SSL’s primary function on the Internet is to facilitate encryption and trust that allows a web browser to validate the authenticity of a web site. However, SSL works the other way around too – client SSL certificates can be used to authenticate a client to the web server. Think SSH public/private key pairs, if that is familiar to you. In this blog post I will outline the steps to create a certificate authority certificate, sign a server certificate and install it in Apache, and create a client cert in a format used by web browsers.
There are a variety of extremely cheep USB wifi dongles available on ebay that work wonderfully… once you get them working. I picked one up for $4 for my Raspberry Pi and had trouble getting it to work under Raspbian. Here’s what you need to do for the current Ralink USB adapters out there.
At last! The third and final part of our git series has arrived. The first two parts of the series get you started with git and interacting with your project. They are available here:
In the final chapter of this series, we’ll explore a few of the more advanced features.
Sometimes in a coding project there will be files or directories that should not be included in a git repository. Common examples are temporary folders, log files, or files containing passwords/keys that should be regenerated by each installation of the software and kept secret. Fortunately, it is very easy to ignore these files when committing the git project.
I use VMware’s ESXi in my home lab environment. If you’re a technologist that is always messing with operating systems and applications, it is really the only way to go. But along with running any systems comes maintaining good backups!
There are numerous VMware backup products on the market. The problem is they all cost money. For me and other people who just play with this stuff for fun, that is not desirable. At all.
EDIT: This post was originally written for Kali 1.0 in 2013. It was not tested on any later version.
I started this post with Backtrack, but since Kali Linux came out yesterday, I figured I would update the instructions to use the latest and greatest!
Thug is a low-interaction honeyclient put out by The Honeynet Project. The purpose of a honeyclient is to emulate a web browser when viewing malicious websites without actually visiting the page in a vulnerable browser. It can then follow redirects, pull down malware, and emulate browser plugins to pull down any of the malicious code trying to be served up to victims. You can read more about Thug here and here.
Backing up Gmail has been on my list of things to do ever since Google accidentally deleted a whole bunch of accounts. My inbox containts a lot of important information and if it were to be lost, it would be a major pain. I finally got around to backing it all up.
I’ve been hearing great things about the Security Onion project. It bundles up a whole bunch of great tools that can be used for Network Security Monitoring (NSM) so I thought I would give it a try on my home network. After all, next time the fiancé gets malware, it could be helpful to know what happened…
I’ve been using OpenIndiana io_151a2 for over a year now as my home storage solution. It has been rock solid and gives me better IO over iSCSI for VMware than I get in the production Netapp environment at work. It also lets me have some nice big pools with commodity drives for media, backup, VMs, and pretty much everything else I do on the computer.
The asset pipeline is great and confusing at the same time. It performs differently in development than it does in production, and as such you can’t be really sure everything is going to work once you deploy it, unless you really understand it, of course.