Its making the tours but its just so much fun to get a raw password file. With the recent password compromise from LinkedIn, you can readily find a copy of the raw file posted online and check if your password is in there. And there's a site if you want to just punch in guesses:
http://leakedin.org/
Its pretty fun ;)
Nothing else to say here, really. I've posted about storing passwords. Use a password manager, generate a random password for each site, and make a large haystack from a short password by using arbitrary but simple patterns to extend the length of a complex password.
"lollerskates" is in that cracked file :P
Friday, 8 June 2012
Saturday, 7 April 2012
Windows Server 8 Proudly Joins 5 Years Ago
I've been poking around a bit to try to get some idea of Windows 8 might be an enticing upgrade in the workplace. I haven't been following too closely so there may be features I'm missing but here's what I've found so far.
On the desktop - no benefit. New Metro UI is the biggest change and it's primarily a touch-screen friendly interface suitable for tables or smartphones. Not at all for a "working" desktop where you might want to do more advanced tasks such as using a word processor or a spreadsheet. And since Microsoft's plan to compete in the smart phone market is to first surpass Blackberry mostly by waiting for RIM's demise as BlackBerry use hits 0, Metro is irrelevant before even getting out the door.
On the server - a lot of big benefits and well worth the upgrade. Windows Server 8 looks to be a big step forward from the late 20th century and into the early part of the 21st century. This PC Mag article from the fall gives a pretty good breakdown. I won't re-hash the author's well written piece and just go for the jugular here.
On the desktop - no benefit. New Metro UI is the biggest change and it's primarily a touch-screen friendly interface suitable for tables or smartphones. Not at all for a "working" desktop where you might want to do more advanced tasks such as using a word processor or a spreadsheet. And since Microsoft's plan to compete in the smart phone market is to first surpass Blackberry mostly by waiting for RIM's demise as BlackBerry use hits 0, Metro is irrelevant before even getting out the door.
On the server - a lot of big benefits and well worth the upgrade. Windows Server 8 looks to be a big step forward from the late 20th century and into the early part of the 21st century. This PC Mag article from the fall gives a pretty good breakdown. I won't re-hash the author's well written piece and just go for the jugular here.
- "Intellisense Powershell" lets administrators auto-complete in PowerShell. Big benefit, must-have, and has been readily available to bash and zsh users in Linux-based operating systems for a long long time. Seriously - get real! Microsoft has only just started down the road of a headless server OS path where automation can truly scale out operations and they have a lot of ground to cover. This is our first example of the Microserfs pulling their heads out of <the ground> and look at what's going on outside their <world>.
- "Live Migration" lets Hyper-V guests be moved without disruption to new hosts. I can't honestly say I'd touch Hyper-V without some sort of hazmat suit on. Seriously, this is a "new" feature for Microsoft? VMware vmotion has be been doing this for vmware customers for a while. Yes, Hyper-V is free and VMware is paid, but with Hyper-V you're not getting your money's worth. Maybe if VMware doesn't innovate at all for the next decade, Hyper-V will catch up enough to make it a viable option for anything other than a test lab or party tricks.
- "NIC Teaming" oddly I don't consider a "must-have", but this would be a feature possibly 20 years or more behind the times. Hardware independent NIC teaming for bandwidth agreggation and fault tolerance has been the norm on any network operating system outside Microsoft Windows since, well, forever. Where MS admins have historically depended on NIC vendors' drivers to provide this functionality to date, there at least is a path to do this in Winblows so though this is an important feature, I wouldn't buy Windows Server 8 specfically for it.
- "Claim Definitions" is a feature that allows sensitive files to be tagged as confidential, for example and access can be based on these "claim definitions". I have no gripe here - sounds like "access control lists" based on tags. I'd like to see how flexible this functionality is but even as-is can be an important tool under Windows 8.
- "Flexible Deployment" means that you can install Windows Server "core" (the stupid headed "headless" install we know from Windows Server 2008) and then, wait for this shocker.... Upgrade to full at a later time. #facepalm I mean, seriously? You've got Ubuntu users who do in-place one-click upgrades across major versions, RedHat Enterprise Linux admins who will generally install headlessly just to get a box up and then add in all the features including the GUI in their default software package manager tool, but Windows Server users are only now going to be able to add the full Windows install into core without reformatting? Maybe with Windows 25 in the year 2050, Microsoft will shock and amaze us by letting their users get software updates for their application all from a common update utility rather getting random prompts every other day to update all the plethora of third-party applications and utilities they have installed just to make their computer usable (actually, this will never happen...).
Wednesday, 29 February 2012
Rolling out of nested shells
I just realized that if I'm really lazy, I can stick && exit after everything to dump me out of all my nested shells after a program completes.
ssh <whateverhost> && exit
sudo -i && exit
for item in list ; do someprocessing ; done && exit
Monday, 27 February 2012
PC apps are dead?
I've been looking around from time to time for an app which would let me scan books from our collection at home and build a digital library - most useful for loaning books. I never found much on a PC, I did find
https://market.android.com/details?id=com.eleybourn.bookcatalogue&feature=also_installed#?t=W251bGwsMSwxLDEwNCwiY29tLmVsZXlib3Vybi5ib29rY2F0YWxvZ3VlIl0.
In short - yes, apps for desktop seem to be pretty much dead. I can't think of the last time I found a usable desktop application. At most, it's browser plugins like Nagios Checker. There are some "rich" applications or system management applications with rich clients, like InterMapper, but generally it's all web UI.
As Martha says, "It's a Good Thing".
https://market.android.com/details?id=com.eleybourn.bookcatalogue&feature=also_installed#?t=W251bGwsMSwxLDEwNCwiY29tLmVsZXlib3Vybi5ib29rY2F0YWxvZ3VlIl0.
In short - yes, apps for desktop seem to be pretty much dead. I can't think of the last time I found a usable desktop application. At most, it's browser plugins like Nagios Checker. There are some "rich" applications or system management applications with rich clients, like InterMapper, but generally it's all web UI.
As Martha says, "It's a Good Thing".
Sunday, 29 January 2012
Charting Systems Using Cacti
There are a lot of great monitoring tools out there. I've posted many times before about Nagios and I could post still more on this great tool, but it's not the only tool I use. Another one is Cacti which is an excellent tool I've also mentioned before and it is mostly for graphing system resources.
Out of the box, Cacti will give you a lot of the basics especially when combined with SNMP. Disk usage, network interface usage, CPU, and memory. But what I really like about these great Open Source tools is that there are extensions readily available from the F/OSS community. With Cacti, you can extend by getting new host templates and data queries (and more). Here are some examples.
Disk IO - this is a new data query that tracks disk IO usage either in IOPS or MB/s. This is one of the simplest examples of how you can extend cacti. It comes as a xml file defining an SNMP query which you copy into your resrouces/snmp_query installation folder and as a data query template which you import through the Cacti UI. Once you've done this quick installation, you can add the disk io checks to any SNMP enabled host you are already tracking.
Dell PowerEdge Environment - this is another simple example which is the same as the Disk IO in that it is an SNMP query plus a data query template but there's 3 checks it adds. System ambient temperature, fan speeds, and system voltages. Its a great example of how Cacti as a generic tool can be tuned to target your specific operating environment whether you're a Dell shop, HP shop, or otherwise.
APC UPS Daemon - Another example of an application specific example. This one comes as a host template so its a collection of checks you can use to capture all the data queries on a host using APC UPS Daemon. A great example of where F/OSS tools *far* exceed the stock or closed-source tools provided by vendors. Rather than these cheesy brief inflexible views of how your system works as provided by APC that require overly large utilities to be installed, its quick, lightweight, and much more flexible to use the F/OSS tools.
Cacti is another of these great tools that works well in conjunction with other tools to give system administrators great insight into the operation of their network.
Out of the box, Cacti will give you a lot of the basics especially when combined with SNMP. Disk usage, network interface usage, CPU, and memory. But what I really like about these great Open Source tools is that there are extensions readily available from the F/OSS community. With Cacti, you can extend by getting new host templates and data queries (and more). Here are some examples.
Disk IO - this is a new data query that tracks disk IO usage either in IOPS or MB/s. This is one of the simplest examples of how you can extend cacti. It comes as a xml file defining an SNMP query which you copy into your resrouces/snmp_query installation folder and as a data query template which you import through the Cacti UI. Once you've done this quick installation, you can add the disk io checks to any SNMP enabled host you are already tracking.
Dell PowerEdge Environment - this is another simple example which is the same as the Disk IO in that it is an SNMP query plus a data query template but there's 3 checks it adds. System ambient temperature, fan speeds, and system voltages. Its a great example of how Cacti as a generic tool can be tuned to target your specific operating environment whether you're a Dell shop, HP shop, or otherwise.
APC UPS Daemon - Another example of an application specific example. This one comes as a host template so its a collection of checks you can use to capture all the data queries on a host using APC UPS Daemon. A great example of where F/OSS tools *far* exceed the stock or closed-source tools provided by vendors. Rather than these cheesy brief inflexible views of how your system works as provided by APC that require overly large utilities to be installed, its quick, lightweight, and much more flexible to use the F/OSS tools.
Cacti is another of these great tools that works well in conjunction with other tools to give system administrators great insight into the operation of their network.
Friday, 30 December 2011
Storing Passwords
The most effective way to manage your passwords for personal or professional use us to use a password manager. This allows you to manage unique logins for all the different resources you access (bank vs email vs general forums vs ...) and only have to maintain one master password. Pick a reputable password manager, like KeePass, and remember that backing up and restoring your password database is critical.
Keeping electronic copies is fine, but also consider keeping a hard-copy as well in a relatively secure location. One suggestion is that you print off your passwords every time you change your master password (annually is pretty minimal) but write that master password down on the print out so you can recover it if you forget it! Useful if you do cycle your master password frequently.
Keeping electronic copies is fine, but also consider keeping a hard-copy as well in a relatively secure location. One suggestion is that you print off your passwords every time you change your master password (annually is pretty minimal) but write that master password down on the print out so you can recover it if you forget it! Useful if you do cycle your master password frequently.
Friday, 16 December 2011
WiFi Routers and NAS
The last time I bought a new router was when the Linksys WRT54G was "the king" of home WiFi routers - and mostly because you can replace the useless stock firmware with DD-WRT. Otherwise, it was "a router". At the time, 4 years ago, which is like many generations in Internet time, you had to manually setup security on your WiFi AP still so you saw lots of open WiFi hot-spots like "Linksys" or "Dlink" around. Then the WiFi router manufactuers started providing security setup as part of their setup wizard so you see more SSID customization and security enabled. Now, apparently, everyone auto-configures security with a magic button called "WPS". Then you've got other features USB ports so you can run a file-server from a USB drive or print server and "guest networking" so you can isolate isolate your workstations from other users.
"WPS" - WiFi Protected Setup is definately a cool feature. It comes as a button on the router so when you press the button, its like the router goes into a sort of "security auto-config mode". WPS, if its supported on your client (I assume it's a software install), will then automatically configure your client and your router with strong security settings. It means no more default passwords and streamlining the security options for users who frankly don't need to have "WEP" as an option.
[Edit: WPS is broken and should be disabled on all routers that support it according to SANS.]
Guest networking is another cool feature on some routers. It is a separate SSID for, well, guests to use your WiFi from. It is isolated from your main network so that guests won't have access to, for example, your network attached printer or to your media collection you stream from your laptop to your television. This is just so cool for people who may be sharing their Internet connection with their neighbours or roommates but just don't want their surfing habbits to infect their own systems :)
And the USB ports. Many routers seem to have one or two USB ports on them which is interesting, but what's more interesting is what you can do with them. A lot of new routers have built-in file servers so as soon as you attach some storage, you can share files and folders from it to the PCs on your network. How convenient is that? Some routers have more sophisticated web interfaces than others and let you specify which folders are or aren't shared - but either way, if you're buying a new WiFi router anyhow and you get this feature, it means you get a functional NAS for the cost of a USB key or USB attached hard drive! *And* some routers are starting to come out with USB 3 - SuperSpeed USB which if you consider these routers have not only 802.11n speed on the WiFi but also Gigabit speed for the network ports, is an awesome feature.
And that's not the only thing you can do with the USB port - some routers will also act as a print server! So you attach your generic USB printer to the router, and it's now a network printer you can print to from any laptop or PC in the house. Talk about great value-added feature! I love it!
And did I mention that new routers are all now wireless N with Gigabit LAN interfaces? WiFi is still garbage and a ways away from being reliable outside very small deployments, but N is an improvement over previous specs. Interestingly, I found out the other day as well that if you run your router in "dual band" to support both N and G clients, your wireless speeds on both N and G suffer. So ironically if you have any wireless G clients, unless you really need your N devices to run at "slightly faster than G but nowhere near N speeds", you should still run G only.
Cool beans! I'm liking some of the features I'm seeing on the box these days from some of the WiFi routers. A nice change from the utter crap they used to shlep out where the only smart thing to do was check if you you run a custom firmware on the device and replace the junk software sold with it.
[Edit: WPS is broken and should be disabled on all routers that support it according to SANS.]
Guest networking is another cool feature on some routers. It is a separate SSID for, well, guests to use your WiFi from. It is isolated from your main network so that guests won't have access to, for example, your network attached printer or to your media collection you stream from your laptop to your television. This is just so cool for people who may be sharing their Internet connection with their neighbours or roommates but just don't want their surfing habbits to infect their own systems :)
And the USB ports. Many routers seem to have one or two USB ports on them which is interesting, but what's more interesting is what you can do with them. A lot of new routers have built-in file servers so as soon as you attach some storage, you can share files and folders from it to the PCs on your network. How convenient is that? Some routers have more sophisticated web interfaces than others and let you specify which folders are or aren't shared - but either way, if you're buying a new WiFi router anyhow and you get this feature, it means you get a functional NAS for the cost of a USB key or USB attached hard drive! *And* some routers are starting to come out with USB 3 - SuperSpeed USB which if you consider these routers have not only 802.11n speed on the WiFi but also Gigabit speed for the network ports, is an awesome feature.
And that's not the only thing you can do with the USB port - some routers will also act as a print server! So you attach your generic USB printer to the router, and it's now a network printer you can print to from any laptop or PC in the house. Talk about great value-added feature! I love it!
And did I mention that new routers are all now wireless N with Gigabit LAN interfaces? WiFi is still garbage and a ways away from being reliable outside very small deployments, but N is an improvement over previous specs. Interestingly, I found out the other day as well that if you run your router in "dual band" to support both N and G clients, your wireless speeds on both N and G suffer. So ironically if you have any wireless G clients, unless you really need your N devices to run at "slightly faster than G but nowhere near N speeds", you should still run G only.
Cool beans! I'm liking some of the features I'm seeing on the box these days from some of the WiFi routers. A nice change from the utter crap they used to shlep out where the only smart thing to do was check if you you run a custom firmware on the device and replace the junk software sold with it.
Subscribe to:
Comments (Atom)