Security

Still unresolved Shellshock major vulnerability affecting Bash on Linux, Unix and MAC OS X

No comments

Less than two days after it was detected a vulnerability (CVE-2014-6271) that affects the Bash shell on Linux, Unix and Mac OS X, a patch was released that solves this issue only partially, which forced to report a new vulnerability (CVE-2014-7169) still pending. This issue has quickly gained a simple name by which it will be remembered for a long time: Shellshock or Shell Shock.

DanielStill unresolved Shellshock major vulnerability affecting Bash on Linux, Unix and MAC OS X

Perfom Windows backups using rsync and DeltaCopy Server

No comments

Rsync and Windows?

Many corporate and heterogeneous networks use the rsync protocol to perform server backups or to keep files synchronized automatically from one or more directories on different machines. Linux natively incorporates the rsync utility and other associated tools, but what do you do when you need to backup Windows folders automatically from a NAS or a remote machine? One option could be to use Samba to read the contents of those folders from Linux, but it would be a fairly complex solution, because it would force us to configure Samba on the server side, set the various permissions and configuration options in Windows and place both machines on the same local network or configure complex rules on our firewall to allow SMB/CIFS traffic. And yet, the file transfer through the network would not be safe, because it would be made text clear with no encryption.

DanielPerfom Windows backups using rsync and DeltaCopy Server

How to create a Windows SSH server

No comments

Neither version of Windows, either Windows XP, Windows 7, or 8 or more modern versions such as Windows Server 2008 or Windows 2012, provides an SSH server to use a standard way to access from other machines with different operating system and be able to run console commands, copy files, forward ports or automate logins by using public/private keys. The Microsoft alternative to this is WinRM / Powershell, but many are the chances that we will need to find a standard and compatible way to access to other systems, and what better way to do this than using the widespread and well-known SSH protocol to get into our Windows machines securely.

DanielHow to create a Windows SSH server

1-click automatically open a Keepassx database

No comments

Those who use the tool KeePassX (KeePass clone for Linux and Mac OS X) to safely save passwords and login details at one single place will have seen many times on the need for rapid access to their repository of passwords with a single click. However, by default when accessing KeePassX none repository is open, or one is open that does not correspond to the one we want to check, so often it’s necessary to browse the file system to locate and select the corresponding file. If in addition to a master password we use a key file to improve security, we have to repeat the same process over and over again to locate and select the key file.

Daniel1-click automatically open a Keepassx database

Connecting sites securely using OAuth

No comments

Client: withheld for reasons of confidentiality (Germany)

OAuth logo

The German client company who hired this project has a website with a high component of social network and a mobile application for iPhone and Android that tracks walking, driving or biking paths and then is used to share them with other people on the former website or other external ones thanks to its export tools. This is similar to Endomondo app, but more oriented to track tourist routes and attractions that in sporting terms.

DanielConnecting sites securely using OAuth