zarzax the blog

Sometimes its the little things that annoy us so much on the Unix command line.  One big question for me was… How to do you differentiate between directories and files when recursively chmod-ing?

The answer is simple.  But of course there are different ways to do the same thing.

Using the find command

find -name '*' -type d -exec chmod 0755 {} \;

NOTE: the -name ‘*’ parameter is used to keep from modifying the present working directory or ‘.’ directory.

find . -type f -exec chmod 0644 {} \;

(continue reading…)

DenyHosts smart SSH Server Protection

DenyHosts is a Python based security tool for SSH servers.

DenyHosts is a python script that is run on any Linux or BSD based system to help block SSH based attacks. It works to prevent both “dictionary based” and “brute force” attacks. Also provided is a system to synchronize block lists between other users of DenyHosts.

Continue reading for the complete guide…

(continue reading…)

LaTeX – A Document Preparation System

I started using LaTeX for its ease of writing mathematical equations and expression. Anyone who has tried fooling with Microsoft Word’s equation editor realizes that it is time consuming, looks terrible, and will agree that there must be an easier way. That way is LaTeX.

LaTeX is a typesetting tool that excels with many types of documents such as academic journals, books, and complex mathematical formulas. One thing that it is great with is keeping track of references and bibliographies.

(continue reading…)

IPKungFu Firewall and Basic Server setup

IPKungFu is an iptables-based Linux firewall. It aims to simplify the configuration of Internet connection sharing, port forwarding, and packet filtering. — http://freshmeat.net/projects/ipkungfu/

IPKungFu better described as being a smart script that eases creation complex firewall rules. Creating a gateway firewall, internet sharing, or simply setting up a basic firewall are all simple tasks. By default it includes advanced logging, syn-flood protection, and port scanning protection.

photo credit: masochismtango

Continue for the complete guide…

(continue reading…)

I’ve been spending the last weeks finishing up a our redesign of the Nagios Network of sites (Nagios OSS Project, Nagios Community, Nagios Community Wiki). The wiki has been my latest challenge. I started our searching for a skin that was close to what I wanted and found the kindofblue skin. In the end I have ended up rewriting most of the php and css to come up with a fixed width theme that mixes well with the rest of our current look and feel. I will be posting our new theme soon. In the meantime you can check out the fruits of my labor here!

Over the past few days we have been tackling a nasty Cross Site Request Forgery (CSRF) bug in Nagios 3.0.4. With our bug fix I updated the Nagios documentation to include some information on Enhanced CGI Security and Authentication. This is a much needed addition that answers some of the communities questions regarding different ways to secure Nagios. This post will rehash much of what I wrote about in the documentation. There are many ways to enhance the security of your monitoring server and Nagios environment. This should not be taken as the end all approach to security. Instead, think of it as an introduction to some of the techniques you can use to tighten the security of your system. As always, you should do your research and use the best techniques available. Treat your monitoring server as it were the most important server in your network and you shall be rewarded.

(continue reading…)

I just got back from this years NETWAYS Nagios Conference.  It was a huge success.  It was held again at the City Center Holiday Inn, Nuernberg.  Nuernberg is such a great city.  It really makes me sad that I did not have much time to see more of the city.

The Conference itself was really busy.  They had 3 to 4 tracks every session, with at least 1 track being in English.  This really means that I wake up at 8am, conference starts at 9am, ends at 5pm, with 15min breaks between sessions.  After 5pm there is dinner or bars that we then go to and stay till 2am or 3am.  I have to say that I was completely exhausted when I finally got home.

The best part was I finally got to meet many people that I have only communicated with by email.  I was able to hang out with some of the German community members Hendrik, Joerg, Matthias, and Michael one evening.  We had some great talks about Germany, working in Germany, the future of Nagios, with American Politics splattered in there for good measure.

photo credit: Docklandsboy