GeekTank

So lets say you have a server with a bunch of users and they all have sites and data and you don’t want them to be able to see each others data. A lot of distributions aren’t setup to stop users from wandering and reading files within other users directories.

What you will need to do is change the permissions on the /home and each users directory using chmod. So first we need to change the permission on “/home”


[root@taco:/]# chmod 0751 /home
[root@taco:/]# stat home
File: `home'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 900h/2304d Inode: 2 Links: 32
Access: (0751/drwxr-x--x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2007-12-03 13:58:07.000000000 -0800
Modify: 2007-11-21 12:10:17.000000000 -0800
Change: 2007-12-03 13:57:28.000000000 -0800


As you can see the folder is now set to 0751, depending you may want to change this but by default this should be fine.

Now you need to change the permission on each users directory using chmod yet again


[root@taco:/]# chmod 0751 jordan
[root@taco:/home]# stat jordan
File: `jordan'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 900h/2304d Inode: 19709953 Links: 15
Access: (0751/drwxr-x--x) Uid: ( 1000/ jordan) Gid: ( 1000/ jordan)
Access: 2007-12-03 12:14:23.000000000 -0800
Modify: 2007-11-14 11:06:38.000000000 -0800
Change: 2007-12-03 13:57:42.000000000 -0800


Now your users shouldn’t be able to see other users on your system!

A Goverment Employee used an On Call IT service to perform a "seven level" format on his hard drive that possibly contained federal evidence.

Scott Bloch runs the Office of Special Counsel, an agency charged with protecting government whistleblowers and enforcing a ban on federal employees engaging in partisan political activity.

At the same time, Mr. Bloch has himself been under investigation since 2005. At the direction of the White House, the federal Office of Personnel Management’s inspector general is looking into claims that Mr. Bloch improperly retaliated against employees and dismissed whistleblower cases without adequate examination.

Recently, investigators learned that Mr. Bloch erased all the files on his office personal computer late last year. They are now trying to determine whether the deletions were improper or part of a cover-up, lawyers close to the case said.

Bypassing his agency’s computer technicians, Mr. Bloch phoned 1-800-905-GEEKS for Geeks on Call, the mobile PC-help service. It dispatched a technician in one of its signature PT Cruiser wagons. In an interview, the 49-year-old former labor-law litigator from Lawrence, Kan., confirmed that he contacted Geeks on Call but said he was trying to eradicate a virus that had seized control of his computer.

Clay Johnson, the White House official overseeing the Office of Personnel Management’s inquiry into Mr. Bloch, declined to comment. Depending on circumstances, erasing files or destroying evidence in a federal investigation can be considered obstruction of justice.

Mr. Bloch had his computer’s hard disk completely cleansed using a "seven-level" wipe: a thorough scrubbing that conforms to Defense Department data-security standards. The process makes it nearly impossible for forensics experts to restore the data later. He also directed Geeks on Call to erase laptop computers that had been used by his two top political deputies, who had recently left the agency.

Geeks on Call visited Mr. Bloch’s government office in a nondescript office building on M Street in Washington twice, on Dec. 18 and Dec. 21, 2006, according to a receipt reviewed by The Wall Street Journal. The total charge was $1,149, paid with an agency credit card, the receipt shows. The receipt says a seven-level wipe was performed but doesn’t mention any computer virus.

Jeff Phelps, who runs Washington’s Geeks on Call franchise, declined to talk about specific clients, but said calls placed directly by government officials are unusual. He also said erasing a drive is an unusual virus treatment. "We don’t do a seven-level wipe for a virus," he said.

Why would you need to do a seven pass format ("U.S. Department of Defense recommendations to destroy data (DoD 5200.28-STD) : seven pass extended character rotation wiping. ") on a Personal Computer unless you were trying to remove something that no one could recover. Even the On Call IT person said it was highly unusual that a Goverment Agency contacted them and that they requested a seven pass format to meet DoD standards. If you have a Virus a simple format would take care of it and it wouldn’t cost over $1000 USD to have done. The in house IT would be able to complete this rather easily.
Read the full article at The Wall Street Journal

Read the full article at The Wall Street Journal
Download BCWipePD a free DoD seven pass wiping program

You can find the list of 100 of the first domain names ever registered at http://www.thelongestlistofthelongeststuffatthelongestdomainnameatlonglast.com

Which has the full list, and what rolls in at number one? Well its SYMBOLICS.COM!

You can check out the full list here.

I noticed quite a few of my visitors are finding my article about

MySQL Thread Caching and a Busy Site

And looking for the http://www.ftatalk.com mirror.

Heres the mirror http://www.satfix.net most of the articles on http://www.ftatalk.com are located on this site so just load it up, register and go.

I’ve closed commenting on this article because too many people are asking for help. Login to http://www.ftatalk.com or http://www.satfix.net if you require assistance.