Clerical Rigor

Category: security

  • OpenVPN configs with inline data

    I’ve been issuing a lot of x.509 certs and OpenVPN user configurations lately, and I came across something that has reduced the complexity quite a bit. It seems that OpenVPN configuration files can now include data inline. So rather than generating and distributing the following for each user: a configuration file a chain of CA…

  • I’m back on the internet 6 it seems.

    cjac@foxtrot:/usr/src/deb/strongswan-5.1.0$ ping6 -c 5 google.com | tail -3 — google.com ping statistics — 5 packets transmitted, 5 received, 0% packet loss, time 4004ms rtt min/avg/max/mdev = 65.235/74.957/103.039/14.122 ms go go gadget ipsec

  • Maxine is now running on mariadb

    So back when I was working for MySQL AB as support manager for MaxDB, I created an IRC bot to help manage the #maxdb channel on Freenode. We didn’t get a lot of traffic, and Daniel De Graaf mentioned that he could use a bot to help manage some iptables factoids over on #netfilter. So…

  • I miss you. Please come back?

    … Creating var directory ‘/usr/src/git/debian/pkg-mariadb/builddir/mysql-test/var’… Checking supported features… MariaDB Version 5.5.32-MariaDB-1 Installing system database… – SSL connections supported Collecting tests… Using server port 42388 ============================================================================== TEST RESULT TIME (ms) or COMMENT ————————————————————————– worker[1] Using MTR_BUILD_THREAD 300, with reserved ports 16000..16019 oqgraph.basic [ skipped ] No OQGraph oqgraph.binlog [ skipped ] No OQGraph sphinx.sphinx [ skipped…

  • NIST::NVD CWE development – follow along

    I’m in the process of getting the tests passing for the 0.03 release of NIST::NVD::Store::SQLite3 wherein our hero imports the CWE data and cross-indexes it with CVEs and CPEs. Follow along and suggest some patches. I’m developing on Debian Wheezy, but I would very much like input from devs on other platforms. http://git.colliertech.org/?p=NIST-NVD-Store-SQLite3.git;a=summary cjac@foxtrot:/tmp$ time…

  • NIST::NVD::Store::SQLite3

    I published an SQLite3 storage back-end to NIST::NVD on the CPAN. It’s pretty quick. About as fast as the DB_File one, but without the down side of being tied to DB_File. It shouldn’t be too difficult to re-factor this code to any DBI-based database. MariaDB anyone? I know it works on Debian. The nightly CPAN…

  • SELinux on Wheezy

    So, Collier Technologies LLC needs to pass annual audits to operate a certification authority recognized by the SoS. To this end, I’m working with the fine group of developers who maintain SELinux. It seems that the configuration of Xorg that I’m using while typing this here blog post does not have a policy set up…

  • SOPA response from Representative Rick Larsen, WA 2nd District

    Below is an email I received from Representative Rick Larsen‘s office. I don’t recall ever having identifying myself as PVT Adams-Collier in any communications with his office, though I could have done so at some point. Maybe. I also don’t recall contacting his office directly concerning SOPA. I blogged a few things and mentioned him…

  • Blacky-black-out

    There’s a script down there vvvvv and up there ^^^

  • UW Hypervisor looks stable

    UW Hypervisor looks stable

    The new hardware looks like it’s reliable. The one I swapped out 10 days ago crashed every 3 days or so for reasons I couldn’t discern. I changed that one for a spare I had laying around and have been hosting my blog on the machine to exercise it. So far, no crashes, and a…