Sunday, March 22, 2015

Java on Iceweasel

Tonight I needed Sun Java to make something run in my Iceweasel browser. It was a bit of a pain (my memory was fuzzy on how I did it before so a little blog post) to get it running so this how I did it:

Download your java tar.gz from and unpack the tag.gz in /opt/. represents the version you have downloaded.

$ sudo tar -zxvf .tar.gz -C /opt/

A new folder in /opt/ is created with the content of the downloaded tar.gz file. We are going to use links so we can install multiple version in the future if that would be necessary.

$ sudo ln /opt/ /opt/java-sun

We need to check the home variables:

$  JHome=/opt/java-sun
$ update-alternatives --install /usr/bin/java java ${JHOME% * /}/bin/java 20000

To check this java is the prefered way run:

$ update-alternatives --config java

Now we still need to configure the Iceweasel browser. Close all instances first.

$ sudo ln -sf /opt/java-sun/lib/amd64/ /usr/lib/mozilla/plugins/

To check if everything works, open your Iceweasel browser and go to Click on verify Java version and give it the permission to run.

Thursday, March 12, 2015

Back to basics

Recently I switched jobs and one of the interesting parts of changing jobs is everything is new and you have the 'fresh pair of eyes'.

The new environment has everything, a big network, mobile, malware and other attacks and a bunch of people.

It is this people factor that is actually the most challenging. Right now besides the technical aspects of the job, I am trying to convince a lot of people that the techie side of security is only a small fraction of the job.

Technically it has been the basics:
* user accounts and privileges
* tools
* network segregation
* vulnerability management
* incident response

Although it isn't possible for every organization to hire new infosec people all the time, it remains in my opinion a good exercise: Ask yourself why the things are as they are and evaluate the needs of the organization, they might have changed.