Version 1.01 INTRODUCTION Years of Apache2 log entries necessitated an application to feed access log files to a database. Population of a database via Python was the fastest and easiest way to get to analysis, though other languages may operate faster at the hardware level. Python already has a lot of the database libraries precanned,… Continue reading Apache2 log database population via Python
Category: Security
Tailing the Apache Access Log
As a system administrator it is sometimes useful to watch things happening live in Apache access log. Tail would be the command usually used to accomplish the task, while logged in as an appropriate user through a secure shell session. Tailing the Apache Access Log was a resolution to a problem that I encountered when… Continue reading Tailing the Apache Access Log
308 response code – redirection and messing with daemons…
This post is part of the “.htaccess redirection fun with mod_rewrite” series. The most useful feature of .htaccess and mod_rewrite, in the opinion of this author, is redirection. Redirection is identified to a browser by response code 308. By redirection we mean mapping any URI into any other URI. Response code 308 is the redirection… Continue reading 308 response code – redirection and messing with daemons…
Why is your fly open to the world?
Do you walk around often with your fly open? In a word, NO! So why is your IT stuff open to the world? Think about it… After years of experiencing consistent and repetitive attacks on the secure shell and WordPress login, I started to wonder why that was occurring. What is the reason that there… Continue reading Why is your fly open to the world?
Password strength in the days of John the Ripper
Password strength is a big deal, especially now that there are several excellent password cracking applications. John the Ripper and THC Hydra are examples of two, to name just a few. Also, there is a fair chance that your information is already out there on the dark web due to breaches at innumerable companies. Hence… Continue reading Password strength in the days of John the Ripper
Log4J Quick Test
Hi Folks, This just in from Canonical. The following two commands are to be run in a terminal window, and they check the vulnerability of your system/server to the respective CVE: $ sudo ua fix CVE-2021-44228 $ sudo ua fix CVE-2021-45046 Ideally you want the result: CVE-2021-45046: Apache Log4j 2 vulnerability https://ubuntu.com/security/CVE-2021-45046 No affected packages… Continue reading Log4J Quick Test
Log4Shell Wild West
Hi Folks, Patch those servers! I’ve had hundreds of attacks today, currently at least 100 IP addresses being blocked actively by automated defenses. That has resulted in a great set of malicious IP addresses to probe at a later date. Keep up the contribution of IP address, and I’ll post those some time in the… Continue reading Log4Shell Wild West
Hi folks,
We’ll start the discussion by introducing the Lynx browser. It’s what is call a text only browser. That means nothing active of any kind other than the text of the page. I call it a safety browser because nothing can infect you as long as there is nothing but text downloaded, and not ever executing that. The beauty of this browser is that because it does not support JavaScript, Adobe Flash, or other similar active content, nefarious websites will have an exponentially harder time downloading and installing malware.
Lynx is a platform independent text browser, meaning it basically runs on any operating system:
– Lynx is available in source code and for Unix flavors, MacOS, Windows 32, and DOS386+
– Several Linux distributions already carry it, just install the lynx package using apt, yum or whatever is appropriate for your distribution.
– The package website is https://lynx.invisible-island.net/release/
One caveat of using this browser is that many dynamic sites will break. The other is that even with this browser, failure to follow basic internet hygiene protocol will get you infected…
Peace and safe computing!
Catwhisperer