craig

Audit terminology: SAS 70, SSAE 16, SSAE 18, SOC1, SOC2, Type 1, Type 2

If you are involved in information technology and compliance in a heavily regulated industry,  or work with larger organizations, you have probably run across the terms SAS 70, SSAE 16, SSAE 18, SOC 1 report, SOC 2 report, Type 1 Report, and Type 2 Report. These terms are frequently abused and misunderstood, even by compliance …

Audit terminology: SAS 70, SSAE 16, SSAE 18, SOC1, SOC2, Type 1, Type 2 Read More »

Configuring Laravel/Lumen applications to connect to SQL database sockets

The Laravel/Lumen framework documentation does not explain how to connect an application to a database using UNIX sockets instead of a TCP-based network connection. I recently had to configure the Polr URL shortener (built on the Lumen microframework by Laravel) to connect to Google Cloud SQL with a UNIX socket. Since all of Polr’s configuration takes place …

Configuring Laravel/Lumen applications to connect to SQL database sockets Read More »

Configure CentOS/RedHat VMs with Kickstart files on Virtualbox

Kickstart is a type of file that’s used to automatically install RedHat or CentOS Linux on a physical or virtual server. If you are managing more than a few servers, it’s a good idea to configure the servers via kickstart files instead of logging in and configuring each one manually. However, some unfortunate choices were …

Configure CentOS/RedHat VMs with Kickstart files on Virtualbox Read More »

Viewing logs for a cluster of instances on Google Stackdriver Logging

StackDriver Logging is a great feature of Google Compute Engine (GCE). You pretty much need a centralized logging solution if you are taking maximum advantage of the features offered by GCE. For example, most production applications will run on a cluster of web servers. If you set up the cluster as a managed instance group …

Viewing logs for a cluster of instances on Google Stackdriver Logging Read More »

Protecting a RESTful JSON API from a CSRF attack

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated” (OWASP definition) CSRF is related to Cross-Site Scripting (XSS), but does not require the execution of Javascript or any other front-end code. In fact, APIs are increasingly vulnerable to CSRF …

Protecting a RESTful JSON API from a CSRF attack Read More »

Upgrade Ubiquiti UniFi Access Points (WAP) now to avoid KrackAttack

On October 15, 2017, security researcher Mathy Vanhoef announced the discovery of KrackAttacks, a serious flaw in the WPA2 encryption protocol that encrypts most WiFi connections. Using this method, an attacker can decrypt traffic from almost any wireless access point (WAP) and clients. Every WiFi access point will need to be upgraded with patch that prevents …

Upgrade Ubiquiti UniFi Access Points (WAP) now to avoid KrackAttack Read More »

Warning: CentOS/RedHat 7.4 installs FreeRADIUS 3 with breaking changes

When you run yum upgrade on a CentOS/RedHat 7 instance, you will be upgraded to 7.4. If you have a FreeRADIUS server, you will be upgraded from version 2 to 3, and your server will likely stop authenticating! Good times! Fortunately, the solution was not complicated for us, because we had good documentation. Symptoms Your …

Warning: CentOS/RedHat 7.4 installs FreeRADIUS 3 with breaking changes Read More »

Managing persistent disks on Google Compute Engine

It can confusing when you have multiple persistent disks on an instance running on Google Compute Engine. For example, a server may have separate disks for the filesystem root, MySQL data, logs, and /tmp. Once you’ve created the Compute Engine disks and attached each one to the instance, how do you know which Compute Engine …

Managing persistent disks on Google Compute Engine Read More »