Archive | Security

Obfsproxy, Viscosity, OpenVPN

OpenVPN is great, and the OpenVPN command line client and the Viscosity GUI are also nice. However, all configurations need to be checked to ensure there is no information leakage. Secondly, the basic OpenVPN connection needs another layer of encryption and/or obfuscation, in order to interoperate with Internet firewalls and services that use deep packet […]

Continue Reading

ufw, firewalld, iptables on Amazon Linux

ufw is known as a Debian (and Ubuntu) firewall, which is disabled by default but easy to use. There are some GUI front-ends which make it popular for Linux on the desktop. Coming from a CentOS background (RHEL/Amazon Linux AMI), ufw is not as common (as, say firewalld, or simply iptables, to which both ufw […]

Continue Reading

OpenVPN on EC2 AMI T2.Nano

The T2.Nano instance is the smallest instance generally available for AWS EC2. As of 17-June-2017, the Nano includes the following resources: 512mb RAM 1 vcpu (30 credits + 3/hr, up to 72 credits) 1gb network out traffic Amazon Linux AMI For those who prefer RHEL/CentOS, these are not available for the T2.Nano instance, rather Amazon […]

Continue Reading

Gmail and Gsuite Backup

Recent malware and phishing attackes continue to increase in scale and target gmail and other infrastructure. Since many folks keep email mostly in the cloud, and even worse, client synchronization would delete any mail removed from a mailbox, making the client ineffective as offline backup, a system is needed to ensure there is an adequate […]

Continue Reading

Referer, Referral, Analytics Spam

Spam, spam, spam, spam, spam, eggs, and spam. You get spam with your analytics. These are not real visitors, just spam in the logs. Here is how to de-spam your analytics. Google Analytics Spam Filters Admin > Account > Filters Add custom filter, exclude by hostname Filter Pattern .*(hostname\.tld|hostname\.tld).* Note that a filter can have […]

Continue Reading

Link Disavow Tool Bing Google Yandex

Link disavowel is desired someone (a competitor, or simply a derranged troll) has created low-quality links to your site. In some cases, in competitive, global markets, this may actually be the result of perhaps hundreds of domains created for the purpose of wrecking large numbers of competitors by providing Google with evidence of negative behavior. […]

Continue Reading

WordPress Form and Comment Spam

As with security in general, escaping the scourge of WordPress form and content spam requires a layered approach. Here is what works. Databases and Behavioral Anti-Spam The first step is the one that nowadays works the least well. In the beginning we had Akismet, and things got better, but this is an arms race, and […]

Continue Reading

Telegram + Trello, Github, WP

Telegram is my favorite go-to chat. Unfortunately people are invested in their use of Facebook messenger, Line, Hangouts, etc., and you have to be where they are to chat with them. I have one guy who is only chatting on the apps I don't use: Facebook and WeChat. Sure, I might see a Facebook chat […]

Continue Reading

CentOS Apache MySQL PHP

For a while now, I've been learning the hard way how a lot of configurations published on the Internet are much less effective than their authors purport. First we need to back up to a set of core principles in order to then find the configuration that will work for production servers. Production Server Principles […]

Continue Reading

Widespread Hacking

This is as true today than it was more than five years ago when first posted. Due to the ongoing hacking of accounts and passwords on popular web services, it is a good time to consider the following suggested security practices. If you feel you do not have the time to deal with this, think […]

Continue Reading