Sandra Henry-Stocker

About the Author Sandra Henry-Stocker


What the jot command can do for you

The jot command has been around for ages, but remains one of those interesting commands that a lot of Linux users never get around to using. It can be very handy in scripts as well as on the command line by generating number or character sequences, even pseudo-randomly.

In its simplest form, the jot command generates a simple sequence of numbers from 1 to your selected maximum.

$ jot 5
1
2
3
4
5

You can stick the jot command output into simply by redirecting it.

$ jot 5 > five
$ cat five
1
2
3
4
5

If you want to start with some number other than 1, you just use a slightly different syntax. The command “jot 5 11”, for example, would create a list of five numbers starting with 11.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Dealing with NIST’s about-face on password complexity

In the last few years, we’ve been seeing some significant changes in the suggestions that security experts are making for password security. While previous guidance increasingly pushed complexity in terms of password length, the mix of characters used, controls over password reuse, and forced periodic changes, specialists have been questioning whether making passwords complex wasn’t actually working against security concerns rather than promoting them.

Security specialists have also argued that forcing complexity down users’ throats has led to them writing passwords down or forgetting them and having to get them reset. They argued that replacing a password character with a digit or an uppercase character might make a password look complicated, but does not actually make it any less vulnerable to compromise. In fact, when users are forced to include a variety of characters in their passwords, they generally do so in very predictable ways. Instead of “password”, they might use “Passw0rd” or even “P4ssw0rd!”, but the variations don’t make the passwords significantly less guessable. People are just not very good at generating anything that’s truly random.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Eight steps to the GDPR countdown

One year from today, the recently passed regulation known as “GDPR” (General Data Protection Regulation) goes into effect. While EU-specific, it can still dramatically affect how businesses that work with personal data of citizens and residents of the EU. GDPR was approved a year ago and will be going into effect in another year. It applies directly to organizations within the EU, but also applies to organizations outside the EU if they 1) offer goods and services to the EU, 2) monitor the behavior EU subjects, or 3) process or retain personal data of EU citizens and residents. And the regulation can place very serious fines and sanctions for non-compliance.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: 14 ways to keep your data safe on Data Privacy Day

Read more 0 Comments

IDG Contributor Network: Ransomware takes a nasty turn

Another open source database has been targeted for attack. Only this time, paying the ransom isn’t even an option. Instead, the perpetrators just destroy the database, sometimes leaving a nasty message before moving on. This makes these attacks a very odd subcategory of “ransomware”.

 

Only weeks after the attacks began on BongoDB, the new attacks were reported by Fidelis Cybersecurity just last week. Fidelis is estimating that 8,000-10,000 installations worldwide might be affected.

What is Hadoop?

Hadoop is a framework managed by the Apache Software Foundation that allows for the distributed processing of large data sets across clusters of computers using simple programming models. It cab scale up to thousands of systems – providing an extreme level of availability. But, like MongoDB, its default security configuration leaves much responsibility to those implementing it.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Merry Linux to you!

Get ready to start caroling around the office with these Linux-centric lyrics to popular Christmas carols.

Running Merrily on Open Source

To the tune of: Chestnuts Roasting on an Open Fire

 

Running merrily on open source
With users happy as can be
We’re using Linux and getting lots done
And happy everything is free

Everybody knows that Linux installs easily
And helps ensure our apps run right
Systems running smooth, no problems in sight
We’ll easily fall sleep tonight

We know the Linux community is there
With lots of wisdom, tools, and goodies
They will share
And even sysadmins
Will want to try
To see how fast Linux distros can fly

And so, I’m offering this
Simple phrase to geeks from
One to 92
Altho’ it’s been said many times
Many ways
Merry Linux to you!

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Aiming for resilience

It’s not just your disks, file systems, backups, and redundant servers that you need to worry about these days. The infrastructure that powers, cools, and makes them accessible is at risk. While this isn’t something you’re likely to find yourself thinking about or even reading about very often, the risk is very real and worth considering. The danger that I’m referring to is called “EMP” and it just happens to be one of the greatest threats to data centers today — and that’s just a start.

EMP stands for “electromagnetic pulse”. What it entails is a short burst of electromagnetic energy that can be damaging to — if not destructive of — electronic equipment. In fact, the quick and intense nature of an electromagnetic pulse is what makes it particularly powerful and dangerous. Not all forms of EMP will take down electronic equipment. Some are mild and relatively inconsequential — like lightning and electrostatic discharge — while others can have devastating consequences. Some are natural. Some are man-made. And some pose threats to the electrical grid that could leave large portions of the country experiencing lengthy electrical shutdowns if an EMP strike of sufficient magnitude were launched.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Unix tip: Making umask work for you

Halloween has come and gone. In fact, so has Thanksgiving. But some masks are always appropriate – not because we’re trying to inspire people to give us candy, but because it’s just too easy to end up with file permissions that don’t reflect the security constraints that work best for us. To help with that, we Unix and Linux users have umask.

The umask setting provides default permissions for any files or directories that you create. If you want that default behavior to ensure that only you can see the files you create, you use one setting. If you want all of your files to be shared by default with people in your core group, you use a different one. The process is easy and fairly straightforward except for one thing. You have to think in a way that may be a bit unusual. The umask setting is, after all, a mask and that implies that it works in a way that is opposite of the way settings normally work.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Wicked Cool Shell Scripts

Wicked Cool Shell Scripts: 101 Scripts for Linux, OS X, and Unix Systems by Dave Taylor and Brandon Perry, 2nd edition, no starch press (2017) is a book that can lift you up a notch in the super Unix techno-dweeb rankings. It’s that good.

Not everything you encounter in your life as a Unix geek is going to rate being called “wicked cool”. Near as I can tell, this includes some of Tom’s of Maine toothpaste along with some kids’ toys, certain WordPress plugins, and the scripts in this book. The scripts are wicked cool because they can make you considerably better and more productive at using and managing your Linux systems.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Have a spooky Linux Halloween!

How can a Linux geek have a fun Halloween? It’s not as hard as you might imagine. Before you put away your costume and all those decorations that you put up to scare your neighbors’ kids, make a stab at turning your office into a scary place for a day. Here are some tips that might help you enjoy your spooky day and bring a little cheer into your office.

 

Carve a pumpkin using a template. You can make a pretty good looking pumpkin for the office if you download a template and use it to carve a special Linux pumpkin. You’ll find a free template for Tux the Linux Pumpkin by pumpkinlady and a pile of other Halloween templates at this URL. Or check out the collection on Pinterest.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Can you really stop ransomware?

Ransomware is one of the most worrisome types of malware. It doesn’t steal your data; it threatens to cripple your business — to tie up the resources that you need to service your customers, produce your products, send invoices, and pay your bills. And even paying the ransom does not guarantee that you’ll regain control of your systems. In fact, it encourages the perpetrators to continue using their tools to attack other organizations and maybe even come back your way.

 

The cautions routinely offered to keep you from being victimized include backing up your data to multiple locations, being more cautious online, using tools to detect intrusions and the presence of malware, limiting access privileges, etc. But what if you could disable malware before it ever had a chance to touch your files? What if ransomware couldn’t “see” your files at all, never mind leave them encrypted and inaccessible? I recently had a chance to discuss this possibility with some reps from a company that claims it can do just that, so I thought that I should bring this option into focus for those of us who worry a lot about the ransomware threat.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Cybersecurity Awareness Month tips for online security

It’s still Cybersecurity Awareness Month, so in today’s post I’m passing on a number of security recommendations for online activity, some that the FBI has been promoting for Internet safety. Never forget that any kind of business or work you do online — including email, shopping, social media sites, and surfing – warrants some level of scrutiny. So spend some time during Cybersecurity Awareness Month thinking about what you need to do to make yourself less vulnerable to attack as you use the Internet.

Another diatribe about passwords

Changing passwords and making sure that you don’t use the same password for multiple sites is still very important — in spite of recent warnings that frequent password changes might result in simpler, more guessable passwords. If one of your accounts is compromised, you probably don’t want all of them to suffer the same fate. And the passwords you choose should be complex enough to not be easily guessed. Once you have dozens of passwords, you might elect to use a secure password repository to keep track of them. I’ve been hearing warnings for years about not writing passwords down, but how much of a problem this is depends on where and how you write them down. At one point in my career I kept track of a few lock combinations by disguising them as phone numbers in my address book along with carefully concocted names that reminded me which combination belonged to which lock. Only I could tell the difference between those entries and all the legitimate contact information that filled the book. Because the names made up and weren’t related to people I really knew, they serving as clues. These days a very secure password storage tool serves the same purpose – and can be kept on a USB drive so it’s not even online unless needed and is securely stashed otherwise.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Book review — The Book of R: A First Course in Programming and Statistics

by Tilman M. Davies, no starch press, 2016

You might not have ever heard of the programming language R but, if you’re doing data analysis, it might be just the language you need. And this particular book on R is one that is likely to teach you everything you might need to know. Yes, I mean everything.

 

A full two inches thick and nearly 800 pages long, The Book of R promises to teach you everything you need to be productive in using this language – that includes the basic syntax of the language, programming techniques, statistics and probability, testing and modeling, and graphics along with how to install the language and related packages on your system.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Celebrating cyberscariness month

Celebrating cyberscariness month
cyber scariness 2

October is not only Cybersecurity Awareness Month; it ends with Halloween. So I worked with some folks at Globalscape to come up with a set of Cybersecurity Awareness Month tips.

We decided to go with a Halloween theme — something like “October is a month of zombies and ghosts and all manner of scary monsters, so it’s the right time to focus on what we need to do to stay safe.” (Just rolls off the tongue, right?) So to help you celebrate (and enjoy more treats than tricks), we’re offering some of our best tips — dressed up in Halloween style — to help you keep your networks and your data safe and secure.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Unix tips: Saving time by repeating history

Getting work done faster on the command line is one of the never changing goals of Unix sysadmins. And one way to do this is to find easy ways to reuse commands that you have entered previously – particularly if those commands are complex or tricky to remember. Some of the ways we do this include putting the commands in scripts and turning them into aliases. Another way is to reissue commands that you have entered recently by pulling them from your command history and reusing them with or without changes.

 

The easiest and most intuitive way to reissue commands is by using the up and down arrows on your keyboard to scroll through previously entered commands. How far back you can scroll will depend on the size of your history buffer. Most people set their history buffers to hold something between 100 and 1,000 commands but some go way beyond that. Hitting the up arrow 732 times might try your patience, but there are are fortunately easy ways to get what you need without wearing out your finger tip! To make this post a little easier to follow, I’m using a modest HISTSIZE setting. You can view your current history queue size using the command shown below

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Saving time by repeating history

Getting work done faster on the command line is one of the never changing goals of Unix sysadmins. And one way to do this is to find easy ways to reuse commands that you have entered previously – particularly if those commands are complex or tricky to remember. Some of the ways we do this include putting the commands in scripts and turning them into aliases. Another way is to reissue commands that you have entered recently by pulling them from your command history and reusing them with or without changes.

 

The easiest and most intuitive way to reissue commands is by using the up and down arrows on your keyboard to scroll through previously entered commands. How far back you can scroll will depend on the size of your history buffer. Most people set their history buffers to hold something between 100 and 1,000 commands but some go way beyond that. Hitting the up arrow 732 times might try your patience, but there are are fortunately easy ways to get what you need without wearing out your finger tip! To make this post a little easier to follow, I’m using a modest HISTSIZE setting. You can view your current history queue size using the command shown below

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: How NOT to manage passwords

The only good thing about really dumb mistakes is that they generally cause you to focus on the things you need to improve by pinpointing the errors in the way you work or think. Anything that you can do that helps you to deliberately pay attention to the kind of errors that you make from time to time is a good thing – both on the command line and in your personal and professional life.

 

As for really dumb things, we have this little tidbit of recent news. Did the DNC really email passwords in plain text after discovering that they’d been hacked? Looks like the answer might just be “yes.”

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: Troubleshooting with lsof

If you’ve never used the lsof command or used it only for one specific purpose, you might be delighted to learn how many ways the lsof (list open files) command can help you manage your servers. lsof is the Unix/Linux command that allows you to list open files or identify the processes that particular files have open. Handy for evaluating system security as well as troubleshooting, lsof features a large range of options that allow it to be used in numerous ways – sometimes even surpassing the ps command for looking at processes and the netstat command for examining network interfaces.

To read this article in full or to leave a comment, please click here

Read more 0 Comments