think of the difficulty of recreating that information. If you don't like that idea, then you need to create backups.) What is often not understood is the risk the data is placed in every day simply by using their computer system. Let us look at some common small business data environments to understand the risks and some ways to mitigate those risks.

SNMP and syslogd

Tue, 2005-08-16 19:37 — jlopez

Logging is a critical task to perform on your network so you can perform baseline analysis and periodically check up for potential trouble. Most network equipment has SNMP (simple network management protocol) capabilities to send messages about various events that occur. But where to send them?

A cheap and easy way to handle SNMP is to send the messages to a Linux box running snmptrapd, which can log all the events. Simply install "net-snmp" tools, either from source or package and configure to run at your standard run levels for background services. One trick is isolating the messages from all the other messages on your system. To do this, change the startup options for the daemon to "-Ls0 -p /var/run/snmptrapd.pid". By default this would read -Lsd which causes the default message log to be used, which can be very crowded. By sending to log "local0" you can then edit syslog.conf and add:

CutePDF

Wed, 2005-07-27 11:26 — jlopez

Many people need to generate PDF files occasionally, but it can be an expensive proposition to get the latest version of Adobe Acrobat for every user in your office to create basic PDF files. Acrobat comes with many wonderful features for create sophisticated PDF files. Digital signing, encryption and forms that post to web servers are among a few that Timewarp Technologies uses Acrobat for. However, when all you need is get some pages from some unusual program and provide the results to a user without the ability to read the source or resulting files, PDF is a great solution. For that matter, if the end consumer should not be modifying the document, I highly recommend sending PDF instead of Word documents as they are safer and more robust.

Daemon Shield

Mon, 2005-07-18 14:14 — jlopez

Linux is an excellent operating system to deploy in the roles of firewall and web server. Low and no cost options are available and it requires very few system resources to do a lot of work. Because it often is deployed on the "edge" of the network, it can be a target for brute force attacks.

Daemon Shield is a program that scans the log files and shuts out IP addresses that appear to be performing brute force attacks. It works for SSH and PAM modules and lives in the background. Highly recommend as a complement to normal security precautions such as strong passwords and limiting exposed services.

PHPWiki from CVS requires change to table.

Wed, 2005-07-06 20:38 — jlopez

Pulled the CVS version of PHPWiki out. After updating, attempting to post anything that would create new page links, a SQL error would occur. The new version of PHPWiki's DB code for MySQL uses an autonumber on the ID in the page table. Updated to add the auto increment property.

alter table page
modify id INT NOT NULL AUTO_INCREMENT

Why is NAT good for you?

Tue, 2005-07-05 13:23 — jlopez

Recent articles have pointed to a 50% chance that an "unprotected Windows PC" will be infected within 12 minutes of being connected to the Internet.

Globe and Mail article on exploits of Windows Systems

What this means is that if a machine is installed with Windows and then goes online to obtain the necessary security updates, it is probably exploited before completing the update process, with all the negative consequences thereof. Windows XP with Service Pack 2 is already partially "hardened" compared to prior versions of Windows, which makes a most compelling argument for updating to the newer operating system if it is possible when it becomes necessary to reinstall windows. However, it is often necessary to reinstall Windows due to some calamity that befell the operating system, and such reinstalls usually will be with the existing operating system the machine is licensed for. If you only have 12 minutes before having a 50/50 chance of being exploited, how in the world can you safely update it?

Dogfight

Fri, 2005-07-01 12:10 — jlopez

Video of our flight out to the battle (no pictures during the dogfight... nobody would give up such an advantage).

Syndicate content


Theme by Dr. Radut.