Security

You sometimes want to check if a program that you've installed is doing anything funky. While you could install a full-blown packet analyser like WIreshark, sometimes, that is overkill. A quicker and handier option would be to just rely on good old netstat. Like so:

netstat -bn 10

as well as

netstat -bf 10

-b: displays the program name (executable)

-n: displays the IP address

-f: displays the resolved form of the IP address

10: indicates that the command should be repeated after 10 seconds

I ran into the following error while running a script that was performing backups of files via rsync over ssh.

error: ssh: connect to host foo.example.com port 22: Connection refused rsync: connection unexpectedly closed (0 bytes received so far) [sender] rsync error: unexplained error (code 255) at io.c(601) [sender=3.0.7]

I ran into the following spiel when I attempted to SSH to a host just now:

I've been trying to .. empower .. the Nagios 3 web interface in Ubuntu/Debian to allow me to turn off service checking at will. I do this when I am checking logs etc. to debug some issue and all the spam from Nagios' polling is getting in the way. Nagios comes with an option to "disable active checks of this service" which when click should, well, disable active checks of the service. Clicking it, however, resulted in the following message:

Nagios is currently not checking for external commands.

The following are some tools I'd like to note down that are handy when it comes to checking server configurations and security:

If you've ever visited a webserver's error page, it will usually state the error followed by information about the server. This will customarily tend to include the webserver software, its version, possibly information about some of the modules compiled in as well as the server's address and port. While this might look generous and helpful, it also allows bad guys as well as other parties to probe the server to find out what it is running as well as other details such as version information. This information can be used for nefarious purposes.

So, if you, like me, have to resort to PuTTY sometimes to SSH into a Linux box, I'm sure that you have also subjected yourself to much gnashing of teeth at the lack of a Windows solution to password-less logins into your server. For the uninitiated, password-less SSH allows you to log into a server without manually authenticating yourself.

Earlier today, I set up a gmail account for an elderly acquaintance of mine. Due to his really forgetful nature, once I created his account, I logged into it and mailed myself the username and password. As soon as I clicked "send" however, I found that I had been logged out of gmail. Trying to log back in proved futile as I was met with a "This account has been suspended" message!

If you're a firefox user (and usually, also a programmer), you've very likely come across situations where you are confronted with an error page while accessing an https address, because the certificate is self-signed. Getting around it involves adding an exception, which requires a multitude of steps ...

My gmail account is also the catchall address for a couple of domains and usually clocks about 2000 - 3000 spam every day. In the aftermath of the McColo shutdown, this number is down to about 150 - 200.

Even if this is a temporary respite, it is still quite heartwarming.

SpamCop's statistical graphs are also a great indicator of spam frequency.