/dev/random

A few months ago, I posted an article about how to add extra logging facilities to the Bash shell. For specific users, it can be useful to have a complete history of their activity on your server (for audit purposes). The first release candidate of Bash 4.1 is available for a few days. Good surprise, [...]

The very first version of the UNIX operating system was born in Augustus 1969! Its early name was Multics (“Multiplexed Information and Computing Service“). Years after years new branches started to build a huge family of different operating systems, all of them descending from the same origin. It has always been my preferred environment and [...]

I’m just back from the last ISACA Belgian Chapter meeting. Topic of today was about the UNIX OS security audit process. A very large topic! The speaker was Sanjay Vaid.
For years now, Linux is deployed in business environment. Linux systems can take several forms: applications servers (print, files, web, mail) but also firewalls, routers, identity [...]

On UNIX systems, log files are everywhere. Application are often very verbose (which is good!) but keeping an eye on logs can quickly become a nightmare!
I’m a big fan of the tail command, specially the “-f” flag which does not stop the command once the end of file is reached but, instead, wait for additional [...]

For those who still ignore, Bash 4 is out for a few days! Bash is the most used shell on UNIX hosts. Bash has a built-in mechanism to save a log of all commands executed by the user (default in $HOME/.bash_history) but this file belongs to the user itself and can be altered or removed [...]

Here is a quick and dirty bash script which will take care of your files integrity. Integrity is a component of the CIA triad, I’ll not come back on this.
For a personal project, I should be able to monitor any change in a specific file. I quickly wrote the code below. Nothing fancy, straight to [...]

I got my new corporate laptop today, a Dell Latitude E6500, very nice computer. Working as a security consultant, I’m always on the road, connecting my laptop on customers or evil (free Wi-Fi access point or conference) networks . Fortunately, my company allows consultants, if they want, to manage their laptop by themselves (operating system [...]

Found on Korben’s Blog, a nice way to generate a random password on UNIX:

# < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8
tOULPeOk

Just create an alias for a more convenient day-to-day use:

# alias gen_pw=’< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8′
# gen_pw
wbk0ewpn

Note: this works only with the GNU version of head. Solaris or BSD versions have [...]

HP announced that the AdvFS source code will be made open source. A few years ago, I worked with Tru64 and AdvFS. It was a wonderful file system but, unfortunately, Tru64 development stopped after the Compaq take over by HP. Let’s hope that the AdvFS source code will provide benefits to the whole open source [...]

Michael Boelen announced today a new release of his tool called Lynis dedicated to UNIX specialists. Michael is also the developer of RootKit Hunter.
Quote from the homepage: “Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for [...]