Operating Systems

Apple OS X 10.4.11 update problems

Posted November 18th, 2007 in , , ,

Some people are having problems with the latest Mac OS X 10.4.11 update.

BSD vs Linux

Posted March 17th, 2007 in , , , ,

"It's been my impression that the BSD communit{y,ies}, in general, understand Linux far better than the Linux communit{y,ies} understand BSD. I have a few theories on why that is, but that's not really relevant. I think a lot of Linux people get turned off BSD because they don't really understand how and why it's put together. Thus, this rant; as a BSD person, I want to try to explain how BSD works in a way that Linux people can absorb."

SSH tricks

Posted July 5th, 2006 in ,

"SSH (secure shell) is a program enabling secure access to remote filesystems. Not everyone is aware of other powerful SSH capabilities, such as passwordless login, automatic execution of commands on a remote system or even mounting a remote folder using SSH! In this article we’ll cover these features and much more."

Full article: SSH tricks

OS X and Linux Command line reference

Posted June 21st, 2006 in , , ,

SS64.com is a useful site with:

Incremental backups on the Mac using rsync and ssh

Posted June 21st, 2006 in , , , ,

Instructions for setting up secure incremental backups to a remote server: How to Backup your Mac incrementally over SSH (from Pete Freitag's Homepage).

20 ways to secure Apache

Posted June 21st, 2006 in , , , ,

These steps are from Pete Freitag's Homepage.

  1. First, make sure you've installed latest security patches.
  2. Hide the Apache Version number, and other sensitive information.
  3. Make sure apache is running under its own user account and group.
  4. Ensure that files outside the web root are not served.
  5. Turn off directory browsing.
  6. Turn off server side includes.
  7. Turn off CGI execution.
  8. Don't allow apache to follow symbolic links.
  9. Turn off multiple Options.
  10. Turn off support for .htaccess files.

Subversion crib sheet

Creating the repository

Create the repository:

#sudo svnadmin create /usr/local/svn/newrepos

Don't forget to set the appropriate permissions for your organisation. For example, read, write and execute access for the development group, no accesses for "world". Alternatively, you can create an subversion user and set the umask

#sudo svn import mytree file:///usr/local/svn/newrepos/some/project \
    -m "Initial import"

http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.reposadmin.projects.chooselayout
http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.tour.other.import
http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.serverconfig.svnserve.sshauth

Setting up subversion on OpenBSD

This document is an overview to remind me of the steps involved, not a detailed set of instructions.

Setting up subversion

  1. Setup subversion. (Use pkg_add.)
  2. Create a group for people who need to use subversion.
    E.g. "dev" or "svn"
    Add users to the group.
  3. Create a directory for the repository. Allow read and write permissions to the dev group; the world should have no access.
    Example: /home/svn/
  4. Create the repository and import the files.

Connecting remotely to the repository

The svn+ssh:// URL schema is a convenient way of accessing the repository remotely, provided that active shell accounts are set up on the remote server. It uses ssh to create a temporary svnserve process. You don't need to open any ports for subversion as communications are sent over the ssh port. The svnserve process ends after closing the network connection.

Setting up an OpenBSD 3.2 firewall

Posted June 20th, 2006 in , , , , ,

The Guide to OpenBSD Packet Filtering Firewalls explains:

  • how to boot from a floppy disk and install OpenBSD 3.2 via FTP;
  • how to configure the /etc files using vi (a UNIX text editor);
  • how to edit the pf.conf file and operate it from the command line(using pfctl);
  • what to take into consideration when planning an appropriate firewall
  • policy for a home LAN; and
  • further tweaking your OpenBSD box.

Reducing the need for the root password using group-based security

Posted June 20th, 2006 in , , , , ,

"With proper use of groups, and a bit of scheduling, you don't need to hand out root [password]. In this article, we're going to implement group-based security for managing DNS files. The same techniques can be applied to almost any other section of the system."

Full article: Using Groups to Eliminate Root

OpenBSD Installation problems

Problems encountered when installing OpenBSD.

OpenBSD Installation

OpenBSD installation notes.

OpenBSD Bookmarks

Miscellaneous OpenBSD bookmarks

Network and system analysis crib sheet

This crib sheet contains common commands I can use to analyse the network on Unix-like systems.

Network Interface

Check the available network interfaces
Use the Network Utility under /Applications/Utilities and select the Info tab (Mac OS X).

Syndicate content