iptables

When I upgraded my server to Red Hat 7.1 with the new 2.4 kernal, I switched the firewalling from ipchains to the newer iptables. I haven't had chance to fully utilize all the features of iptables, but it looks quite promising.    (Since: 2001)

LogCheck

This excellent tool mines the valuable security information contained within an operating system's log files and emails the pertinent information to the system administrator. An excellent tool in one's security toolbox.    (Since: 2000)

Logwatch

This excellent log auditing tool is now part of the default Red Hat install. It provides timely notifications of abnormal log entries in a customizable fashion.    (Since: 2002)

mod_ssl

I gained experience in building, installing, and configuring SSL for the Apache webserver back in 1999. Nowadays, the RSA patent has expired and Redhat ships apache with SSL pre-configured.    (Since: 1999)

nmap

The premier port scanning tool available on the web. I use this tool to test the firewall configurations of machines that I am administrating. It is great for finding vulnerabilities that you may have overlooked.    (Since: 2000)

PGP

This tool for encrypting and signing email messages is a great idea that I wish more people would use. I've been signing all my email for years now using GnuPG in my email client, Mutt. My PGP public key is available on my 'Contact' page.    (Since: 1999)

PortSentry

I use this easily installed tool to monitor and respond to abnormal port activity.    (Since: 2001)

Red Hat Network

This excellent software package management tool allows an administrator to manage patches and updates for a large number of RH Linux servers remotely via a web interface. It also provides an admin with timely alerts to get security holes patched quickly which is crucial for internet servers.    (Since: 2001)

SSH

I have built, installed and configured this secure replacement for telnet on numerous Unix systems. I only use OpenSSH from the OpenBSD project. I make it a rule to disable telnet access on any Unix server I come across.    (Since: 1999)

Tripwire

I have experience installing, configuring and monitoring this system integrity checker. Tripwire stores a cryptographic hash of critical system files which can alert you if an attacker changes them (i.e. installs a root kit).    (Since: 2000)

Welcome!

I am a software developer from Calgary, Canada. I like to dabble in open-source software when not slinging Java at my day job.

You're currently only seeing the public areas of my site. For access to personal photos, videos, and blog posts, you'll need to login.

Around the Web

Recent Blog Posts

play blog%> Our House Featured in Local Magazine
2010-08-03 at 10:44 am
play blog%> House Air Tightness: Design Trade-offs
2010-08-01 at 10:17 pm
tech blog%> Google releases App Inventor framework
2010-07-12 at 12:51 pm
play blog%> Why Geo-Exchange Heating?
2010-06-21 at 12:52 pm
play blog%> Why Solar Hot Water?
2010-06-21 at 12:51 pm
play blog%> Why build Green?
2010-06-21 at 12:49 pm
play blog%> Basement development
2010-06-10 at 09:18 pm
play blog%> Welcoming Connor Davis
2010-05-14 at 11:37 am

Recent Comments

Listening To