Tuesday, October 21, 2014

Did iOS 8.1 Reduce Your Battery Life?

Did iOS 8.1 Reduce Your Battery Life? This May Help

Though the iOS 8.1 update includes many bug fixes that resolve some of the frustrating annoyances that popped up in earlier versions, a handful of users have experienced something else with iOS 8.1; quickly reducing battery life. No, we’re not talking about shaving a few minutes off how long your iPad or iPhone lasts, we’re talking dramatically reduced battery life with rapid draining.
I experienced this fast battery draining thing myself with iOS 8.1 on an iPhone 6 Plus, which after the update started to run physically warm to the touch and was losing battery at a highly unusual rate, where you can basically watch the percentage indicator tick down in real time. Several of our readers reported the same problem. That’s obviously not normal behavior, but with just a few adjustments I was able to remedy the situation and get the iPhone 6 Plus back to it’s excellent battery life. Presumably many other users who are experiencing a similar issue will find these tips to be effective as well.

The iPhone Runs Hot or Feels Warm? Let it Sit, Then Maybe Force Reboot

First, if the iPhone is physically warmer than usual, this strongly suggests there’s some intensive CPU activity going on in the background of iOS. This is most likely to happen upon the first boot after an iOS update, and it’s probably iOS running cleanup, Spotlight, and if you have it enabled – automatic updates. Give the iPhone (or iPad) some time to complete whatever process it’s doing, in my case I just let the iPhone sit with the screen locked for about 30 minutes, and it ended up cooling itself off – but in the meantime it took a major hit to the remaining battery life.
If you’ve let the iPhone / iPad do it’s thing for a while and it’s still running notably warm to the touch, a force reboot may get things back to normal. Just hold down the Power button and Home button until the device restarts itself and you see the Apple logo  indicating a reboot has occurred.
Force restart an iPhone
When the iPhone boots up, it should very quickly cool off and run at normal temperature – and you’ll almost certainly notice an instant difference in how quickly the battery was going down.

Check for Resurfaced Old Location Based Reminders

We all know that location services can be a drain to battery, which makes this a bit of a weird enough one to probably be a bug; I discovered that multiple (very old) location based Reminders were suddenly back and reactivated to run in the background, frequently tapping into GPS and location services to determine the location of the iPhone for a now ancient reminder to function when a destination was hit. Figuring out of this is part of the problem is fairly easy, you’ll first see the familiar little arrow icon in the iOS status bar, then you see if Reminders is the reason why by doing the following:
  • Go to Settings > Privacy > Location Services > and look next to “Reminders” to see if there is a purple arrow next to the name
  • Check Location Services for Reminders
  • If the arrow next to Reminders is purple, open the Reminders app and look for old Location based Reminders that have mysteriously resurfaced and reactivated – check them off to insure they are again completed
Because you’ve almost certainly already long checked off these reminders, this is a bit odd to have them resurface. Presumably it’s a bug or maybe something to do with iCloud syncing, who knows, but it’s easy to fix. In my case, I had two ancient location specific reminders from Siri that were made ages ago which were nearby enough that the iPhone was frequently checking for. Weird. Check them off, and that was that.

Check Your Background Refresh Settings

Some iOS updates have a habit of adjusting settings again, typically turning things on that you already had turned off. This doesn’t always happen, but in my case it did with iOS 8.1 again, discovering that quite a few refresh settings had reactivated themselves. Check these yourself to see if they were reset during the update process:
  • Go to Settings > General > Background App Refresh and toggle off apps that you don’t want to refresh themselves when not in use
Check Background App Refresh for changes
In my experience, every single app that could was set to refresh in the background, despite having adjusted those long ago to not happen. Simply switching most of them off again had positive results.
By the way, these same tricks can help improve general sluggishness sometimes too, but if an iOS device feels abnormally slow, it can usually be sped up with these tips.
The above trio resolved my battery performance issues rather quickly, and I’m back to the amazing battery life of the iPhone 6 Plus which is one of the two main reasons which make it such an appealing iPhone to begin with.
If you’re having any similar battery draining problems post-iOS 8.1, let us know in the comments if you tried the above steps and if they helped you out, or if you’ve found something else to work, let us know that too.

Monday, October 13, 2014

OSSEC Introduction and Installation Guide

OSSEC Introduction and Installation Guide

OSSEC is a Host Based Intrusion Detection and Prevention system.
Best practice security management calls for a layered approach to security; security vulnerability scanning, a firewall, strong passwords, patch management and intrusion detection capabilities are all important layers. Using a HIDS allows you to have real time visibility into what security events are taking place on a server.
The latest version of OSSEC is easy to use and provides a high level of system surveillance for a small amount of effort.
OSSEC provides a number of functions:
  • Real time log monitoring
  • File integrity checking – detects changes to files and system paths
  • Rootkit detection
  • Changes to the system / running services (netstat) / disk space / password file changes
  • Real time blocking of detected attacks through firewall rule modification
  • Execute arbitrary commands based on specific events
At the most basic level you can install OSSEC, set an email address and let it do its job alerting you to security related events on your server. It will not impact the system in anyway simply provide you with security related visibility.
Tuning is easy and you will likely only need to tune out a few things to reduce the amount of alerts you receive as the rate of false positives is very low.
Full installation instructions are available here  http://www.ossec.net/main/manual/manual-installation
While the following information is for an older version, nothing has changed in the process of the latest version. Download thetar archive from the ossec site and get started.
A quick guide to installing on Ubuntu follows:
wget http://www.ossec.net/files/ossec-hids-2.1.1.tar.gz

tar zxvf ossec-hids-2.1.1.tar.gz
cd ossec-hids-2.1.1
sudo ./install.sh

1. What kind of installation do you want (server, agent, local or help)?

* If you are doing a basic install to a single server select 'local'.
This creates a single install to monitor only the server you are
installing on. See the documentation on the site for details on
setting up multiple agents on a number of servers that all report back
to a server.

2- Setting up the installation environment.

 - Choose where to install the OSSEC HIDS [/var/ossec]:

   - Installation will be made at  /var/ossec .

3- Configuring the OSSEC HIDS.

 3.1- Do you want e-mail notification? (y/n) [y]:
  - What's your e-mail address?   -- enter your email address here

 - We found your SMTP server as: example.test.com.
  - Do you want to use it? (y/n) [y]: n

  - What's your SMTP server ip/host? enter your preffered smtp server here

 3.2- Do you want to run the integrity check daemon? (y/n) [y]:
   (this is for file integrity checking, alerts you to changes to
files on your system)

  - Running syscheck (integrity check daemon).

 3.3- Do you want to run the rootkit detection engine? (y/n) [y]:
  (this checks for rootkits on a regular basis)

  - Running rootcheck (rootkit detection).

 3.4- Active response allows you to execute a specific
      command based on the events received. For example,
      you can block an IP address or disable access for
      a specific user.
      More information at:


  - Do you want to enable active response? (y/n) [y]:
(this can block attacks that meet certain rules)
If you select yes for Active response you are adding Intrusion Prevention capability, this is a good thing but keep in mind it is a good idea to white list your own IP’s as you don’t want active response to trigger against your IP and auto block your access. This could happen if you failed multiple ssh logins, or if you were to run a
vulnerability scan against your IP – as ossec would detect this as an attack. So your IP would get blocked, and then you would be unable to ssh to your server for example to manage it!
After compiling is complete you will be presented with final instructions:
- System is Debian (Ubuntu or derivative).
 - Init script modified to start OSSEC HIDS during boot.

 - Configuration finished properly.

 - To start OSSEC HIDS:
               /var/ossec/bin/ossec-control start

 - To stop OSSEC HIDS:
               /var/ossec/bin/ossec-control stop

 - The configuration can be viewed or modified at /var/ossec/etc/ossec.conf

   Thanks for using the OSSEC HIDS.
   If you have any question, suggestion or if you find any bug,
   contact us at contact@ossec.net or using our public maillist at
   ( http://www.ossec.net/main/support/ ).

   More information can be found at http://www.ossec.net

   ---  Press ENTER to finish (maybe more information below). ---
That’s it your done. Just start it up with:
       /var/ossec/bin/ossec-control start
After your initial install you will get a number of alerts (assuming your smtp is configured correctly). Agent starting up, new user logged in and that sort of thing.
So for 15mins work you now have real time security monitoring of your server.