I was mentioned as a Technical Editor in Curtis Preston’s new edition of Backup and Recovery. Thanks for the free book, Curtis!
Jeremy Schoemaker asked me to write up a little something regarding the recent string of SEO web defacements for a non-technical audience which he posted in his blog.The SEO industry is very focused on being SEOs.Like many professionals, many attempt to avoid time consuming activities that are not core to their business…. This is a perennial theme of information security writings and I myself have touched on itWeb defacements are nothing new, but the media attention to SEO superstars is notable and makes their online presence an attractive high-value target. The recent mass defacement of SEO wordpress blogs that was launched from a technical adversary using tor is an example of what has become a not uncommon occurrence.What can SEOs, and bloggers in general, do to lessen the risk of public embarrassment from defacements, hacktivism, and information leakage?… (For example, the bugfix for Wordpress v2.0.6 addressed a correction for those webservers that had left register_globals set to “on.” Not recommended in the first place.)Hardening the web services themselves with security modules.Use of a NIDS or HIDS that will actively block or alert upon detection of questionable behaviors.All of these methods involves time and resources that could best be applied to doing what they do best, in this case, being a SEO.
This was a random thing I encountered, so it bothered me until I figured out why I could not remember the password set for my System Keychain.The reason was that I didn’t set one, and that it is randomly generated…. To view them, you need to have access to the keychain.What is a geek to do?
up2date has rollback capability and is already installed on all RHEL [RedHat Enterprise Linux] servers All that would be required to centrally manage a RHEL environment would be to push out an updated config file for up2date and point it to a central repository.Both yum and up2date are just front-ends for rpm management and operate with all the same mechanisms.
…There may be some yum client options available that up2date does not have, but I have not been able to find any examples.Other matters:Repository can be managed with such tools as:- Current: http://current.tigris.org/ This can manage yum, up2date, and apt archives and allows granular control and automation.- Repository setup examples for a variety of methods:http://www.xades.com/proj/fedora_repos.htmlhttp://dag.wieers.com/home-made/apt/FAQ.phpI believe that the best option at this point would be to: – make a repository for all supported platformso make groups for different linux server profiles§ oracle§ webservers§ othero automate updates to linux§ establish rpm testing/certification environment§ have all clients check for updates in a DHL tested repository for regular updates· cron “up2date –u” on a weekly/daily/monthly/quarterly basis§ update repositories with tested updates for each server group.- Configure stock RHEL installations to update from internal sourceso make an rpm of a custom up2date config for RHEL 3 and 4- Document process for rpm rollback for operations in case of update QA failure- Get buy-in from operations and enterprise security management on the update and QA process to be performed in regularly scheduled maintenance windows.