Recent Posts

[Notes] Chapter 2: Personnel Security and Risk Management Concepts

[Notes] Chapter 2: Personnel Security and Risk Management Concepts

Personnel Security Policies and Procedures: Vendor, Consultant, and Contractor Agreements and Controls: Privacy Policy Requirements: Security Governance: Risk Management Concepts: Risk Assessment/Analysis: Countermeasure Selection and Implementation: Types of Controls: Continuous Improvement: Risk Frameworks: Security Awareness, Education, and Training: Manage the Security Function:

[Notes] CISSP Chapter 1: Security Governance Through Principles and Policies

[Notes] CISSP Chapter 1: Security Governance Through Principles and Policies

The CIA Triad Confidentiality: Confidentiality terms: Integrity: Integrity terms: Availability: Availability terms: Other Security Concepts Evaluate and Apply Security Governance Principles Data Classification Organizational Roles and Responsibilities Security Control Frameworks Due Care and Due Diligence Developing Documents Threat Modeling Prioritization and Response Apply Risk-Based Management 

GlusterFS fix faulty bricks

GlusterFS fix faulty bricks

Great tutorial to manage glusterFS : readthedocs

if you are getting error like
volume add-brick: failed: Incorrect number of bricks supplied 1 with count 2

Then you are trying to add  distribute leg, which requires multiple bricks based on replication setting, try following command

gluster vol add-brick <vol-name> <brick1><brick2>

List the SSL/TLS cipher suites a particular website offers

List the SSL/TLS cipher suites a particular website offers

 Command Line Nmap with ssl-enum-ciphers  This will be a very simple and and  faster way to get a list of available ciphers from a network service.  and nmap will provide a strength rating of strong, weak, or unknown for each available cipher. Which will help to determine 

Fix Logitech MX Master Scroll Wheel Issue

Fix Logitech MX Master Scroll Wheel Issue

https://toemat.com/logitech-mx-master-fix/

OpenSSH 7.3 on CentOs 6.7

OpenSSH 7.3 on CentOs 6.7

A simple script to upgrade OpneSSH on CentOs 6.7.


#!/bin/bash
# Copyright © 2016 Faishal Saiyed
cd
timestamp=$(date +%s)
if [ ! -f openssh-7.3.zip ]; then wget https://github.com/faishal/openssh-portable/releases/download/cent.os.6.7.openssh.7.3p1/openssh-7.3.zip; fi;
unzip -o openssh-7.3.zip -d openssh-7.3p1
cd openssh-7.3p1/
cp /etc/pam.d/sshd pam-ssh-conf-$timestamp
rpm -U *.rpm
yes | cp pam-ssh-conf-$timestamp /etc/pam.d/sshd
/etc/init.d/sshd restart

To use you can run following command with root user

bash < ( curl -sL https://bit.ly/2OaOGPZ ) 
List all users crontab entries

List all users crontab entries

for user in $(cut -f1 -d: /etc/passwd); do echo $user; crontab -u $user -l; done

Cache a large array: JSON, serialize or var_export?

Cache a large array: JSON, serialize or var_export?

http://techblog.procurios.nl/k/n618/news/view/34972/14863/cache-a-large-array-json-serialize-or-var_export.html

Keep sensitive info out of your email & chat logs

Keep sensitive info out of your email & chat logs

During work, We share passwords or some other sensitive piece of information with a friend or coworker. The problem is When you do it over chat or email, that data just got really insecure and easy to find, if some one got access of  your account, they can get that plain text data from history.

There are multiple option available to avoid this kind of mistakes, I use Self-Destructing Messages app called onetimesecret which I found really good 🙂

How Do You Share Sensitive Data Without Leaving a footprints?

 

How to find the reason for a risky test in PHPUnit ?

How to find the reason for a risky test in PHPUnit ?

Recently I started phpUnit testing, and I found some of the test are flagging as risky. Most of the time I able figure bout reason but some time it very time consuming and also there isn’t any messages from PHPUnit.

Writing modular JavaScript without polluting the global namespace

Writing modular JavaScript without polluting the global namespace

http://marcofranssen.nl/writing-modular-javascript-without-polluting-the-global-namespace/