I suppose I’ve waffled back and forth on this. Which certification should I pursue? When I first began I set out to get the RHCSA 6 certification. Unfortunately, I didn’t realize that I was so late in the game that the exam was being retired in favor of the new RHEL 7 upgrade. Read More
I often spend countless hours pouring through server logs. If I think there’s a possible application issue I’ll be sifting through system and application logs. If there’s a connectivity issue I may be digging through Apache logs. Either way, without the proper tools it can be a tedious job. Oh heck, who am I kidding? It’s tedious regardless.
I find it a bit bemusing that I’d find myself fixing one of my several Raspberry Pi’s today, on National Pi Day. I can say that I was hoping that instead of making repairs to the filesystem I’d be playing with my new Pi3. Alas, ordering from the UK apparently involves carrier pigions and over 10 days later I’m still waiting.
I’ve been wanting to include SSL with my websites for some time but didn’t want to necessarily go with the generic cert provided by my hosting provider. Many months ago my curiosity was piqued when I was listening to Steve Gibson on his Security Now podcast talking about a new, free Certificate Authority called Let’s Encrypt.
What a weekend. I fired up my Debian laptop last night and things seemed wonky. When I tried executing basic commands they weren’t found. I couldn’t vi, sudo, nothing. When I rebooted the drive was DOA. The system kept saying “Checking media” and then it’d fail. I tried disconnecting and reconnecting but it was screwed in place so it couldn’t have come loose. Nothing seemed to work. I guess the drive went to the big ether in the sky.
This is the third edition of the book and I’ve been well pleased with it. The first part of the book is dedicated to the command line and gaining familiarization with the various commands, file system, navigation, etc. The real meat of the book begins with part 2 where you actually start scripting.
As a software developer by trade, Linux scripting is something that I find myself naturally drawn to. All of the systems I utilize at work aside from my desktop run Red Hat Enterprise Linux so I spend a great deal of time in terminal sessions. Many of the things I do are extremely repetitive and while I can’t (due to security limitations) put custom scripts in every environment I’m slowly working on a library that can help be do those mundane tasks quickly and with reproducible results.
Part 3 covers advanced scripting and the use of tools like sed and awk. Both of these along with regular expressions play a big role in my daily work. I really can’t imagine how difficult it would be for me to evaluate logs and generate reports for executive management without tools like these to make the job significantly easier and faster. I can easily scan massive business logs for key errors and use awk to generate an extract of the critical information I need to review. sed is a great tool when I need to make wholesale changes to configuration files as an example.
Part 4 gets you creating more real-world scripts. You’ll learn how to do things like archive logs. This is a big part of how our system is setup. We only keep a few days’ worth of logs “active” due to their size (we have an extremely high-volume application). Everything else gets compressed and archived to another location. You’ll also learn how to generate reports that can interact with the web, databases, etc.
There are a ton of books on scripting under Linux out there but this is one of my favorites.
# ./cli-book.sh I <3 the book 'Linux Command Line and Shell Scripting Bible'
This is a nice (and one of the few) printed resources available on the subject of OpenSSL. It’s a bit dated with a publishing date from 2009 but the general concepts are still the same. You’d certainly do well to read up on the latest versions of the toolkit since there have been a number of security remediations since this book was put out.
I won’t belabor the internals since you can read the table of contents online. I found it to be a good resource for such things as the OpenSSL command line interface, PKI info, and public key algorithms. Again, the latter is dated since it covers topics like Diffie-Hellman which is a weak cipher that most companies are dropping support for in their web tier’s cipher suite.
While you can find the latest info online, I sometimes like to have a physical reference that I can carry around with me. I guess I’m a little old school in this regard but as much as I love my tablet sometimes nothing beats having a real book in your hands.
This post is actually a little late in coming. So many projects, so little time. Several weeks ago I decided I wanted to engage my son in learning electronics. We’re on the cusp of entering middle school and one of his prospective schools apparently has a great electronics focus. I owe my dad for my current livelihood and hope to pay it forward.