My web wanderings

HOWTO: Configure Ubuntu for Active Directory Authentication - DeveloperNet

Two articles I need to read and put into practice.
CLI Magic: rsync for backups
CLI Magic: rsnapshot

This app allows auditing and security.

Article #1
Article #2
Article #3

Linux.com | Creating a project dashboard with RSS and rawdog

The Ten Commandments of system administration, part I

Part 1. Backups!!

A look at Microsoft’s internal SDL with the new Trustworthy Computing initiative.

Hacking Google for fun and profit

Information of the new homeland security badge. We are looking for something similar at work.

An in-depth exploration of the art of shell scripting
By: Mendel Cooper

Security Insights MS Security Architect

By Richard Bejtlich

XSS (Cross Site Scripting) Cheatsheet: Esp: for filter evasion - by RSnake

This is going to come in handy during my pen test of our web site.

IIS 6 Peformance Paper - Worth the read

By Brett ‘brett’ Hill on IISFAQ Front Page

Papers from Microsoft are often hit and miss. Some are stellar and some are overbroad overviews filled with marketing jargon. This one, however, is well worth the read. He’s an excerpt from Web and Application Server Infrastructure - Performance and Scalability

COM General

With the new IIS 6.0 architecture, it is important to question some of the existing guidelines where COM is concerned. A major consideration is that, before Windows Server 2003, COM application components were configured (by default) to run out-of-processes from the caller. The default for COM applications is for them to run as Server Applications, executing in a DLLHost.exe process called into from the object instantiate, or over DCOM.

The performance downside of doing this for every method call, is that there are extra threads running on the system, and every call to a method must be marshaled across process boundaries. This is not noticeable on a small implementation with low request/transaction rates, but on a high volume, large multiprocessor, this kind of overhead can greatly decrease the overall scalability of the system.

Therefore, on Windows Server 2003, it is best to change the default configuration for a COM Server Application to Library Application to aid scalability of the calling per use of that application

Creating Images Of Your Linux System - SystemImager

This is a nice app I want to look at for deploying images of linux servers and desktops.

How to Set Up a Jabber Server LG #112 by Suramya Tomar
This is a great article to help us complete our internal Jabber Server.

Pocket Workstation - Debian on Handhelds

Article on Securing removable media
Author: Magnus Ahlberg, Managing Director of Pointsec Mobile Technologies

This is a clever idea.

By schneier

We know that people forget their passwords all the time, and I’ve already written about how secret questions as a backup password are a bad idea. Here’s a system where a voiceprint acts as a backup password. It’s a biometric password, which makes it good. Presumably the system prompts the user as to what to say, so the user can’t forget his voice password. And it’s hard to hack. (Yes, it’s possible to hack. But so is the password.)

But the real beauty of this system is that it doesn’t require a customer support person to deal with the user. I’ve seen statistics showing that 25% of all help desk calls are by people who forget their password, they cost something like $20 a call, and they take an average of 10 minutes. A system like this provides good security and saves money.

Kerry Garrison - Building your own PBX
Building Your Own PBX with Asterisk
Kerry Garrison
What would it mean to you to have your own full-featured PBX system at your home or small office? What would it mean to you if you could build an entire PBX system (minus the phones) on hardware you probably have laying around, AND that it can probably also save you money on your phone bill? Sounds too hard to believe doesn’t it, but using old hardware and some open source software, you really can build a commercial quality phone system that would normally cost thousands of dollars.

The Hardware
As I mentioned in the opening, we are going to build our PBX system from equipment that we have laying around the house. After cannibalizing three spare systems, what was left was a PII 450, 386mb RAM, 12gb HD, 48x CDROM drive, and an Intel Pro 10/100 network card. This is all you “need” to get going as long as you are going to get VOIP dial tone service from a company like BroadVoice (more on this later). If you want to use regular analog phone lines you will need modem card. Not every card will work properly, however, the most recommended card is the Digium Wildcard X100P FXO card which can be purchased brand new on eBay for $6.95 each. So far, total out of pocket expense for the card plus shipping: $12.90.

By Erik Inge Bolso on Tue, 2005-03-01 00:00.

Keeping directories in sync on multiple machines can be difficult. Running Unison is one way to make the task easier.

Unison is a file-synchronization tool that runs on Linux, UNIX and Microsoft Windows. Those of you who’ve used IBM Lotus Notes or Intellisync Mobile Suite probably have an idea of what synchronization is good for, as compared to one-way mirroring options such as rsync. You might have mirrored a company document directory to your laptop, for example, and then modified a document or two. Other people might have modified other documents in the same directory by the time you get back. With rsync, you’d need to reconcile the differences between the two directories manually or risk overwriting someone’s changes. Unison can sort out what has changed where, propagate the changed files and even merge different changes to the same file if you tell it how.

Full article