Recently while working on some node or instance automation using RightScale I needed to have some extra iptables rules created automatically when a new node booted. Initially I was just trying to do this via iptables commands which I note below but it would never work. After digging through the logs I realized that the iptables commands created by RightScale for the ServerTemplate I was using flushed iptables at the very end of the boot process and thus wiped out the iptables entries created by the RightScript I had created. To accomplish permanent iptables entries for a RackSpace node via RightScale you need to output the iptables command to a file in the location where the boot process picks them up after flushing the current ruleset. Below I describe my first attempt followed by the correct way to have iptables entries picked up by RightScale.
As you know we think that oclHashcat is one of the best password crackers available and along with Hashcat and John The Ripper are pretty much the only password crackers we use at this point. Earlier someone asked me to crack some OpenLDAP hashes which come in SHA and SSHA format and the below example includes only the OpenLDAP SHA format hashes.
LiteSpeed web server uses the same Rewrite engine that Apache uses so most of the information you will find on the Internet relates to Apache and not LiteSpeed. One of the projects I am working on redirects all web traffic that hits each virtual host from HTTP to HTTPS without exception. Recently it came up that we needed to do some API testing with a company that wanted to test on a development server to HTTP and not HTTPS. So I needed to figure out how to exclude a specific directory from our HTTPS Redirect Rule on one specific virtual host which turns out is really easy. Below I describe how to send all traffic except one directory to HTTPS via the LiteSpeed web admin.
This may seem simple to some people but to others it is not so easy. If you installed Snort yourself you will already know where the rules file is however, these days many Linux distros come with snort pre installed with mysql configured so there is nothing to do but start Snorts IDS.