Tuesday, July 26, 2011
The Solaris package for the mysterious "libgnomebreakpad.so"
Looking through a ton of postings I could only find people complaining about this library with the only solution being given was to copy it manually, but I finally found an obscure posting that pointed out the package: gnome/crash-report/bug-buddy
Sunday, July 24, 2011
More memories from the distant past: a 1995 nodelist for BBS's on the Paul Revere Network (used FIDONet software)
õýýýýýýýýýýÀ õýýýýýýýýýýÀ õýýýýÀ õýýýýÀ
ÁÀ õýýýÀ þ ÁÀ õýýýÀ þ þ ÁÀ ÁÀ õã
þ þ þ þ þ þ þ þ þ ÈÀ ÁÀ þ þ
þ Áýýýã þ þ Áýýýã þ þ þÁÀ ÁÀ þ þ
þ õýýýýýýã þ õÀ õýýã þ þ ÁÀ ÁÀþ þ
þ þ þ þÁÀ ÁÀ þ þ ÁÀ Á³ þ
õã ÁÀ õã ÁÀÁÀ ÁýÀ õã ÁÀ ÁÀ þ
Áýýýýã Áýýýýã Áýýýã Áýýýýã Áýýýýã
The PAUL REVERE NET a listing of the systems within
The PAUL REVERE NETWORK.
ýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýý
The Paul Revere Network/HQ Chicago BBS (312)482-9940 (V)(312)482-9910
Visit the PRNet Web Page at: http://www.mcs.net/~lpyleprn/home.html
Gun Owners of America +DUAL MEMBERSHIP OFFER+ The Paul Revere Network
Two Newsletters/Alerts $ 28 -=*=- Support the Second Amendment Effort
ýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýý
(As of 2 December 1995)
ST BBS Name BBS Phone# City Sysop Name
ýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýý
AB The WAR Room BBS 403-275-5690 Calgary Martin Riley
AK Terminal Velocity (PRNet 907-247-1078 Ward Cove Ken Rowan
AL Adventure Sports BBs 205-477-9902 McCalla Greg Pack
AL King James Bible BBS 205-285-5948 Millbrook Ralph Stokes
AL THE FAMILY SMORGASBOARD<t 205-744-0943 Pleasant Grove Randall Dickerson
AL The Chuckle Box 334-653-1776 Mobile Robert Nykvist
AL The Confederates BBS 205-967-6176 Vestavia Hills John Gentle
AN Rational Anarchist BBS 905-646-8229 St Catherines O Keith Weaver
AR Conway PC Users Group BBS 501-329-7227 Conway Tim Stone
AS PRN TEXAS 409-447-2069 Montgomery Co T Jonathan Gauntt
AZ A-2-Z Enterprises 602-721-7824 Tucson William Arnold
AZ Cross Roads 602-482-8577 Phoenix Tony Ellis
AZ CyberSupport Hq/Co.A 602-231-9377 Phoenix Phil Runyan
AZ Dennis' Emporium 602-645-8167 Page Dennis Crane
AZ Hawks Aerie! 602-873-2755 Phoenix Patrick Spence
AZ Inn on The Park PCBoard 602-350-0890 Scottsdale Jim Jusko
AZ L&M Information Systems 602-730-0116 Chandler Martin Maxwell
AZ My Blue Heaven BBS 602-750-0716 Tucson Scott Wood
AZ PIONEER INTERNATIONAL BBS 602-649-2647 Mesa Bernie Wilt
AZ Run-Time BBS 602-525-3711 Flagstaff Dan Shearer
AZ Telegraph Station BBS 602-844-9740 Mesa David French
AZ The Arizona Sentinel 602-412-8978 Phoenix Don Scotten Jr.
AZ The Desert Reef 520-624-6386 Tucson Eric Gray
AZ The Desert Reef 602-624-6386 Tucson Eric Gray
AZ The Ghostrider BBS 602-439-2226 Glendale John Kuhns
AZ The Light Post 602-890-1588 Tempe Don Wheeler
AZ The Rock Beyond the Billo 602-482-1851 Phoenix Wesley Arnold
BS PRN/REPUBLIC OF TEXAS HUB 214-495-6699 Sachse TX Ric Duncan
CA A&B Express 619-447-2792 El Cajon Bryan Gardner
CA Aaron Construction Cmpy B 510-521-0281 Alameda Rick Hunter
CA Eagle's Nest 818-989-7845 Van Nuys William Kirk
CA Excelion BBS 818-892-4182 North Hills Robert Worne
CA FREEDOM USA BBS 916-423-2565 Sacramento Greg Waggy
CA Hunter's Den 209-437-9903 Clovis Rick Hunter
CA In Heaven There Is No Bee 619-667-0159 Lemon Grove Tony Quinn
CA LadyColt Women's Form/PRN 408-246-2837 San Jose Masako Young
CA Laissez Faire Communicati 916-676-8447 Cameron Park Joseph Slump
CA Lake Co. Amateur Radio BB 707-987-3022 Middletown Bruce LeGrande
CA Lakeside Wildcat! BBS 619-390-7328 Lakeside Roger Peck
CA Nautilus II BBS 909-880-3229 San Bernardino Dave Niemeyer
CA NiteLite 415-965-4097 Mountain View Byron McKay
CA Nodelist Coordinator 510-713-7336 Newark Mike Burgett
CA North West Region 408-229-9753 San Jose Dennis Blair
CA PRN Los Angeles 310-837-7818 Los Angeles Mike Loving
CA PRN/GOAC Orange County 714-969-6338 Huntington Beac Manny Rothstein
CA Paradigm Shift Line 1 310-902-0252 Whittier Michael McBroom
CA Paradigm Shift Line 2 310-943-2499 Whittier Michael McBroom
CA Paul Revere Network GOLD 209-795-0848 Arnold Mike Pyle
CA Planet Mirth 510-786-6560 Hayward Gene Hahn
CA South West Region 310-676-0492 El Segundo Dennis Santiago
CA THE BAD BOY BBS! 310-378-3081 Torrance Carl Tice
CA THE BULLET BOX 818-403-0399 So. Pasadena Dan Feely
CA The ACCESS Network 619-247-1816 Apple Valley Robert Parsons
CA The Airtight Garage 415-641-0348 San Francisco Carlos Benitz
CA The Digital Forest Inform 714-586-6142 Mission Viejo Tobin Fricke
CA The Free Zone 619-582-2402 San Diego Paul Cavnar
CA The Great AbysS 510-482-5813 Oakland Gary Stewart
CA The MARINES KEEP BBS 916-268-3129 Auburn Alan J Squire
CA The Ride 209-642-6126 Oakhurst Brad Bopp
CA The Shooter's BBS 619-691-0233 Chula Vista Mike Bergan
CA The Wastelands 209-438-7621 Fresno Donald Price
CA The ZEANAH Machine 805-446-9203 Thousand Oaks Derek Zeanah
CA WEST LOS ANGELES BBS 310-559-5334 Los Angeles Gary Inman
CA net600 Hub 300 916-992-1781 Rio Linda Tim Baltad
CO Runestone BBS 303-338-1055 Denver Kevin McNeece
CO The OK Corral BBS 303-832-4197 Denver Dave Wilson
CO Welcome Home BBS 303-839-8665 Denver Dave Wilson
DC Powderhorn BBS 202-562-8239 Bolling AFB Brian Sorensen
DE The Nuclear Amoeba 302-653-7685 Smyrna Andrew Brown
FL John's Barn 904-785-1280 Panama City Lee Rich
FL Sawhorse BBS 305-435-1972 Pembroke Pines John Sawyer
FL Shooter Ready BBS 305-567-0114 Miami Marc Fisher
FL TRUST NO ONE BBS 904-589-2532 Grand Island Brian Cash
FL The Haven of Rest 904-474-0992 Pensacola John Calvin Hall
FL The Perfect Trinity 904-995-0255 Pace Tim Hudson
GA Acorn Systems BBS 912-882-0540 St. Mary's Walt Thomas
GA Digital Frontier 404-984-2543 Atlanta Cott Lang
GA Malfunction Junction 912-261-8332 Brunswick David Little
GA Rsbbs 404-879-1600 Pine Lake Robert Seely
GA Southside Bbs 912-757-0576 Macon Chuck Lackey
GA The Kountry Kitchen BBS 912-673-6564 St. Marys Vicki Phillips
HI UNHINGED! 808-263-4742 Kailua Bruce Nolting
ID Orwell's Vision BBS 208-832-2572 Mountain Home Chris Mangus
ID THe PHaNToM LiMB 208-664-3655 Coeur d'Alene Todd Riggz
IL Bold Truth BBS 618-937-3962 West Frankfort John Zortz
IL ICM BBS 217-422-5872 Decatur Rick McNeely
IL North Central Region 312-482-9940 Chicago Leroy Pyle
IL The King James BBS 312-723-8434 Chicago James Walker
IL The Rift BBS 217-522-1937 Springfield John Hull
IL Windstar Network 312-986-0974 Chicago Steve Schmidt
IN Electronic Warfare BBS 812-882-0644 Vincennes Nicholas Loch
IN Hilltop/2 219-488-3812 Hamilton Mark Taylor
IN MegaCity One BBS 219-426-7015 Fort Wayne Derek Balling
KS Midwest Tech BBS 913-432-6490 Kansas City Ted Burris
KS The American Patriot BBS 913-438-1776 Overland Park Kevin Johnson
LA Duffey's Tavern 318-436-2992 Lake Charles Gordon K
LA Holodeck 504-392-9847 New Orleans Steve Fatland
LA The Eagle's Nest 504-764-0449 Norco John Perilloux
MD Silver Bullet 301-622-2247 Silver Spring Frank Mallory
MD The Christian Connection 301-470-2354 Laurel Robert Middleswarth
MI Aquila Systems BBS 313-533-6068 Redford Greg Plyler
MI Marriage Bed BBS 616-467-4550 Centreville John Van Hare
MI Woody's Nest 810-628-4523 Oxford Cletus Cryderman
MN Erebus 612-439-7808 Stillwater David Pinch
MN Minnesota Libertarian 612-938-3702 Hopkins Michael Lomker
MN MinuteMan 612-933-5409 Minneapolis Dale Ubelhoer
MN Shade's Landing 612-431-6733 Apple Valley Gary Shade
MO Big Al's Place 417-881-8653 Springfield Al Turner
MO DOC in the BOX CBIS 314-893-6099 Jefferson City Mark D Winton
MO Party Line BBS 314-845-7127 St. Louis Jerry Olney
MO South Central Region 816-597-3950 Kansas City Brad Alpert
MO StarCastle BBS 816-524-4312 Lees Summit Mark Stilwell
MO The Gore Zone 816-363-4673 Kansas City David Gore
MO The IWLA 2X4 BBS 314-443-1874 Columbia Kim Palmer
MO The Second City 417-623-3187 Joplin Mike Brandon
MS Chip's Toy Box BBS 601-436-6412 Biloxi Chip Lechner
MS Crest Mark BBS 601-829-2161 Jackson Andy Templeton
MS Gulf Coast Adult Lifestyl 601-392-6114 Biloxi James Young
MS TechLink BBS 601-878-5943 Terry Wayne Fugitt
MS The City of Tanelorn 601-374-0934 Biloxi Ray E Coffey
MT The Night Lights 406-259-6771 Billings John Hank
N- PRN WESTERN PA 412-271-0980 -Unkno Brian Sawyers
NC Promenade/2 704-393-1093 charlotte Andy Ruth
NC South East Region 919-752-5738 Greenville Vince Worthington
NC The Jungle 910-488-1954 Fayetteville Charles Bowman
NC Thor's Retreat/2 BBS 910-424-0956 Fayetteville Don Cranford
NH CHECKMATE BBS 603-624-7123 Manchester Henry France
NH PRN NEW HAMPSHIRE 603-753-9716 Penacook Allan Hitchmoth
NJ Geoff Gowey BBS 908-813-2584 Port Murray Geoff Gowey
NJ Luftwaffe 609-859-1234 Southampton Ed Rossell
NJ Paul Revere Net New Jerse 609-723-8436 McGuire AFB Jim Faulkner
NJ The Armory BBS 908-859-0162 Phillipsburg Bob Goeller
NJ The Computerist's Friend 908-563-6976 Somerset William W Reed
NJ The Vector BBS 908-276-4405 Cranford Joseph Delvecchio
NJ The Wrong Number BBS 201-656-6576 Jersey City Clark Matthews
NM Galt's Junkyard 505-344-7645 Albuquerque Steve Davis
NM Route 66 Solutions 505-294-4543 Albuquerque Jon Jacob
NV Moroni's Call 702-871-6827 Las Vegas Ken Thompson
NV Sierra Sage North 702-887-0408 Carson City Wil Schuemann
NY AccessTV BBS 914-774-8947 Monroe Bruce Greenberg
NY MHS:BBS 914-794-8904 Monticello Scott Waschitz
NY Telesphere BBS 518-459-0270 Albany Andrew Badi
NY The Peacock BBS 516-884-1328 Lindenhurst James Combs
NY The Volitan BBS 516-874-4615 East Moriches David Wilson
OH Battle Cry BBS 513-252-0220 Kettering Jerry Hail
OH Hank's Corner BBS 513-274-8118 Dayton Norm Smith
OH The Firehouse BBS 513-258-0215 Dayton Dean Tarter
OH Warrior BBS 513-271-0779 Cincinnati Barry Riddell
OK <CyBorg ConTrol> 918-252-9528 Tulsa Jim Watson
OK Bedrock BBS 918-835-6836 Tulsa Monte James
OK GhostWorks 405-720-2342 Oklahoma City Justin Smith
OK Magna Carta News Service 405-631-1664 OKC Bill Bauer
OK The Dugout 918-357-1765 Tulsa The Coach
OK The GUNNER'S MATE/PRN 918-665-6841 Tulsa Ed Shirley
OK The People's Advocate & P 405-391-6604 Newalla David Elston
OK The Right Wing Observer 918-835-8026 Tulsa Jim Brown
OK Uniblab 918-341-4450 Claremore Ray Shank
ON Another World Bbs 905-871-9502 Fort Erie Henry Edginton
ON Radio Free Canada 613-820-0606 Ottawa Leonard Knoll
ON The Hunting Field 905-735-9081 Welland Larry Poirier
ON The Hunting Field 905-735-8683 Welland Larry Poirier
ON The Rippler's Crypt#1 905-834-1923 Port Colborne Paul Lee
ON The Rippler's Crypt#2 905-834-1924 Port Colborne Paul Lee
OR Integrated Media Services 503-254-2817 Portland Bill Taylor
OR NWCS Online "A CyberPlace 503-655-8114 Portland Skip Guyer
PA Gizmonic Institute 412-771-2804 Pittsburgh Joel Robinson
PA North East Region 610-259-2198 Lansdowne Jim Henry
PA Second Amendment BBS 814-898-1732 Erie Frank Huff
PA TANSTAAFL BBS 717-432-0764 Dillsburg Roy Tellason
PA THE BRATS HOME BBS 412-942-3957 MCMURRAY JON CHRYK
PA The Genealogist BBS 412-681-5688 Pittsburgh Bill Thoma
SC Shroedinger's CatBox 803-652-3759 New Ellenton Terry Buyers
SC The Second Amendment BBS 803-794-2822 West Columbia Larry Coble
TN Freedom's Voice BBS 423-288-5877 Kingsport Kevin Qualls
TN Realty Relief Fido 423-690-2227 Knoxville Pat Carter
TN River Canyon Rd. BBS 423-886-2521 Chattanooga Ron Mitchell
TN Southern Cross 423-349-5473 Kingsport Bob Burns
TN Storm Warning BBS 423-877-2304 Chattanooga Brent Daniel
TN The Dagobah System BBS 423-894-0430 Chattanooga Michael Hampton
TN The Final Word 423-877-0682 Chatanooga Rocky
TN The TutorBoard 423-744-0024 Decatur A.D. Wade
TN The Virtual Dimension 901-935-2192 Jackson David Fesmire
TN Thunder Bolt BBS 423-357-8769 Church Hill Dusty Evans
TN Vision Quest BBS! 423-272-2331 Rogersville Tommy Shaw
TX Alcatraz RBBS-PC 713-450-3870 Houston Matt Bedynek
TX BackStage 409-721-9606 Nederland Jeff Lanes
TX Brigadoon 409-321-4637 Conroe Gary Black
TX Confusion Central 713-367-7391 Conroe Steve McDonald
TX Coyote's Den 409-447-3198 Montgomery Russell Steffee
TX FAIRLANE BBS 713-489-4580 Manvel Mike Campbell
TX FLOTOM Information Servic 512-282-3941 Austin Tom Lane
TX Galt's Gulch Texas 214-294-4215 Frisco Alan Andrews
TX Guns BBS 214-357-8770 Dallas Jason Hughes
TX Houston Libertarian 713-728-2199 Houston Mike Lenker
TX JACK'S RANGE 915-757-9311 El Paso Jack McGuire
TX Sub-Rosa 915-598-2042 El Paso David Butler
TX THE BEACON 214-881-7585 PLANO STEVE WOLFF
TX THOrne...'s Castle BBS 214-422-1589 Plano David Smith
TX The Arena 713-362-9772 Spring Bob Sturgeon
TX The Dragon's Lair 409-539-9082 Conroe Marius Strom
TX The Firing Line 214-490-3491 Dallas Andy Mans
TX The Justice Advocate 409-856-5808 Willis Joe Sager
TX The Minuteman 806-355-8564 Amarillo Larry Wyble
TX The Paper Man 713-869-5310 Houston John Westerlage
TX The Pit Viper 214-454-4606 Richardson Mike Phillips
TX The Roost BBS 713-482-7080 Friendswood Robert VanBurkleo
TX The SysOp's HangOut 409-945-5909 Texas City Mervin Cockerham aka
VA Brokedown Palace 804-591-8537 Newport News Dennis Ricketts
VA Gun Owners of America BBS 703-321-7401 Springfield Larry Pratt
VA PRN LGC Newport News 804-877-8320 Newport News Dick Adams
VA Sparkies Machine BBS 703-362-7647 Roanoke John Campbell
VA THE WALL 804-595-4017 Newport News Tommy Caylor
VA THE WALL Node 2 804-595-3572 Newport News Tommy Caylor
VA TIDMADT 703-765-0822 Alexandria Dave Aronson
WA GunServe 509-582-9627 Kennewick Kevin Crosby
WA Invincible Software 206-277-4059 Renton Jeff Murphy
WA Washington Arms BBS 206-255-8371 Issaquah Roger Brown
WY The Byte Me BBS 307-382-6127 Rock Springs Gerald Shurtleff
Total Sites: 218
ýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýý
If you would like more information on how your BBS
can become a Paul Revere Network member, download
PRNKIT.ZIP from any of the listed bulletin boards.
ýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýýý
A post for posterities sake: My 1998 mailing list debate over secure network design
When reading this please bear in mind this was '98 during original .com boom when it looked like money would be abundant to anyone with a modicum of computer knowledge and I was still in college. I actually received a job offer from the State Department as a result of this posting, but, stupidly, turned it down. C'est la vie.
==============
==============
Some new ideas came to mind and I added them to my proposal. As usual any
comments are appreciated. Here's the latest proposal:
Secure Network Initiative for Small Networks
Revision 1.0
January 15, 1998
by Geoffrey J. Gowey
PURPOSE:
This is a proposed setup for a securing a network for administrators on a
low budget (those that don't want to by a firewall and other security
devices) and that want one up fast. The strength of this setup relies on
two filters and the rules used for filtering (it's not perfect, but it's
better than nothing). The other advantage is that it puts some of the old
junkboxes that many instutions have to use.
IMPORTANT: This setup is aimed for small setups (100-150 nodes) using a
single T-1.
OVERALL DESIGN:
Internet Connection
|
|
External Filter
| DMZ
---------------------------------
| Web Server |
| SMTP/POP server |
| Primary external DNS server |
| Secondary external DNS server |
| Anonymous FTP server (optional)|
---------------------------------
|
Internal Filter
|
Log host (optional)
|
Internal Network
|
Primary internal DNS server
|
everything else
SYSTEM SPECIFICATIONS:
External Filter:
Either a filter router (CISCO, HP, etc.) or a system with
the following specs:
P-75 64MB RAM (maybe more RAM and a faster CPU
depending on the network load)
Any filtering setup (NetBSD w/ ipf rules, FreeBSD,
Karlbridge/Karlbrouter, etc.)
Two ethernet cards that work with the filtering software.
A printer to log rejected packets (preferably dot matrix or
daisy wheel) and A LOT of paper.
Internal Filter:
same setup.
Web server:
Get a package and meet the requirements.
My preference is NetBSD w/ Apache.
With NetBSD a 486 with 8 or 16 MB RAM should be adequate.
SMTP/POP server:
Get an 486 that meets NetBSD's or FreeBSD's installation
requirements, and a POP server.
The DNS servers:
Nearly same config as the SMTP/POP server, but a 386 can be
used instead of a 486, and a POP server is not needed.
FTP server:
Same config as the SMTP/POP server, but no POP needed.
Log host:
Old 386 running NetBSD, FreeBSD, etc. (just about anything
that can catch syslog UDP packets). Although a 486 might be
better since a large HDD will be needed.
FILTER RULES:
External Filter:
From Practical UNIX & Internet Security[Garfinkel&Spafford]:
Block packets for services that you do not wish to cross
your firewall.
Block packets that have IP source routing or that have
other "unusual" options set.
(my idea on this) Just about all TCP services except WWW
and FTP. Just about all UDP services except DNS.
(modified) Block inbound packets with a source address of
any systems in the DMZ, internal network, or routers (anti-spoofing).
(my idea) Block inbound packets with a destination of the
internal DNS server.
Internal Filter:
From Practical UNIX & Internet Security[Garfinkel&Spafford]:
Block packets for services that you do not wish to cross
your firewall.
(my idea) almost the same rules as above, except allow UDP
for syslog (port 514) destined for the loghost (and only for the loghost) in
and ONLY from systems in the DMZ.
Block packets that have IP source routing or that have
other "unusual" options set.
(modified) Block packets addressed to your filters.
(my idea) block outbound DNS packets destined for the
external dns primary/secondary servers from everything except the internal
primary DNS server.
(my idea) block inbound packets lower than port 1023
without the ACK bit set (this will cause the remaining packets to be
ignored). Thanks to Chapman and Zwicky for this idea. Reason: doesn't
allow people on the outside to access FTP, HTTP, and anything else using TCP
on the inside using ports less than 1023. Only problem: X-Windows Servers,
and any server sitting higher than port 1023 (such as IRC, DOOM Servers,
QUAKE Servers, Netscape's Admin for its web server (I believe, could be wrong),
and some other things). However, with things like DOOM and QUAKE I think
the majority of the traffic is UDP so they should be blocked by virtue of
the UDP filtering rules (but I'm not sure).
REASON FOR AN EXTERNAL/INTERNAL DNS SERVERS:
My reason for such separation is that it only allows people have
immediate access to systems in the DMZ (hackers would have to sniff packets
to figure out the remainder of the setup). The external/internal setup also
allows some added flexibility and security.
DRAWBACKS OF THIS SETUP:
If a proxy server was used the filtering would be even easier, and
more secure. Securing against servers runing on ports above 1023 is
difficult.
NOTE ON THE DNS SETUP:
The way to have the DNS working is to have internal traffic ask the
internal DNS server and if the internal DNS server doesn't know the (the
internal DNS server) should ask the external primary DNS server.
NOTES ON THE SMTP/POP SERVER:
For security reasons I think it might be a good idea to have e-mail
addresses and passwords different than the login name and login passwords
(this'll leave a cracker out of luck if the server is sniffed or cracked).
Also, if possible, use APOP (authenticated POP) since normal POP transmits
passwords in the clear (APOP sends them encrypted).
ANOTHER IDEA:
If the systems in the DMZ have packet filtering support native to
them (e.g. NetBSD, FreeBSD, Linux, whatever) or if it's availiable then set
it so it can't accept inbound packets with a source of address of its own.
If one of the systems is cracked (e.g. the webserver) it'll prevent that
system from being used to easially hijack another.
SOME LAST NOTES:
As is noted in many books all of these systems should be in a
secured area. PHYSICAL SECURITY IS VERY IMPORTANT! Using programs like
COPS or Tripwire is advise for the Web and SMTP/POP servers (and check
regularly). This will assist in making sure that your system has not been
tampered with.
INFOSEC that everyone working in IT should know
Note: this is a post I originally put on my FaceBook page in 2009, but I'm slowly migrating away from FB so I'm reposting it here since it's still relevant.
-----------
Seeing as how I'm now moving on again I think I'll offer some basic information security procedures that everyone should know. It's an inevitability that you will eventually have to turn in your work equipment with little to no notice and making sure you don't have personal information on it should be a concern from day one. Yes, storing your gmail, facebook, Twitter, etc passwords in FireFox is convenient, but that's definitely not something that you want left for a stranger to compromise. Here is a setup that I have determined to be best:
1. Load vmware on your system
2. Install a Linux distribution (I prefer CentOS) and make sure to select use an encrypted partition (use a good password too not 1234 or some other password that takes 2 seconds to crack).
NOTE: make sure VMWare is setup to keep the guest in RAM (so it doesn't use the swap).
If the host OS is windows do the following:
1. Install CCleaner and configure it as follows:
a) start at startup
b) secure deletion - DoD standard is more than enough
c) wipe free space
2. Have windows clear delete the swap file at shutdown.
3. Configure disk defragmentation to happen every night at midnight.
Now use the Linux guest to browse gmail, facebook, whatever personal stuff you want/need to do.
The host os (windows) will be you do all your completely business related activities (intranet, code development, etc). As long as a key logger isn't installed the guest os will be secure for using for your personal tasks. When it's time for equipment turn in all that then needs to be done is a quick delete on the VHD for the guest (one file). However, if you're not provided any time you'll at least know that no one will access your personal data unless they have obtained the key for your encrypted filesystem (by key logger or watching you enter it).
-----------
Seeing as how I'm now moving on again I think I'll offer some basic information security procedures that everyone should know. It's an inevitability that you will eventually have to turn in your work equipment with little to no notice and making sure you don't have personal information on it should be a concern from day one. Yes, storing your gmail, facebook, Twitter, etc passwords in FireFox is convenient, but that's definitely not something that you want left for a stranger to compromise. Here is a setup that I have determined to be best:
1. Load vmware on your system
2. Install a Linux distribution (I prefer CentOS) and make sure to select use an encrypted partition (use a good password too not 1234 or some other password that takes 2 seconds to crack).
NOTE: make sure VMWare is setup to keep the guest in RAM (so it doesn't use the swap).
If the host OS is windows do the following:
1. Install CCleaner and configure it as follows:
a) start at startup
b) secure deletion - DoD standard is more than enough
c) wipe free space
2. Have windows clear delete the swap file at shutdown.
3. Configure disk defragmentation to happen every night at midnight.
Now use the Linux guest to browse gmail, facebook, whatever personal stuff you want/need to do.
The host os (windows) will be you do all your completely business related activities (intranet, code development, etc). As long as a key logger isn't installed the guest os will be secure for using for your personal tasks. When it's time for equipment turn in all that then needs to be done is a quick delete on the VHD for the guest (one file). However, if you're not provided any time you'll at least know that no one will access your personal data unless they have obtained the key for your encrypted filesystem (by key logger or watching you enter it).
Thursday, July 21, 2011
How to setup the updater for Solaris 11
A brief overview is located at:
Support Repositories Explained [ID 1021281.1]
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1021281.1
Get your x.509 certificate for accessing the repository at:
https://pkg-register.oracle.com/register/status/
There's a HOWTO section link located on the bottom, but I'll reprint the instructions in case things change.
------
How to Install this Oracle Solaris 11 Express Support Certificate
1. Download the provided key and certificate files, called Oracle_Solaris_11_Express_Support.key.pem and Oracle_Solaris_11_Express_Support.certificate.pem using the buttons above. Don't worry if you get logged out, or lose the files. You can come back to this site later and re-download them. We'll assume that you downloaded these files into your Desktop folder, ~/Desktop/.
2. Use the following comands to make a directory inside of /var/pkg to store the key and certificate, and copy the key and certificate into this directory. The key files are kept by reference, so if the files become inaccessible to the packaging system, you will encounter errors. Here is how to do it:
$ sudo mkdir -m 0755 -p /var/pkg/ssl
$ sudo cp -i ~/Desktop/Oracle_Solaris_11_Express_Support.key.pem /var/pkg/ssl
$ sudo cp -i ~/Desktop/Oracle_Solaris_11_Express_Support.certificate.pem /var/pkg/ssl
3. Add the publisher:
$ sudo pkg set-publisher \
-k /var/pkg/ssl/Oracle_Solaris_11_Express_Support.key.pem \
-c /var/pkg/ssl/Oracle_Solaris_11_Express_Support.certificate.pem \
-O https://pkg.oracle.com/solaris/support/ solaris
4. Check your publisher settings, there should be no unrelated mirrors set up. To check for any set up mirrors invoke the following command:
$ pkg publisher solaris | grep Mirror
If the output is empty you are all set. If not remove unrelated mirrors by running:
$ sudo pkg set-publisher -M http://mirror1.x.com -M http://mirror2.y.com ... solaris
5. To see the packages supplied by this publisher, try:
$ pkg list -a 'pkg://solaris/*'
If you use the Package Manager graphical application, you will be able to locate the newly discovered packages when you restart Package Manager.
Support Repositories Explained [ID 1021281.1]
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1021281.1
Get your x.509 certificate for accessing the repository at:
https://pkg-register.oracle.com/register/status/
There's a HOWTO section link located on the bottom, but I'll reprint the instructions in case things change.
------
How to Install this Oracle Solaris 11 Express Support Certificate
1. Download the provided key and certificate files, called Oracle_Solaris_11_Express_Support.key.pem and Oracle_Solaris_11_Express_Support.certificate.pem using the buttons above. Don't worry if you get logged out, or lose the files. You can come back to this site later and re-download them. We'll assume that you downloaded these files into your Desktop folder, ~/Desktop/.
2. Use the following comands to make a directory inside of /var/pkg to store the key and certificate, and copy the key and certificate into this directory. The key files are kept by reference, so if the files become inaccessible to the packaging system, you will encounter errors. Here is how to do it:
$ sudo mkdir -m 0755 -p /var/pkg/ssl
$ sudo cp -i ~/Desktop/Oracle_Solaris_11_Express_Support.key.pem /var/pkg/ssl
$ sudo cp -i ~/Desktop/Oracle_Solaris_11_Express_Support.certificate.pem /var/pkg/ssl
3. Add the publisher:
$ sudo pkg set-publisher \
-k /var/pkg/ssl/Oracle_Solaris_11_Express_Support.key.pem \
-c /var/pkg/ssl/Oracle_Solaris_11_Express_Support.certificate.pem \
-O https://pkg.oracle.com/solaris/support/ solaris
4. Check your publisher settings, there should be no unrelated mirrors set up. To check for any set up mirrors invoke the following command:
$ pkg publisher solaris | grep Mirror
If the output is empty you are all set. If not remove unrelated mirrors by running:
$ sudo pkg set-publisher -M http://mirror1.x.com -M http://mirror2.y.com ... solaris
5. To see the packages supplied by this publisher, try:
$ pkg list -a 'pkg://solaris/*'
If you use the Package Manager graphical application, you will be able to locate the newly discovered packages when you restart Package Manager.
Friday, July 8, 2011
Theodore Roosevelt on courage
“It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood, who strives valiantly; who errs and comes short again and again; because there is not effort without error and shortcomings; but who does actually strive to do the deed; who knows the great enthusiasm, the great devotion, who spends himself in a worthy cause, who at the best knows in the end the triumph of high achievement and who at the worst, if he fails, at least he fails while daring greatly. So that his place shall never be with those cold and timid souls who know neither victory nor defeat.”
Theodore Roosevelt quotes (American 26th US President (1901-09), 1858-1919)
Theodore Roosevelt quotes (American 26th US President (1901-09), 1858-1919)
Subscribe to:
Comments (Atom)
Posts
