Monthly Archives: October 2009


Setting up an LVM filesystem

Setting up an LVM filesystem is quite easy assuming you have the right tools installed and a recent kernel. LVM has a lot of advantages, most notably the ability to take snapshots of the current filesystem – this is why LVM is often used in live database environments. Assuming a Debian Lenny machine, get the relevant packages. Some may already be installed:  apt-get install lvm2 dmsetup mdadm In this example, we will assuming that /dev/sda is your boot drive, and that you want to leave it out of your LVM array, but include /dev/sdb and /dev/sdc. Both /dev/sdb and /dev/sdc should be of equal sizes. Firstly, using fdisk, remove any existing partitions with ‘d’, on /dev/sdb and /dev/sdc, and create one new partition to span the drive. Change the partition type to ‘8e’ which is the LVM type. Now prepare your physical disk for LVM with the ‘pvcreate’ tool: pvcreate /dev/sdb1 /dev/sdc1 Note that you can reverse this with pvremove. You can also use pvdisplay now to display information on all physical volumes. Oh – you do realie that you can use /dev/mdX just as easily to create LVM on your RAID devices? Now, we need to create a ‘volume group’: vgcreate myvg /dev/sdb1 /dev/sdc1 […]

By | October 20th, 2009|Technology|0 Comments

Installing and Configuring Xen with guests

Installing and Configuring Xen on a Debian Lenny machine is pretty easy. Firstly, install the system: apt-get install xen-tools xen-utils-3.2-1 xen-linux-system-2.6.26-2-xen-686 xen-linux-system-2.6.26-2-xen-686 comes with the Xen kernel that you’ll need. It should install a new kernel as the default, and therefore you’ll now need to reboot. Once rebooted, issue uname -a to ensure that your new Xen kernel is running: apnic01:~# uname -a Linux apnic01 2.6.26-2-xen-686 #1 SMP Wed Aug 19 08:47:57 UTC 2009 i686 GNU/Linux You now have Xen installed! Now, you’ll need to make a few changes. Firstly, none of my new guest VMs had working console, apparently this is a known issue in Lenny with Lenny guests. The work around is to change the inittab on the guest. I wanted to create guests without modifications, so in this case, I edited /etc/xen-tools/xen-tools.conf and uncommented: #serial_device = hvc0 #default It’s listed as the default, but uncommenting this seemed to solve my issues. Now, you’re ready to create your first guest: […]

By | October 18th, 2009|Linux, Technology|0 Comments

PHP Programmer – Modulo Operator

All major programming languages have it, it’s the modulo operator, and it has multiple uses. First I’m going to explain what it is, then I’m going to demonstrate one very simple, very powerful use. Programatically, the modulo operator is most commonly denoted with a percentage ‘%’ symbol. Given two numbers as input, the modulo operator returns the remainder after division. p = a%b; will return the remainder after a is divided by b. Here are some examples: 2%2 = 0 (2 divided by 2 = 1 remainder 0) 6%2 = 0 (6 divided by 2 = 3 remainder 0) 7%2 = 1 (7 divided by 2 = 3 remainder 1) 18%4 = 2 (18 divided by 4 = 4 remainder 2) The modulo operator is used extensively in cryptography, Diffie-Hellman (DH) Key Exchange is just one example. As a PHP Programmer, what can this be useful for? […]

By | October 5th, 2009|Development, PHP, PHP, PHP Articles|0 Comments

Linux C setuid setgid tutorial

Here’s a very brief example of how to use setuid() and setgid() functions in your C program. #include <stdio.h> #include <sys/types.h> #include <unistd.h> int main(void) { int current_uid = getuid(); printf("My UID is: %d. My GID is: %dn", current_uid, getgid()); system("/usr/bin/id"); if (setuid(0)) { perror("setuid"); return 1; } //I am now root! printf("My UID is: %d. My GID is: %dn", getuid(), getgid()); system("/usr/bin/id"); //Time to drop back to regular user privileges setuid(current_uid); printf("My UID is: %d. My GID is: %dn", getuid(), getgid()); system("/usr/bin/id"); return 0; } The program above should be pretty self explanatory, now: adam@staging:~$ gcc -O2 -ggdb -o setuid setuid.c adam@staging:~$ ls -al setuid -rwxr-xr-x 1 adam adam 9792 2009-10-03 18:09 setuid adam@staging:~$ […]

By | October 3rd, 2009|C/C++, Development, Linux|0 Comments

Linux Security Freelancer – Securing a node – Where to start?

As a Linux Security Freelancer, I’m often asked where best to start when securing a single linux host. Whereas most would suggest configuring iptables or similar, the most effective first step in my opinion is to remove unnecessary services. There are a number of methods that you can use to show open sockets at least: lsof -U will list open sockets nmap -sT -sU localhost will scan your local machine for open TCP or UDP ports netstat -a | grep LISTEN will show all listening sockets. Forgive me for stating the obvious, but the first thing to do is disable any open sockets or services that aren’t required. On a default install, this could include the likes of the portmapper service, identd and an smtpd. Next, you want to suitably lock down user accounts, check passwords, and perhaps consider enforcing a secure password policy, at minimum I generally prefer at least 8 characters, at least one uppercase, one lowercase and one integer. Obviously this shouldn’t be easily guessible, nor should it just end in a ‘1’. Once done, the next thing that you want to do is to suitably firewall the services that you do require open, and perhaps also restrict the rate of ICMPs, etc, with iptables. […]

By | October 3rd, 2009|Linux, Security Consultant, Technology|1 Comment

Security Consultant – Man In The Middle Attacks (MITM)

A Man In The Middle (MITM) attack is a popular network based attack in order to hijack a connection or to sniff traffic. A MITM attack actually covers a variety of different methods. A MITM attack is literally positioning yourself as the attacker between the two communicating parties. Whether you do that via an ARP attack, some type of cryptographic attack, or a physical attack depends on the requirements and scenario. As a security consultant it is important to ensure that the network and it’s communications are as secure as possible against this type of attack. I will cover a simple physical MITM attack, then an ARP attack, and then prevention techniques. […]

By | October 2nd, 2009|Security Consultant, Technology|0 Comments