Blogs

Personal Password Management

Posted Fri, 2009-05-15 14:02 by geekwisdom

In this video Software Architect, Steve Moitozo, addresses the issue of personal password management. For links to resources mentioned and a previous blog on this topic refer to Password Management. See the post Personal Password Management Survey to see the questions and the response numbers.

Firefox 3 sec_error_crl_invalid errors

Posted Mon, 2009-05-11 01:13 by geekwisdom

For the last month or so I've been experiencing sec_error_crl_invalid errors on a couple of sites when using Firefox 3. Thanks to this post on NZGeek's blog I was able to resolve the issue. It turns out by deleting the CRLs (that where disabled anyway) I was able to solve my issue.

Jesse's Favorite Interview Question

Posted Fri, 2009-05-08 13:38 by geekwisdom

Jesse Robbins elegantly described the kind of person that would be a good candidate for the Internet Services Engineering aspects of my job in his O'Reilly Radar post.

My favorite interview question to ask candidates is: "What happens when you type www.(amazon|google|yahoo).com in your browser and press return?"

Twitter

Posted Tue, 2009-04-28 23:59 by geekwisdom

Follow me on Twitter @SteveMoitozo2

HOWTO: Apache Name-based SSL-enabled Virtual Hosting

Posted Thu, 2009-03-26 09:34 by geekwisdom

I want to do virtual hosting of SSL-enabled virtual hosts on the same Apache server as my other non-SSL-enabled virtual hosts. I don't want to assign more than one IP address to the server and all of my virtual hosts will be within the same domain (e.g., example.com).

BACKGROUND

When Apache processes a request for a name-based virtual host it receives the request from the browser, which includes the Host header (e.g., Host: www.example.com). Apache uses the Host header to determine which name-based virtual host to route the request to. It works this way regardless of the connection type, HTTP or HTTPS.

Personal Password Management Survey

Posted Thu, 2009-03-19 14:49 by geekwisdom

My next computer security video will cover personal password management. In anticipation of that I decided to do an anonymous survey to see how folks manage their passwords. I don't claim that it's statistically accurate or that it reveals anything conclusive. It's a sampling of people from Facebook, Twitter, and work.

49 people from all over the place took the survey.

-----
When asked to rate themselves on their management of passwords:
6% said less than OK
49% said OK
45% said better than OK

-----
When asked about their approach to using passwords:
57% said they use a different password for each class of service (one for commerce, one for banking, one for social services, etc.).
24% said they use a unique password for each service.
19% said they use the same password for everything.

Automated backups of MySQL databases

Posted Fri, 2009-03-06 15:35 by geekwisdom
Unless you have intelligent backup software that can do something smart to backup your databases, restoring a backup of a running MySQL server is like restarting your database after a hard system crash, it's a crap shoot. Since I don't have any fancy backup software that can help I decided to use mysqldump to create a snapshot of my database server and write it out to a compressed SQL file. Then my (dumb) backup software can continue to be used and I will be able to recover easily if my server dies.

Here's the quick and dirty script:

#!/bin/sh
#
# This script automates a call to mysqldump
# and sends the output to a file in a backup
# directory. The script is set up to keep
# seven days of history.
#
# Before you can run this script you must
# set up a MySQL user that can perform the
# backup. This user must have permission to
# SELECT and LOCK TABLES. The user should not
# be permitted to access MySQL in any way other
# than through the local socket. Here's how the
# user should be created:
#
# GRANT SELECT,LOCK TABLES ON *.* TO 'SomeUser'@'localhost' IDENTIFIED BY 'SomePassword'
# FLUSH PRIVILEGES;
#
# This script should be owned by root and only
# root should be able to read, write, and
# execute it. (i.e., chmod 700)
#