I'm dedicated agile security architect/system architect/developer with specialty of open source framework.
December 23, 2013
Why You Should Implement equals() and hashCode() In Hibernate
- Hibernate ORM documentation
http://docs.jboss.org/hibernate/orm/4.3/manual/en-US/html/ch04.html#persistent-classes-equalshashcode
JBoss Community Wiki
https://community.jboss.org/wiki/EqualsAndHashCode
Essential iptables on RHEL
Hardening access to network services with iptables
http://www.redhat.com/resourcelibrary/articles/training-webinars
Hardening RHEL 6
http://benchmarks.cisecurity.org/downloads/show-single/?file=rhel6.120
Packt’s $5 eBook Bonanza is back!
From December 19th, customers will be able to get any eBook or Video from Packt for just $5. This sale covers every title in the 1700+ range and customers can grab as many as they like until January 3rd 2014 – more information is available at http://bit.ly/1jdCr2W.
December 21, 2013
Hardening RHEL5
Guide to the Secure Configuration of Red Hat Enterprise Linux 5
http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf
December 11, 2013
JBoss Vault in JBoss EAP 6.2.0 uses jceks as Default KeyStore Type
Today I upgraded to JBoss EAP 6.2.0, but ran into some trouble with the keystore I have. I have one for the SSL connector and one for the JBoss Vault.
To be able keep you old JBoss Vault keystore that is stored with the jks format you need to add the KEYSTORE_TYPE vault option.
</extensions>
<vault>
<vault-option name="KEYSTORE_URL" value="/your/absolute/path/vault/vault.keystore"/>
<vault-option name="KEYSTORE_PASSWORD" value="MASK-3/VY6BIQ1KQ9LdJmX8m9Vn"/>
<vault-option name="KEYSTORE_ALIAS" value="vault"/>
<vault-option name="SALT" value="12345678"/>
<vault-option name="ITERATION_COUNT" value="45"/>
<vault-option name="ENC_FILE_DIR" value="/your/absolute/path/vault/"/>
<vault-option name="KEYSTORE_TYPE" value="jks"/>
</vault>
<management>
Reference
December 10, 2013
Changing Broadcom Driver In Ubuntu
I have a Broadcom Wireless Network Adapter and I had all sort of problem with the standard driver, Broadcom STA Wireless driver or wl that the module is called.
To identify which Broadcom chipset you have. Run:
$ lspci -vvnn | grep 14e4
45:00.0 Network controller [0280]: Broadcom Corporation BCM4313 802.11bgn Wireless Network Adapter [14e4:4727] (rev 01)
To identify which modules (driver) you are using (running):
$ egrep 'ssb|wl|brcmfmac|brcmsmac|bcma' /proc/modules
I had the STA or wl module running. To remove all possible Broadcom modules.
$ sudo modprobe -r b43 ssb wl brcmfmac brcmsmac bcma
And to really remove the default STA or wl module, also remove the debian package. After the purge, that remove configuration files as well, I double run apt-get with remove autoremove, which will remove unused package and finally I run clean, to clean the apt-get cache. All for precaution.
$ sudo apt-get purge bcmwl-kernel-source && sudo apt-get autoremove && sudo apt-get clean
Now you must test which driver/module that suites you best. I started with the b43 driver/module.
$ sudo apt-get install firmware-b43-installer
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
b43-fwcutter
The following NEW packages will be installed:
b43-fwcutter firmware-b43-installer
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 22.8 kB of archives.
After this operation, 120 kB of additional disk space will be used.
Do you want to continue [Y/n]? Y
To load the new module/driver.
$ sudo modprobe b43
Now test you installation, if successful reboot and double check, that everything is working correctly..
Other possible driver are b43legacy package firmware-b43legacy-installer and LP-PHY package firmware-b43-lpphy-installer.
For more hardware commands, please read http://magnus-k-karlsson.blogspot.se/2013/01/how-to-install-atheros-ar8161-ethernet.html
Reference
December 7, 2013
The Medibuntu Project has come to an end
For many people the first thing they have done after installing Ubuntu, was to add the Medibuntu repository. But now it is dead. See announcement Here.
But what is the impact? Not much. Ubuntu already offers most of the things that existed in Medibuntu and this only natural progress of the growth of Ubuntu.
December 5, 2013
Managing Network in RHEL 6
Tools
The simplest way to manage network settings is to use the system-config-network tool or the non-graphical variant system-config-network-tui
To start, stop, status all our network devices
$ service network [start|stop|status|restart]
Other useful tools are:
ifconfig | Display our network settings. |
ping | Used for check network connectivity |
route -n | Display routing and Gateway |
traceroute | Display network routing to a host. |
netstat -nr | Display open ports. |
Configuration
Main network configuration file is /etc/sysconfig/network-scripts/ifcfg-<name>.
Hostname
$ hostname
tester1.example.com
Routing
Local routing for e.g. localhost, but also for static routing.
$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Main routing configuration file. Any changes will be overwritten, unless disabled in above sysconfig network-scripts with PEERDNS=no.
$ cat /etc/resolv.conf
$ Generated by NetworkManager
search example.com
nameserver 192.168.1.1
Reference
- network-scripts: /usr/share/doc/initscripts-<version>/sysconfig.txt