Install WordPress and NGINX on Raspberry Pi

I have been evaluating the idea of spinning up a Digital Ocean VM for my web hosting as a cost effective alternative to shared web hosting. Digital Ocean requires you to know how to understand operating systems, I just happen to be the right guy for the job. I wanted to field test my future setup on my Raspberry Pi to get an idea of how much time it is going to take and what I can do to tune it for maximum performance. All of my sites have been converted to WordPress, my desire was to build a LEMP (Linux Engine-X, MySQL and PHP) stack to accommodate this setup. Continue reading “Install WordPress and NGINX on Raspberry Pi”

Juggling Too Much

I feel a bit overwhelmed as of late. We are working on putting the house up for sale, we just passed into mid-terms at school and I’ve been moving web hosts. In hindsight, I should have put off the web host move for a few months, although I do not regret moving my sites. Continue reading “Juggling Too Much”

US Army DSHell

US Army has released a network forensic analysis tool to Github to garner more support to expand the usefulness of the tool. DShell is a open source tool written in Python that aids in network forensic analysis for compromised environments.

Following and reassembling a stream of sample traffic.

reassemble_stream

DShell on Github

 

Password Strength

Password Strength

I came across this epic cartoon over at xkcd regarding the strength of  passwords. The conventional line of thought is a minimum of 8 characters with a mixture of caps and special characters.

As computing power increases, passwords that are or a certain length are trivial to crack, assuming the right conditions are present.

Since not all systems are designed the same on the internet. A basic defense is to use a different password on every site that you have an account on. Without going into too many gory details, many websites do not follow best practices in how they store passwords. There are sites on the internet that store passwords in a database in plain human readable text. There are sites out there that do not lock users out after a certain amount of attempts, which paves the road for a never ending brute force attempt.