If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
set it and forget it. You work your eyes dry getting the right config, curse at your screen a few times, kick a few stuffed animals… umm scratch the stuffed animals. What do you get? your dream / perfect / working config. What do you do after that? not a damn thing… yes linux rocks 
Came across this today while looking into fail to ban. This is a pretty good overview of applications you can use to secure your server. The directions are for ubuntu, but source packages and alts are just a google away of course.
Quick ‘n Dirty Security and Visibility
1. Introduction
2. Firewall
2.1 FireHOL
2.2 ufw
3. Intrusion Prevention
3.1 Fail2Ban
3.2 sshdfilter
4. Intrusion Detection
4.1 chkrootkit
4.2 rkhunter
5. Log Monitoring
5.1 LogWatch and Dropbear
6. Security Update NotificationIntroduction
This article describes some of the tools and utilities I use to better secure and monitor my servers. Simply following the article below does not get you a secure box, you also need to ensure any services you have running are correctly configured and you should disable, or better yet remove, any services or software you do not require.
I just realized that my mail form couldn’t work due to the halfgray domain only allowing google to send and receive mail on its behalf… oops.
This is fixed, so feel free to drop me a line
need to setup a content / media server on ubuntu? no worries here are directions:
Varnish
first we’ll need to install the dependencies:
apt-get build-dep varnish
apt-get install libc6-dev wget checkinstall
next up? well varnish of course:
cd /usr/src
wget downloads.sourceforge.net/varnish/varnish-2.0.2.tar.gz?modtime=1226669272&big_mirror=0
tar xvzf varnish-2.0.2.tar.gz
cd varnish-2.0.2
./autogen.sh
./configure –prefix=/usr/local
make
checkinstall
Next we need to update our paths:
nano /etc/profile.d/user_local.sh
add the following:
export PATH=/usr/local/bin:/usr/local/sbin:$PATH
export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH
export LIBRARY_PATH=/usr/local/lib:$LIBRARY_PATH
export CPATH=/usr/local/include:$CPATH
ctrl+x, press y. now you’ve saved the file
run the following to update your paths:
source /etc/profile.d/user_local.sh
Varnish is now installed and added to start at: /etc/init.d/varnish
to modify startup settings edit the file: /etc/default/varnish
of course you’ll want to customize your varnish settings at: /etc/varnish/vcl.conf
…that’s it…
Red5
grab the depends:
apt-get build-dep sun-java5-bin ant sun-java6-bin sun-java5-jre sun-java6-jre
apt-get install sun-java5-bin ant sun-java5-jre ant-optional ant-gcj sun-java6-bin sun-java6-jre
ok now install red5:
cd /usr/src
mkdir red5
cd red5
wget www.red5.fr/release/0.7.0/debian/red5_0.7.0_all.deb
dpkg -i red5_0.7.0_all.deb
red5 is now installed and a startup added at: /etc/init.d/red5
red5 is located at: /usr/lib/red5
That’s all folks
Remember to go through and customize your setups as needed. So long and thanks for all the fish.
Sid out
Looking at my blog statistics shows that my post on “Installing the latest JRE 6 on CentOS” is one of the top positions. Also a lot of search engines referrals come to this post.
Thus I would like to give a short update to the blog post, since some things have changed since then. Also CentOS has been updated to Version 5.2 in the meantime.
The way I have done it with modifying the symbolic link in “/usr/bin/java/” still works, but it is not the recommended way to do it. Thus I follow here the path that the CentOS project has outlined. Where applicable I updated the link information. So, without further ado, let’s install JRE 6 or update it to the latest
The last time I used red5 was over a year ago. I ended up going back to fms due to time constrains, and some issues with streaming.
I’m setting up an in-house media server so I decided to revisit red5. All the issues I had about red5 have been cleared up and they are actually pushing past fms.
Anyways more later, I’ve got more testing researching to do
Sid
Need to know which ports to open for red5? Here is your answer:
Dervish Moose Blog: List of Red 5 Server port openings for firewall
So while reading the comments from my last post I started wondering, whats some of the things that tend to “f” up projects? after further thought here is what i came up with. I’ll try and expand it when i expand the quick start: web project management post
communication - design to developer, developer to designer, client to pm, pm to developer / designers
building one trick ponies - why build one trick pony sites, apps? their hard to expand, reuse, etc
lack of solid ui design from start
general lack of knowledge on web optimizing
file access / version control - git / svn, problem solved
using basecamp as a run on forum
short, sweet, sleep
So I’m trying to give a friend a few of the basics they’d need to know for managing a web project. Not a bible, just a quick read to hit the ground running. Here is what I came up with.
Your team:
designers - creative artistically, creates look and feel, communicate, produces things you can see
developers - creative technically, creates applications foundation, communicate, leave alone for extended periods, produces things that are used, but not always seen.
cto - head geek, usually smarter than you.
ceo - head head, smile and nod - might be cool
cfo - head money - nuff said
creative director - awesomely artistic, likes coffee
techincal director - almost head geek
vp anything - has friends, probably knows what their doing
assitant - love them, bring them coffee, and be really really nice to them
project manager - you, makes sure designers / developers are making progress, middle man between client, developers / designers, and everyone else (maybe)
Basecamp:
where you document everything. Covers your ass. Anything changes, legals, documents, or client communication happens here.
Cover your ass use BC
Deadline:
in house milestone / deadline=client review milestone / deadline- (1 - 2 weeks)
client milestone / deadline = milestone / deadline + (1 - 2 weeks)
client review milestone / deadline = milestone / deadline - (2-3 weeks)
Terms to know:
fubar - we’re fucked
need more time - your fucked
great - needs review
fun - expect delays
breach of contract - see fubar * 2
contract - covers your ass
invoice - pays your ass
server - where everything runs
ui / client side - where everything is seen
php, ruby, python - what developer use to make things run
css / stylesheet - what designers / developers use to layout what you see
ajax - those cool effects
flash - more cool effects
flv - youtube video
harvest - where everyone tracks time
bc - where you track clients / team
skype - online meeting
delay - no sleep
billable hours - what you can get paid for
over hours - what you might get paid for
favor - 5/1 to get your account established
hail mary - a favor that empties your favor account
wireframe - lines that show how something will look
mock up - test design
voip - the phone
im / aim - chat
ping - contact
And there you have it, my quick read, more web filler.
sid
I’m a BC fan, but have to admit there are more than enough times that it feels lacking. I recently started playing around with pivotal tracker which is follows the agile method.
It took me about 10 minutes to go holy crap this rocks… I don’t think it’d be to client friendly, but it definitely works for team use: www.pivotaltracker.com/
