Mittwoch, 25. Juni 2014

some security features

I have a tiny vserver running an "RedHat like OS". Mostly i use it for my owncloud stuff, saving some files and reading my RSS files. So it is a nice playground for features especially in case of security.

Today i installed two tools:

  1. suricata
    (http://suricata-ids.org/) is an IDS/IPS system which was originally founded by the homeland security. It is free and open source, the advantage regarding Snort is that it is able to use multiple CPUs.
  2. mod_security
    (http://www.modsecurity.org/) is an apache module which adds some security extensions like XSS prevention.
Suricata needs to be installed by hand, as the packages are not available on the repos. But it isnt that hard if you follow some instructions and the documentation.
When you have all the files you need there are some additional steps.
  1. create  /etc/suricata/ and /etc/suricata/rules
  2. any copy all the .config files to /etc/suricata, you will find them within the suricata source package
  3. change to suricata and fetch all the files from https://rules.emergingthreats.net/open/suricata/rules/
  4. Now we need to adjust some settings within the suricata.yaml file, for example which modules you will use. Important is to enable the logging to file and syslog, so we can run suricata in daemon mode. Just take a look on the other options. Basically you can adjust settings for everything suricata can handle.
  5. Finally start it: suricata -c /etc/suricata/suricata.yaml -i eth0 -D
  6. It will log all it output to /var/log/suricata
mod_security can be installed via repos.
yum install mod_security_crs.noarch mod_security_crs-extras.noarch

after restart of the httpd it will be running by default. You can find the output for debugging and auditing within the httpd log directory.

Mittwoch, 11. Juni 2014

Good News: RHEL 7 with default MariaDB

I really think these are good news, in the upcoming release of RedHat Enterprise MariaDB will be the default MySQL Database Server.

http://www.bytebot.net/blog/archives/2014/06/11/rhel7-now-with-mariadb 

MariaDB 5.5

MariaDB is the default implementation of MySQL in Red Hat Enterprise Linux 7. MariaDB is a community-developed fork of the MySQL database project, and provides a replacement for MySQL. MariaDB preserves API and ABI compatibility with MySQL and adds several new features; for example, a non-blocking client API library, the Aria and XtraDB storage engines with enhanced performance, better server status variables, and enhanced replication.

Detailed information about MariaDB can be found at https://mariadb.com/kb/en/what-is-mariadb-55/.

Freitag, 6. Juni 2014

ALTER TABLE ADD INDEX: What can go wrong?

Answer: EVERYTHING!!
(@Groves really everything)

So, i just found out that doing an alter table to add an index without an maintenance is the worst decision you can make.

What happens,

  1. You fire the alter command
  2. InnoDB will alter its own engine, before altering the table itself
  3. all queries against the database will complain about an index issue
  4. All queries (alter and select) will  go to state : "Waiting for table metadata lock"
lesson learned!