Single Loss Expectancy
In the context of risk management, the single loss expectancy is an estimate of the monetary damage to an organization from a specific instance of realization of a risk.
Annual Loss Expectancy
In the context of risk management, the annual loss expectancy is an estimate of the monetary damage to the organization, from the realization of risks, over the course of one year. Calculation of ALE happens during a risk assessment.
How to run Firefox 3.6 on Ubuntu 15.04
These instructions will allow you to run the ancient 3.6 version of Firefox on a recent Ubuntu installation, namely 15.04, but it could apply to versions of Debian, Ubuntu and Linux Mint released close to 15.04.
Amazon Web Services Security
- Secure Server Deployments in Hostile Territory Part 1 and Part 2.
- AWS Security Best Practices
- Intro to Security by Design
Show privileges for all users in MySQL
mysql --silent \ --skip-column-names \ --user mysqldumper \ --execute 'SELECT User, Host from mysql.user' | \ while read User Host; do mysql --user mysqldumper --execute "SHOW GRANTS FOR '$User'@'$Host'"; echo "==========================="; done
mysqldumper user only requires read permissions on the databases.
Example queries on the Sakila MySQL database
Sakila is a sample database provided by MySQL, meant to be used in tests and documentation examples. This page lists some example queries against that database.
Get a non-normalized selection of actors and films in which they played:
SELECT actor.first_name, actor.last_name, film.title FROM actor, film, film_actor WHERE film_actor.actor_id = actor.actor_id AND film_actor.film_id = film.film_id;
Get the same result with double
SELECT actor.first_name, actor.last_name, film.title FROM film_actor INNER JOIN actor ON film_actor.actor_id = actor.actor_id INNER JOIN film ON film_actor.film_id = film.film_id;
A useful script that discovers the expiry date for a given certificate: ssl-expiry-date. At some point I slightly modified this script to read a Bind DNS zone file and check each
Arecord for SSL Expiry, for the purpose of discovering which subdomains were using a wildcard SSL certificate. I should publish that somewhere some day...
A very clear explanation of SSL encryption, not specific to OpenSSL, but it uses OpenSSL for all its examples: Secure your website with SSL encryption.
Stale NFS Causes BackupPC fileListReceive Failure
Recently, one of my BackupPC clients running CentOS failed to backup, with the contents of the host log being:
2015-06-10 01:40:10 incr backup started back to 2015-05-16 08:56:42 (backup #600) for directory / 2015-06-10 21:40:18 Aborting backup up after signal ALRM 2015-06-10 21:40:18 Got fatal error during xfer (fileListReceive failed)
...and the last bad XferLOG containing:
This happened a couple of times in a row, and the interval between the start
time of the backup and the failure was consistently 20 hours. While checking,
I noticed that an
rsync process started on the client by BackupPC was running
for about a week. I did an
strace -p <PID> on the process ID of
noticed that it was trying to
stat an old NFS export, mounted from a server
that no longer exists.
Although there are other ways to fix this, it was OK for this host to be rebooted at the time, problem solved.