17. August 2015 · Comments Off on APG 2.0 · Categories: Mac

APG has been updated and improved, and is now available via the Mac App Store.

APG generates passwords with two (2) to eight (8) random common dictionary words. It displays length and approximate bits of entropy. The length of the password is often more important than the complexity. For example, if a person had the password “yz4%38nX@nl2” versus a password based on four common yet unrelated dictionary words such as “goodnessflexiblehousingcigarette”, the latter would take far longer to crack during a brute-force attack (12 vs. 32 characters). Additionally, people who use completely random complex passwords often write them down. However, a password based on a string of common unrelated English words is much easier for someone to remember, and at the same time secure. If you want the best of both worlds (length and complexity), you can use the built-in editor to customize the generated password by adding mixed case, numbers, and special characters.

The previous non-Mac App Store version (1.5) is still available here.

Download Now!

06. August 2015 · Comments Off on Custom Bash Prompts · Categories: Linux, Snippets

After a little experimenting, I came up with a nice and colorful Bash prompt I use on all my Linux boxes. Feel free to tweak as necessary. Append the following code to /etc/bashrc or simply export $PS1 in ~/.bashrc with your customizations.

# Customize the prompt
if [ $(id -u) -eq 0 ]; then # Root user prompt
  PS1="\[\033[38;5;31m\][\[$(tput sgr0)\]\[\033[38;5;166m\]\u\[$(tput sgr0)\]\[\033[38;5;31m\]@\h\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]\[\033[38;5;34m\]\W\[$(tput sgr0)\]\[\033[38;5;31m\]]\[$(tput sgr0)\]\[\033[38;5;15m\]\\$ \[$(tput sgr0)\]"
else # Normal user prompt
  PS1="\[\033[38;5;31m\][\[$(tput sgr0)\]\[\033[38;5;99m\]\u\[$(tput sgr0)\]\[\033[38;5;31m\]@\h\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]\[\033[38;5;34m\]\W\[$(tput sgr0)\]\[\033[38;5;31m\]]\[$(tput sgr0)\]\[\033[38;5;15m\]\\$ \[$(tput sgr0)\]"
20. May 2015 · Comments Off on Apache SSL/TLS Strong Encryption · Categories: Linux

If you’ve been keeping up with the numerous changes from Google and the Mozilla Foundation regarding SSL/TLS support, vulnerabilities such as Logjam, BEAST, FREAK, and POODLE, the deprecation of SSL 3.0, RC4, and SHA-1, and Firefox 37’s deprecation of TLS 1.0, you may be wondering what cipher suites you should support in Apache to ensure strong encryption. From the Guide to Deploying Diffie-Hellman for TLS, the following configuration will likely provide you with an A rating using Qualys SSL Server Test:

SSLProtocol all -SSLv2 -SSLv3


SSLHonorCipherOrder on

Remember, you should use an all-SHA-2 certificate chain (the intermediate and the issued certificate should not be signed with SHA-1) when you renew your certs.

Recommended Reading:
SSL/TLS Deployment Best Practices, Ivan Ristic, Qualys SSL Labs

24. February 2015 · Comments Off on CCNP Security SISAS Notes · Categories: Cisco

I completed my CCNP Security a while back, but I take one Cisco professional level exam each year to keep my training current, and to re-certify all of my credentials. I recently took and passed Cisco CCNP Security SISAS (300-208). As of this writing, the official certification guide had not been released. This made studying for this test very difficult. I used the Cisco Identity Services Engine Administrator Guide and video training from both CBT Nuggets and iPexpert. In case anyone is interested, I’ve decided to share the notes I took in preparation.

While the training from CBT Nuggets was excellent, I found that that video series alone was insufficient to cover all of the material. The training I purchased from iPexpert seemed to fill in the gaps and add a lot of additional detail.

CCNP Security SISAS Notes (PDF)

11. January 2015 · Comments Off on Vimmy 1.8 · Categories: iOS

Vimmy has been updated with requested features and bug fixes:

– Added AirPrint support to enable printing of Vimmy “cheat sheets”
– Fixed an issue affecting orientation rotation on iPads
– Additional minor bug fixes and optimizations

As always, Vimmy is completely free and contains no ads. If you enjoy using this software, please take the time to rate it on the App Store. Thanks!

Download Now!

07. May 2014 · Comments Off on Python – Audit Tool 2.0 · Categories: Snippets

An update to my Python file comparison utility, now with bidirectional support. This is an alternative to using diff that provides, in my opinion, cleaner output. Also, unlike diff, because this is written in Python it should be able to run on just about any platform.

# audit-tool.py 2.0 - A simple file comparison utility.
# Copyright 2014 13Cubed. All rights reserved. Written by: Richard Davis

import sys

def compareFiles(filename1, filename2, ignorecase, bidirectional):
  Given two filenames and an ignorecase booelean, compares filename1
  against filename2 and returns list of the differences and a count of
  how many were found. If ignorecase is 1, the contents of both files
  are read in as lowercase so that case differences are ignored. If
  bidirectional is 1, filename1 is compared to filename2 and vice-versa.
  results = []

    f1 = open(filename1, 'rU')
  except IOError:
    print 'Could not find the specified file:', filename1

    f2 = open(filename2, 'rU')
  except IOError:
    print 'Could not find the specified file:', filename2

  list1 = f1.readlines()
  list2 = f2.readlines()


  if ignorecase == 1:
    for i in range(0,len(list1)):
      list1[i] = list1[i].lower()
    for i in range(0,len(list2)):
      list2[i] = list2[i].lower()

  diffs = set(list1) - set(list2)

  if bidirectional == 1:
    reverseDiffs = set(list2) - set(list1)

  diffcount = 0

  results.append('\n' + filename1 + ' -> ' + filename2 + ':\n')

  for diff in diffs:
    diffcount = diffcount + 1

  if bidirectional == 1:
    results.append('\n' + filename1 + ' <- ' + filename2 + ':\n')

    for diff in reverseDiffs:
      diffcount = diffcount + 1

  return results, diffcount

def main():
  if (len(sys.argv) < 3) or (len(sys.argv) > 5):
    print 'usage: audit-tool.py filename1 filename2 [--ignorecase] [--bidirectional]'

  ignorecase = 0
  bidirectional = 0

  filename1 = sys.argv[1]
  filename2 = sys.argv[2]

  if len(sys.argv) == 4:
    option1 = sys.argv[3]
    if option1 == '--ignorecase':
      ignorecase = 1
    elif option1 == '--bidirectional':
      bidirectional = 1
      print 'unknown option: ' + option1

  elif len(sys.argv) == 5:
    option1 = sys.argv[3]
    option2 = sys.argv[4]

    if option1 == '--ignorecase':
      ignorecase = 1
    elif option1 == '--bidirectional':
      bidirectional = 1
      print 'unknown option: ' + option1

    if option2 == '--ignorecase':
      ignorecase = 1
    elif option2 == '--bidirectional':
      bidirectional = 1
      print 'unknown option: ' + option2

  (results, diffcount) = compareFiles(filename1, filename2, ignorecase, bidirectional)

  if diffcount:
    print '\n%d difference(s) found.' % (diffcount)
    for line in results:
      print line,
    print '\nNo differences -- files are identical.'

  print '\nCopyright (C) 2014 13Cubed. All rights reserved.'

if __name__ == '__main__':
28. February 2014 · Comments Off on Custom Crons · Categories: Linux

Suppose you needed to run a cron job that ran only on the first x-day of the month. It’s easy to create a cron that runs every x-day, but how would you specify the first? The solution is pretty nifty. Simply create a cron that would run a job every x-day, but then have that cron execute a script that evaluates whether it is indeed the first occurrence of that day in a given month. If yes, it will execute your script. If no, it will do nothing.

Example for running a cron the first Wednesday of every month at midnight:
0 0 * * 3 [ “$(date ‘+\%d’)” -le 7 ] && /usr/local/bin/myscript.sh > /dev/null

The cron will indeed run every Wednesday, but the conditional statement will only execute myscript.sh if the current day of the month is less than or equal to seven. Perfect!

12. October 2013 · Comments Off on Pingy 1.0 · Categories: iOS

Introducing Pingy.

Pingy is a free ping (ICMP echo request/reply) utility with a clean interface and no ads. It’s designed to be a lightweight, quick, and easy to use utility to check for basic network connectivity. It calculates sent/received counts, packet loss, and minimum, maximum, average, and standard deviation statistics for round trip time. It also features a ping sound option that will allow you to hear when a ping is successfully received.

Download Now!