It would be an error of ‘Access Denied’ right after username entry, and all else would proceed as planned. Well I searched about it a bit and found the answer on superuser.com.

PuTTY tries several authentication methods in a row, which might cause these messages:

• GSSAPI (only if your system and the server have it enabled)
• Public key (only if you have a key loaded)
• Password

After receiving the “Access denied” message, hold Ctrl and right-click on the PuTTY window, then select Event log. At the bottom you will see what exactly caused the failure.

http://superuser.com/questions/312197/putty-0-61-why-do-i-see-access-denied-message-after-i-enter-my-login-id

I will add more references here as I find them useful:

• http://www.justlinux.com/nhf/Programming/Bash_Programming_Cheat_Sheet.html – Bash Cheatsheet
• http://www.mindpicnic.com/tag/bash/ – Learn Bash

Below is the IPTABLES script that I’ve developed based on multiple sources:

#!/bin/sh
IPT="/sbin/iptables"
# Flush old rules, old custom tables
$IPT -F
$IPT -X
$IPT -t nat -F
$IPT -t nat -X
$IPT -t mangle -F
$IPT -t mangle -X
$IPT -P INPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -P OUTPUT ACCEPT
# Set default policies for all three default chains
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT ACCEPT
# Enable free use of loopback interfaces
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT
# All TCP sessions should begin with SYN
$IPT -A INPUT -p tcp ! --syn -m state --state NEW -s 0.0.0.0/0 -j DROP
# Lets log and drop stuff
$IPT -N LOGNDROP
$IPT -A INPUT -j LOGNDROP
$IPT -A LOGNDROP -p tcp -m limit --limit 4/min -j LOG --log-prefix "Denied TCP: " --log-level 7
$IPT -A LOGNDROP -p udp -m limit --limit 4/min -j LOG --log-prefix "Denied UDP: " --log-level 7
$IPT -A LOGNDROP -p icmp -m limit --limit 4/min -j LOG --log-prefix "Denied ICMP: " --log-level 7
$IPT -A LOGNDROP -j DROP
# X-mas tree protection
$IPT -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j LOGNDROP
$IPT -A INPUT -p tcp --tcp-flags SYN,FIN,RST SYN,FIN,RST -j LOGNDROP
$IPT -A INPUT -p tcp --tcp-flags SYN,FIN,RST,PSH SYN,FIN,RST,PSH -j LOGNDROP
# block IANA reserved
$IPT -A INPUT -i eth0 -s 10.0.0.0/8 -j LOGNDROP
$IPT -A INPUT -i eth0 -s 172.16.0.0/12 -j LOGNDROP
$IPT -A INPUT -i eth0 -s 192.168.0.0/16 -j LOGNDROP
# Accept inbound TCP packets
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A INPUT -p tcp --dport 80 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT
$IPT -A INPUT -p tcp --dport 443 -m state --state NEW -s 0.0.0.0/0 -j ACCEPT
$IPT -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
$IPT -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 5 --rttl --name SSH -j DROP
$IPT -A INPUT -j LOGNDROP

The script is fairly straight forward, but includes a few little ‘gems’, those include X-mas tree protection (fully lit up packets – SYN, FIN etc;). As well as blocking IANA reserved ip’s (which you should not get on an external box!).

The only ports that I open are port 80 for HTTP.
Port 443 for HTTPS and 22 for SSH (altho I should move it to a non-standard port to reduce bruteforce attacks).

What kind of gems do you guys have in your iptables for protection? One of my next plans is to either add a port-knock (for ssh) or a tarpit (also for ssh – which should slow down bruteforce attempts).

I have written some apps in the past that have relied on wget to fetch content, thereby cache it locally (as a backup in case of remote failure, as I’ve had a couple times).  Also it reduces the load if that data is begin shown on the your website/app.  So if 100 users sign on and check something, it doesn’t hit the remote server for 100x fetches of that data, it just falls back to the local copy, then the re-sync takes place 10-15 min later.

Anyways the command to get a timestamp check before downloading a file is:

wget -N http://google.com/robots.txt

So the above command will only fetch the robots.txt file IF and ONLY if the following is true:

• A file of that name does not already exist locally.
• A file of that name does exist, but the remote file was modified more recently than the local file.

Well there you have it, dumb but useful command if you ever need it.  Here is a script that I’ve used in the past to spool & fetch RSS / XML feeds:

!/bin/bash
#------------------------------------------------------------------
#
# This script will run via CRONTAB and fetch data from the
# urls.txt file, which can be used internally.  This way we minimize
# the number of requests externally for data.
#
# - created by Jakub
#
#------------------------------------------------------------------
basedir=/htdocs/RSS
storedir=/htdocs/RSS/read/
sourcefile=/htdocs/RSS/urls.txt</strong>
#------------------------------------------------------------------
# Read the URLS.TXT file to get the URL/filename
#
# Formatted:
# http://google.com/robots.txt/robot.filename.txt
# ^- URL                                                 ^- filename to save as
for s in `cat "$sourcefile"`;
do
geturl=`dirname $s`;
filename=`basename $s`;
wget -qN $geturl -pO "$storedir"$filename;
done;
#------------------------------------------------------------------

Since last November I have been looking at homes.  As my Realtor can attest, I have gone through probably 40+ homes before finally finding one that I loved and bidding on it (and winning the bid).

Everything up to that point went smooth until I got half way into the mortgage process, THEN things started getting weird, I began getting irrelevant requests from the underwriters for getting 30 day history on ALL my accounts, meaning, my stock investments (in the toilet), my mutual funds (in the toilet) and even.. yes my one years worth of 401k’s (also in the toilet). They looked at my Canadian chequing account and questioned small deposits like $200 personal transfer from my friend for money he owed me (there were like 4 deposits, totaling under 800 dollars combined!).  I laughed each time these requests came through, but I fulfilled their wishes.  Well except for the 401k, I couldn’t get that in the time frame that they requested because ING direct (the company behind my 401k) sends paper reports out every quarter, and my last quarter was from December, and did not satisfy their needs (but we worked this out).

The next thing that started annoying me is that the underwriters began confusing my Canadian funds with my American funds, and my Canadian accounts (chq/savings, etc) with my American accounts.  I understand that there is a Canada vs USA thing at this point, but why do they keep having to confuse my finances when I outline them clearly for them?  Everything I send over is scanned to PDF and everything is noted and summarized.

It truly annoys me.

But that’s the beginning of it all, I end up waiting over 4 weeks for my mortgage process.  And I am not someone that is easily impatient, but the process takes the full time I allotted to close on my house (procrastination anyone? or maybe just overworked and leave till last minute type?).  And then 2 days before close, I get a call from my mortgage rep.  “Bad news, you were approved for the mortgage, but the PMI company denied you based on your credit being under 700″.  At this point I should probably provide some background, I had only 15% down for my house, and you need 20% in order to NOT pay mortgage insurance (PMI). Plus when I began the mortgage process my credit rating was around 750.

So as you can imagine, this news of being denied PMI came as a shock to me (as I received this notice at 11:30PM 2 days before the scheduled close).

Turns out that because I have only worked in the USA for the past 1 1/2 years, my credit history is vulnerable to being hit by something as innocent as 5 credit checks (yes, 5 is a lot, but I was hit 3 times by my OWN bank for some reason!?, the last 2 were all in order for my mortgage company doing their dudiligence). But that is besides the point, my denial was because my credit score dropped from 750′s to 694, which is terrible, because if you consider it, the sole reason for my credit checks was to get setup with a mortgage, so I could buy a house.  The PMI company did not take that into consideration.

So now, after a month of a mortgage process, my mortgage rep is scrambling to flip me to a government backed FHA mortgage (because I cannot qualify at this point for mortgage insurance for a conventional loan).  I am upset at the system, because I have done all I could do to qualify for a good mortgage, only to be denied by the very system that I marched to the beat of.

The questions are all too clear, is it a mortgage crisis? Or a mortgage process crisis? Because if this is the reflection of what people have to deal with, I am not the least bit surprised with whats happening in the market, and that nobody wants to buy (or can afford) a new house.

I’m pretty sure the answer is a little bit of both, but more of the process than the mortgage.  Well to be more clear: The mortgage crysis is a result of the process crysis.

And its time for me to stop, as I’m starting to rant more about this, the good thing is, that I am (hopefully) going to be alright with closing on my home.  And in the end thats all I care about.

One of the difficulties of switching from one OS to the other is trying to locate all the system files and keep track of where the new OS stores all its settings.

The image above, is a complete Linux File System map that’s quite helpful for newbies like myself. I’m not sure what specific distribution this layout is from and, depending on the system you’re using, your actual structure may vary, with directories left out or additional ones present, but the basic outline should be the same.

From: http://blog.wired.com/monkeybites/2007/09/newbie-help-map.html