sshwsd - Counteracting brute-force and flooding attacks on SSH

I, like many others, have often been trying to fend off brute-force and flooding attacks against my systems, especially on well-known ports, such as SSH TCP port 22. It's not that I am worried about my systems getting compromised through SSH, for I usually implement RSA key exchange, but I just don't like the idea of someone or something prowling around my digital premises.

Extracting data from systemd journal programmatically

Systemd introduced journald, a utility to centralize and standardize all system/service logs on GNU/Linux systems. This brings several benefits, as well as a few complications. When confronted with the task of getting information about some real-time event occurring at service level, one can opt for stream duplication to the usual file-based log hierarchy or go directly to the source, that is the journal data file itself.

How to disable shutdown and/or reboot for normal users in CentOS 7.1 using Polkit

Polkit is used by several GNU/Linux distributions to provide a simple mechanism to allow for unprivileged processes to communicate with privileged ones. When faced with the task at hand (e.g. in a multiseat environment), polkit is the ideal insertion point where to implement such a rule (prevent normal users from rebooting/shutting down a system). The following solution was implemented on a system running CEntOS 7.1.

Bumblebee with SELinux enabled on Fedora 21

One of the reasons I run Fedora on my latop is that I like the idea that even if it does get cracked into, they still have to get around SELinux for full control. I already had to disable Secure boot in order to install some kernel modules from third parties and I didn't like the idea to have to disable SELinux as well just to support the Optimus architecture used by my ASUS K55VD.

How to Clone a Hard Disk Drive to a Smaller One

This article describes one way to clone a hard disk drive to a smaller one using GParted and Clonezilla. Of course this will only work if the total amount of data present on the bigger drive is less than the available space on the smaller drive, otherwise it is impossible (except maybe by compressing the data, but this is not described here).

Store Backups Safely Using rsync over SSH

The single best practice that can really get you out of trouble is probably proper backups. Fortunately, if you run Linux, you've got all the best tools at your fingertips. Some of them are very specialized, like Bacula and Amanda, but automated and safe backups can be performed with as little as gtar, gzip, ssh and rsync.
GNU tar and zip (gtar, gzip) are quick and easy to use to get the archive assembled and compressed. With that out of the way, the requirement to store backups off-site can be fulfilled as follows.

abuse@amazon EC2

I recently reported an abuse to Amazon EC2 during which an attempt was made to break into one of my boxes from one of their IPs (you actually have to fill in a form). As usual, in the report I included the type of unauthorized activity detected (an intrusion attempt), the originating IP, the day, time and zone when it started, and I also included an excerpt from the log file.

Installation of Drupal 7 on CentOS 6.5/6.6 with nginx and PostgreSQL

Since nginx is not in the official CentOS repository, start installing & enabling the EPEL repository, then install the following packages:

su -
yum install nginx postgresql-server php php-pgsql php-fpm php-gd php-xml php-mbstring

Enable the database to be started at boot, initialize and start the service:

chkconfig postgresql on
service postgresql initdb
service postgresql start

Subscribe to giulix.it RSS