server
Intrusion Detection with AIDE
Sunday, March 1st, 2009 | Technology | No Comments
Advanced Intrusion Detection Environment, or AIDE for short, is a handy little utility which you can use to detect an unwanted intrusion into your server. The website is here: http://www.cs.tut.fi/~rammer/aide.html
With computer security, you not only need to protect against incoming attacks but you also need to detect when an intrusion has taken place. AIDE is good for detecting successful intrusions within a server.
It works by creating an initial database of checksums for the files you want to monitor. You can choose from a myriad of hashing algorithms including MD5 and SHA1. From then on, you can have AIDE check all your current system files against the compiled database. If a file has changed it will be detected and you can take appropriate action if any is required.
This is useful if your machine becomes infected with a trojan or virus – the kind that modifies the binaries to embed itself within the usual commands. For example, coreutils’ ls, mkdir, etc.
The installation and setup is trivial, give or take the time you need to understand the configuration file and list the directories and files to monitor. So give it a go.
Geographic backups with rsync.net
Friday, February 27th, 2009 | Technology | No Comments
My server where this site and others are hosted undergoes a routine backup every couple of days. Not much needs to be backed up but I’ve reached the point where each backup is approximately 100 MB in size. This server is hosted in the United States.
Here in South Africa, we have a monopolistic telecommunications provider named Telkom which overcharges and underdelivers basic services such as ADSL. I have to pay R 70 (Approximately USD $7 at the moment) for each gigabyte. Besides that, I have a monthly ADSL cap of 3 GB which is shared amongst 4 people in my household. Apart from stifling the development of internet-based services in South Africa (imagine YouTube having to pay $7 for every GB a user uploads or downloads to them), it also makes simple things like transferring my meagre 100 MB backups locally a little unpleasant. Telkom also hasn’t seen the need to introduce speeds over 4 Mbps. I’m sitting on 386 Kbps which suites me just fine because, if I went any faster, I might be tempted to use my bandwith cap within a day.
So I saw an advert for rsync.net which advertised rather cheap and convenient storage space. They basically offer disk space and provide ssh, ftp, rsync, webdav and *insert your protocol here* access to it. Can it be more convenient? I signed up with them on Wednesday and modified my backup system to scp all backups to their servers in Switzerland. The only issue with the sign up was the +- 12 hour wait for the system to become active. If they automated signup and I had had instant access to the space, it would have been terrific. Otherwise, everything worked first time as it should.
If you need some space for backups and you enjoy geographic safety, go with them. I’d recommend them.
Migrating to a new server..
Thursday, February 21st, 2008 | Technology | No Comments
Yup. I haven’t done much here for a while but I should. I’m going to initiate the server migration so there may be some lapse between DNS updates. But, I don’t think that will affect too many people. None in fact. I should make this an interesting blog.