itech9

From: http://rcsg-gsir.imsb-dsgi.nrc-cnrc.gc.ca/documents/internet/node31.html

ssh-keygen is used to generate that key pair for you. Here is a session where your own personal
private/public key pair is created:

cantin@sodium:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/cantin/.ssh/id_rsa):
Enter passphrase (empty for no passphrase): <– press Enter…
Enter same passphrase again: <– press Enter again ..
Your identification has been saved in /home/cantin/.ssh/id_rsa.
Your public key has been saved in /home/cantin/.ssh/id_rsa.pub.
The key fingerprint is:
f6:61:a8:27:35:cf:4c:6d:13:22:70:cf:4c:c8:a0:23 cantin@sodium

The command ssh-keygen -t rsa initiated the creation of the key pair.

No passphrase was entered (Enter key was pressed instead).

The private key was saved in .ssh/id_rsa. This file is read-only and only for you. No one else must see
the content of that file, as it is used to decrypt all correspondence encrypted with the public key.

The public key is save in .ssh/id_rsa.pub.

In this case, the content of file id_rsa.pub is

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEArkwv9X8eTVK4F7pMlSt45pWoiakFkZMw
G9BjydOJPGH0RFNAy1QqIWBGWv7vS5K2tr+EEO+F8WL2Y/jK4ZkUoQgoi+n7DWQVOHsR
ijcS3LvtO+50Np4yjXYWJKh29JL6GHcp8o7+YKEyVUMB2CSDOP99eF9g5Q0d+1U2WVdB
WQM= cantin@sodium

It is one line in length.

Its content is then copied in file .ssh/authorized_keys of the system you wish to SSH to without being
prompted for a password.

The example shown here generated keys on sodium by user cantin. If the public key generated,
file .ssh/id_rsa.pub, was copied to your account, file .ssh/authorized_keys on nickel.sao.nrc.ca, then
user cantin@sodium is allowed to SSH into your own account on nickel.sao.nrc.ca without the use of
a password.

To summarize, a personal private/public key pair is generated using the ssh-keygen command.
The public key is then copied onto a remote systems’ .ssh/authorized_keys file. And you can
now SSH to the remote systems’s account without the use of a password.

The sysctl Interface
September 1st, 1997 by Alessandro Rubini in

A look at the sysctl system call that gives you the ability to fine tune kernel parameters.

http://www.linuxjournal.com/article/2365

Use the “free” command:

$ free [-k]

     total               used               free         shared       buffers         cached
Mem: 127176         122416             4760                     0           21200           67972
-/+ buffers/cache:          33244          93932
Swap:                       0                   0                   0

The real “available if memory full” number is 93932 in the “-/+” line .

If free memory falls too much, Linux will use memory from cached area.

For more details, see:

$ cat /proc/meminfo

MemTotal:             127176 kB
MemFree:                4704 kB
Buffers:               21204 kB
Cached:                68032 kB
SwapCached:                0 kB
Active:                84412 kB
Inactive:              17952 kB
SwapTotal:                 0 kB
SwapFree:                  0 kB
Dirty:                    44 kB
Writeback:                 0 kB
AnonPages:             13148 kB
Mapped:                11988 kB
Slab:                  18068 kB
SReclaimable:          15372 kB
SUnreclaim:             2696 kB
PageTables:              324 kB
NFS_Unstable:              0 kB
Bounce:                    0 kB
CommitLimit:           63588 kB
Committed_AS:          19120 kB
VmallocTotal:         385024 kB
VmallocUsed:             640 kB
VmallocChunk:         384376 kB

Chapter 5. Cryptography 6

Confidentiality 9
Integrity 9
Authentication 9
Nonrepudiation 10

Cryptographic Concepts, Methodologies, and Practices 11
Symmetric Algorithms 11
Asymmetric Algorithms 12
Message Authentication 13
Hash Functions 13
Digital Signatures 13
Key Length 14
One-Time Ciphers 14
PKI and Key Management 15

Methods of Attack 15
General Attacks 16
Ciphertext-Only Attack 16
Known-Plaintext Attacks 17
Chosen-Plaintext Attacks 17
Chosen-Ciphertext Attacks 17

Specific Attacks 17
Brute-Force 17
Replay Attacks 18
Man-in-the-Middle Attacks 18
Meet-in-the-Middle Attacks 19
Birthday 19

Chapter 6. Security Architecture and Models 33

Security Models 40
Bell-LaPadula 40
Biba 42
Clark-Wilson Model 42
Access Control Lists 43

Security System Architecture 45
Reference Monitor 45
Open Versus Closed Systems 46
Security Principles 47
Security Modes 48
Labels Versus Access Control Lists 48
Covert Channel 49

Information System Security Standards 50
TCSEC-The Orange Book and the Rainbow Series 51
Orange Book Classifications 51
Criticisms of Orange Book 53
Rainbow Series 54
Information Technology Security Evaluation Criteria 55
Differences Between the Orange Book and ITSEC 55
The United Kingdom Information Technology Security Evaluation and Certification Scheme 56
Table 6.5. ITSEC Levels 56
Common Criteria 58
What Is Common Criteria? 58
Part 1: Introduction and General Model 59
Part 2: Security Functional Requirements 60
Part 3: Security Assurance Requirements 61
Evaluation Assurance Packages or Levels 62
Areas Not Addressed by the Common Criteria 62

Table 6.6. Standards Comparison 63
IPSec 64
Uses for IPSec 64
Architectural Components of IPSec 65
Case Study: C2 and Windows NT 66

Chapter 7. Operations Security 81

Examining the Key Roles of Operations Security 86
Identify Resources to Be Protected 86
Identifying Privileges to Be Restricted 86
Identifying Available Controls and Their Types 87
Table 7.1. Control Types 89
Describing the OPSEC Process 89

The Roles of Auditing and Monitoring 93
Using Logs to Audit Activity and Detect Intrusion 93
Table 7.2. Windows 2000 Logs 94
Detecting Intrusions 95

Penetration Testing Techniques 100
Figure 7.4. Using Whois to find the IP address of the Web server. 101
Figure 7.5. Using ARIN Whois to enumerate the network. 103
Developing Countermeasures to Threats 105
Risk Analysis 105
Threats 105
Table 7.4. Employee Job Duties, Access Level, and Risk 107
Countermeasures 108
Establishing Countermeasures for Employee-Related Threats 109
Including Countermeasures in Hiring and Firing/Exit Practices 110
Gruntling Program 112
Countermeasures for Common Internet-Based Threats 113
Countermeasures to Physical Threats 113
The Role of Administrative Management 114
Table 7.5. Certifications for Security Managers 115
Concepts and Best Practices 116
Privileged Operation Functions 116

Understanding Antiviral Controls 118
Protecting Sensitive Information and Media 119
Change Management Control 120
Case Study: The Russian Hack Attack 123

7.1. Best Practices for Fax Services 127

Chapter 8. Business Continuity Planning and Disaster Recovery Planning 140

What Are the Disasters That Interrupt Business Operation? 146
Quantifying the Difference Between DRP and BCP 148
Examining the Business Continuity Planning Process 150
Determining the Plan’s Scope 151
Business Impact Assessment 151
Gathering and Charting Information 152
Validating the Process 154
Reporting 155

Reviewing Insurance 157
Planning for Insurance Claim Processing 158
Providing Item Recovery Details 159
Implementing the Plan 160
Testing the Plan 160
Maintaining the Plan 161
Defining Disaster Recovery Planning 162
Recovering Data Processing 162
Determining Recovery Plan Scope 162
Creating Antidisaster Procedures 163
Listing Necessary Resources: Process and Site Selection Criteria 164
Emergency Response Procedures 164
Creating Step-by-Step Instructions 165
Recording Important Contact Numbers 166
Restoring Data Processing 166
Developing a Backup Strategy 167
Backup Procedures and Policy 168
Figure 8.1. Full weekly backup with daily differential. 169
Figure 8.2. Full weekly backup with daily incremental. 170
Vital Records Program 171
Hardware Backups 171
Alternative Sites 172
Case Study: Does Business Continuity Work? 175

From http://goldenink.com/perl/perldebug.html

perl -w myprogram

perl -d myprogram

* c (continue) - start program (or continue from breakpoint)
* l - lists the next few lines
* p [variable name] - print the value of a variable
* q - quit.
* r - returns from current subroutine
* n - executes the next statement at this level
* s - The step command - just hit enter to repeat the command. 
* b - Set a breakpoint - "b n" for line "n", see other conditional breakpoints.

Pattern used to manage resources when a single instance of one is required
to coordinate actions across an application.

From http://en.wikipedia.org/wiki/Singleton_pattern

The simplest way:

public class Singleton {
   private static final Singleton INSTANCE = new Singleton();
 
   // Private constructor prevents instantiation from other classes
   private Singleton() {}
 
   public static Singleton getInstance() {
      return INSTANCE;
   }
 }

The ‘lazy loading’ way.. by Bill Pugh (static code analysis with FindBugs and more..)

public class Singleton {
   // Private constructor prevents instantiation from other classes
   private Singleton() {}
 
   /**
    * SingletonHolder is loaded on the first execution of Singleton.getInstance() 
    * or the first access to SingletonHolder.INSTANCE, not before. (lazy!)
    */
   private static class SingletonHolder { 
     private static final Singleton INSTANCE = new Singleton();
   }
 
   public static Singleton getInstance() {
     return SingletonHolder.INSTANCE;
   }
 }

To get the list of files included in
a particular cvs commit use this:

cvs -q log -SR -r@{commitid}

To get the list of files changed between
tags use this:

cvs -q rdiff -s -r TAG1 [-r TAG2] module

If TAG2 is omitted, the current version is used.

To get a list of files changed since “date”:

cvs history -c -a -D [date]

where [date] can be 2008-12-19 or 12/19/2008

AJP = Apache JServ Protocol

Interface to the Tomcat application server to be used with a
front end web server for proxy and load balancing.

If the Apache web server is used, the mod_jk module is the
interface to AJP from the web server to the application server.

http://en.wikipedia.org/wiki/Apache_JServ_Protocol

• — tcpdump
  — Example:
  tcpdump -enqti eth0 \( arp or icmp \)

  -e Print the link-level header on each dump line.

  -n Don’t convert addresses (i.e., host addresses, port numbers, etc.) to names.

  -q Quick (quiet?) output. Print less protocol information so output lines are shorter.

  -t Don’t print a timestamp on each dump line.

  -i Listen on interface.

• — ping
• — netstat -lptun

  l = listening sockets (-a for all), p = show program (app), t = tcp, u = unix, n = numeric address.

• — arp
  — Example:
  arp -ne
• — route
• — traceroute

From

http://www.ibm.com/developerworks/web/library/wa-phprock3/

Variable references

Static variables

Dynamic function calls