IT Dribble

Well actually it’s not in the foreground but to a log file, but if you tail / follow the logfile you could pretend it was the foreground :-)

mysqld_safe --log-error=/var/log/mysql.err

And perhaps you have imported a database for forensic investigation and you don’t know the database password, you can just skip the authentication:

mysqld_safe --skip-grant-tables --log-error=/var/log/mysql.err

Seems that Firefox v31 and later has decided to remove access to sites encrypted with self signed certificates by default!

Anyway to resume some form of normality modify your “about:config” in the firefox address bar
Search for “security.use_mozillapkix_verification” and set it to “false”

That should do it.

I have finished setting up a new tool for in browser AES256 encryption via the javaScrypt library. Included within the page is a tool to produce SHA1 / SHA224 / SHA256 / SHA384 / SHA512 hashes.

The idea was that I has a central place to encrypt and decrypt data any time, any place with no reliance on anything except a web browser. I wanted to use java script so that both mine and your data doesn’t leave the browser and stays confidential.
(Perhaps David Petraeus could have used something like this, the trail might have been even harder to follow had he left the ‘draft’ message encrypted)

I implemented the SHA hashing as a tool to strengthen poor passphrases. The idea being that you use your lame password as input, create the hash and encrypt your data with the 128 character key (SHA512). When you need to decode your data you just do the reverse. Now some valid points to think about are:

• If you were being targeted and an attacker knew that your password was a SHAx hash then, you would be susceptible to bruteforce attacks against the hash.
• Using a hash (lower case letters and numbers) will provide less entropy against a fully random password of equal length.
• I believe (my opinion) that if you can afford to trade the security of someone knowing your password is a hash vs a shorter more complicated password your better off hashing your actual password with SHA512 (128 characters a-z 0-9)
• Of course your better off with 128 character fully random key but how are you suppose to remember that?

Check it out here: http://www.cammckenzie.com/encrypt/

Ever had some alerting software spam your production mail queue with 1000’s of alerts?
And you dont want to delete every message individually…

Here is the solution to delete all messages destined for user@example.com:

mailq | tail -n +2 | grep -v '^ *(' | 
gawk 'BEGIN {RS = ""} /user@example.com/ {print $1}' | 
tr -d '*!' | postsuper -d - 

Thanks to http://www.keithscode.com for that one!

This was a tricky one. I kept getting alerts for:

-----BEGIN MESSAGE-----
[2012-07-09T23:40:37+1000] server8.somedomain.com
CRIT   :  [2012-07-09T23:40:34+1000] msg=<POLICY NODIRECTORY>, path=</var/log>
-----BEGIN SIGNATURE-----
EA6AB852FD5E03118A95B8507E514F264CCFE3CC35E3330F
000154 1340761939::server8.somedomain.com
-----END MESSAGE-----

And for the life of me wasn’t sure why but after reading the source code the cause is explained:

{ MSG_FI_NODIR, N_("File found where directory was expected"), IDMEF_IMPACT_TYPE_FILE },

And you know what it was correct! /var/log was a softlink to /data/logs!