Tweet Greetings, Occasionally with a very busy site, being behind a hefty web stack does not always have enough capacity to mitigate a significant surge in artificial (DoS) requests. Detecting and mitigating denial of service attacks is an important and time sensitive exercise that will determine the next mitigating steps that you may need to [...] Read More
SVN Offsite Backup Script : Secure offsite backup solution for SVN to Amazon S3
Tweet Hi there! Backing up your code repository is important. Backing up your code repository to an off-site location in a secure manner is imperative. Throughout our travels and experience utilizing the SVN code repository system, we have developed a quick bash script to export the entire SVN repository, encrypt it, compress it into an [...] Read More
SVN Pre Commit Hook : Sanitize your Code!
Tweet Hello, Dealing with several different development environments can be tricky. With SVN specifically, it is ideal to have some “pre-flight” checks in order to make sure some basic standards have been followed. Some of the things you would want to check might be : - Does the code generate a fatal PHP error? - [...] Read More
Add your Dynamic IPs to Apache HTACCESS files
Tweet Hello! We threw together a quick & simple script to dynamically update your .htaccess files within apache to add your dynamic IP address to the allow / deny fields. If you’re looking to password protect an admin area (for example) but your office only has a dynamic IP address, then this script might be [...] Read More
Automated Amazon EBS snapshot backup script with 7 day retention
Tweet Hello there! We have recently been implementing several different backup strategies for properties that reside on the Amazon cloud platform. These strategies include scripts that incorporate s3sync and s3fs for offsite or redundant “limitless” backup storage capabilities. One of the more recent strategies we have implemented for several clients is an automated Amazon EBS [...] Read More
Patch Scanning / Information Gathering Script for RedHat / CentOS
Tweet With all the patch management solutions, local repositories and other options, it is rarely necessary to manually scan all servers on your network to build a “report” of the patch levels in your environment. Sometimes it is, however. For instance, if you are brought into an environment that has not been properly managed and [...] Read More
Scheduled antivirus scans to prevent viral injections on user generated content
Tweet When dealing with high traffic sites, especially media based or community based sites, there is always the risk of javascript, virus, XSS or other malicious injection of badness when giving a community of users the ability to upload files to your site. There are several things to consider when evaluating all “points of entry” [...] Read More
Amazon S3 Backup script with encryption
Tweet With the advent of cloud computing, there have been several advances as far as commercial cloud offerings, most notably Amazon’s EC2 computing platform as well as their S3 Storage platform. Backing up to Amazon S3 has become a popular alternative to achieving true offsite backup capabilities for many organizations. The fast data transfer speeds [...] Read More
Compress files and folders over the network without using rsync
The following command ssh's to your remote server, tar + gzips a directory, and then outputs the compressed stream to your local machine. Read More
Script to distribute SSH Keys across many servers
The idea behind this script is to have a centralized, highly secure and restricted key repository server. Each server in your environment would run this script to "pull" the updated key list from the central server. The script would run as a cron job and can run as often as you like. Ideally every 5-10 minutes would allow for quick key updates / distribution. Read More
Manage Nagios with Scripts
Tweet Working at many different organisations over the past 10 years, I have been involved in the implementation and maintenance of many different monitoring implementations. These include commercial and open source implementations, such as : - Nagios - IP Monitor - Uptime - OpenNMS - Zabbix Although Nagios may not be the most scalable or [...] Read More
Shell Script to Report On Hacking Attempts
It is always a good idea , when implementing open source firewall implementations (iptables, pf, etc), to build in as much reporting and verbosity as possible. Somewhere along the line, we wrote a script to provide daily reports on intrusion attempts to penetrate our network -- this usually happens when someone exceeds certain connection thresholds. Read More
SSH Key based authentication
How to setup a slave DNS Nameserver with Bind
This need for a DNS master/slave implementation where new zone files are transferred between the master nameserver and the slave became apparent as operations grew and geographic DNS redundancy became apparent. Read More
Quick tips using FIND , SSH, TAR , PS and GREP Commands
Administering hundreds of systems can be tedious. Sometimes scripting repetitive tasks, or replicating tasks across many servers is necessary. Read More
MySQL Replication : Setting up a Simple Master / Slave
This simple how-to is intended to setup a simple master / slave mysql replication. Read More
Log compression Bash script
In my experience as a Systems Administrator, it has come up quite often to create a script to rotate and compress rather large log files. Read More
Software RAID in Linux
Tweet Several occasions have arisen where a client requested software raid-1 between two IDE drives in their server. Obviously the servers in question had no hardware raid capabilities, and compromising disk I/O read/write times for increased redundancy was more important. Below is a simple tutorial for setting up software raid in Linux, using MDADM. The [...] Read More