It looks like our electronic devices can be searched by customs when entering the US. This somewhat violates the 4th amendment, however there is a border exception to the 4th amendment and unless I am wrong you are not officially in the US until you pass customs/border so the amendment would not apply.

A lot of company policies state that you should not be holding confidential information on laptops in the first place, but email, and browser cache can contain that information. To help prevent the information from intranets from being cached you can install JohnnyCache. JohnnyCache lets you enter in a url pattern and will prevent disk and memory based cache from being accessible when viewing a site matching that pattern. I highly recommend you install this extension regardless of your traveling habits.

I am going to be writing additional posts about handling these searches. These posts are going to be directed at protecting corporate information and personal information.

If you have ever done any contract work or had to actually work with customer requests you will probably get a good laugh out of Clientcopia. I recommend the top 20 list.

It’s one thing when a client is just not knowledgeable about what you are doing for them, I mean that is why they are paying you, but when people get pissy they need to be let go quickly.

Example:

Me: “What’s your email, sir?” Tom Smith: “Tom Smith… t-o-m-s-m-i-t-” Me: “Tom Smith, got it..” TS: “And it’s all together, ok? No spaces. And don’t use any capitals, do you hear me? All in lower case!” Me: “Yes, tomsmith in all lower case. Got it. And your email provider, sir?” TS: “Huh?” Me: “The part after the @ sign.” TS: “What sign?” Me: “Sorry, I mean what does it say after your name?” TS: “Well, it’s this… a inside a bubble…” Me: “Yes, that’s right, the @ sign, and after that?” TS: “It says hotmail… not m-a-l-e, not like a hot man.. h-o-t-m-a-i-l.” Me: “Got it, mail as in e-mail.” TS: “Not e-mail, hotmail! You’re not using capitals on that, are you?”

For a long time I have been planning to build a massive NAS to store all my projects and photographs and my Linux distro collection. When I bought a lot of network equipment a while back a 5U case was included that I decided to use instead of ordering something. The case has 12 standard 5.25 bays and 1 slim 5.25 bay. It fix extended ATX motherboard and is quite long, so it gives me plenty of space. To make efficient use of the space I am putting in hotswap drive bays that will fit 5 hard drives in 3 bays, giving me a total capacity of 15 drives. I have also found a RAID card that supports RAID6, online expansion and all the goodies, and runs about $435. This is more than I wanted to spend, but RAID6 and an oncard processor is worth it. The machine will run FreeNAS and will allow me to have only 1 hard drive in all of my other machines. As of right now I have ordered and installed the following:

• AMD Athlon 64 X2 4000+, Socket AM2
• G.SKILL 2GB (2 x 1GB) 240-Pin DDR2 800
• ASUS M2N-SLI Deluxe AM2 NVIDIA nForce 570 Motherboard
• MSI GeForce 7300LE 128MB 64-bit GDDR2 PCIe Video Card

I just ordered a IDE->CF card adapter and one of the drive bays to make sure it is what I want. If I like the drive bay, the remaining parts I need are the RAID card, and 8 Western Digital 750GB hard drives. In RAID6, I will have 4.09TB of total space, if I went with RAID5 I would have 4.77TB. While RAID5 is good, I would feel better if I knew I could lose 2 drives and still have all my data safe. I mean this is going to be backups of my systems, and all the files that are most important to me. I may need to upgrade the power supply along the line, but for the time being I should be fine as it has a 420w PSU. I will post pictures when I get my new camera.

This article lists some very good ideas for improving your life. To sum it up, here is the list.

1. Start a business
2. Organize a group
3. Volunteer
4. Take an active role in your children’s’ activities
5. Start a family
6. Write a book
7. Learn an art
8. Run for office
9. Take up a sport
10. Set an outrageous goal — and achieve it!

I have done a few of these… Learn an art, Take up a sport, Start a business, but what I really want to do is write a book and start a family.

Last year I brought up the double bang trick. There is another with the bang and asterisk keys. This combinations takes just the parameters from the previous command.

Enjoy!

Tonight I decided I should do some locking down of ssh and I wanted to share with you the final result of what I did. The first thing we need to do is create the public key. For this post we will use localmach for the local machine and remotemach for the remote machine.

Before beginning the following should be set on the remotemach in /etc/ssh/sshd_config

On the local machine type the following

This will create a 2048bit RSA key. It will ask you where you would like to put these keys, in Linux the default is ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub

We now need to copy this key to the remote server, remotemach.

What this does is log into the remote machine and add the key to /home/user/.ssh/authorized_keys. I am going to skip the password part for now so we don’t lock ourselves out. The next thing you want to do is run the following commands on the localmach.

If you changed the name of the file from id_rsa you will need to specify which identity you want to add for ssh-add. With ssh-agent running and the identity added you should now be able to login without a password.

If you were able to login without the use of a password, you can proceed to editing the /etc/ssh/sshd_config. If you were not able to login without a password repeat the procedure and see if you are able to fix it. I did have trouble once or twice and repeating it fixed whatever was wrong.

Open /etc/ssh/sshd_config and find the PasswordAuthentication configuration directive and make sure it is set to no and uncommented.

Another recommendation is to make sure root cannot SSH into the server directly.

You can now run the following command to commit the changes to the current sshd process

What does all this do?

1. Disables direct login from the root user, which has always been a recommendation. If you are not aware of this you should be reading up on the use of sudo

2. Removes the ability to login to the server with a password, you can only login to the server using a public key.

3. Limit the machine that you can login from. The remotemach must have the key for the localmach in the authorized_keys file before authentication can be performed.

4. Greatly reduce the ability to bruteforce ssh.

In the coming days I am going to check to see if you can copy a key to any machine and have it work, if that is the case it might be better to turn the password authentication back on for situations that command high security.

If you chose to enter a password when creating your key and you did not setup ssh-agent and ssh-add you will be prompted for a password to decrypt the key. Do not confuse that with a standard password based login, which you are probably used to.

First is that the site is back online. About 2 months ago I stopped updating the blog and during that the version of Wordpress I was running had a exploit and the pages (not posts) were deleted and I decided I should just take it down until another major version came out. There are a couple things that are out of place and pages will slowly start coming back after I update the contents of them so they are accurate.

I passed my Offensive Security Certified Professional test, so now I have that certification and in a few weeks I will be preparing for LPIC and Linux+ exams. I would also like to start working towards my CCNA. I know nothing about routing and I need to work on my subnetting so it will be good for me.

I will try to post some pictures of the apartment, my digital camera took a crap so it will have to wait until I get a new one. I recently bought an LG42LB5D 42″ 1080p LCD TV and a Playstation 3… boy does 1080p look good.

A long time ago I wrote a post, Why I Want to Work at Google. In that post I cover most of the benefits that Google provides because I felt like might grab more people’s attention than my real reasons. For most of the time I have spent in the IT field it has been by myself, nobody to work with and learn from or to teach. When I have worked with others I always benefited in some way, so for me, the greatest benefit that Google could possibly offer is the opportunity to work with an exceptional group of people and work in an environment that makes you feel appreciated.

I have been at Google for two weeks now and I hope I never have to leave. I work with very smart and very nice people and I can only hope that I can learn from them and maybe share some of my experience with some of them. Time will tell, but for now I am just happy to be a part of Google.

The only thing I wish is that I had more thumbs to point up in Google’s favor.

I haven’t mentioned this until now, but I have been hired as a contractor for Google. I can’t discuss the stuff I do, but I freaking love the job… even if I could discuss it, I don’t know that I could put it into words. I am looking forward to the possibility of converting to a permanent employee down the road. Really the only differences are that I don’t get all the perks, but the experience is good enough for me.

I just moved to Atlanta, and I have stuff everywhere. This is one of those moves where your parents give you everything of yours that is in their house so it was a beast of a move. I had a couple people able to help me, but I had to load and unload a good bit of the 26′ truck. I also had some trouble with the auto transport so I have to get some money back from Uhaul for being a lame company and giving me crap.

I just moved down to Atlanta, GA…. well I am actually living right outside the perimeter in Smyrna, but close enough. I rented a 17′ Uhaul, but I was lucky and was given a 26′ truck with only a few thousand miles on it, which actually worked out great because I didn’t have to spend a ton of time making things fit.

Five miles from my house the trailer shorted out every light except for the hazards and the headlights. So I had no tail lights, no dash lights, nothing behind the cab could be seen without the hazard lights on. So then I had to wait 2 hours for someone to show up and another 1.5 for it to be fixed. So I am working on getting a refund on either the gas or the trailer all together and an extra day on top of it. Oh and I had to drive 60 miles @ 6mpg @ $3/gal to get this busted ass trailer. Break downs happen, I am not trying to dispute that, but this was pure neglect. The wires were cut and mixed up with a bunch of other wires and shorting out on each other, I’m not a mechanic or an electrician and I could and would do a better job than that.

Anyway off to unpack