Fun with ZFS send and receive
For the people who haven’t had the opportunity to play around with ZFS, it’s a powerful filesystem which lets you easily manage storage with very simple commands. Right now you can use ZFS within FreeBSD, OpenSolaris and Solaris and there are also ports for Linux, MacOS and NetBSD but they still in the works and something I wouldn’t use in production. For this posting we will be looking at some ways you can use zfs send and zfs receive command and how they can help you manage your storage along with combining them with other Unix tools.
Getting Groovy with Stop Forum Spam
Spam sucks and administrating a forum that is phpbb3 based you find there are a lot of bots that sign up and try to post spam. It’s a pain to go through by hand and remove them all due to some of them being really clever and looking like real people. This is where a great site like stopforumspam.com comes in to play. You are able to search users based on email, username and IP to check to see if they have been reported as a spammer before.
Stopping SSH Brute Force attacks with PF on FreeBSD
Most people know that port 22 is used for SSH communication and due to this common knowledge, you get people using scripts to test for weak passwords. If you look into your /var/log/auth.log and you see tons of fails/errors from users not on your system or from invalid passwords for root, it means you have people trying to break into your system. Truthfully, anyone that puts a system online with port 22 open will see this happen to them.
Pulling data from the Warcraft Armory with Groovy
Update: New code using Battle.net’s REST API can be found here.
This posting is similar to “Pulling data from the Warcraft Armory with Ruby” but with Groovy. For the people who are not familiar with Groovy Home it’s “Object-oriented language alternative for Java platform; Java-like syntax, dynamically compiles to JVM bytecodes” in other words it’s another language that gets compiled to JVM bytecodes like Jython (Python based) and JRuby (Ruby based), but unlike being based off another language, this is new take on the Java language.
File Encryption with OpenSSL
Time to time you may find the need to encrypt a file before sending it to someone or store it where other people may have access to it. OpenSSL is a great tool for this and it is installed on most Linux/Unix and OS X (also, I believe there is an install for OpenSSL for Windows too).
Here’s the command to encrypt a file,
$ openssl enc -aes-256-cbc -a -salt -in mytestfile.
Setting up a SFTP Only user on FreeBSD
Sometimes it’s nice to be able to share files with other people. There are many sites online where you are able to do this but you are limited by size, type of file, or lacking in security. SFTP gives you the ablity to transfer from your server securely. Users that have SSH access can start using SFTP right away with applications like WinSCP. You don’t want to give people full access to your system, so this is where SFTP only users come in to play.
Pulling data from the Warcraft Armory with Ruby
Update: New code using Battle.net’s REST API can be found here.
For the people that play World of Warcraft, you know there is a great site made by Blizzard that keeps all your characters and guild information called the armory. If you take a good look at the site you will see its XML being formatted by XSLT. This is really great for people that want to script something to pull data from the armory because XML is really easy to parse.
Down the Rabbit Hole: SSH Tunneling
SSH is one of my favorite tools on a Linux/Unix system. There is so much you can do from copying files, to tunneling data security. SSH is a great way to get access to your system at home, but also access to your network. Lets go over some things about SSH tunneling and why it’s good to use!
Basic Idea: The idea of tunneling is to give you a secure way to pass data from one point to another.
Making and using SSH Keys
Ok, lets start with something easy! :)
What are SSH keys: SSH keys are a way to allow someone access to a user on another system without the need for a password. This is done with 2 key files one that is public and the other private. This is called “Public-key cryptography”. The public key will be sent to the server that you want to connect to and the private will stay on your local (or client) system.