R-fx Networks
Linux Software & Blog
Data Integrity: AIDE for Host Based Intrusion Detection
Mar 17th
It used to be all the talk, everyone knew it, accepted it but few did anything about it and still even today, very few do anything about it. What is it? Data Integrity. But it is not in the form of how we usually look at data integrity; it is not backups, raid management or similar — it is host based intrusion detection.
What is host based intrusion detection (hIDS)? In it simplest form it is basically the monitoring of a file system for added, deleted or modified content, for the purpose of intrusion detection and (post) compromise forensic analysis. At More >
LMD 1.3.9: Quietly Awesome
Mar 16th
It has been a busy couple of weeks for the LMD project, lots of late nights and sleepless days behind me and I can say I am a ‘little’ happier with where things are in the project now
This release has no major feature changes or additions other than a modification in the default hexdepth that is used to scan malware; increased from 15,736 to 61,440 (1024*60). This enables LMD to better detect threats that it was having a little difficulty with due to the byte size of some malware. At the moment there is no byte-offset feature that would More >
Happy Birthday APF: 8 Years Strong
Mar 9th
On this day eight years ago, Advanced Policy Firewall (APF) version 0.5 for Linux was publicly released. Since then, APF has stood the test of time and still remains to this day, one of the most widely used Linux firewall solutions, with especially high usage in the web hosting industry.
I was 18 years old when APF first met the world, I was a very different person back then and so to was the web hosting industry. There was but a handful of dedicated server providers, it was a time when Cobalt RAQ’s still dominated a large part of the More >
Raid Management: Know Whats Really Going On
Feb 14th
In today’s hosting environment it is common place for servers to have hardware based raid cards but what is not common place is having a reliable method for checking the status of the raid arrays. Few would question the value to data integrity by making use of raid technology but very few organizations and businesses implement the tools required to proactively maintain raid arrays, they simply hope for a DC tech to hear a raid alarm and assume the technician will handle the failure. The reality is very different, data centers are loud and increasingly server-dense so hearing a raid More >
Facebook & Twitter: Meh
Nov 30th
This is a short one, the title says it all. I have decided to start doing a bit more casual posting (tweeting?) on a twitter account I just setup and since I already toss a bunch of crap on my fcbk account about rfxn.com, figured I would throw everyone the details for both:
LMD 1.3.7: Milestones, Fixes & Signature Updates
Nov 27th
Today marks the release of LMD 1.3.7, which is a minor release update that fixes a few bugs and is also the final 1.x release before version 2.0 as described in the LMD: one year later blog post. The bug list for LMD has remained very small over the last 6 months and this release reflects that by fixing the current outstanding bugs.
Changes 1.3.6 => 1.3.7: [Fix] package ownership at some point got set to uid 501 instead of root [Fix] daily cronjob now checks ps output for inotifywait proc instead of pidof [Fix] monitor mode users would exit prematurely if a user More >
