Tag Archives: security

Securing R on Red Hat Enterprise Linux

Update:  Check out the next post in this series for help with the GTK 2.8.0 dependency requirement for the common R package RGtk2. So, as I wrote earlier, I have a group of users who need to use the statistical … Continue reading

Posted in Information Technology | Tagged , , | 2 Comments

CVE-2014-6271 (“Shellshock”): How it works

A Brief (Skippable) Introduction: So, first, I’d like to say that I might differ from other security analysts on the Interwebs in that I don’t tend to flail my arms and cry out in agony at the sight of any … Continue reading

Posted in Information Technology | Tagged , , | 1 Comment

Ruminations on the Cybersecurity Hiring Crisis

I came across a pair of articles over at ZDNet: Cybersecurity’s hiring crisis: a troubling trajectory Cybersecurity’s hiring crisis: Rockstars, anger, and the billion dollar problem This is a well-known issue in information technology, but it does not seem to … Continue reading

Posted in Information Technology | Tagged , , | Leave a comment

Enterprise Readiness in the Face of Nation-State-Backed Advanced Persistent Threats

This is kind of an atypical post for this blog since I’m trying to keep it as concrete and practical as possible to avoid the potential for uselessness that comes with abstract theorization, but I’m going to put a theory … Continue reading

Posted in Information Technology | Tagged | Leave a comment

Accessing and Using Virt-Manager Without Root Credentials

This seems to be a common question on the Internet, so I thought I’d cross-post my solution in the ask.fedoraproject.org forum: With Fedora 20, virt-manager implements PolicyKit (I recommend reading the man page). If you want to allow a certain … Continue reading

Posted in Information Technology | Tagged , , , , , | Leave a comment

Firewalling AIX

Because this seems to be a common question on the Internet, I thought I might answer it based on recent experience:  AIX does not support iptables. Built into AIX is IPsec support.  Part of the IPsec support packages is a … Continue reading

Posted in Information Technology | Tagged , , | Leave a comment

Logging Packet Drops in Firewalld

Up-Front Answer Summary: The short answer is:  the feature to simply log all packet actions isn’t available yet.  See the link referenced below in the whole thing. The longer answer is:  There may be a feasible work-around: Your firewalld default … Continue reading

Posted in Information Technology | Tagged , , , , | 11 Comments

Heartbleed and System Defense

It crosses my mind that this is a perfect opportunity to discuss system defense options against unknown threats such as Heartbleed (over the past two years, anyway).  How does one defend against a threat which “leaves no trace” and is … Continue reading

Posted in Information Technology | Tagged , | Leave a comment

Heartbleed and Cloudflare: Part 2

Damn, that didn’t take long.  A server reboot might have contributed, but it looks like the private key got ganked pretty fast.  What would be really nice (as I’ve suggested on the CloudFlare blog) would be if someone (them) could author … Continue reading

Posted in Information Technology | Tagged , | Leave a comment

Heartbleed and Cloudflare

http://www.zdnet.com/private-keys-may-be-inaccessible-to-heartbleed-7000028356/#ftag=RSS4d2198e 1)  CloudFlare rocks.  They’re a great organization and they continue to do great things. 2)  I suspected that this would be the case, given the very reasons provided (that certificate data is loaded into memory early on, and therefore … Continue reading

Posted in Information Technology | Tagged , | Leave a comment