They renewed the Patriot Act for another six months. In protest of this blatant violation of my civil liberties, I've made a list of my rights which have been infringed by this legislation. I will not rest until we regain these lost freedoms.
1.
2.
3.
This list is by no means complete. Check back often, as I will be adding additional items to the list whenever the "jack booted thugs" impose upon my life, liberty, and pursuit of happiness.
Thursday, December 22, 2005
Friday, December 02, 2005
Fun with bash
In an effort to secure my internal network, I'm adding an access server. Initially, the firewall routed SSH to one of my application servers. Now it routes to a dedicated access server.
Previous: Internet -> Router - > Server -> Network
Current: Internet -> Router - > Access -> Network
Admittedly, this doesn't seem that different. The issue is the configuration of the system. The application server has to be accessible to other systems, so its security systems are somewhat basic. By using the access server, I can rachet the security as tight as it will go. Toward that goal, I've implemented within bash a few fun features.
In /etc/bashrc, I've appended:
if [ "$PS1" ]; then
USER=`cat /etc/passwd | grep ":$UID:$UID:" | awk -F: '{print $1}'`
date +"%d %H:%M:%S" | mail -s "$USER login" someuser@somewhere.com
fi
Whenever someone logs in (or su's to root) I get a message.
In each users .bash_logout file, I've added:
(sleep 3; mv ~/.bash_history /tmp/flytrap/`date +"%d%H%M%S"`; touch ~/.bash_history) &
The parens make this compound command execute in the background. The user's history file is committed to the drive, then (3 seconds later) moved to the flytrap. The flytrap is a directory where users can write, but they can not read (thus view):
# ls -ld /tmp/flytrap
d-------wt 2 root root 4096 Dec 2 13:35 /tmp/flytrap
Of course, I've changed the ownership and permissions on ~/.bash_logout to prevent the script kiddies from messing with it.
Previous: Internet -> Router - > Server -> Network
Current: Internet -> Router - > Access -> Network
Admittedly, this doesn't seem that different. The issue is the configuration of the system. The application server has to be accessible to other systems, so its security systems are somewhat basic. By using the access server, I can rachet the security as tight as it will go. Toward that goal, I've implemented within bash a few fun features.
In /etc/bashrc, I've appended:
if [ "$PS1" ]; then
USER=`cat /etc/passwd | grep ":$UID:$UID:" | awk -F: '{print $1}'`
date +"%d %H:%M:%S" | mail -s "$USER login" someuser@somewhere.com
fi
Whenever someone logs in (or su's to root) I get a message.
In each users .bash_logout file, I've added:
(sleep 3; mv ~/.bash_history /tmp/flytrap/`date +"%d%H%M%S"`; touch ~/.bash_history) &
The parens make this compound command execute in the background. The user's history file is committed to the drive, then (3 seconds later) moved to the flytrap. The flytrap is a directory where users can write, but they can not read (thus view):
# ls -ld /tmp/flytrap
d-------wt 2 root root 4096 Dec 2 13:35 /tmp/flytrap
Of course, I've changed the ownership and permissions on ~/.bash_logout to prevent the script kiddies from messing with it.
All EMF Products - Shielded Cap - Emf Protection
Finally, people won't think I'm crazy! The site, Block EMF, offers baseball caps made of copper core thread that will sheild your brain from dangerous RF waves. People will no longer ask me why I'm wearing an aluminum foil hat! See, I figure if the hat will keep the RF out, than it will keep the signals in my brain from going into outer space where they can be intercepted by aliens.
Though, the foil hat did go well with my cape.
Though, the foil hat did go well with my cape.
Subscribe to:
Posts (Atom)