Author Archives: Randy

Strong Password Encryption in PHP

Don’t try to reinvent a complex and highly refined wheel, especially when customer data is involved. Please use phpass on any PHP project. (that’s PH-Pass) http://www.openwall.com/phpass/ Good reading for password hashing in general. http://www.openwall.com/articles/PHP-Users-Passwords

AS Number Stats on Linux

I’ve got a couple of Linux machines that are sitting outside of the Sflow ‘zone’ and AS traffic stats go unmeasured. I wanted to get a rough idea on the number of connections per AS number so here’s a little app that parses netstat and sorts AS numbers by number of connection. NOTE1: This won’t […]

Find symlinks on Cpanel

Find all possible root symlinks (leftover from attempted exploits) and save them as a list ‘symlinks.txt’. ls /var/cpanel/users | grep -v “\`\|\.\|cpanel\|root\|mysql\|nobody” | \ while read CPUSER; do find /home/$CPUSER -type l -not \( -lname “/home/$CPUSER/*” \ -o -lname “*rvsitebuilder*” -o -lname “[^/]*” -o -lname “/usr/local/apache/domlogs/*” \ -o -lname “/usr/local/urchin/*” \) ; done \ > […]

Simple Monitoring with Email Alerts that works on LSI MegaRAID and Adaptec

This tool will poll the output of command(s) or URL(s), and send email alerts if the output changes, contains (or not contains) certain text, or becomes unavailable. It’s a light weight, reliable monitoring replacement for the pile of garbage most RAID vendors include with their cards. Complex excludes and finds can be specified as Perl […]