Your machine and it’s code

So I’ve been thinking a lot of late about machines, exploits and how to stop this sort of thing. I’ve been in situations where developers have created “stuff” on production machines and then left the company. The problem then becomes interesting if that code does not work with an up dated version of the software say wordpress, drupal or the operating system.

Urban dross

Your then in a situation (if the machine is a web server or open and available on the net) where about the only thing you can do is lock down the firewall and harden the old un patched OS and hope that no one finds a way in / attacks the machine.

It’s always good to have at least 2 people who understand custom code in any company especially if you have a number of web servers to mange. But even then re building something and re creating that functionality is not always easy – and management need to be aware of the fact that this will take time and cost money.


So if that keen shiny developer comes along one day promising you a widget that will sell your own grandmother and only cost you a few hundred bucks worth of con-sultan fees, my advice is to run screaming from the room.

The up shot I’m trying to put to you? Have the ability to own your own code – because if you don’t and if it gets hacked or is found to be vulnerable it’s going to cost you!

A simple approach is best – easier management and long term savings.

Happy new year and some update news!

Well happy new year and I hope that you have had a happy and safe holiday season! I’ve made a few minor changes to my sshfail project. For those of you who don’t know what that’s about have a look at this old post. In a nut shell it’s a script to generate a report that looks at the number of unsuccessful attempts to attack your machine if you have ssh enabled. It also creates a list of the ip address that generate this may hem and it’s darn educational.

My own experience is that the the machine fights back anything from 3 to 6 thousand attempts a day to hack it!  I’m making an assumption that the bigger sites – targets may be taking more flac than that. It’s sobering and sad that this is the state of the internet today. SO be careful out there and secure your machines.

Oh and the pic I’ve included – well stay tuned it’s an exciting arduino pi based project that I may let you all in on soon. But it’s secrete and in testing at the moment!

Hope you all have a most amazing 2018 and that you stay safe and happy.

Kind regards & have fun!

Steve Abrahall

PS for those of you who might like to run – play with the script hear is the source code.https://github.com/nevetsanderson/sshfail

if you have Git installed just cd to your home and run the following.

git clone https://github.com/nevetsanderson/sshfail.git

 

 

 

Write an iso to an external drive from Mac os X

 

A quick cheat!

Running an ios based installer from a hard drive, instead of from a usb can often be faster and is useful if you have a swag of machines to re image and esata is a lot faster than say usb V2. I’ve needed to do this a few times but I often spend far to much time looking for the information. So, Now I’ve written this little cheat!

First run this

diskutil list

This will give you a list of drives and the result will look a little like this

/dev/disk2 (external, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:                                                   *80.0 GB    disk2

As you can see hear the disk attached I want to write to is /dev/disk2
The command to use is

sudo dd if=linuxmint-18.2-cinnamon-64bit.iso of=/dev/disk2 bs=1m

This will write the contents of the iso the the external drive

Break down of the command

dd if={path_to_iso_image} of/dev/{location of device you want this written to} bs=1m

Enjoy