Author: Josh
-
Easy Jenkins Deployment on AWS
Easy steps to install / configure Jenkins on AWS Amazon Linux: Install latest updates, set the hostname, and reboot. yum -y update hostnamectl set-hostname jenkins shutdown -r now Configure the Jenkins yum repository, install Jenkins, java, git, set Jenkins to start and persist on reboot: sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat/jenkins.repo sudo rpm –import https://pkg.jenkins.io/redhat/jenkins.io.key yum…
-
AWS Updates – Security Hub and UDP Network Load Balancing
Today Amazon released two features of note: 1. AWS Security Hub – This one is opportunity and peril at the same time. It is opportunity because it will give a set of standards and best practices a UI and allow anybody to view it and require enforcement from an implementation perspective. It is peril because…
-
Terraform AWS Profile Confusion
Ahh, terraform. What a useful tool. Unfortunately, there appears to be some confusion around the AWS profile, when using one. If you export the AWS_DEFAULT_PROFILE, you must also export the AWS_PROFILE to get the proper permissions… $ terraform -v Terraform v0.12.2 + provider.aws v2.7.0 $ terraform plan … Error: AccessDeniedException: User: arn:aws:iam::xxxxxxxxxx:user/${user} is not authorized…
-
Finally, some common sense password research.
This is a start, an article from Microsoft on password expiration: https://blogs.technet.microsoft.com/secguide/2019/05/23/security-baseline-final-for-windows-10-v1903-and-windows-server-v1903/ Security needs to set a good password policy, and provide users with the tools they need to manage their passwords! Too many users are not using password safes and have to manage their secrets in text files, email, or post-it notes.
-
MySQL Upgrade Table Failure After Upgrading to MySQL Server 8
I upgraded to MySQL 8 (from 5.7) on my laptop and was running into an error restoring a database table with a large varchar(2048) column: ERROR 1071 (42000): Specified key was too long; max key length is 3072 bytes The default character set in MySQL 8 is utf8mb4, which includes this restriction. Changing the table…
-
Trouble installing mysql2 gem on OSX 10.14
I was running a bundle install on a rails application and was receiving a failure when attempting to install mysql2: make “DESTDIR=” compiling client.c compiling infile.c compiling mysql2_ext.c compiling result.c compiling statement.c linking shared-object mysql2/mysql2.bundle ld: library not found for -lssl clang: error: linker command failed with exit code 1 (use -v to see invocation)…
-
WordPress hack attempt…
Gotta love the script kiddies – keeping us entertained by “hacking” static HTML sites: 5.135.230.129 230.159.29.94[CHR(0)]'<?php print(238947899389478923-34567343546345); ?>’ $domain.com – [11/Mar/2019:10:46:51 -0700] “GET / HTTP/1.1” 200 1533 “http://www.google.com/'<?php print(238947899389478923-34567343546345); ?>'” “Mozilla/5.9′<?php print(238947899389478923-34567343546345); ?>'”
-
AWS Access Keys in S3 Bucket Policies
I’ve seen what appeared to be AWS Access Keys in S3 bucket policies as an AWS principal in the past. I could never figure out why this was happening and nobody appeared to be adding them. The Access Key never showed up as a valid user Access Key in a search of IAM objects either.…
-
Apache Airflow 1.10.2– Active Directory Authentication (via LDAP[s])
This basic guide assumes a functional airflow deployment, albeit without authentication, or perhaps, with LDAP authentication under the legacy UI scheme. This guide also assumes apache airflow 1.10.2, installed via pip using MySQL and Redis. The guide also assumes Amazon Linux on an EC2 instance. Pre-requisites: An Active Directory service account to use as the…
-
ACM Certificate Not Visible in ELB Listener Drop-down
When using an imported SSL certificate with AWS Certificate Manager, the certificate will not be available for use if the RSA key is not 1024 or 2048 bits in size. If the certificate needs to be larger than 2048, upload/import to IAM instead, and use it from there.