Category Archives: SysAdmin

Quad 9, a Better Choice For Your DNS

Tech Tip – As you know if you follow my posts, I listen to a lot of podcasts. While nearly it is nearly 10 months old (I have quite a podcast episode backlog), I listened to episode #638 of the Security Now podcast as I went on a walk earlier today. The primary subject of this podcast was Quad9.

So what is Quad9? From their web page:

Quad9 is a free, recursive, anycast DNS platform that provides end users robust security protections, high-performance, and privacy.

Why would you want to switch to Quad9? The video above gives a short (2:29) overview of how DNS works to resolve Domain Names into IP addresses, and how Quad9 can provide you with more protection. The Quad9 claims:

  • Quad9 blocks against known malicious domains, preventing your computers and IoT devices from connecting to malware or phishing sites (Quad9 pulls in security intelligence from 19 partners including: IBM’s X-Force, Abuse.ch, the Anti-Phishing Working Group, Bambenek Consulting, F-Secure, Netlab, and Proofpoint)
  • Quad9 systems are distributed worldwide for quick response with servers in more than 128 locations at present. More than 150 locations in total are scheduled for 2018 (published tests demonstrate Quad9’s response time [1,5,7,8])
  • No personally-identifiable information is collected by the system [4]

The founders of Quad9 include IBM, PCH (Packet Clearing House), and the Global Cyber Alliance (GCA). Quad9 works with several partnering groups to make Quad9 a safer, more secure and private way to do DNS lookup. While they have extensive tech in place to block malware domains, Quad9 also has whitelisting in place to prevent known valid domains from being accidentally blocked [1,4].

After listening to Steve Gibson talk about Quad9 on Security Now I decided to switch to Quad9. Shortly after I returned to my apartment I logged on to my MacBook and set up Quad9. If you are not sure how to change your DNS provider on your Mac, the video above shows you how.

You should make the change to Quad9 on your Mac too! You can also set the DNS on your iOS device.

 

References

  1. What is Quad9 DNS and is it Better Than OpenDNS
  2. Quad9 on Wikipedia
  3. New “Quad9” DNS service blocks malicious domains for everyone
  4. A Deeper Dive Into Public DNS Resolver Quad9
  5. DNS Resolvers Performance compared: CloudFlare x Google x Quad9 x OpenDNS
  6. What is Quad9?
  7. DNS Performance Comparison: Google, Quad9, OpenDNS, Norton, CleanBrowsing, and Yandex
  8. Quad9 DNS
  9. Free Quad9 DNS service aims to make threat intel more accessible
  10. New Quad9 DNS Service Makes the Internet Safer and More Private

See my other Mac and OS X articles


 

Advertisements

CLI – sed

Screen Shot 2018-08-06 at 7.16.16 PM.png

CLI – Sometimes you have a file that you wish to scan for every instance of a phrase and replace it with another phrase. The sed or stream editor command is just what you are looking for. In the above screen shot I first display a file with the cat command, then use se to replace all appearances of the word ‘Emma’ with the word ‘Bambi’. The sed command syntax for that is:

sed  ‘s/Emma/Bambi/g’ Review_Four\ Dominions\ copy.txt

The ‘s/Emma/Bambi/g’ says to do a global search and replace of Bambi for every instance of Emma. The name of the file being operated on is ‘Review_Four\ Dominions\ copy.txt’.

The description of sed in the macOS man page is:

The sed utility reads the specified files, or the standard input if no files are specified, modifying the input as specified by a list of commands.  The input is then written to the standard output.

A single command may be specified as the first argument to sed.  Multiple commands may be specified by using the -e or -f options.  All commands are applied to the input in the order they are specified regardless of  their origin.

This can be a very powerful and useful command when processing text files. In the SysAdmin world it can be very useful for updating configuration files.

To learn a lot more about how to use sed, take a look at “‘Sed’ Command In Linux: Useful Applications Explained“. Yes, this is a Linux article, but the sed command as implemented on macOS is fundamentally the same.


See my other CLI and macOS articles


 

CLI – zcat

Screen Shot 2018-07-24 at 11.06.57 AM

CLI – Sometimes you want to view the content of a compressed file. The zcat  Command Line  command allows you to do that. What does zcat do:

zcat uncompresses either a list of files on the command line or its standard
input and writes the uncompressed data on standard output.

The zcat command is like cat, but for compressed files.

To learn a lot more about how to use zcat, take a look at “Linux zcat Command Tutorial for Beginners (5 Examples)“. Yes, this is a Linux article, but the zcat command as implemented on macOS is fundamentally the same.


See my other CLI and macOS articles


 

Networking Cheatsheet for Linux (and macOS)

cheat_sheet_cover_sysadmin_networking

Whether you are a Unix/Linux/macOS Sys Admin or just a user, you often have to deal with various network issues. There are several ‘built-in’ utilities that can be used through the Command Line to help solve these issues. While this is not a full networking tutorial, the cheat sheet PDF file does give you some of the essential networking commands and examples of how you can put them to use.

While the cheat sheet is targeted at Linux, many of the commands listed will also work on your macOS system. This may be something you want to print out and add to your notes, or just download it and have it available for reference. I downloaded the PDF and put it in my iCoud Drive so that I can reference it from my Mac, MacBook or my iPad.

CLI – apropos

Screen Shot 2018-07-12 at 12.37.28 PM

You know what you want to do, but you are not sure what the command line command is that you should use. This is where the apropos command may help. While the man command gives you the details of a command, apropos searches the descriptions of all of the commands for the keyword used (in the example image above I used ‘apropos disk’ to obtain the list shown) and gives you a list of all commands that contain that keyword.

The macOS man page for apropos says:

apropos searches a set of database files containing short descriptions of system commands for keywords and displays the result on the standard output.

To learn a lot more about how to use apropos, take a look at “Linux apropos Command Tutorial for Beginners (5 Examples)“. Yes, this is a Linux article, but the top command as implemented on macOS is fundamentally the same.


See my other CLI and macOS articles


 

CLI – top

Screen Shot 2018-07-10 at 11.49.10 AM

If your system seems to be slow or there are running Apps (processes) that you want to know more about, you can enter top at the command line to see more. This command is part of almost every Unix, Linux, and macOS system.

This is similar to the Apple Utility “Activity Monitor”, though there are options you can invoke at the command line to give you more control over what you are seeing. This is a good tool to use if you are wanting to know why your Mac seems to bog down (which process is consuming CPU cycles and/or memory).

The macOS man page for top says:

The top program periodically displays a sorted list of system processes. The default sorting key is pid, but other keys can be used instead.  Various output options are available.

To learn a lot more about how to use top, take a look at “Linux top Command Tutorial for Beginners (8 Examples)” and “Tips for using the top command in Linux“. Yes, those are Linux articles, but the top command as implemented on macOS is fundamentally the same.


See my other CLI articles


CLI – Netstat

If you are having problems with your network or just want to learn a little more about it, the netstat command is a good way to start. The netstat command lets you print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.

The macOS man page for netstat says:

The netstat command symbolically displays the contents of various net-work-related data structures.  There are a number of output formats, depending on the options for the information presented.  The first form of the command displays a list of active sockets for each protocol.  The second form presents the contents of one of the other network data struc- tures according to the option selected. Using the third form, with a wait interval specified, netstat will continuously display the information regarding packet traffic on the configured network interfaces.  The fourth form displays statistics for the specified protocol or address family. If a wait interval is specified, the protocol information over  the last interval seconds will be displayed.  The fifth form displays per-interface statistics for the specified protocol or address family. The sixth form displays mbuf(9) statistics.  The seventh form displays routing table for the specified address family.  The eighth form displays routing statistics.

To learn a lot more about how to use netstat, take a look at “Linux netstat Command Tutorial for Beginners (8 Examples)“. Yes, this is a Linux article, but the netstat command as implemented on macOS is fundamentally the same.

See Apple’s Mac OS X Manual Pages for further command details.


See my other CLI articles


 

In-depth Crytography Book Available for FREE!

Screen Shot 2017-09-08 at 9.37.36 AM

As I have mentioned before, I routinely listen to the Security Now podcast. In episode #600 Steve Gibson talked about the book “A Graduate Course in Applied Cryptography“. This book is being compiled by noted Cyber Security researchers Stanford University Professor Dan Boney and New York University Professor Victor Shoup.

While the book is still in development, you can download the most recent version (December 9, 2016 version 0.3) as  PDF file. The book provides high level overviews of many cryptography subject areas, as well as a deep-dive into the technology. As the authors say in their Preface:

A beginning reader can read though the book to learn how cryptographic systems work and why they are secure. Every security theorem in the book is followed by a proof idea that explains at a high level why the scheme is secure. On a first read one can skip over the detailed proofs without losing continuity. A beginning reader may also skip over the mathematical details sections that explore nuances of certain definitions.

An advanced reader may enjoy reading the detailed proofs to learn how to do proofs in cryptog- raphy. At the end of every chapter you will find many exercises that explore additional aspects of the material covered in the chapter. Some exercises rehearse what was learned, but many exercises expand on the material and discuss topics not covered in the chapter.

If you are interested in computer security, you may want to add this 710 page book to add to your library.


See my other Cyber Security articles


 

Podcast – Security Now

Security_Now_cover_art

Podcasts – I have been listening to the Security Now podcast since it began. It has been published weekly now for over 10 years. The latests episode as of this writing is #626. While they began as short programs of under 30 minutes, they have rapidly grown to around two hours per episode.

The show is presented on the TWiT Network and features Leo Laporte and Steve Gibson. While, as the name implies, the focus is on computer security, they also will talk about Tech in general and Science Fiction from time to time. The more recent episodes cover the security news that has occurred over the past week (almost always something new). They sometimes address questions from their large international audience, with occasional deep-dives into an issue of computer technology or security.

The program is well done and I recommend it to anyone interested in computer security, or who simply uses a computer, tablet or smart phone.


See my other Cyber Security articles


 

macOS New App Release – Server Ranger 1.5

Server_Ranger

Product Announcement – LibertyApp Ltd. of Belfast, United Kingdom has released Server Ranger 1.5, the latest version of the company’s website and server monitoring solution for the macOS platform. Server Ranger 1.5 brings brand new features and other enhancements. Get alerts when things go wrong with your devices. No subscriptions, no monthly fees, no in-app purchases and no adverts. Powerful yet easy-to-use, Server Ranger can check any number of servers or devices, whether that be 1 device or 1000.

* Smart Interface: Nodes performing properly are in green. Yellow indicates the node is online but slow. Red is for offline. Only interested in 1 device? Switch to Single Server Mode to reduce on-screen clutter.

* Checks: Choose how often Server Ranger checks your servers, from as little as every 30 seconds to once an hour. Or switch off the automatic monitoring and manually check your devices when you choose.

* Alerts: Don’t wait for your customers, Twitter followers or users to tell you that your site is down. Be the first to know! Server Ranger alerts you if the performance is slow or if the server has gone offline. Get alerted by emails, on-screen alerts, notifications and more.

* Big Screen mode: Open the Overview window and get a glance at all your servers. Put the window on another monitor, a screen on the wall or even Airplay it to your Apple TV.

* Statistics: Server Ranger logs every response from your devices. Spot patterns of poor latency and print or export the evidence to a CSV file. The log file updates live, no need to refresh.

Key features:

  • Monitor any type of server or site – file servers, routers, web servers, email servers and more
  • Define alerts for slow and offline devices
  • Emails, Mac notifications, sounds, and visual alerts
  • Eliminate false positives – alerts are only sent after a user-definable number of checks
  • Single Server Mode
  • Overview window – perfect for a screen on the wall or Airplaying to an Apple TV
  • Detailed log file with export and print
  • One simple price – no adverts or monthly subscription fees
  • Built for macOS Sierra (10.12), OS X El Capitan (10.11) and OS X Yosemite (10.10)

As well as bug fixes, version 1.5 offers some brand new features:

  • Modern integrated main window: The server log now has its own pane on the main window
  • New filters on the server logs: Logs can now be filtered to show ‘Everything’ (all checks), ‘Alerts’ (Warning or Offline) or just ‘Offline’
  • Just want to run manual checks? Automated checks can now be switched off in Preferences – Check as and when you choose
  • Middle detail pane now shows the average latency for the selected server
  • New menu bar icon for fast checking of your servers

Server Ranger 1.5 is available as a one-time purchase of $39.99 USD (or equivalent) from the Mac App Store. It has no in-app purchases and requires no subscriptions or other monthly fees. It is a free upgrade for all current customers.