Now that the system is up and running time to get Xen working.

I realized that the xen kernel was not installed. Check the yum repository and no xen kerenl! A little more digging and I find out that Fedora Core 9 broke Xen and they are still working on getting it updated! Now here is one of linux's strong points. I need virtual machines, Planned on using Xen but there are 5 different ways to do it that I know of, including Xen, VMWare, Qemu, etc. So no Xen, I go ahead and pull down Qemu. It works with the hardware and with the kernel KVM module that allows the system to access the AMD-V functions. Just a quick yum install qemu and I was off and running!

No Comments     Read more...

Well, it seems that one of my older servers has decided to take a dive. It was an Intel P3 @ 1.0ghz and it just died. I used it to run my network monitoring system, in this case Nagios. The system was at the end of it's life and I decided not to fix it and just upgrade it.

 So a quick run to Fry and for 280$ I picked up a Gigabyte Motherboard, 4 gigs of ram, an AMD X2 7750, 500gig Hard Drive and a case and power supply.  Now this is easily 10x what the old system was and Nagios really does not need all that power so it looks like a good time to install Fedora Core 10 and Xen and see how it works.

 Ill note here that I already have a system set up with Xen, one of the Virtual Servers is used for this website. So this is not my first time to run Xen.

 To kick it off I downloaded the latest Fedora Core 10 DVD and installed it on the system. Making sure to customize the install and select virtualization.

No Comments     Read more...

There are times when you need to get items through the mail. This poses a security risk as a valid address must be given to receive the items you want. This file is intended to provide you with an understanding of how to set up Postal delivery points that are difficult if not impossible to trace. As with any security you implement there is a trade off. You are trading reliability and quickness of delivery for security.

Four basic delivery addresses
Post Office Box: The average Joe will not know who you are but the Post Office and Government will!
Non-Post Office PO Box: Requires ID's to get, so depending on how you set it up, they may, or may not know who you are.
Drop Addresses: Very secure, No trace of who got the mail, disposable, and easy to change. It does require some work.
Mail Forwards: Commercial, costly, and traceable.

3 Comments     Read more...

I know a lot about the subject of computers and computer security. As such I have decided to put togeather a little help for those of you out there that may need a small push in the right direction. I hope everyone enjoys this!


Step 1 : Passwords

Your passwords are your first line of defense. Like a lock on your front door there are there to keep honest people honest. It is easy to bypass and should not be relied on as your only security.

How to pick a good password.

• All system-level passwords (e.g., root, enable, NT admin, application administration accounts, etc.) should be changed on at least a quarterly basis.
  
• All user-level passwords (e.g., email, web, desktop computer, etc.) should be changed at least every six months. The recommended change interval is every four months.
  
• User accounts that have system-level privileges granted through group memberships or programs such as "sudo" should have a unique password from all other accounts held by you.
  
• Passwords must not be inserted into email messages or other forms of electronic communication.
  
• All user-level and system-level passwords should conform to the guidelines described below.

No Comments     Read more...

OK, I have a new PGP Key. My public Key is in this announcment. Should anyone need to contact me privatly please encrypt the message with this key.

Well, We have discussed the encrypted container files, and you have your ssh and gpg keys secured. Now to take the authentication one step further.

 When you authenticate to your system you have to type a login and a password. This is ok but we can improve this. Linux uses PAM (Pluggable Authentication Modules) to set the authentication requirements for the system. We can extend this one step further and greate a OTP (One Time Pad) on a USB key that is then required to be present before you can login. This means that you will need your login, your password, and a special USB key plugged into a USB port on the system to log in.

To start this you will need to download the PAM USB module from HERE  

To continue with the instructions  click the Read More

2 Comments     Read more...