How Do You Get Snort Working to Test It Out?

0 Comments

Problem scenario
You have a Linux server, and you want to install Snort use its basic functionality.  How do you do this?

Background
It is advisable to place Snort on every machine (Upguard).  This way if one server is compromised, you have Snort’s features on all other servers.  When alerting but not logging, running Snort usually consumes a negligible amount of resources (RAM,

Continue reading “How Do You Get Snort Working to Test It Out?”

How Do You Solve the Docker Error “x509 certificate signed by unknown authority”?

0 Comments

Problem scenario
When you use docker login from a client server and you are challenged for credentials.  But after you enter the password and press enter you get this error:  “Error response from daemon: Get https://: x509: certificate signed by unknown authority”

You do not login to the Docker registry.  How do you get around this problem so you can log into the Docker registry?

Solution
Use one solution 

Continue reading “How Do You Solve the Docker Error “x509 certificate signed by unknown authority”?”

How Do You Create a Docker Registry in Ubuntu Linux?

0 Comments

Problem scenario
You do not want to rely on internet-available Docker registries.  You want to have your own private Docker registry in your own AWS network.  You want to share Docker images (to build containers) with your team.  You think that installing/deploying a Docker registry will help you.  What do you do to build and configure (or just set up) your own Docker registry with an Ubuntu 16.x server?

Solution
These directions were tested to work with Ubuntu 16.x in AWS and Azure. 

Continue reading “How Do You Create a Docker Registry in Ubuntu Linux?”

How Do You Troubleshoot an Error with a Certificate When You Are Trying to Configure a Docker Registry?

0 Comments

Problem scenario
You get an error about a certificate not working with your host/server name.  One of the following apply to your situation:

When you use “docker login” you get this message:
“Error response from daemon: x509: certificate is not valid for your server”

OR

When you try to use curl to the Docker registry server you get this error:
curl: (51) SSL: certificate subject name 

Continue reading “How Do You Troubleshoot an Error with a Certificate When You Are Trying to Configure a Docker Registry?”

What is DevSecOps (or DevOpsSec, SecDevOps, or rugged DevOps)?

0 Comments

Updated 2/10/22

Answer
DevSecOps is the integration of security practices with DevOps.  DevOps may be a culture of automation (as Stackify says), a blend of disciplines (development and operations), or a key word in a job title (e.g., DevOps Engineer or DevOps Architect).  DevSecOps seeks to rapidly integrate security measures into development and operations and avoid security specialists working in separate and relatively isolated teams. 

Continue reading “What is DevSecOps (or DevOpsSec, SecDevOps, or rugged DevOps)?”

How Do You Configure SSH Passwordless Authentication between an AWS EC-2 Instance and an Azure Virtual Machine?

0 Comments

Problem scenario
You have a Linux server in AWS and another Linux server in Azure. You want to use scp without a password to transfer files rapidly.  How do you configure passwordless SSH authentication between the two servers?

Solution
1.  Run this command on each server:

ssh-keygen -t rsa -P “”

# Accept the default prompt by pressing enter.

2.i. 

Continue reading “How Do You Configure SSH Passwordless Authentication between an AWS EC-2 Instance and an Azure Virtual Machine?”

What Is the Difference between Integrity and Availability in the CIA Triad?

0 Comments

Updated on 12/26/18

Problem scenario
I.T. security concerns itself with confidentiality, integrity and availability.  These three categories are concepts which help professionals prioritize and crystallize what to secure and how to secure it.

In the context of computer security, the CIA triad (confidentiality, integrity and availability) is commonly used.  How could data be available if it did not have integrity?  What is the difference between integrity and availability?

Continue reading “What Is the Difference between Integrity and Availability in the CIA Triad?”

How Do You Use scp When You Get A “Permission Denied” Error?

0 Comments

Problem scenario
You want to copy files between RedHat Linux servers with adherence to security best practices.  You try to use scp but you get “Permission denied.”  What do you do to copy files in a secure way?

Solution
1.  Verify you can SSH from one server to the other.  For directions for setting up SSH in a cross-cloud environment, you may want to see this posting

Continue reading “How Do You Use scp When You Get A “Permission Denied” Error?”

How Do You Turn off OS Firewalls in an AWS Instance of Linux SUSE?

0 Comments

Problem scenario
You are running Linux SUSE in AWS.  You want to have no firewalls running on the OS.  How can you be sure that there is no OS-level firewall running in Linux SUSE?

Solution
#1  Become root with this command: sudo su –
#2  Enter this command:  yast firewall
#3  You will see either a screen that warns you about another firewall running or you’ll see the YaST2 screen for a firewall. 

Continue reading “How Do You Turn off OS Firewalls in an AWS Instance of Linux SUSE?”

How Do You Create a Linux Server in Azure with PowerShell When You Keep Getting an Error “Status Code: 400…Bad Request”?

0 Comments

Problem scenario
You are trying to create a Linux server in Azure with the Azure Tools for PowerShell.  You receive this message:

“Destination path for SSH public keys is currently limited to its default value due to a known issue in Linux provisioning agent.”

You see  “StatusCode: 400 … ReasonPhrase: Bad Request.”

What do you do to create an Ubuntu 16.x server and not get this error?

Continue reading “How Do You Create a Linux Server in Azure with PowerShell When You Keep Getting an Error “Status Code: 400…Bad Request”?”