What's been keeping me busy? Well I've been working for a managed hosting company (DataPipe) and that has been the biggest source of time suck for me. Outside of that I've been working on some Perl modules to make administrating load balanced servers as easy as possible. For now, read the source if you want to know more:
Here I show how to setup a secure SSH server that could be used for SFTP. It limits the users to what they can do and what commands they have access to. Could even be configured as a way to allow ssh tunneling for your friends/family who don't have the ability to do this themselves. The chroot jail stops the users from getting access to anywhere else on the system and keeps you from worrying about users messing around with key system components.
When setting up an Apache server on a Debian host, you should tweak a few things to prevent malicious users from breaking into your system. Here I discuss my takes on what steps to take to reach this goal.
So your company's network has been breached. What are you going to do to prevent such an attack in the future? Here I go over specifics of what I would do to protect a network from future attacks and how I think a network should be laid out to begin with.
People are lazy when it comes to regularly backing up their data. This is a project of mine that I use on a daily basis. It's a fairly simple to setup backup server that uses rsync over SSH to backup anything you give it. Best part about it is that it is cross platform compatible and can be scripted to backup multiple PCs at once. This is an very flexible way of creating a backup system and best of all is entirely open source and free.
This was the first real VBScript I used on the job. I wrote this while I held an intern position at an IT outsourcing company called Innovative Network Design (IND) Corporation in Parsippany, NJ. The reason I wrote it is simple, they kept assigning me to collect specific information from various client servers. So why keep doing it manually? I wrote this code and the employees actually still use it.
Caller ID is often thought of as the ultimate way to see who is calling you. People use it to screen calls all the time. When you're able to spoof that number to whatever you would like you can easily defeat human nature of screening out calls from people they don't want to talk to. Besides being able to get in touch with those ignoring your calls it can be an attackers best friend. He or she can simply spoof your bank's number and social engineer you into giving out valuable information. The way people rely on caller ID it is unlikely the victim will realize what has happened until it is far too late.
Using VBScript and netcat it is quite simple to create a basic backdoor into a users system with the priviledges of the user that ran the script. It's a very basic concept and all it does it download the netcat program (nc.exe) from a trusted website into the users c:\windows\system32 folder. What this does is allow you to run netcat from the command line without dealing with the full location of nc.exe. Once the file is in the system32 folder it can simple be run from any command prompt.