Sandra Henry-Stocker

Author Archives: Sandra Henry-Stocker

Improving on history—the Linux history command, that is

The Linux history command allows users to repeat commands without retyping them and to look over a list of commands they've recently used, but that's just the obvious stuff. It is also highly configurable, allows you to pick and choose what you reuse (e.g., complete commands or portions of commands), and controls what commands are recorded.In today's post, we're going to run through the basics and then explore some of the more interesting behaviors of the history command.The basics of the Linux history command Typing "history" and getting a list of previously entered commands is the command's most obvious use. Pressing the up arrow until you reach a command that you want to repeat and hitting enter to rerun it is next. And, as you probably know, you can also use the down arrow. In fact, you can scroll up and down your list of previously entered commands to review them or rerun them.To read this article in full or to leave a comment, please click here

What the jot command can do for you

The jot command has been around for ages, but remains one of those interesting commands that a lot of Linux users never get around to using. It can be very handy in scripts as well as on the command line by generating number or character sequences, even pseudo-randomly.In its simplest form, the jot command generates a simple sequence of numbers from 1 to your selected maximum.$ jot 5 1 2 3 4 5 You can stick the jot command output into simply by redirecting it.$ jot 5 > five $ cat five 1 2 3 4 5 If you want to start with some number other than 1, you just use a slightly different syntax. The command “jot 5 11”, for example, would create a list of five numbers starting with 11.To read this article in full or to leave a comment, please click here

Dealing with NIST’s about-face on password complexity

In the last few years, we've been seeing some significant changes in the suggestions that security experts are making for password security. While previous guidance increasingly pushed complexity in terms of password length, the mix of characters used, controls over password reuse, and forced periodic changes, specialists have been questioning whether making passwords complex wasn't actually working against security concerns rather than promoting them.Security specialists have also argued that forcing complexity down users' throats has led to them writing passwords down or forgetting them and having to get them reset. They argued that replacing a password character with a digit or an uppercase character might make a password look complicated, but does not actually make it any less vulnerable to compromise. In fact, when users are forced to include a variety of characters in their passwords, they generally do so in very predictable ways. Instead of “password”, they might use “Passw0rd” or even “P4ssw0rd!”, but the variations don't make the passwords significantly less guessable. People are just not very good at generating anything that's truly random.To read this article in full or to leave a comment, please click here

Eight steps to the GDPR countdown

One year from today, the recently passed regulation known as “GDPR” (General Data Protection Regulation) goes into effect. While EU-specific, it can still dramatically affect how businesses that work with personal data of citizens and residents of the EU. GDPR was approved a year ago and will be going into effect in another year. It applies directly to organizations within the EU, but also applies to organizations outside the EU if they 1) offer goods and services to the EU, 2) monitor the behavior EU subjects, or 3) process or retain personal data of EU citizens and residents. And the regulation can place very serious fines and sanctions for non-compliance.To read this article in full or to leave a comment, please click here

The complexity of password complexity

Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users' passwords will all have twelve or more characters. Let's stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.First, if you haven't done this already, install the password quality checking library with this command:apt-get -y install libpam-pwquality The files that contain most of the settings we're going to look at will be:To read this article in full or to leave a comment, please click here

The complexity of password complexity

Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users' passwords will all have twelve or more characters. Let's stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.First, if you haven't done this already, install the password quality checking library with this command:apt-get -y install libpam-pwquality The files that contain most of the settings we're going to look at will be:To read this article in full or to leave a comment, please click here

Book Review: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems

The overall equation is pretty simple: If you want to understand network traffic, you really should install Wireshark. And, if you really want to use Wireshark effectively, you should consider this book. Already in its third edition, Practical Packet Analysis both explains how Wireshark works and provides expert guidance on how you can use the tool to solve real-world network problems.Yes, there are other packet analyzers, but Wireshark is one of the best, works on Windows, Mac, and Linux, and is free and open source. And, yes, there are other books, but this one focuses both on understanding the tool and using it to address the kind of problems that you're likely to encounter.To read this article in full or to leave a comment, please click here

Book Review: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems

The overall equation is pretty simple: If you want to understand network traffic, you really should install Wireshark. And, if you really want to use Wireshark effectively, you should consider this book. Already in its third edition, Practical Packet Analysis both explains how Wireshark works and provides expert guidance on how you can use the tool to solve real-world network problems.Yes, there are other packet analyzers, but Wireshark is one of the best, works on Windows, Mac, and Linux, and is free and open source. And, yes, there are other books, but this one focuses both on understanding the tool and using it to address the kind of problems that you're likely to encounter.To read this article in full or to leave a comment, please click here

Unix tips: Saving time by repeating history

Getting work done faster on the command line is one of the never changing goals of Unix sysadmins. And one way to do this is to find easy ways to reuse commands that you have entered previously – particularly if those commands are complex or tricky to remember. Some of the ways we do this include putting the commands in scripts and turning them into aliases. Another way is to reissue commands that you have entered recently by pulling them from your command history and reusing them with or without changes. The easiest and most intuitive way to reissue commands is by using the up and down arrows on your keyboard to scroll through previously entered commands. How far back you can scroll will depend on the size of your history buffer. Most people set their history buffers to hold something between 100 and 1,000 commands but some go way beyond that. Hitting the up arrow 732 times might try your patience, but there are are fortunately easy ways to get what you need without wearing out your finger tip! To make this post a little easier to follow, I'm using a modest HISTSIZE setting. You can view your Continue reading

Looking back 30 years as a sysadmin

Looking back after spending more than 30 years as a Unix systems administrator, I have to say that's it's been quite a ride.It certainly wasn't 30+ years of doing the same thing. Instead, the technology and the job have gone through incredible changes along the way. There were dramatic improvements in the hardware that I managed and always plenty of new tools to learn and use.[See also: 18 cardinal rules of systems administration ]Over the years, I went from reveling in how much work I could get done on the command line to grappling with some big issues -- troubleshooting some very complicated problems and figuring out how to best protect my employers' information assets. Along the way, I worked with some amazing individuals, got laid off (once), and learned a lot about what works and doesn't work both from a technical and a career perspective.To read this article in full or to leave a comment, please click here

Looking back 30 years as a sysadmin

Looking back after spending more than 30 years as a Unix systems administrator, I have to say that's it's been quite a ride.It certainly wasn't 30+ years of doing the same thing. Instead, the technology and the job have gone through incredible changes along the way. There were dramatic improvements in the hardware that I managed and always plenty of new tools to learn and use.[See also: 18 cardinal rules of systems administration ]Over the years, I went from reveling in how much work I could get done on the command line to grappling with some big issues -- troubleshooting some very complicated problems and figuring out how to best protect my employers' information assets. Along the way, I worked with some amazing individuals, got laid off (once), and learned a lot about what works and doesn't work both from a technical and a career perspective.To read this article in full or to leave a comment, please click here

Establishing your virtual presence on the cheap

I was excited to see what Double Robotics has accomplished with their telepresence robot, especially when one showed up on an episode of The Good Wife. Double Robotics’ device (see http://www.doublerobotics.com/) is making it possible for teleworkers to have their “doubles” moving around the office, chatting with staff, and attending meetings. The devices works like an iPad on a Segway, though the stand/roller part of the setup is much lighter and slimmer than a Segway, so it’s more like an iPad on a rolling stick. But the movement is controlled remotely and the person controlling it has a sense from their screen of moving around the office and interacting with the staff because their “double” really is.To read this article in full or to leave a comment, please click here