Admining the VPS

Still considered a Linux novice, I’ve had a lot of ups and downs with my VPS. I’ve learnt alot about securing a system however this has been a steep learning curve. Simply put, I could be happy with a shared hosting platform, but also, I wouldn’t.

The freedom of the VPS has allowed me to host just more then a website, but what I have learned along the way is far greater.

Unforseen circumstance has tirelessly taught that having a working backup and a plan is more important then looking at log files and sitting back and relaxing. I currently have a few errors to look into which I hope to fix by the weekend. (mysql seems to like failing occasionally, shutting itself down and requires manual restart)

I’ve also managed to image the live server on to a local VM for testing. ‘Testing’ describing numerous activities including patch upgrades (incase anything breaks), application configuration and also some pentesting.

I would ideally like to look into automatic off site backups, which wouldn’t be too difficult considering the server image isn’t too big at the moment (although my bandwidth would take a hit)

As regards to documentation; I’m not sure how deep to go into recording  changes made to the server, although this would be fairly useful.

Securing Home Routers – Keeping Your Data Safe

Routers are apart of everyday life. Anyone with an active home internet connection has one. It keeps a constant connection to the internet, it allows more then 1 computer to share the same internet connection, it blocks out bad traffic from entering your network, and can perform more sophisticated tasks; share files via FTP over the network and to the wider internet for example.
Your router is filled to the brim with technology but not all of it is safe, even though it might be helpful. Simply buying a router and connecting it up is not enough; like any device, it needs updates and maintenance to have it running well and safely.

All routers are different and it helps to log into your routers settings and familiarize yourself with the options available to you. Not everything you see will be apparent as to what they do so it’s worth noting these down and doing a bit of research yourself.
Additionally a general rule of thumb; if your not using a specific service or option in your router, disable it! Continue reading “Securing Home Routers – Keeping Your Data Safe”

Node-Red: The interesting world of API

The pi I have running at home had accumulated alot of updates. Anyone who owns a pi can tell you that a small collection of updates can take an exceedingly long time to complete. About 20 minutes into the upgrade, I noticed apt stalling on one particular package : node-red. Knowing that it’s not usually included in a standard installation, I did some digging and found something interesting.

Node-red is a graphical wiring program that allows you to do some cool things with different API’s. I mean, really interesting things.

Starting it up for the first time, it listened to port 1880 and told me to connect via a browser. What then arose was a brilliant piece of technology.

A scratch like interface with pastel coloured buttons and brief descriptions about their purpose filled the left colomn. Those are, as I understand, the nodes. Simply dragging and dropping these building blocks and linking them up felt seamless; some functional boxes for different languages such as html, xml and json. Switches to initialise case logic, splitters to manipulate the direction of data and in and out nodes for twitter implementation. Also for the pi, nodes to make use of gpio pins for muchly anything you can think of. This is for the makers. Brilliant.

To my surprise (and burden however), there’s not a great deal of documentation that I could find for this platform. There a few tutorials for the very basics but when it came to slightly more complex stuff, it’s almost non existant. Either way, I plugged on and crafted a twitter bot as an excersise; expanding on some of the basic tutorials on YouTube. My first small ‘flow’ was a program that pinged to a network address and recorded the time and latency in a text file. Pretty low grade but if I wanted to, I could expand to tweet myself a message if the ttl lapsed.

I’m still unsure of the language used in main function block, it looks like java (being objective) but I don’t know enough about it to know exactly. I would like to make my @awkwardbot_ a bit more intelligent but will need to dig deeper into this exciting framework.

SSH bruteforce; change in direction?

One thing that I like to do is read. Stephen King, probably makes up for the majority of fiction I’ve read. Closely followed by Andy McNab, Stieg Larsson and Dan Brown (in no particular order). I like non-fiction too but mainly in the sciences; our treasured Prof. Stephen Hawking (should be knighted), the great Carl Sagan and the inspirational Prof. Brian Cox. I’m sure there’s more unbeknownst yet to make it to my shelf.

However, there’s only really one 100% reliable news page that I have the occasional binge on. Found in  /var/auth.log, this page has it all. Drama, frustration, desperation, success, comedy. Strangely enough, I can genuinely associate these human emotions to this silly little file. Today I will talk about both comedy and perhaps some terror too.

I like to filter the news for most of the comedy.

sudo grep "Invalid user" /var/log/auth.log

Ethen, ftp, 1111, recruit, allison, xbian, uwot, support, hadoop, test, guest, admin, jonah (my fave) … the list literally goes on. Incredible to think that these bots or people have probably cracked open a server using those names before and have been successful? Maybe. Or maybe they are trying to think outside the box. I can literally spend a day trying to understand the reason behind those user names and still be clueless. Hilarious! Jonah.

But it’s the most obvious of them all that worries me. Admin, root, and pi. The latter being the most obtainable. Pi. The default username for a main linux flavour. And maye more.

It’s scary to think that easy to follow guides for home VPN’s, plex, cloud software, ftp, webserver (the list goes on..), may not always be security conscious and may not always instruct the user to change default username, let alone the password or enabling firewall. Lets hope, for their sake, time is spent to secure a home internet facing host and does not help to breach their home networks. Sobering.

Internal Storage – A Ponder At Prices

Anyone in the market for a harddrive at the moment may be having a hard time. It’s not as simple as it once was; you’ll be looking at many different factors.

Speed, reliability, capacity, bus interface, and more importantly price.

You’ll have an even harder time if you already have an SSD and a traditional harddrive. If the SSD fails, it’s a no brainer. But how about if your HDD is on the way out? What do you replace it with? This question is what I’m asking.

For the time being, I’m negating alot of the variables that’s been mentioned and just focusing on price. I’ve trawled through almost all the harddrives on one particular UK computer retailer and started to play around with the numbers. I’ve concentrated again on only SATA devices as they are my most likely replacement.

On average, they all look to be on a linear price point when it comes to GB per £; except those of smaller capacity. At this level, I am talking about the jump in price of HDD 0.5 – 1tb and in SSD, 60-120 GB. in both cases, the “sweetspot” is the latter with a small jump in price for double the capacity. It’s both weird and confusing to think there is a genuine demand for a lesser product. It’s not so obvious in the following graph as this is a combined average of many products in the same category.

Comparison of SATA drive prices – December 2016

Again, there are 2 more interesting points with this graph. The jump in price for SSD products around the 1TB capacity and the striking difference between capacity of the top end scales of both SSD and HDD. SSD has yet, a long way to go.

Now lastly, I have picked desktop grade components for these results with a mixture of both top and bottom end products. Some lines of drive had really poor reveiws and others, really good. They were all sourced from the same site and in my veiw gives use an accurate comparison of prices in the UK.

This may well be day and night for some, but it will be interesting to do another comparison in a year to see how far things have moved forwards. If someone were to tell me we’re at a data crossroads, I couldn’t deny that.