Librenix
Headlines | Linux | Apps | Coding | BSD | Admin | News
Information for Linux System Administration 

Linux Iptables Examples

Up
vote
Down

Linux comes with a host based firewall called Netfilter. It is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the network stack.

This Linux based firewall is controlled by the program called iptables to handles filtering for IPv4, and ip6tables handles filtering for IPv6. This tutorial list most common iptables solutions required by a new Linux user to secure his or her Linux operating system from intruders. read more...
mail this link | permapage | score:9634 | -nixcraft, December 14, 2011

HowTo: HTTP Status: 206 Partial Content and Range Requests Using Curl

Up
vote
Down

The HTTP 2xx class of status codes indicates the action requested by the client was received, and processed successfully. HTTP/1.1 200 OK is the standard response for successful HTTP requests. When you type www.cyberciti.biz in the browser you will get this status code. The HTTP/1.1 206 status code allows the client to grab only part of the resource by sending a range header. This is useful for:

* Understanding http headers and protocol.
* Troubleshooting network problems.
* Troubleshooting large download problems.
* Troubleshooting CDN and origin HTTP server problems.
* Test resuming interrupted downloads using tools like lftp or wget or telnet.
* Test and split a large file size into multiple simultaneous streams i.e. download a large file in parts. read more...
mail this link | permapage | score:9621 | -nixcraft, November 21, 2012

Tutorial: Use Amazon Cloudfront To Speed Up Wordpress Based Site

Up
vote
Down

A typical WordPress blog contains a mix of static stuff such as images, javascript, style sheets and dynamic content such as posts, pages and comments posted by users. You can speed up your blog by serving static content via content delivery network such as Akamai, Edgecast and so on. The big boys of CDN business also offered the solution to accelerate dynamic content to improve the performance and reliability of the blog. However, solutions offered by big and traditional CDNs are expensive. Amazon cloudfront recently started to serving dynamic content at lowered price. In this blog post, I will explain:

1. How to serve your entire blog using cloudfront.
2. DNS settings.
3. WordPress settings.
4. Documenting limitations of cloudfront.
5. Documenting performance improvements. read more...
mail this link | permapage | score:9270 | -nixcraft, March 7, 2013

OpenBSD Tutorial: Configure Ralink USB Wireless Adapter

Up
vote
Down

I brought a USB 2.0 wireless adapters based on the Ralink RT2700U, RT2800U and RT3000U chipsets. How do I configure and use it under OpenBSD operating systems?

This usb wireless adapter works out of box under OpenBSD and Linux operating systems. Under OpenBSD you need to use run driver. read more...
permapage | score:9119 | -nixcraft, December 4, 2012

Best Nmap Command Examples For Network Auditing

Up
vote
Down

Nmap is short for Network Mapper. It is an open source security tool for network exploration, security scanning and auditing. However, nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users.

The purpose of this post is to introduce a user to the nmap command line tool to scan a host and/or network, so to find out the possible vulnerable points in the hosts. You will also learn how to use Nmap for offensive and defensive purposes. read more...
mail this link | permapage | score:9097 | -nixcraft, November 29, 2012

Tutorial: RHEL 5.3 to 5.4 upgrade

Up
vote
Down

Red Hat Enterprise Linux v5.4 has been released and available via RHN for immediate update. The new version includes the kernel-based virtual machine (KVM) virtualization, next generation of developer features and tools including GCC 4.4, a new malloc(). Also included clustered, high-availability filesystem to support Microsoft Windows storage needs on Red Hat Enterprise Linux.

This tutorial explains how to upgrade RHEL v5.3 to RHEL v5.4. read more...
permapage | score:8984 | -nixcraft, September 3, 2009

Iptables Tutorial: Limit connections per IP

Up
vote
Down

How do you restrict the number of connections used by a single IP address to my server for port 80 and 25 using iptables?

You need to use the connlimit modules which allows you to restrict the number of parallel TCP connections to a server per client IP address (or address block).

This is useful to protect your server or vps box against flooding, spamming or content scraping. read more...
permapage | score:8982 | -nixcraft, February 8, 2010

Tutorial: Identify Linux bottlenecks with kSar

Up
vote
Down

The sar command collect, report, or save UNIX / Linux system activity information. It will save selected counters in the operating system to the /var/log/sa/sadd file. From the collected data, you get lots of information about your server such as:

1. CPU utilization
2. Memory paging and its utilization
3. Network I/O, and transfer statistics
4. Process creation activity
5. All block devices activity
6. Interrupts/sec etc.

sar output can be used for identifying server bottlenecks. However, analyzing information provided by sar can be difficult, so use kSar, which can take sar output and plot a nice easy to understand graph over period of time. read more...
mail this link | permapage | score:8918 | -nixcraft, December 16, 2009

Unix: Shell Script Wrapper Examples

Up
vote
Down

Shell script wrappers can make the *nix command more transparent to the user. The most common shell scripts are simple wrappers around third party or system binaries. A wrapper is nothing but a shell script that includes a system command or utility.

Linux and Unix like operating system can run both 32bit and 64bit specific versions of applications. You can write a wrapper script that can select and execute correct version on a 32bit or 64bit hardware platform. In cluster environment and High-Performance computing environment you may find 100s of wrapper scripts written in Perl, Shell, and Python to get cluster usage, setting up shared storage, submitting and managing jobs, backups, troubleshooting, invokes commands with specified arguments, sending stdout to stdout and stderr to stderr and much more.

In this post, I will explains how to create a shell wrapper to enhance the basic troubleshooting tool such as ping and host. read more...
mail this link | permapage | score:8744 | -nixcraft, June 24, 2012

Tutorial: Setup Linux iSCSI SAN

Up
vote
Down

Linux target framework (tgt) aims to simplify various SCSI target driver (iSCSI, Fibre Channel, SRP, etc) creation and maintenance. The key goals are the clean integration into the scsi-mid layer and implementing a great portion of tgt in user space.

The developer of IET is also helping to develop Linux SCSI target framework (stgt) which looks like it might lead to an iSCSI target implementation with an upstream kernel component. iSCSI Target can be useful:

a] To setup stateless server / client (used in diskless setups).
b] Share disks and tape drives with remote client over LAN, Wan or the Internet.
c] Setup SAN - Storage array.
d] To setup loadbalanced webcluser using cluster aware Linux file system etc.

In this tutorial you will learn how to have a fully functional Linux iSCSI SAN using tgt framework. read more...
mail this link | permapage | score:8743 | -nixcraft, November 14, 2008

Tutorial: Linux file change auditing

Up
vote
Down

This is one of the key questions asked by new admins - How do I audit file events such as read / write etc? How can I use audit to see who changed a file in Linux?

The answer is to use Linux 2.6 kernelís audit system. Modern Linux kernel (2.6.x) comes with auditd daemon. Itís responsible for writing audit records to the disk. During startup, the rules in /etc/audit.rules are read by this daemon. You can open /etc/audit.rules file and make changes such as setup audit file log location and other option. The default file is good enough to get started with auditd. read more...
mail this link | permapage | score:8737 | -nixcraft, March 22, 2007

Change Linux passwords with a PHP web script

Up
vote
Down

This article shows how to change a system password using a web based PHP script. This is one the essential tasks that many new sys admin find it little difficult as they are not familiar with PHP.

Using concept presented in this article one can write extended edition with any other programming language such as Perl or Python. read more...
permapage | score:8717 | -nixcraft, August 5, 2006

Tutorial: FreeBSD iSCSI Initiator Installation and Configuration

Up
vote
Down

The FreeBSD iscsi_initiator implements the kernel side of the Internet SCSI (iSCSI) network protocol standard, the user land companion is iscontrol and permits access to remote virtual SCSI devices via cam.

FreeBSD 7.x has full support for iSCSI. Older version such as FreeBSD 6.3 requires backport for iSCSI. Following instruction are known to work under FreeBSD 7.0 only. read more...
permapage | score:8709 | -nixcraft, March 13, 2008

Tutorial: FreeBSD Setup IPFW Firewall

Up
vote
Down

Ipfirewall (ipfw) is a FreeBSD IP packet filter and traffic accounting facility.IPFW is included in the basic FreeBSD install as a separate run time loadable module.

This small howto covers building and installing a custom kernel with IPFW. It also provide a small example on how to setting up the rules for a typical FreeBSD based Apache Web server. read more...
permapage | score:8679 | -nixcraft, July 4, 2007

HowTo: Connect two Wireless Routers

Up
vote
Down

You can setup a wireless connection between two routers only so that it will link a wireless network to a wired network allowing you to bridge two networks with different infrastructure. You can find wireless access points products that offer either a "bridge" mode or a "repeater" mode. In this post I'm going to explain three popular open source choices that can be used for setting up a wireless bridge. read more...
permapage | score:8639 | -nixcraft, September 4, 2012

Tutorial: BIND 9 TSIG Security Configuration

Up
vote
Down

Transaction signatures (TSIG) is a mechanism used to secure DNS messages and to provide secure server-to-server communication. This includes zone transfer, notify, and recursive query messages. TSIG uses shared secrets and a one-way hash function to authenticate DNS messages, particularly responses and updates.

This tutorial discusses the security mechanisms implemented in BIND to secure DNS messages and name servers using TSIG configurations. read more...
permapage | score:8598 | -nixcraft, January 28, 2009

FreeBSD: Configure Apache PHP with mod_fastcgi Module

Up
vote
Down

mod_fastcgi is a cgi-module for Apache web server.

FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs.

This article explains how to configure PHP5 - mod_fastcgi under FreeBSD operating system. read more...
permapage | score:8530 | -nixcraft, October 11, 2008

Tutorial: FreeBSD Jail Upgrade

Up
vote
Down

The FreeBSD jail mechanism is an implementation of operating system-level virtualization that allows administrators to partition a FreeBSD-based computer system into several independent mini-systems called jails. FreeBSD jails offer security, ease of delegation and os level virtualization. This article explains how to upgrade FreeBSD jails using 'make world'. read more...
permapage | score:8508 | -nixcraft, November 18, 2008

Tutorial: Debian / Ubuntu Linux Setup Wireless Access Point

Up
vote
Down

I've got a spare USB Wireless Adapters (WIFI adapter/dongle) and my ISP router does not support wireless option. How do I turn my home nas server into a wireless access point (WAP) that allows wireless devices to connect to a wired network using Wi-Fi under Debian or Ubuntu Linux operating systems without purchasing additional WPA box? read more...
permapage | score:8501 | -nixcraft, August 26, 2012

iozone Tutorial: Measure Linux Filesystem I/O Performance

Up
vote
Down

This article gives you a jumpstart on performing benchmark on filesystem using iozone a free Filesystem Benchmark utility.

Following are few situations where you may be interested in performing a filesystem benchmarking.

=> Deploying a new application that is very read and write intensive.
=> Purchased a new storage system and would like to measure the performance.
=> Changing the RAID level and would like to measure the performance of the new RAID.
=> Changing the storage parameters and would like to know the performance impact of this change

(here are some impact canvas prints) read more...
mail this link | permapage | score:8499 | -nixcraft, July 4, 2008 (Updated: April 24, 2012)
More articles...
Fine Art Online Gallery

Recent headlines

Tahoe Least-Authority File System for secure, distributed data storage

Ubuntu Edge: Is there life after an unsuccessful crowd-funding campaign?

Dual-boot Windows 7 and Ubuntu 12.04 on a PC with UEFI board, SSD and HDD

LG 8-inch G Pad 8.3 Android tablet

LinSSID Ė Graphical wireless scanning for Linux

Tutorial: Install Debian 7 (testing) with debootstrap from a Grml live Linux

Hand of Thief trojan and your favorite Linux distribution

Does disk encryption really protect your data?

Usability, user-friendliness and the Linux desktop

4 third-party repositories for Fedora 19

Tutorial: Install SugarCRM CE on Fedora 10

Debian 6, Squid, Kerberos/LDAP authentication, Active Directory integration, Cyfin Reporter

How to install Ajenti on Ubuntu 13.04 server

vsftpd: Local, Virtual users with bash script maintainance

Tutorial: Debian 7 Samba Server with tdbsam

Tutorial: Automatically add a disclaimer to emails with alterMIME (Postfix on Debian 6)

How to replace Ufw with Firewalld in Linux Mint 15

Plasma Media Center 1.1 and digiKam 3.3

OpenShift Online: a non-developer guide

StartOS 6 GNOME 3 and KDE preview

Encrypt mail with SSL certificates

Linux Iptables Examples

Virtual Users/Domains with Postfix/Courier/MySQL/SquirrelMail (Debian 7)

Install Apache2, PHP5, MySQL on CentOS 5.7

Tutorial: Webcam streaming your desktop plus audio with ffmpeg, crtmpserver, Flowplayer

HowTo: HTTP Status: 206 Partial Content and Range Requests Using Curl

webOS: The latest Linux distribution

How to install postgresql 9.2 on Ubuntu 13.04 Server

Tutorial: Replace Windows with Pinguy OS 11.10

Python Client/Server Tutorial

Run Unity desktop on Linux Mint 12

Using Multiple PHP Versions (PHP-FPM FastCGI) With ISPConfig 3 (Ubuntu 12.04)

The Coming HTML 5 Revolution in Linux

Tutorial: Run Joomla 1.7 on Nginx on Debian 6, Ubuntu 11.10

PDNSD HowTo: A DNS Caching Personal Server

Tutorial: Install Postfix, Courier, MySQL, SquirrelMail on CentOS 6.2

Tutorial: USB-Over-IP server, Client on Ubuntu 10.04

Tutorial: Install Lighttpd, PHP5, MySQL on CentOS 6.0

Reviewing Kali Linux - the distro for security geeks

Tutorial: Fedora 19 Samba server with tdbsam

 

Firefox sidebar

Site map

Site info

News feed

Features

Login
(to post)

Search

 
Articles are owned by their authors.   © 2000-2012 Ray Yeargin