AWS Consulting Blog

A secure cloud deployment isn’t limited to ensuring that your servers are following best practices, for your desktop computer can be the weakest link in your security chain. All too often, companies will put all of their effort into ensuring their servers have the latest patches, but give little thought to ensuring their employee desktops […]
Continue Reading
I ran into this random SSSD authentication issue this morning: – Users were unable to SSH into a single server, receiving a SSH Public Key error message – I restarted the SSSD service and confirmed that it could connect to Active Directory – However, SSH wasn’t performing user looks to AD via SSSD – The […]
Continue Reading
By default, Ubuntu 16.04 comes with Python 3.5 installed. But what if want to develop using Python 3.6? One way is to create a virtual environment with a custom Python package installation: sudo add-apt-repository ppa:jonathonf/python-3.6 sudo apt-get update sudo apt-get install python3.6 cd ~ python3.6 -m venv virtualenv --without-pip cd virtualenv/ source bin/activate curl https://bootstrap.pypa.io/get-pip.py […]
Continue Reading
So here’s the scenario: you have a CentOS 6 or 7 server all setup, and like the proactive sysadmin that you are, you’ve decided to start patching your system on a regular basis… but with security updates only and not full package upgrades, in order to avoid breaking anything. So what do you do? Why, […]
Continue Reading
Today, Amazon Web Services announced their latest region availability, this time in Canada. This is fantastic news for Canadian companies that have wanted to deploy their servers to AWS, but may have not been able to due to Canadian data privacy laws that require end-user data to be hosted within Canadian borders. With this latest announcement, […]
Continue Reading
Looking to configure Gitlab so that it will authenticate against your AD servers? Here’s a quick overview of setting it up, which will help you avoid some common “gotchas”:   1) Create a user in Active Directory to perform LDAP queries Don’t configure Gitlab to perform LDAP queries using an administrator account. Instead, setup a new […]
Continue Reading
A vulnerability in SSLv3 was announced last night: POODLE: SSLv3 vulnerability (CVE-2014-3566) Long story short, SSLv3 allows man-in-the-middle attacks. SSLv3 is now considered unsafe, and the recommendation by vendors is to disable SSLv3 from all services. How to disable SSLv3 on Amazon Elastic Load Balancers (ELB) Newly created load balancers will no longer support SSLv3 […]
Continue Reading
FreeTDS is a set of libraries that, when combined with the UnixODBC driver, allows your Linux server and applications to natively talk to a Microsoft SQL Server. To install FreeTDS and UnixODBC on CentOS, use the following script: Run this script as root. #!/bin/bash export SQL_SERVER_ADDRESS="10.0.0.100" export DATABASE_NAME="mydatabase" #DSN = Data Source Name. This is […]
Continue Reading
Last week we discussed how to remove the AWS Marketplace code from a CentOS AMI. However, CentOS only provides paravirtual (PV) AMIs for Amazon EC2, and as of yet has not provided HVM (hardware virtual machines) AMIs. Why would you want a HVM AMI? Amazon appears to be putting preference towards future instance types requiring HVM, […]
Continue Reading
1 2 3

AWS Consulting

Casey Labs provides AWS consulting for growing companies, helping them to build secure server infrastructure in the cloud.

Contact us today: [email protected]