Archive for the “Terminology” Category

Well with the claim of Anonymous‘ attempt to take down the internet a couple days ago(which they denied), one of the words that keep popping up is

“…the use of computers and computer networks as a means of protest to promote political end”hacktivist. According to wikipedia defines hacktivism as

This is not to be confused with hacktavision, which is hacking your old activision game console to play mame games.

I am curious as to what these people are protesting as all I ever seem to hear is that they are attacking someone to protest something. I personally don’t feel that a protest has as much weight as individuals publicly voicing there opinions. Anonymity seems to fall into obscurity in my opinion. Now if you tell everyone who you are and still hacktivate an attack, always remember, it’s the martyr that gets all the credit.

Further Reading:

 

Comments No Comments »

Post Office Protocol (POP) is one of the protocols used to retrieve mail from an email server. The term is generally used that email is ‘popped’ of the server and stored on the client. The most commonly used version is POP3.

Further Reading:

Comments No Comments »

Contrary to popular media, the CSI has been around for nearly forty years. Their focus is computer and network security, not creating hokey computer references to catch criminals.

Further reading:

Comments No Comments »

According to Apache’s web site for FAQ:

Why the name “Apache”?
The name ‘Apache’ was chosen from respect for the Native American Indian tribe of Apache (Indé), well-known for their superior skills in warfare strategy and their inexhaustible endurance. For more information on the Apache Nation, we suggest searching Google, or AllTheWeb.

Secondarily, and more popularly (though incorrectly) accepted, it’s a considered cute name which stuck. Apache is “A PAtCHy server”. It was based on some existing code and a series of “patch files

I find the use of ‘it’s a patchy server’ to be a misnomer as it could apply to any type of server, whether running apache or not. Check your sources people.

Comments No Comments »

In information technology, a wrapper is data that precedes or frames the main data or a program that sets up another program so that it can run successfully.

  1. On the Internet, “http://” and “ftp://” are sometimes described as wrappers for the Internet addresses or Uniform Resource Locator URL that follow. A set of bracketing symbols (such as < and >, used here to wrap the word “and”) are also sometimes referred to as wrappers .
  2. In programming, a wrapper is a program or script that sets the stage and makes possible the running of another, more important program.
  3. In data transmission, a wrapper is the data that is put in front of or around a transmission that provides information about it and may also encapsulate it from view to anyone other than the intended recipient. A wrapper often consists of a header that precedes the encapsulated data and the trailer that follows it.
  4. In database technology, a wrapper can be used to determine who has access to look at or change the data that is wrapped.

Comments No Comments »

SSH keys are the most effective way to securely shell into your server. In this article we are going to cover creating a SSH key pair. There are a plethora of articles on the net the cover this subject. I suggest reading two or three of them to help understand the process. Creating a SSH key pair is very easy in itself.

Instructions on creating SSH Key pairs are fairly general, so I will explain how I configured the keys for a server.

1. Create the user account on the server and create the same user on the remote system you want to SSH from.

2. On the remote system switch to the user you just created

# su – USERNAME

3. Create the SSH Key pair. You can do this from any directory. Unless otherwise stated, it will default to the /etc/USERNAME/.ssh directory. The are discussions on the differences between RSA keys and DSA keys. They are about the same when it comes to protection, but I like to use DSA keys. RSA is the default so you have to specify DSA if you want to use it.

$ ssh-keygen -t dsa

You will get output such as the following. Some people choose not to use a password, this allows you to ssh into the server without a password, but if someone gets a hold of your ssh key, they can log in to your server without challenge. I suggest using a password, you won’t know any difference than if you used a regular password login.

[vinsane@8bitpipe ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/vinsane/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/vinsane/.ssh/id_dsa.
Your public key has been saved in /home/vinsane/.ssh/id_dsa.pub.
The key fingerprint is:
89:15:93:b8:e5:3e:6e:c8:55:8d:32:d9:8a:d8:87:20 vinsane@8bitpipe.com

4. Copy the public key to the server and rename the public key to authorized_keys in the users .ssh directory.

5. On the local machine change the permissions of the private key to 600; it should be located in the /home/USERNAME/.ssh/ Directory. I’ve found that if you don’t have the home directory for the user open for others to view it, you do not have to do this. The system should tell you if the key is not secure.

And there you have it. A more secure login. You can also go into the servers sshd.conf file and disable password logins, but you will need to bring your key with you if you want to login from other computers. I would suggest a small encrypted usb key used only for you ssh key. Keep it on your key chain in the event you need to login to your server when you are out and about and can’t get back to your main system.

Further reading:

Comments No Comments »

In my perusing of the system I came across the following command: getent. Now most my searches on the system produced the following results.

# whatis getent
getent: nothing appropriate

I was able to use a –help and find the usage of the command. I further looked on the web and found the following manpage at die.net.

getent(1) – Linux man page

Name

getent – get entries from administrative database

Synopsis

getent database [key ...]

Description

The getent program gathers entries from the specified administrative database using the specified search keys. Where database is one of aliases, ethers, group, hosts, netgroup, networks, passwd, protocols, rpc, services or shadow.

Author

getent is written by Thorsten Kukuk for the GNU C Library.

This man page is written by Joel Klecker <espy@debian.org> for the Debian GNU/Linux system, updated by Jakub Jelinek <jakub@redhat.com> for GNU C Library 2.2.2 getent changes.

Well, it would appear that this little gem does not do anything spectacular, but to the contrary a fluid use of this command will save sow command line foo when cutting down the searches in the appropriate file.

For example, lets say you cam across a reference to a port number and wanted to know what it did. Who still uses port 70? So you grep 70 out of the /etc/services directory and get a slew of results, 231 on my system. Sure you can work linjitsu to find only the line you wanted, but using getint you get the following result:

# getent services 70
gopher                70/tcp

It even removes the comment at the end of the line. This is a handy tool in my opinion. Hopefully, you will find a good use for this.

Comments 1 Comment »

Every so often I go back to a terminal, start typing a command and get the following:

Write Error: broken pipe

Admittedly, it is usually my centos server, but I have seen them on long searches that time-out before they finish (don’t forget to use screen).  Since I like to know why the error pops up, I did a little bit of research. According to wikipedia, a write error is “a condition in programming [...] when a process requests an output to pipe or socket, which was closed by peer”.

It is sometimes referred to as a ‘sigpipe’ and I thought that was a nifty term. So basically you tell your local host to send a command down the sigpipe to the remote host, but the remote host has closed the connection. So, you get a broken pipe message.

Comments No Comments »

Wow, over a month and no posts. I’m really slacking. I guess I’ll kick off this fine Monday as I usually do, with some computer lingo. Today’s topic is the term ‘Data Haven’. According to wikipedia the term data haven means:

“a computer or a network that holds data protected from government action by both technical means (encryption) and location in a country that has either no laws, or poorly-enforced laws restricting use of data and no extradition treaties.”

In layman’s term, a data haven is a place where you can dump cracked/pirated/illegal software out of the reach of the law. The idea of data havens were conceptualized in the book Islands in the Net by Bruce Sterling and you can see term pervade the cyberpunk genre. There are organizations in place to protect a person’s intellectual properties, but there are still many nations where a data haven could conceivable be set up.

Further Reading:

Comments No Comments »

Well, I took a few days off to get some rest and now I’m back at the console. Let’s start this week with a little terminology.

I recently had a call to use a fork bomb on one of my systems. A fork bomb is a a simple command, script, or program with the simple job to fork into two processes indefinitely. The most eloquent of which is:


# : (){ : | :& };:


Now a user running this on a Fedora box won’t have too catastrophic of effect.. I think linux knows enough to throttle how many processes a user should be allowed to create and not let them ‘set up us da bomb’. They will have a hard time launching other programs, but the system will remain intact.

Lunching this from root, on the other hand, will freeze your system. I tried to use this to test out Magic Sysrq but it locked up the system and all I could do was reboot.

If you want to try this out, make sure it is not on a production machine.

Further Reading

Comments No Comments »