keep it safe with Blowfish in vim 7.3
Late last year, everyone’s favorite editor saw version 7.3 come to light. One of the interesting new features is built-in and easy-to-use Blowfish file encryption, a powerful and much-needed upgrade from the old UNIX crypt function available in older versions. crypt() is an old and very breakable algorithm, not suitable for anything except protecting plain [...]
jail time: chroot’ed sftp with rssh
Installing rssh to allow scp/sftp sessions only for user accounts is a breeze. Getting them into a chroot jail took a bit more reseach, but in the end turned out to be pretty easy. This is on CentOS 4.6, but this technique should work almost identically for any Linux system thanks to the l2chroot script.
notes on PHP session security
besides the official documentation, some must-read overviews of the issues with PHP’s session support are provided by Harry and segfaultlabs.
installing mod_security on CentOS 5
Installation of mod_security from source is very easy, but did not quite go according to the published documentation on CentOS 5. Following is a brief detail on steps required.
how to stop FTP brute-force attacks with DenyHosts
We use DenyHosts on several servers to keep the annoying kids in the neighborhood from banging on the ssh door all day. This has been working fine for years. But getting it working for FTP or other authenticated services was thought to be impossible by some. It isn’t impossible – but it is a little [...]
