Posts tagged howto
Heartbleed is a zero-day bug in many OpenSSL implementations, and effects a huge swatch of servers on the Internet. Here’s a list of resources I’ve been referencing:
- Heartbleed info – http://heartbleed.com/
- Heartbleed status on Heroku – https://status.heroku.com/incidents/606
- Heartbleed status on EngineYard – https://support.cloud.engineyard.com/entries/50554018
- Do we need to generate a new SSL key? – http://security.stackexchange.com/a/55210
- Info on how the Heartbleed bug works – http://security.stackexchange.com/q/55116
- Detailed info on who is vulnerable and how to fix it – http://unix.stackexchange.com/a/123712/33893
- Info on Postgres and Heartbleed – http://blog.hagander.net/archives/219-PostgreSQL-and-the-OpenSSL-Heartbleed-vulnerability.html
- Instructions for verifying openssl versions and patching on various distros – http://www.howtoforge.com/find_out_if_server_is_affected_from_openssl_heartbleed_vulnerability_cve-2014-0160_and_how_to_fix
- Reddit thread with good info – http://www.reddit.com/r/Bitcoin/comments/22gq5e/heartbleed_bug_major_openssl_vulnerability_could/
- Heartbleed status check tools – http://filippo.io/Heartbleed/, https://github.com/titanous/heartbleeder
- Info on Heartbleed bug on OS X – http://apple.stackexchange.com/q/126916
- Official announcement from openssl – https://www.openssl.org/news/secadv_20140407.txt
- Recommended additional steps after patching OpenSSL – http://security.stackexchange.com/a/55089
- Comic relief – http://xkcd.com/1353/
I am thankful today for SaaS platforms and virtual hosting environments, as they’ve meant I’ve had to do a minimal amount of work on my end to patch the applications I maintain.
I was recently asked by a client to consolidate all of their DNS zone records and domain name registrations from 2 separate services to a single provider. The FAQ page of the current DNS service recommended using the
named-xfer shell command, but that utility isn’t available on OS X. I googled around and learned that
dig is a suitable alternative.
Finding the nameservers
Dig can be used to find nameserver information for a given domain:
$ dig yourdomain.com NS +short
Viewing and Backing up DNS Records
$ dig @ns1.nameserver.com yourdomain.com IN ANY
;; Truncated, retrying in TCP mode.
; < <>> DiG 9.8.3-P1 < <>> @ns1.nameserver.com yourdomain.com IN ANY
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 12683
;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 5
;; QUESTION SECTION:
;yourdomain.com. IN ANY
;; ANSWER SECTION:
yourdomain.com. 14400 IN NS ns1.nameserver.com.
yourdomain.com. 14400 IN NS ns2.nameserver.com.
yourdomain.com. 14400 IN NS ns3.nameserver.com.
yourdomain.com. 14400 IN MX 0 mx1.balanced.homie.mail.nameserver.com.
yourdomain.com. 14400 IN MX 0 mx2.balanced.homie.mail.nameserver.com.
yourdomain.com. 14400 IN A 126.96.36.199
yourdomain.com. 14400 IN SOA ns1.nameserver.com. hostmaster.nameserver.com. 2013122000 16668 1800 1814400 14400
;; ADDITIONAL SECTION:
ns1.nameserver.com. 14400 IN A 188.8.131.52
ns2.nameserver.com. 14400 IN A 184.108.40.206
ns3.nameserver.com. 14400 IN A 220.127.116.11
mx1.balanced.homie.mail.nameserver.com. 14400 IN A 18.104.22.168
mx2.balanced.homie.mail.nameserver.com. 14400 IN A 22.214.171.124
;; Query time: 150 msec
;; SERVER: 126.96.36.199#53(188.8.131.52)
;; WHEN: Tue Feb 4 16:17:59 2014
;; MSG SIZE rcvd: 305</code>
Backing these up just requires you to send that output to a file:
dig @ns1.nameserver.com yourdomain.com IN ANY >> dns-backup-yourdomain.com-ns1.nameserver.com
Once you’ve updated the nameservers for a domain you can verify if they’ve changed using the
dig yourdomain.com NS +short command.
$ dig yourdomain.com A +short
One of my professional goals for this year is to publish a mobile app for at least one Panoptic Development client. I’ve been researching different cross-platform mobile development frameworks to see how they would fit various project leads, and a couple weeks ago I decided to give PhoneGap a try. It wasn’t as straight forward a process as their documentation would have one believe, so when I finally had it up and running I posted my own documentation on the Panoptic Blog.
Complete instructions at: Up and running with PhoneGap on Mac OSX
I recently started bringing other developers on board to help me with a project that up until then I had been the sole developer on. I already had some rudimentary installation instructions that I had updated on occasion as I was originally developing the application, but it turns out that all the developers experienced problems of one kind or another while following along on their own development machines. Although I had recommended using RVM to at least isolate the application gem bundle, it was clear that there were other per-machine libraries and dependencies that were not being accounted for. So, I decided to include instructions on setting up a virtual machine which would hopefully alleviate these issues. My problem with VMs in general though, especially ones that you want to spin up and tear down quickly, is that it’s still possible for everyone involved in the project to be using a different VM manager and linux distro, and thus a different package manager and standard lib setup, and you still need to do a lot of setup after the fact to get all the necessary components to work. Enter Vagrant. (more…)
I’m currently working on a project at Panoptic Development that calls for splitting up a single model into two similar models with slightly differing functionality. I was already familiar with Alex Reisner’s excellent article on when to use Single Table Inheritance versus the other alternatives that one might use, and after re-reading the article with a colleague it was determined that STI was probably our best bet. However, neither of us could remember seeing any recent articles on STI in Rails, specifically with Rails 3, and it’s been my experience that if people aren’t talking about a Rails feature it’s probably because it’s been recently deprecated or replaced.
Not wanting to back ourselves in a corner before we were sure it would work, I decided to spike a dummy Rails app and see what problems we would run into. There are plenty of questions on StackOverflow (1, 2, etc.), et. al., with various suggestions for working through issues related to STI, but there was no one concise guide that detailed the benefits and drawbacks of each approach. I decided to document my findings. This is my first real-life attempt at implementing an STI pattern, so please leave a comment if you feel that I omitted something or if you know of another way to approach one of these issues.