Security

Four days ago the news about the Heartbleed got every sysadmin's attention. Renowned security expert Bruce Schneier writes: > This means that anything in memory -- SSL private keys, user keys, anything -- is vulnerable. And you have to assume that it is all compromised. All of it. > > "Catastrophic" is the right word. On the scale of 1 to 10, this is an 11.

I recently had an annoying encounter with the error message: `Too many authentication failures for root`. I found out this can be caused because you've hoarded too many SSH keys :) So serves me right, but let's see what happens exactly.

If you want to do command-line MySQL administration like restoring databases or dumping statistics, you need the root account and its password. Or do you?

Let's say you want your local restricted users to be able to restart specific services. On linux you'd probably type visudo. In Windows I found, you have to dig a little deeper into the system and really do your research. I needed several sites, programs and articles. So I thought it might be useful to others if I'd bundle all the required information in one place. Here it is.

Sometimes when digging real deep into Windows like I recently had to, you need to have the Windows SID (Security Identifier) of a local user. I wasn't able to find any standard way of obtaining this info, so I wrote this little VBScript. Might help some people, might not. Putting this online anyway ; )