Archive for the ‘Security’ Category

ARP Spoofing – a lost art? Maybe not.

Sunday, May 10th, 2009

Just over a month back we had an incident where the default gateway on our servers would just sporadically stop responding, we first observed this as our servers sporadically just stopping to respond and only once we realized we could log on to other servers and during these “outages” we could still communicate with our servers via our other servers (ie, we could access them from the local LAN but not anywhere else) did we start pointing fingers at the gateway. (more…)

Webserver (apache) security

Wednesday, October 22nd, 2008

Generally my experience with apache has been very good. It’s a decent web server and works very well, is well supported and generally doesn’t suffer too many problems. For an ISP though, there are a few issues: php and other sub-processes/modues runs with the privileges of the apache user. So what is so bad about that?


Encrypted Harddrive (Gentoo)

Monday, September 22nd, 2008

So a client bugged me about encryption last week, and I dug up some stuff I wrote probably about six months ago, with all intent of publishing it, but never got round to it. The encryption described here is for Linux (I use Gentoo, most of it should apply to other distributions but I have no idea how easy/hard it would be to set it up with other distributions).


Taking security seriously (funny)

Thursday, August 28th, 2008

I just absolutely HAD to share this with the rest of the world, I just received this email from a colleague at a sister company of mine. Their names removed and replaced for their anonymity. For those that don’t understand afrikaans, sorry folks. Maybe someone will translate for you.


Jy sal sien onder Plankie se naam is daar ‘n sudoer attempt. Dit was ek, ek het gou die parameters van sy rights getoets.

Plankie – let op. Ons neem die linux systems baie ernstig op – Ek rapporteer nou dat daar ‘n vlaggie sal opgaan by Jaco omdat ek gekyk het of jou account can sudo. Ja Jaco “besit” daai stelsels net soos ek die webserver “besit”. Hy sal aan my rapporteer as hy iets buitengewoon op die webserver doen. Dis nie omdat die een die ander se baas is nie – dit is net decent IT practice. Nee jy hoef nie nou te verstaan wat sudo is nie.

Lekker dag.