Managing DNS locally with /etc/hosts

Before the advent of a distributed domain name system; networked computers used local files to map hostnames to IP addresses. On Unix systems this file was named /etc/hosts or “the hosts file”. In those days, networks were small and managing a file with a handful of hosts was easy. However as the networks grew so did the methods of mapping hostnames and IP addresses. In modern days with the internet totaling at somewhere around 246 million domain names (as of 2012) the hosts file has been replaced with a more scalable distributed DNS service....

 · 6 min · Benjamin Cane

Understanding a little more about /etc/profile and /etc/bashrc

Recently I was working on an issue where an application was not retaining the umask setting set in the root users profile or /etc/profile. After looking into the issue a bit it seemed that the application in question only applied the umask setting that was set in /etc/bashrc and would not even accept the values being the applications own start scripts. After doing a bit of researched I learned a little bit more about what exactly these files do, the differences between them and when they are executed....

 · 3 min · Benjamin Cane

Adding and Modifying Users and Groups in Linux

Adding and Modifying Users and Groups is a core systems administration task. The act of adding a user and group is fairly easy however there are some tricks that help make the long-term management of users easier. Tips for easier management Keep user attributes consistent amongst all systems A common mistake sysadmins make when building a new environment is they will allow uid's, gid's, home directories and other user attributes to be mis-matched from system to system....

 · 5 min · Benjamin Cane

Mitigating DoS Attacks with a null (or Blackhole) Route on Linux

In a world where the Anonymous group is petitioning the US Government to make DDoS attacks a legal means of protest; For internet facing systems the threat of Denial of Service attacks are very real. The cold harsh reality of DoS attacks are that there is no way to stop them. While there are services out there that are designed to take the brunt of the attack for you these costs a significant amount of money (update: CloudFlare seems pretty decent)....

 · 3 min · Benjamin Cane

Sudoedit: Securely allow users to edit files

Allowing unprivileged users to edit files that are normally beyond their rights is a task that is easy to perform however it requires a great deal of forethought to implement without opening security holes. You can give users the ability to edit privileged files by using User/Group Permissions, ACL's, or even sudo; but no matter which way you choose there are some things you must consider. For an example lets take a look at 2 files /etc/services and /etc/cron....

 · 4 min · Benjamin Cane