Tag Archives: security

Authy: step by step Multi-Factor Authentication configuration for Github and AWS
0 (0)

17 April 2019

I’m sure that using MFA (Multi-Factor Authentication) today is oblivious. For 2FA (2-Factor Authentication) the most used method is TOTP – Time-based One-time Password, when alongside with the common login:password also needs to enter a code generated by a device or software. The most known implementation is Google Authenticator but also there is a lot… Read More »

Loading

Jenkins: a job to check a Github organization’s public repositories list
0 (0)

16 April 2019

Proceeding with a Github repositories checker. To recall: the idea is to have such a check in case if somebody from developers accidentally will share our project’s private repository as public, or will create a public repository instead of making it as a private one – we will get a Slack alarm about such a… Read More »

Loading

MySQL/MariaDB: like Petya ransomware for MySQL and ‘root’@’%’ access
0 (0)

3 April 2019

This story happened on 10/06/2017, adding this post in English now. The original post (Rus) was written almost right after the well-known Not a Petya attack in Ukraine – that’s why it’s used in the title. I had a new project assigned to me. When I started its existing setup investigation – was just shocked.… Read More »

Loading

What is: chroot – system call and utility in Linux
0 (0)

23 March 2019

chroot() was added to the Version 7 Unix in 1979 and used for filesystem isolation. In fact, it’s the predecessor of the whole current containerization idea, just now there are namespaces and cgroups are used while earlier chroot was used to create an environment which is isolated from a host and can be used for… Read More »

Loading

Monit: email alerting on an SSH logins
0 (0)

18 March 2019

The task is to send an email alert when SSH-login was made from a not whitelisted IPs. Will use Monit here. Install it: [simterm] root@jenkins-dev:/home/admin# apt update && apt -y install monit [/simterm] Configure email settings: set localhost (we have a local eximhere), email’s format and email’s receiver. Edit the /etc/monit/monitrc file: … set mailserver localhost… Read More »

Loading

OpenVPN: OpenVPN Access Server set up and AWS VPC peering configuration
0 (0)

21 February 2019

OpenVPN Access Server is ready to use OpenVPN server which requires minimal configuration. The free version allows you to have two clients. If you need more – you can buy additional licenses. Infrastructure description Currently to access our resources such as Jenkins, Nexus etc we are using Allow Rules in AWS Security Groups where each user… Read More »

Loading