Wednesday, October 26, 2011

Using DBAN for Data Sanitation

If you're getting rid of your PC at home or retiring PCs in the office it is recommended that you first wipe the drive of any remaining bit of information.  I'm not going to debate the merits of method or the other, or if this is even worth while. I'm a firm believer that 99% of the time this tool will wipe your drive and the data will be unrecoverable to most people or attacks.  Personally, I run the PRNG method with 8 passes to overwrite the drives I'm getting rid of.  This is on top of using secure delete methods to overwrite individual files as I delete them on my PC in day to day operations.

If you're very paranoid anyhow, you should be using something like Truecrypt to encrypt everything at rest on your hard drive, and possibly even a hidden encrypted volume inside of that.  Even here, I would wipe a drive when I was done with it.

The first thing to do is to download the ISO image from dban.org/download. Then you will need to burn the ISO image to a CD. (A quick Google search should get you some results.)

Once you boot your PC with the burned image you should come to this screen.
Initial Boot Screen
If you hit the F2 key you will see this screen.
DBAN About Page
Hitting F3 will get you this screen.
Quick Commands
F4 will get you to this note about RAID devices.  Remember always dismantle your RAID volumes before wiping them!
A message about RAID devices
If you hit enter on the Initial Boot screen you'll end up here in Interactive Mode.
Interactive Mode
In Interactive Mode you can choose which Pseudo Random Number Generator to use. You have two choices (Mersenne Twister and ISAAC, but I go with Mersenne Twister, but apparently ISAAC is more secure.
Pseudo Random Number Generator (Mersenne Twister) explanation

Pseudo Random Number Generator (ISAAC) explanation
If you need to quickly zero out a drive, such as before re-installing Microsoft Windows or for some other reason this option is for you.
Wipe Method (Quick Erase explanation)

Wipe Method (RCMP TSSIT OPS-II explanation)

Wipe Method (DoD Short explanation)

Wipe Method (DoD 5220.22-M explanation)

Wipe Method (Gutmann Wipe explanation)

Wipe Method (PRNG Stream explanation)

Verification Mode (Verification Off Explanation)

Verification Mode (Verification Last Pass Explanation)

Verification Mode (Verification All Passes Explanation)

Changing the number of rounds
Something to note, if you have multiple drives installed and selected for wipe (from Interactive Mode) they will wipe in parallel.  This can speed things up significantly if you have a lot of drives to wipe
Running in parallel
When DBAN has finished you'll come to this screen. If you don't have a Green pass next to each disk you wiped it may be a failed disk.
All Done!

After running DBAN a few times you should become comfortable with the different options and what they do. I started out running in interactive mode all of the time, but now when I get to the Initial Boot Screen I simply type prng (Which used the prng method with 8 passes and verification on the last pass) and let it go to town.  I only do this however on machines where I want to wipe everything.  For safeties sake I always physically disconnect drives I do not want to wipe.

Friday, October 21, 2011

Installing and Configuring ZendServer Community Edition (CE) on CentOS 5 / 6

The quick and the dirty:
Download the Zend Server (DEB/RPM Installer Script) from zend.com. (An account is required).
un-pack the the tarball (tar -xzfv ZendServer-5.5.0-RepositoryInstaller-linux.tar.gz)
Run ./install_zs.sh 5.3 ce or ./install_zs.sh 5.2 ce depending on which version of PHP you want to run.
Edit your iptables (you are running iptables right?) vi /etc/sysconfig/iptables
Add in a line for the ZendServer lighthttpd server (-A INPUT -m state --state NEW -m tcp -p tcp --dport 10081 -j ACCEPT)
Restart iptables (/sbin/service iptables restart)
Visit (http://YOURSERVERHERE.com:10081/ZendServer/) in a web browser to accept the EULA and set a password.

Alternatively run (/usr/local/zend/bin/zs-setup accept-eula) and (/usr/local/zend/bin/zs-setup set-password YOURSECUREPASSWORD )

If you need to restart Zend Server run /sbin/service zend-server restart.  This will restart both apache (httpd) and the LightHTTPD Zend Server gui.

Some important notes before heading off into the wonderful world of Zend Server:
Be sure that your distribution's PHP isn't installed as well as the Zend Server, including the CLI, as it will mess with running php from the command line and who knows what else.

The php binary is located at /usr/local/zend/bin/php, which can be verified by running which php.  As such if you need to run php from cron be sure to add this to your path. (I have PATH=$PATH:$HOME/bin:/usr/local/zend/bin in my ~/.bash_profile).

If you need to modify a setting in php.ini you will find it at /usr/local/zend/etc/php.ini.  Remember to restart zend server for any changes to take effect.

Beyond those things there isn't too much difference between running zend server and running php from your distribution.

Thursday, October 20, 2011

uCertify 117-101 Junior Level Linux Professional-I review


Recently, the folks at uCertify requested I review one of their certification test suites.
In my past experiences with certifications I've used a variety of study material, including instructor led classes, books, as well as electronic tools similar to those offered by uCertify.

I prefer instructor led classes, but a mix of books and electronic tools are also a viable option for me.

The uCertify catalog includes a wide variety of test preparation kits for a number of popular certifications, including:  LPIC, Cisco, Zend, Linux, Microsoft, etc. Given I am currently in the process of studying for my LPIC-1, I selected the Junior Level Linux Professional (LPIC-1) track, which provided me access to the 117-101 Junior Level Linux Professional-I preparation kit.

I was able to install the software quickly and easily without any problems.  The activation was also painless, which I expected.

To start out, the tool offers a variety of teaching tools including study notes and practice quizzes, which is what I was really looking forward to. Each of the components is easy to use and follow, although the navigation confused me a bit at first.

The content itself seems accurate. Much of it appears to be snippets of relevant text from the official Linux man pages, with some text with a degree less of technical jargon to it to further explain the topic at hand. There where some areas where the content was a little lacking, but it didn't happen too often.

The practice tests themselves are pretty good. They relate directly to the study material and are worded such that they are easy to comprehend. They also have the same cadence and tone that are on the actual tests.

A couple of nice features that stood out from other tools I have used in the past include the ability to select different test modes and creating custom tests. In addition, within the test itself, the ability to add notes, print items and even provide feedback are all quite helpful. Of course, it also contains other expected features such as bookmarking of questions and a summary of answers for final review prior to submitting for results. The test experience itself was quite good and provided simple methods for reviewing the results and furthering one's understanding of the subject.

Without the benefit of having taken the official exam, it is also a bit difficult to gauge the usefulness of other features such as the Test Readiness Report and Objective Readiness Report, both of which are aimed at providing insight as to how well one might perform on the official test.

Overall, the uCertify tool is a comprehensive and flexible learning tool that is definitely worth considering, specially at the $80 - $100 price point (depends on selected test). Those looking for self-paced preparation kits will find it easy to use, thorough and extremely helpful.

TL;DR
Simple installation
Good Price point
Relevant study material
Comprehensive set of tools
Different learning techniques for varying preferences
Flexible practice tests

uCertify test preparation kits are available at: www.ucertify.com

Tuesday, October 11, 2011

Logmein Hamachi - Hub and Spoke Network

This is going to be another quick one, mainly so I remember how to change which computer is a hub and which computer is a spoke.
In "My Networks", click on "Edit" in the desired network. Then click the link "Add/Remove members" and there you can set the Hub/Spoke radio button.

That's it!