Posts

Showing posts from 2013

How To Make Your Browser A Little More Secure

I searched high and low on the internet for a guide to secure my browsing session and disable web servers from preferring insecure SSL sessions. Many websites, such as amazon.com, in an effort to gain better performance, will prefer slightly more insecure methods for establishing a secure SSL session. Unfortunately, I have not found a way to override that preference with the client (browser) preference instead. However, it's probably a better idea to disable any and all weak encryption algorithms in any ways. Two very useful link to verify both a browser and web server's security stance is given below:

Browser accepted security protocols:
https://cc.dcsec.uni-hannover.de/

Web Server accepted security protocols:
https://www.ssllabs.com/ssltest/index.html

Step 1: 
Stop using browsers that do not support SSL encryption algorithm configuration. (Sorry Chrome)

Step 2: 
Download Firefox, which does allow one to

Step 3: 
Go To: about:config

Step 4: 
Search: security.ssl3.

Step 5: 
Set all t…

Store Script Passwords Securely in Mac OS X

I frequently use scripts that contain passwords. Since storing these pose somewhat of a security risk, I started researching ways to not store any passwords in my scripts, but rather in my Mac OS X keychain or some other keychain such as Ubuntu's keychain. Since most of my scripts are python based these days, the following two lines of Python code rely on Mac OS X's 'security' command to read and print a password from your keychain:

1: import subprocess as sub 2: password_cmd= ['security','find-generic-password','-s','booger','-g'] 3: password_dcrypt = sub.Popen(password_cmd,stdout=sub.PIPE,stderr=sub.PIPE).communicate()[1].rstrip().split(':')[1].lstrip().lstrip('"').rstrip('"')
This can of course be done in shell scripts just as easily:

1: password_dcrypt=$(security find-generic-password -s booger -g 2>&1|perl -lne 'print $1 if m/password: \"(.+?)\"/g')
Of course, …

Ping utility that targets a specific port

Frequently I reboot servers and while I wait for them to come back up, I ping them to see when they are "back up" However, even after I receie a positive ping response back from the server, it still takes a while before SSH is initialized.

I wrote my own python-based ping utility that allows one to ping a specific port on a remote host. The utility has three modes: (1) One time, (2) Infinite, and (3) Set number of times.

 ./port_ping.py hostname port #(one time)
./port_ping.py hostname port -n inf #(indefinitely)
./port_ping.py hostname port -n num #(num times)

(NB: I'm still in the process of cleaning this up and making it pretty. In the future, I am considering making it mimic the standard GNU ping utility's syntax.)

Code:

Checking your final grades at Auburn...automatically!!!

During finals week, I found myself constantly checking the Auburn University site to see if new grades are posted. At the time, I did not know that they actually only post grades at midnight. I ended up using Python, BeautifulSoup, and other tools to log in and grab the final grades site, parse for new classes, and then send a push notification if new ones were found. Prowl is the only good push notification app for iOS that I'm aware of. If you are using Android, there exists numerous ones and you can modify as needed. To get this script running, put it in a python (.py) file, and run it through your favorite scheduler. I use launchd on my Mac and cron on Linux. Happy finals and may the curve be ever in your favor! 1: #!/usr/bin/env python 2: from BeautifulSoup import BeautifulSoup 3: import mechanize, sys, re, time, shelve 4: import prowlpy 5: 6: shelve_file = 'grades.pyshelf' 7: apikey = '123khlkjh1l23kjh12l3kjh13lk12hj3lk12jh31lkj3h213lkjh123…

School Spirit in the Terminal

Image
Some years back I converted an Auburn University logo to ASCII text using an online ASCII text generator and then colorized it using Perl. I place this file in my home directory as an invisible file named .auburn_logo.pl, and call it from my .bash_profile or .profile. It's sure to impress your friends when you pull up a new terminal window.

See code below:

1: #!/usr/bin/env perl 2: use strict; 3: use Term::ANSIColor qw(:constants); 4: 5: my $auburn = ' 6: 88888888888 7: 888888888888 8: 88OIIIIIII8888 9: 888IIIIIIIII8888 10: 888IIIIIIIIIII888? 11: 888888888888888888888888 888IIIIIIIIIIIII8888 888888888888888888888888 12: 88IIIIIIIIIIIIIIIIIIII88 888IIIIIII8IIIIIII888 88IIIIIIIIIIIIIIIIIIII88 13: 88IIIIIIIIIIIIIIIIIIII88 888IIIIIII888IIIIIII888 88IIIIIIIIIIIIIIIIIIII8…