Agave Mountain

Labels: Scams

Posted by Joe Turner at 10:34 AM | Permalink | Comments

As the airlines cut and cut-- travel becomes more of an adventure.  Today, I cross my arms, pout, and proudly declare that I will never, ever fly Northwest Airlines again.

In February, my wife and I got "bumped" off of a Northwest flight.  As compensation, we were given paper TCV Exchange Coupons.   The gate agent assured us that this green and white paper voucher (printed on ticket stock) could be traded in for a round trip ticket anywhere in the US, Alaska or Canada.

With some difficulty, including a trip to the airport to physically hand the voucher to a ticket agent, I was able to trade the vouchers for tickets to Las Vegas for my upcoming wedding anniversary. 

When the big day arrived, my wife and I sauntered up the counter to victoriously claim our free trip to Vegas.  The agent took our boarding passes and cast a sympathetic look at our bag.   The bag, which was one pound overweight, would be $50.  I shrugged and handed her my credit card.

She sighed and looked at me with even more sympathy.  "You won't be able to make it." 

I checked my watch (which synchronizes nightly with the atomic clock in Boulder Colorado). It was 6:28 am, and I still hadn't had a cup of coffee yet.  My caffeine-deprived mind couldn't understand what the woman was saying.  Sensing my confusion, she added, "You need check in at least 30 minutes before the flight. We recommend at least one hour and seventeen minutes."  I checked in online the previous night and the flight boarded at 7:00am.  I looked around at the cavernous and empty terminal.  I was dumbstruck.

She pressed on and delivered the bad news -- the flight was overbooked, as were all of the flights for the rest of the day.  For $25 each, we could fly standby but it looked like we weren't going to get to Las Vegas for our wedding anniversary.  She took our bags, charged my card, and gave us some standby tickets.  Our bags made it to Las Vegas on time, but we didn't.

The 9:30am flight was overbooked.  We were #2 and #3 on the standby list (out of 22).  The flight left without us.  The 11:30 am flight left without us also.  The gate agent told us all the flights were entirely full; we weren't getting to Las Vegas unless we drove.

As I looked at my wife and saw that her eyes were welling up with tears, I started thinking of alternatives.  If I did nothing, we were going to get charged for a hotel room we wouldn't sleep in; our tickets to KÀ would be worthless, and our anniversary would be spent pleading with northwest agents.  After discussing the situation with the gate agent (who surprisingly suggested flying Southwest [good advice, I will in the future] ), I opted for a confirmed seat to Orange County, California.  My plan was simple: get as close as I could and drive the rest.

Luckily, I had packed my Garmin 495, with the automotive power connector and bean bag.  I rationalized that we were going to rent a car to drive out to Hoover Dam anyway...

We finally arrived (by car) at McCarran International Airport more than sixteen (16) hours after our bags did.  Not including food and gas, we were out $289 for the over weight bag fee, standby fees, and car rental.  Tired and road weary, we found our bag behind a locked glass door.  The note on the door said that if the baggage office was closed, go to the ticket counter.  So we did.  We walked the length of the concourse, up and down the escalators to find the ticket counter... which was closed. 

On the way to the MGM Grand, I guesstimated how long it would have taken in a Cessna 172 single engine plane to get there, including fuel stops.   Had I had a complex endorsement, I could have rented a Piper Arrow that would have done it easily in 9-12 hours, including fuel stops. 

The rest of our trip was relatively enjoyable and uneventful, but I'm still silently fuming at how consistently bad my experiences with Northwest were. 

On the hundreds of flights I have taken on the other airlines (American, Cathay Pacific, JAL, Continental, Jet Blue, and Southwest)-- not once did I get bumped or denied.  Not once did my baggage get lost.  However, on Northwest, 100% of the trips I have taken I ended up with my baggage being sent somewhere else, and/or I was denied. 

Granted, this is a small sample size, but I now view Northwest as the armpit of the airline industry.  When it came time to book my business travel to Asia, there was no way I was going to use Northwest.  I booked my business class tickets on American/JAL.

Labels: business travel

Posted by Joe Turner at 12:25 AM | Permalink | Comments

If you are like most administrators (and you installed SSH with the default settings), you will quickly see a steady stream of script-based attacks hitting port 22, in your firewall, system, or auth logs.  The vast majority of these system break-ins attempts (through ssh) are accomplished through simple brute-force attack scripts.

Fear not, there are some very simple ways to configure your SSH daemon to radically cut your exposure to script kiddie attacks and slow down brute force attacks against your system.

There are three preferred ways to secure the SSH daemon: 1) strengthening the default configuration, 2) use port knocking, and 3) disabling password-based authentication entirely, forcing the use of RSA/DSA keys instead.  This article will discuss making simple changes to the default configuration file (/etc/ssh/sshd_config).  

Depending on your distribution, the ssh server config file can reside in different places so you will need to determine the location for yourself. However, the default seems to be that it would reside in /etc/ssh and would be called sshd_config.

Here are the basic steps:

1. Running SSH daemon on a different port.
2. Denying root logins over SSH
3. Allowing only users running protocol 2 to connect to the server
4. Permitting a limited number of authorization retries.
5. Allowing only certain specified users to log in.

Change the port.  One of the simplest and most effective ways to cut down brute force attacks, is the most simple -- change the default port.  Change the port and 99% of attacks go away.  In sshd_config there will be a line like "Port 22" it may be commented out as port 22 is the default. You need to uncomment that line if needed and change the port number to something else.  

# Port 22
Port 2222

Disable root login.  You should never allow unfettered access to the root account over ssh.  This is done be setting the line "PermitRootLogin" to "no".

#PermitRootLogin yes
PermitRootLogin no

Disable insecure Protocol 1.  Disable Protocol 1 and only allow Protocol 2.

#Protocol 1,2
Protocol 2

Set MaxStartups. MaxStartups parameter limits the number of concurrent unauthenticated connections, therefore attacker won't be able to run more than a certain parallel attempts at logging in.

#MaxStartups 10
MaxStartups 3:50:10

The example above  tells the ssh server to, "allow 3 users to attempt logging in at the same time (concurrently), and to randomly and increasingly drop connection attempts between 3 and the maximum of 10." 

Set MaxAuthTries.  If you server becomes the target of a dictionary attack, the attacker will repeatedly try various usernames and passwords.  MaxAuthTries is a parameter which tells the daemon how many bad attempts to allow before disconnecting. 

#MaxAuthTries
MaxAuthTries 3

Only Allow Specific Users to Login.  By default, all valid users on the system are allowed to log in.  A more secure policy is to explicitly specify the accounts which are allowed to login.  You can do this by specifying the user accounts after "Allow Users":

AllowUsers joe john 

Labels: Linux

Posted by Joe Turner at 12:47 PM | Permalink | Comments

Labels: Announcements

Posted by Joe Turner at 1:14 PM | Permalink | Comments