protect your linux server

there are so many ways that you can protect your linux server. the obvious ones: only run the services you need to run. keep all software up to date. close ports that aren’t in use via your firewall. disable root login. regular, and complete, backups. (+off-site). software based solutions: run an intrusion detection system (e.g tripwire) and check the reports often. use rootkit detection (rootkithunter). block abusive IPs (fail2ban or denyhosts). scan mail and uploaded files (clamav). implement the http:BL physical access? who can get to your server and what protection is in place to prevent tampering. if you have any other tips, or suggestions, please leave a comment below. 00   

ghost on openshift

run the blogging platform ghost on openshift cloud quickly and easily. i tried to set ghost up one one of my own servers but couldn’t get it to sit well with apache. if you don’t have an openshift account create one then visit here and hit the ‘deploy now’ button. name it something pertinent. this will churn away for a while but when it’s finished your instance (or gear as redhat call them) should be up and running. when it’s first created ghost is running in ‘development’ mode. we need to change that to ‘production’ mode. you’ll first need to install the local tools for your platform as documented here. rhc, git…other stuff… once you’re setup, on your local machine, issue a rhc set-env NODE_ENV=production --app yourgearname replacing yourgearname with whatever you named it initially. then ghost needs to be restarted rhc app restart ghost and things should be froody. now you can visit http://yourURL/ghost/signup to create a user (this’ll also protect it from anyone else nipping in a registering before you do). once you’ve setup your user you can go to http://yourURL/ghost/settings to change the install default settings. if you want to edit your config.js directly log into your gear via SSH and cd to app-root/runtime/repo and you’ll be at the root of your ghost install. had to do this when i messed up a git commit. argh. if you’re planning on keeping it running 24/7 then setup a ping job from another host as the openshift gears go to sleep after a period of inactivity (and ping the actual URL of the openshift gear…not the CNAME that you’ve setup…if you’ve set one up). you can have a look at mine

ultimate guitar tabs for android

ultimate guitar tabs. an android app that costs money (though it didn’t cost that much when i bought it). an android app that lets you search for tabs, chords and lyrics for many, many songs. is it worth the outlay? it’s a front-end for the ultimate guitar tabs website and while you could just visit that site it’s rather handy to have access from wherever you are in a more mobile friendly format. the content is generated by users and while most of it is good you will come across some that’s inaccurate or badly formatted. there’s a * rating system that’ll help separate the wheat from the chaff. so when you fire it up you’re presented with a screen that looks a lot like this so you can search for the music you’re after. if you have an account on the main site you can log-in here and your favourites will be synced to the mobile app. hit the random button and you’ll get something that you maybe weren’t expecting (or hadn’t even heard of in my case). after my third attempt i was displayed a tune i did recognise… but wasn’t going to attempt to play. you can see the stars at the top that show how users have rated the transcription. there’s a wide selection available. for example the mighty monster magnet have a good few tracks on there so if you like your stoner rock (as i do) you’re well catered for. on the main screen there’s also a ‘top 100′ option. this shows […] 00   

pry-fi

pry-fi helps you divulge less information about yourself as you roam through this, modern, wi-fi enabled world. if you’ve got a rooted android handset it spoofs your MAC address randomly unless you’re actually connected to a network (you can spoof your MAC then too if you so desire) so that anyone sniffing for such things gets random, and false, data. like so… there’s also a war mode that spoofs hundreds of MAC addresses at once. you can set this to run for anywhere between 3 minutes and 3 hours and it’ll clog the database of any sniffers with nonsense. is this excessively paranoid? maybe, but it’s an interesting tool that does have real-world uses. you can, of course, stop software using your wi-fi even when turned off but this hampers pinpointing location (go into the advanced section of your wi-fi settings and uncheck the box). it’s made by chainfire who’s apps i’ve found very useful in the past on various devices. it’s available for free on goolge play. 00   

chapman ml-2 antique sunburst

am the new, proud, owner of a chapman ml-2 antique sunburst guitar (3 other finishes are available). mahogany body (with a lovely flame top), maple neck and ebony fingerboard (full specs can be seen by following that link). it’s a les paul style guitar but has a nicely scalloped cutaway to allow easy access to the high frets. designed by rob chapman, with suggestions from fans of chapman guitars, it’s simple but made with quality components. the range is only available from andertons if you live in the UK. i think it looks great…and it plays…splendidly. good setup out of the box. great finish…no sharp frets. enough of the chit chat…here she is… not great pictures…difficult to take shots of something so shiny. update. after playing this guitar for a couple of weeks i’m no less impressed. one of the things that strikes me is the sustain…the notes/chords go on…and on…etc. lovely. powerful pickups with a good difference between the three positions. haven’t used the coil-tap much. the neck shape took a bit of getting used to. barring an F at the first fret was initially odd. after a few sessions i’ve gotten used to it. it tapers nicely as you head upwards too. haven’t regretted, the admittedly sizable, purchase at all. nicest guitar i’ve ever owned. 00