rietta

##
# SSL Configuration
#
# This is a strong configuration that will get an A+ on the SSL Labs test as of
# April 5, 2014.
#
# To test your SSL setup against the best standards, see:
# https://www.ssllabs.com/ssltest/
#
SSLEngine on

rietta

#!/usr/bin/env ruby
require 'securerandom'
puts "
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1

#{SecureRandom.hex(23423) }

-----END PGP MESSAGE-----
"

rietta

#!/usr/bin/env ruby

##
# bytes
# Quick and dirty way to get a slate of byte conversions from the command line.
# Put it in your path and make it executable, by 'chmod 755 bytes'.
#
# Author: Frank Rietta

##

rietta

Keybase proof

I hereby claim:

• I am rietta on github.
• I am rietta (https://keybase.io/rietta) on keybase.
• I have a public key whose fingerprint is EF65 AC38 A698 E87D 9CEF B60F 658C D5E9 C004 BAE3

To claim this, I am signing this object:

rietta

Regular talks are 45-minute blocks. We recommend 30-35 minutes of presentation, followed by allowing 10-15 minutes for questions and discussion.

Title

Defending from Data Breaches by Fostering a Culture of Security

Tracks: Culture or Crafting Code

Abstract (600 chars)

You've been hearing about big data breaches in the news. As a developer who doesn't specialize in security, knowing how to protect your application from getting hacked may seem like a daunting task. However, fundamentals in the design and development process will greatly increase the security that protects your users from harm.

For Review Committee

rietta

A method for getting a list of IP addresses that failed to login to SSH from the /var/log/auth.log.

For just failed root login attempts:
grep "Failed password for root from" /var/log/auth.log | cut -d " " -f 11 | sort | uniq -c

For invalid user failed login attempts:
grep "Failed password for invalid user" /var/log/auth.log | cut -d " " -f 13 | sort | uniq -c

rietta

When got:

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
        LANGUAGE = (unset),
        LC_ALL = (unset),
        LC_CTYPE = "utf-8",
        LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").

rietta

RAILS_ENV=development rails c 
/home/railsapps/.rvm/gems/ruby-1.9.2-p290@spree_demo/gems/activerecord-3.2.3/lib/active_record/connection_adapters/abstract/connection_pool.rb:398:in `retrieve_connection': ActiveRecord::ConnectionNotEstablished (ActiveRecord::ConnectionNotEstablished)
	from /home/railsapps/.rvm/gems/ruby-1.9.2-p290@spree_demo/gems/activerecord-3.2.3/lib/active_record/connection_adapters/abstract/connection_specification.rb:168:in `retrieve_connection'
	from /home/railsapps/.rvm/gems/ruby-1.9.2-p290@spree_demo/gems/activerecord-3.2.3/lib/active_record/connection_adapters/abstract/connection_specification.rb:142:in `connection'
	from /home/railsapps/.rvm/gems/ruby-1.9.2-p290@spree_demo/gems/activerecord-3.2.3/lib/active_record/model_schema.rb:228:in `columns'
	from /home/railsapps/.rvm/gems/ruby-1.9.2-p290@spree_demo/gems/activerecord-3.2.3/lib/active_record/model_schema.rb:248:in `column_names'
	from /home/railsapps/.rvm/gems/ruby-1.9.2-p290@spree_demo/gems/rd_searchlogic-3.0.1/lib/searchlogic/n

rietta

# 
# Domain Validator by Frank Rietta
# (C) 2012 Rietta Inc. All Rights Reserved.
# Licensed under terms of the BSD License.
#
# To use in a validation, add something like this to your model:
#
#   validates :name, :domain => true
#
class DomainValidator < ActiveModel::EachValidator

rietta

#
# One solution for deploying assets to production servers through git while 
# precompiling the assets on the local development system.
#
# By Frank Rietta
# Copyright 2012 Rietta Inc. All Rights Reserved.
# Licensed as open source under terms of the BSD license.
#
# The script switches to the deploy branch, syncs it down, merges the changes from master, precompiles the
# assets and then pushes those to the deploy branch on remote so that the capistrano script can deploy the