Joshua Kersey

Perspectives on software development, internet technologies, system security, and digital culture from a cross-platform full-stack developer.

Troubleshooting SSH connections protected by fail2ban

I have been using Linux since 2004. I started with Ubuntu 4.10 and using Linux I have always felt my system was more protected than when I used Windows.

To my knowledge, I’ve never had a serious breach, so I’ll share some of how achieve this protection and explain how I troubleshoot it too.

I configure a DMZ on my router so that all external traffic arrives at one specific destination. It is a server that happens to be dual-purposed as my HTPC too. On that computer, I utilize fail2ban so hosts that fail authentication are blocked in the future. This thwarts brute-force attacks and protects the rest of the computers on my network.

I recommend that you occasionally check your logs. In Ubuntu there are two that I check regularly. I suggest looking at /var/log/auth.log and /var/log/fail2ban.log periodically. You can also use the logwatch package to notify you as well.

The default settings for fail2ban might not be enough, so I recommend increasing the default bantime and the dbpurgeage.

In /etc/fail2ban/fail2ban.local set dbpurgeage = 10d. In /etc/fail2ban/jail.conf set bantime = 10d in the [DEFAULTS] group. I also changed the maxretry = 3 in the [sshd] group.

I recently had to reinstall the operating system on my server for the first time in 6 years. It was using a 32bit version of Ubuntu and Canonical had stopped issuing updates. I wanted to switch to 64bit anyway, and the lack of updates was motivating 🙂 After reinstalling and upgrading the OS, I decided to not add one of my users. However, I had another computer copying backups to the server using that user account. Because of the failed attempts, fail2ban blocked my own workstation. I was able to verify this by using the command

sudo cat /var/log/auth.log|grep password|grep invalid

This will get a list of all attempts for all invalid users. You can actually improve this to get a list of all invalid users. An example of how to do this is below. You might need to change the value for the starting character in the cut command.

sudo cat /var/log/auth.log |grep password|grep invalid|cut -c73-|cut -d' ' -f1|sort|uniq

After identifying that it was in fact fail2ban that was causing the issue for me, I was able to unblock it by using

sudo fail2ban-client unban

fail2ban is an excellent way to protect your network, however it needs to be carefully configured, and when you do encounter an issue with it, it’s important to be able to troubleshoot it.

Glimpse for GitHub by Matt Jarrett

A coworker recently started a project that graphs GitHub contributions by user. It’s a nice utility that quickly provides insight into the activity of any user over the life of the user’s account. Glimpse is built on ReactJS and it’s extremely fast. Matt Jarrett is well versed in open source and an excellent developer, so be sure to check out some of his contributions and other projects (I especially like es6 in 6 hours) on GitHub, or you can try a live demo of Glimpse.

Example of Glimpse results

Once is Never Enough

In the past, I’ve lost some code when I didn’t save it and when I didn’t back it up, so this hit home with me.

Once is never enough. From CommitStrip

Microsoft Announces the Release of Windows Calculator as Open Source

Microsoft has been contributing to the open source community in many different ways as of late. They take this one step further by announcing that they are releasing the Windows Calculator as open source on GitHub. Windows Calculator actually shipped with Windows 1.0, 33 years ago. In Windows 3.0 a scientific mode was added and further updates coincided with the release of each version of Windows. The software is so ubiquitous that Microsoft has even given the program its own keyboard button on it’s wildly popular keyboard, and other keyboard manufacturers have followed their lead. Now you too can contribute to this software

For Microsoft, this is a good thing all around. It deepens their partnership with the open source community and engages their users in the ongoing improvement of their software.

For developers, it enables us to use their logic to extend our applications, and it’s a great way to learn about Universal Windows Platform, Fluent app design, and XAML. It’s also an excellent way to contribute to the Windows operating system and take part in the development of software that ships with so many systems.

There have already been 78 issues opened and many have been tagged as “help wanted”, where Microsoft actively seeks assistance from the open source community to help improve the application. Learn more, clone the repository, browse the source code, and make contributions at Microsoft Windows Calculator on GitHub.

Ghidra Software Released as Open Source by NSA

Ghidra, a software reverse engineering tool developed by the National Security Agency, has been released as open source software in a bold move by the agency. The NSA had previously suggested they would be publishing the source code and making it available to the public, and have now fulfilled this.

Ghidra, is written in Java and the graphical user interface is developed using the Swing framework. By using Java, the software has been made to be compatible with many operating systems, including Windows, Mac, and Linux. It’s decompiler is written in C++ and the ability to create plugins is available by using Jython, making use of the another open source language that’s quickly climbing the ranks, Python.

Ghidra supports a wide range of architecture, including 16, 32, and 64 bit x86, ARM, PowerPC, MIPS, 68xxx, DEX bytecode, Z80, 6502, Sparc, and 8501. The free price tag and open source enables it to directly compete with IDA and IDA Pro.

I think that the NSA making the software open source is a great move for the agency as it has, in the past, had questions about its transparency in operations. It will also be advantageous to the software and the agency as it encourages further development. NSA appears to also using it as an opportunity to recruit software developers, security experts, and research analysts.

Using it requires OpenJDK 11. Browse the source code on the GitHub repository. True, the actual source is not available yet, however work is underway for it to become available. I also encourage you to perform analysis on project activity and make associations when possible. Please share your results and thoughts.

Install Azure Data Studio on Linux

I have been a happy Linux user at home for 15 years now. I’ve been using Ubuntu since 2004 and my entire network runs on the operating system. At the office, I’ve been developing in a Microsoft environment using Visual Studio on Windows 10 and connecting to SQL Server. I like some of the features and I want to explore using .NET Core to develop web applications. I found a need to install and manage SQL Server data from Linux, and Azure Data Studio does the job well. It’s the SQL Server Management Studio equivalent that pairs well with Visual Studio Code. It’s cross-platform so you can use it on Mac, Windows, and on Linux. For Linux, Microsoft made packages available in .deb .rpm and .tar.gz

Learn more about how to install and download Azure Data Studio at Microsoft’s site. I’ll be covering using it in more depth in future posts.

Three Virtues

A long time ago, the creator of the Perl programming language, Larry Wall, laid out what he believed to be the Three Virtues of a Great Programmer.

They include:

  1. Laziness: The quality that makes you go to great effort to reduce overall energy expenditure. It makes you write labor-saving programs that other people will find useful and document what you wrote so you don’t have to answer so many questions about it.
  2. Impatience: The anger you feel when the computer is being lazy. This makes you write programs that don’t just react to your needs, but actually anticipate them. Or at least pretend to.
  3. Hubris: The quality that makes you write (and maintain) programs that other people won’t want to say bad things about.

Quoted from “Programming Perl”, 2nd Edition, O’Reilly & Associates, 1996

My friends with a background in System Administration, believe the same can be applied to their work.