Stanford Javascript Crypto Library (SJCL) JavaScript encryption

I found this while looking for a means to do some simple encryption in Javascript for a browser based application. With open-source support for AES and other protocols, it is quite robust and fast.

As a bonus, it is packaged as a webjar and available in Maven Central:



CSS font-smoothing

You might be tempted to use the full capabilities of your browser to do things such as font-smoothing, but it’s not a good idea as it is often overused and the Browser/OS will generally do it’s best.

Both Firefox and Safari have support of this CSS attribute as follows:

font-smoothing: antialiased;
-webkit-font-smoothing: antialiased;

NOTE: If you’re using something like Glyphicons (included with Bootstrap) you might have some use for this because of the way that fonts are used for icons.


HTML5 autofill using autocomplete

Once in a while, the web development community reintroduces old ideas in a new way. Years ago, there was a concept called ECML (E-Commerce Markup Language) that added an HTML attribute to identify values in a FORM that could be auto-filled from a users “virtual wallet”. Sadly, while it was implemented on a variety of websites (mine included), it was not widely supported and disappeared.

The concept has been reintroduced as values in the ‘autocomplete’ attribute in HTML5. Traditionally this attribute was only used to prevent auto-filling of values, now it can identify which values it is related to for pre-fill.

The usual payment, address and demographic fields (and variations of each) are supported.


^<input type="text" name="ccnum" autocomplete="cc-number" value="" />


Modify Ubuntu Swappiness for performance

Sometimes, it is possible to improve the performance of Ubuntu on older hardware by modifying the disk swapping behavior.

Check your current setting:

cat /proc/sys/vm/swappiness

To modify the behavior, just change the value and reboot. Most documentation recommends trying a value of 10.

sudo vi /etc/sysctl.conf

Add (or change):

# Decrease swappiness value (default:60)


Sonatype Nexus2 Repository Manager OSS

To allow for repeatable, faster builds in a continuous build environment, it’s often a good idea to use a central repository to cache common assets and prevent the need to download assets from the internet for each build. Using Nexus allows for those transfers to occur over your local network for previously downloaded assets.

You can download the WAR from:

And install on your Java application server, such as Apache Tomcat, via normal means.

If you are using Maven, you’ll need to make appropriate changes in (/.m2/settings.xml) to direct your builds to use Nexus.

Jenkins and other build automation tools will require similar changes.


Google Chrome installation for Ubuntu

With a few simple steps, Google Chrome can be installed on Ubuntu.

wget -q -O - | sudo apt-key add -

sudo sh -c 'echo "deb stable main" >> /etc/apt/sources.list.d/google.list'

sudo apt-get update

sudo apt-get install google-chrome-stable


sudo apt-get install google-chrome-beta

Clear Ubuntu ‘bash’ history

After a lot of use, your history file can become full of a lot of old commands… once in a while, it can be useful (and safer) to clean them up.

NOTE: this can be especially important if you have ever used a password as a command line parameter as it is stored without encryption in a text file.


cat /dev/null > ~/.bash_history && history -c && exit

Also useful:

history -c
history -w


Install Fail2Ban on Ubuntu to protect services

Many common adminstrative services such as VPN and SSH are exposed on known port numbers, unfortunately this makes it easy for hackers to use tools to attempt to access the systems. Use of countermeasures such as Fail2Ban can block them after a few failed attempts.

Installation Steps:

  1. sudo apt-get install fail2ban
  2. sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
  3. sudo vi /etc/fail2ban/jail.local
  4. Update:
    destemail & sender
    sudo /opt/splunkforwarder/bin/splunk add monitor /var/log/fail2ban.log -index main -sourcetype Fail2Ban

    Splunk (manual):
    sudo vi /opt/splunkforwarder/etc/apps/search/local/inputs.conf

    disabled = false
    index = main
    sourcetype = Fail2Ban

  6. sudo service fail2ban restart


Adding OpenSSH server logs to Splunk

By default, in most Linux distros, OpenVPN log output goes to the authlog, which is usually at /var/log/auth.log, as such it is trivial to add them to Splunk monitoring:

sudo /opt/splunkforwarder/bin/splunk add monitor /var/log/auth.log -index main -sourcetype OpenSSH

Splunk (manual):
sudo vi /opt/splunkforwarder/etc/apps/search/local/inputs.conf

disabled = false
index = main
sourcetype = OpenSSH


Adding OpenVPN logs to Splunk on Ubuntu

By default, in most Linux distros, OpenVPN log output goes to the syslog, which is usually at /var/log/syslog. However, your config files can set the logfile location explicitly, as shown below:

  1. sudo vi /etc/openvpn/server.conf
  2. Change or add:
    log-append /var/log/openvpn.log
  3. Restart to use the new config:
    sudo service openvpn restart
  4. Add to Splunk forwarder:
    sudo /opt/splunkforwarder/bin/splunk add monitor /var/log/openvpn.log -index main -sourcetype OpenVPN

    Splunk (manual):
    sudo vi /opt/splunkforwarder/etc/apps/search/local/inputs.conf

    disabled = false
    index = main
    sourcetype = OpenVPN