Recent Post

Categories

Archives

Cow Computing

10 Jun 5

Mapping Network Drive in Windows 7

Unlike Windows XP, mapping a network drive in Windows 7 is a nightmare. It is possible that during the mapping of a network drive, no matter how hard you try to enter your credentials or the drive is actually password-less, it still prompt you for a password repeatedly. This is annoying and is due to the security settings on Network Security. I shall introduce you two method to get around this annoying problem. *Do note that, for Windows 7 Home edition, the security setting is not available (RIDICULOUS isn’t it?), either you upgrade to Professional / Ultimate Edition or you could use Method 2 to achieve that (HURRAY!)

Method 1 (Windows 7 Professional / Ultimate Edition)

  1. Under “Control Panel”, find “System and Security”
  2. Open “Administrative Tools”
  3. Double Click “Local Security Policy”
  4. Expand “Local Policies”
  5. Click “Security Options” and Scroll to find “Network Security: LAN Manager Authentication Level”
  6. Choose “Send LM & NTLM, use NTLMv2 session security is negotiated” for the drop down.
  7. Done. you can now map network drive as normal (like in XP)

Read More / Comment »

 Tags: , ,
Posted in Security, Windows | 1 Comment »

10 Mar 12

Jailkit – Limit User Account on Linux

There’s once I was required to setup a limited shell access user account on a commercial hardware product, in which to secure the original system from being modified and at the same time to provide a flexible environment for general work. I was on the way to make use of chroot command. Then i was lucky to came across Jailkit, which saved me a lot of time. So, i would like to use this post to give a little introduction on how to use it.

# First, let's create a directory for the jail account
mkdir /jail
chown root:root /jail

# Then we create a new user account specially for jail account
# *replace <group name>, <username>, <password> with your own value
groupadd <group name>
useradd -d /home/jail -g <group name> -p <password> <username>

# For example, if we only want to allow the jail account to have ssh and basic shell access
jk_init -v -j /jail basicshell ssh

# Then we shall jail the user account we previously created to the jail directory
jk_jailuser -m -j /jail <username>

Read More / Comment »

 Tags: , ,
Posted in Linux, Security, Tools | No Comments »

10 Jan 22

Creating Keystore and Self-Signed Certificate with openSSL

It is in fact very easy to generate a self-signed certificate with openSSL.

In order to generate Keystore and Certificate using open SSL, we first need to generate a key

openssl genrsa -out <name of private key file>.key 1024

then we need to generate a Certificate Signing Request by reading the private key we just generated

openssl req -new -key <name of private key file>.key -out <name of csr file>.csr

After that, we could Self-Sign the certificate (note: if you only want the key-cert pair, you could stop after this step, else go to the next step for keystore generation).

openssl x509 -req- days <num of days valid> -in <name of csr file>.csr -signkey <name of private key file>.key -sha1 -out  <name of cert file>.cert

Finally, with the key and certificate, we could combine them into a keystore

openssl pkcs12 -name <key alias> -export -in <name of cert file>.cert -inkey <name of private key file>.key -out <name  of the keystore file>.p12

The key and certificate is ready to be used in various applications (e.g. Dovecot, Apache WebServer…)

 Tags: , ,
Posted in Security | No Comments »