Suramya's Blog

Visit suramya.com Who am I?

October 3, 2007

Automatic session logging/monitoring with GNU screen

Filed under: Computer Security,Computer Tips,Security Tutorials — Suramya @ 11:10 PM

Found this good article on how to setup screen on Linux/Unix so that it automatically logs all activity made in the session. Screen is a utility that I use very often on my Linux box. Basically its a program that you start and it attaches to a specific console and if you ever get disconnected you don’t loose your work/position, all you have to do is log back in and reconnect to that screen. You can also connect to a system via ssh/telnet and start a program then disconnect from ssh then move to another location and reconnect to server and join the same session from there. I use it all the time when compiling stuff or downloading large files.

The main issue I had with screen was that it would only keep 20-30 lines in the history so if you wanted to scroll up to read the previous logs you couldn’t. Now this article explains how to set up logging so that you can do that. For the impatient here’s how you do it:

I wanted to automattically launch a screen session when somone logged in so if I happened to be on the server I could monitor them in real time. I also wanted a log of the session in case I wanted to look over it later or if I was not able to monitor the session live.

I ended up adding the following to my .bashrc

# — if $STARTED_SCREEN is set, don’t try it again, to avoid looping
# if screen fails for some reason.
if [[ “$PS1″ && “${STARTED_SCREEN:-No}” = No && “${SSH_TTY:-No}” != No ]]; then
STARTED_SCREEN=1 ; export STARTED_SCREEN
if [ -d $HOME/log/screen-logs ]; then
sleep 1
screen -RR && exit 0
# normally, execution of this rc script ends here…
echo “Screen failed! continuing with normal bash startup”
else
mkdir -p $HOME/log/screen-logs
fi
# [end of auto-screen snippet]

and add the following to your .screenrc

# support color X terminals
termcap xterm ‘XT:AF=E[3%dm:AB=E[4%dm:AX’
terminfo xterm ‘XT:AF=E[3%p1%dm:AB=E[4%p1%dm:AX’
termcapinfo xterm ‘XT:AF=E[3%p1%dm:AB=E[4%p1%dm:AX:hs:ts=E]2;:fs=07:ds=E]2;screen07′
termcap xtermc ‘XT:AF=E[3%dm:AB=E[4%dm:AX’
terminfo xtermc ‘XT:AF=E[3%p1%dm:AB=E[4%p1%dm:AX’
termcapinfo xtermc ‘XT:AF=E[3%p1%dm:AB=E[4%p1%dm:AX:hs:ts=E]2;:fs=07:ds=E]2;screen07′

# detach on hangup
autodetach on
# no startup msg
startup_message off
# always use a login shell
shell -$SHELL

# auto-log
logfile $HOME/log/screen-logs/%Y%m%d-%n.log
deflog on

Keep in mind that this is not a very secure setup. Anyone with any technical knowledge can edit the logs as they are located in the user’s home directory and are editable by them. So don’t rely on it extensively to keep a system secure.

Complete article is available here: Automatic session logging and monitoring with GNU screen for the paranoid.

Thanks,
Suramya

August 8, 2007

Secure Websites Using SSL And Certificates

Filed under: Knowledgebase,Linux/Unix Related,Security Tutorials — Suramya @ 5:11 PM

The following website has a good How-To on how you can Secure Websites Using SSL And Certificates on a system running Apache, Bind and OpenSSL.

– Suramya

December 7, 2005

20 ways to Secure your Apache Configuration

Filed under: Security Tutorials — Suramya @ 11:36 PM

Finally a decent guide on how to secure an Apache installation. I am not maintaining any apache server’s right now but if I was this would have been a great help.

Complete Article: 20 ways to Secure your Apache Configuration

- Suramya

November 9, 2005

Building extra secure Web applications

Filed under: Security Tutorials — Suramya @ 4:30 PM

Interesting article from IBM that offers a new security design framework that covers two common types of vulnerability: action tampering and parameter manipulation (also known as data tampering).

Check it out: Build extra secure Web applications

- Suramya

November 8, 2005

Reducing browser privileges for a user

Filed under: Security Tutorials — Suramya @ 10:31 PM

This article shows a simple approach of reducing privileges for Internet-facing applications on such as IE, Firefox, IM and email clients when the user must operate as a Windows administrator.

Reducing browser privileges

November 2, 2005

Windows XP services that can be disabled

Filed under: Computer Security,Security Tutorials — Suramya @ 9:53 PM

One of the most effective ways to secure a Windows workstation is to turn off unnecessary services. This reference sheet lists the Windows XP SP 2 services, describes each service’s function, specifies whether you can safely disable the service, and outlines the ramifications of disabling the service.

Good Information. Check it out.

Downloading Windows XP services that can be disabled – TechRepublic

Windows XP services that can be disabled

Filed under: Computer Security,Security Tutorials — Suramya @ 9:51 PM

One of the most effective ways to secure a Windows workstation is to turn off unnecessary services. This reference sheet lists the Windows XP SP 2 services, describes each service’s function, specifies whether you can safely disable the service, and outlines the ramifications of disabling the service.

Good Information. Check it out.

Downloading Windows XP services that can be disabled – TechRepublic

October 11, 2005

Protecting Files at Home Using Encrypted Containers

Filed under: Security Tools,Security Tutorials — Suramya @ 9:05 PM

This is an awesome article on how to create Encrypted Containers that makes it easy to create encrypted backup locations that can copied to other systems without hassle and are simple to use.

Protecting Files at Home Using Encrypted Containers

September 27, 2005

A Lesson in Encryption

Filed under: Computer Security,Security Tutorials — Suramya @ 2:15 PM

A good trilogy of articles by Peter van der Linden on encryption.

Part 1, describes how public key encryption works and where to get the GnuPG encryption software. Part 2 walks through some examples of file encryption/decryption, and Part 3 explains how to send and read encrypted e-mail

Lesson in Encryption, Part 1
Lesson in Encryption, Part 2
Lesson in Encryption, Part 3

- Suramya

September 22, 2005

Linux LDAP authentication tutorial

Filed under: Security Tutorials,Tutorials — Suramya @ 2:46 PM

Tutorial on how to setup LDAP on Linux. Looks interesting, might try it out on my spare machine when I go home next week.

Article Link: Linux LDAP authentication

- Suramya

Older Posts »

Powered by WordPress