Archive for the ‘Cool Projects’ Category

SSH is a great tool for accessing systems remotely to perform system management tasks.  It can also be a security risk if it is not configured properly. Many administrators start with the best intentions.  Password complexity rules are put in place that require long passwords with a robust mixture of uppercase, lowercase, numbers and special characters.  Alternatively, a policy of using SSH public keys is implemented. In most, cases this is a great setup. However, there are times when a single method for authentication does not fit well.   (more…)

It is easier today than ever before to maintain the security posture of your servers thanks to the SCAP Security Guide, an open source project creating and providing SCAP security policies (such as PCI-DSS, STIG and USGCB) for various platforms – namely Red Hat Enterprise Linux 6 and 7, Fedora, Firefox, and others.

In this post, I will show how the SCAP Security Guide can be used to automate the application of a security policy on Red Hat Enterprise Linux and (RHEL) then validated with the official DoD STIG configuration that the Defense Information Systems Agency (DISA) publishes. (more…)

When I was still doing IT Operations work, I dreamt of a day when a system could be secured and done so reliably during the installation process.  Sure, I had scripts and other tools at my disposal, but the problem with them was that there was not consensus that the actions I was taking to secure the server was actually correct.  Additionally, what happened if the checks and remediation steps that I was performing changed?  How long, if ever, would it take me to change my scripts?

With the advent of SCAP and the associated tools, achieving compliance during installation has never been easier.  Long gone are the worries that I used to have and I can now be sure that the systems I am installing are secure from the first time that they touch the network. (more…)

I was recently asked to show an example of how Windows Server 2012 running Internet Information Service (IIS) 8 can scale out in an OpenStack environment. I accepted the challenge and this post is the result.  To accomplish the task, I did a default install of an evaluation version of Windows Server 2012 and installed/configured IIS8 along with support.  I then created a very simple web page that uses server variables and the current date an time to create some dynamic content.  Lastly, I installed the CloudBase Cloud-Init service so that Windows Server could talk to the OpenStack metadata service.  I hope you enjoy the video. (more…)

After a long delay (I was moving into a new house and work keeps me very busy) here is the second part of my post on creating scale out workloads in OpenStack using Heat and Ceilometer.  In part one, we broke down the different parts of the Heat template that we will be using in this part of the posting.  We also covered how I had images and software repos configured to support the WordPress website the template will be deploying.  In this part, we will deploy the application, or stack as it is called in OpenStack lingo, and look at different ways to monitor the application to see what is going on. (more…)

Recently, I have been spending a fair amount of time tinkering with Red Hat Enterprise Linux OpenStack Platform 5 (RHEL-OSP 5) which is Red Hat’s Icehouse based offering of OpenStack.  My goal was to learn how to get OpenStack to scale workloads up and down as needed.  Elasticity like this is one of the essential characteristics of cloud computing as defined by the National Institute of Science and Technology (NIST), and is one of the capabilities that OpenStack has that traditional data center virtualization systems typically don’t possess. (more…)

Over the past week, I noticed a few articles on new transportation projects that are focusing on using Open Source development techniques to create something new.  This time it isn’t software though and it isn’t a new piece of computer hardware either.  Instead the people running these projects are creating new ways to transport people.

First, there is John Nicol’s MakerPlane Open Source aircraft.  I met John about 9 months ago at a simulations conference and on his website, he states:

MakerPlane is an open source aviation organization which will enable people to build and fly their own safe, high quality, reasonable cost plane using advanced personal manufacturing equipment such as CNC mills and 3D printers.  Our  projects  include open source avionics software to enable state-of-the-art digital flight instruments and display capabilities.