Librenix
Headlines | Linux | Apps | Coding | BSD | Admin | News
Information for Linux System Administration 

Linux Iptables Examples

Up
vote
Down

Linux comes with a host based firewall called Netfilter. It is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the network stack.

This Linux based firewall is controlled by the program called iptables to handles filtering for IPv4, and ip6tables handles filtering for IPv6. This tutorial list most common iptables solutions required by a new Linux user to secure his or her Linux operating system from intruders. read more...
mail this link | permapage | score:9713 | -nixcraft, December 14, 2011

HowTo: HTTP Status: 206 Partial Content and Range Requests Using Curl

Up
vote
Down

The HTTP 2xx class of status codes indicates the action requested by the client was received, and processed successfully. HTTP/1.1 200 OK is the standard response for successful HTTP requests. When you type www.cyberciti.biz in the browser you will get this status code. The HTTP/1.1 206 status code allows the client to grab only part of the resource by sending a range header. This is useful for:

* Understanding http headers and protocol.
* Troubleshooting network problems.
* Troubleshooting large download problems.
* Troubleshooting CDN and origin HTTP server problems.
* Test resuming interrupted downloads using tools like lftp or wget or telnet.
* Test and split a large file size into multiple simultaneous streams i.e. download a large file in parts. read more...
mail this link | permapage | score:9520 | -nixcraft, November 21, 2012

Tutorial: Use Amazon Cloudfront To Speed Up Wordpress Based Site

Up
vote
Down

A typical WordPress blog contains a mix of static stuff such as images, javascript, style sheets and dynamic content such as posts, pages and comments posted by users. You can speed up your blog by serving static content via content delivery network such as Akamai, Edgecast and so on. The big boys of CDN business also offered the solution to accelerate dynamic content to improve the performance and reliability of the blog. However, solutions offered by big and traditional CDNs are expensive. Amazon cloudfront recently started to serving dynamic content at lowered price. In this blog post, I will explain:

1. How to serve your entire blog using cloudfront.
2. DNS settings.
3. WordPress settings.
4. Documenting limitations of cloudfront.
5. Documenting performance improvements. read more...
mail this link | permapage | score:9136 | -nixcraft, March 7, 2013

OpenBSD Tutorial: Configure Ralink USB Wireless Adapter

Up
vote
Down

I brought a USB 2.0 wireless adapters based on the Ralink RT2700U, RT2800U and RT3000U chipsets. How do I configure and use it under OpenBSD operating systems?

This usb wireless adapter works out of box under OpenBSD and Linux operating systems. Under OpenBSD you need to use run driver. read more...
permapage | score:9124 | -nixcraft, December 4, 2012

Tutorial: Identify Linux bottlenecks with kSar

Up
vote
Down

The sar command collect, report, or save UNIX / Linux system activity information. It will save selected counters in the operating system to the /var/log/sa/sadd file. From the collected data, you get lots of information about your server such as:

1. CPU utilization
2. Memory paging and its utilization
3. Network I/O, and transfer statistics
4. Process creation activity
5. All block devices activity
6. Interrupts/sec etc.

sar output can be used for identifying server bottlenecks. However, analyzing information provided by sar can be difficult, so use kSar, which can take sar output and plot a nice easy to understand graph over period of time. read more...
mail this link | permapage | score:9008 | -nixcraft, December 16, 2009

Iptables Tutorial: Limit connections per IP

Up
vote
Down

How do you restrict the number of connections used by a single IP address to my server for port 80 and 25 using iptables?

You need to use the connlimit modules which allows you to restrict the number of parallel TCP connections to a server per client IP address (or address block).

This is useful to protect your server or vps box against flooding, spamming or content scraping. read more...
permapage | score:9008 | -nixcraft, February 8, 2010

Best Nmap Command Examples For Network Auditing

Up
vote
Down

Nmap is short for Network Mapper. It is an open source security tool for network exploration, security scanning and auditing. However, nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users.

The purpose of this post is to introduce a user to the nmap command line tool to scan a host and/or network, so to find out the possible vulnerable points in the hosts. You will also learn how to use Nmap for offensive and defensive purposes. read more...
mail this link | permapage | score:9005 | -nixcraft, November 29, 2012

Tutorial: RHEL 5.3 to 5.4 upgrade

Up
vote
Down

Red Hat Enterprise Linux v5.4 has been released and available via RHN for immediate update. The new version includes the kernel-based virtual machine (KVM) virtualization, next generation of developer features and tools including GCC 4.4, a new malloc(). Also included clustered, high-availability filesystem to support Microsoft Windows storage needs on Red Hat Enterprise Linux.

This tutorial explains how to upgrade RHEL v5.3 to RHEL v5.4. read more...
permapage | score:8932 | -nixcraft, September 3, 2009

Change Linux passwords with a PHP web script

Up
vote
Down

This article shows how to change a system password using a web based PHP script. This is one the essential tasks that many new sys admin find it little difficult as they are not familiar with PHP.

Using concept presented in this article one can write extended edition with any other programming language such as Perl or Python. read more...
permapage | score:8807 | -nixcraft, August 5, 2006

Tutorial: FreeBSD Setup IPFW Firewall

Up
vote
Down

Ipfirewall (ipfw) is a FreeBSD IP packet filter and traffic accounting facility.IPFW is included in the basic FreeBSD install as a separate run time loadable module.

This small howto covers building and installing a custom kernel with IPFW. It also provide a small example on how to setting up the rules for a typical FreeBSD based Apache Web server. read more...
permapage | score:8769 | -nixcraft, July 4, 2007

Tutorial: Linux file change auditing

Up
vote
Down

This is one of the key questions asked by new admins - How do I audit file events such as read / write etc? How can I use audit to see who changed a file in Linux?

The answer is to use Linux 2.6 kernelís audit system. Modern Linux kernel (2.6.x) comes with auditd daemon. Itís responsible for writing audit records to the disk. During startup, the rules in /etc/audit.rules are read by this daemon. You can open /etc/audit.rules file and make changes such as setup audit file log location and other option. The default file is good enough to get started with auditd. read more...
mail this link | permapage | score:8765 | -nixcraft, March 22, 2007

HowTo: Connect two Wireless Routers

Up
vote
Down

You can setup a wireless connection between two routers only so that it will link a wireless network to a wired network allowing you to bridge two networks with different infrastructure. You can find wireless access points products that offer either a "bridge" mode or a "repeater" mode. In this post I'm going to explain three popular open source choices that can be used for setting up a wireless bridge. read more...
permapage | score:8729 | -nixcraft, September 4, 2012

Tutorial: FreeBSD iSCSI Initiator Installation and Configuration

Up
vote
Down

The FreeBSD iscsi_initiator implements the kernel side of the Internet SCSI (iSCSI) network protocol standard, the user land companion is iscontrol and permits access to remote virtual SCSI devices via cam.

FreeBSD 7.x has full support for iSCSI. Older version such as FreeBSD 6.3 requires backport for iSCSI. Following instruction are known to work under FreeBSD 7.0 only. read more...
permapage | score:8627 | -nixcraft, March 13, 2008

FreeBSD: Configure Apache PHP with mod_fastcgi Module

Up
vote
Down

mod_fastcgi is a cgi-module for Apache web server.

FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs.

This article explains how to configure PHP5 - mod_fastcgi under FreeBSD operating system. read more...
permapage | score:8620 | -nixcraft, October 11, 2008

Tutorial: FreeBSD Jail Upgrade

Up
vote
Down

The FreeBSD jail mechanism is an implementation of operating system-level virtualization that allows administrators to partition a FreeBSD-based computer system into several independent mini-systems called jails. FreeBSD jails offer security, ease of delegation and os level virtualization. This article explains how to upgrade FreeBSD jails using 'make world'. read more...
permapage | score:8598 | -nixcraft, November 18, 2008

Tutorial: BIND 9 TSIG Security Configuration

Up
vote
Down

Transaction signatures (TSIG) is a mechanism used to secure DNS messages and to provide secure server-to-server communication. This includes zone transfer, notify, and recursive query messages. TSIG uses shared secrets and a one-way hash function to authenticate DNS messages, particularly responses and updates.

This tutorial discusses the security mechanisms implemented in BIND to secure DNS messages and name servers using TSIG configurations. read more...
permapage | score:8584 | -nixcraft, January 28, 2009

Unix: Shell Script Wrapper Examples

Up
vote
Down

Shell script wrappers can make the *nix command more transparent to the user. The most common shell scripts are simple wrappers around third party or system binaries. A wrapper is nothing but a shell script that includes a system command or utility.

Linux and Unix like operating system can run both 32bit and 64bit specific versions of applications. You can write a wrapper script that can select and execute correct version on a 32bit or 64bit hardware platform. In cluster environment and High-Performance computing environment you may find 100s of wrapper scripts written in Perl, Shell, and Python to get cluster usage, setting up shared storage, submitting and managing jobs, backups, troubleshooting, invokes commands with specified arguments, sending stdout to stdout and stderr to stderr and much more.

In this post, I will explains how to create a shell wrapper to enhance the basic troubleshooting tool such as ping and host. read more...
mail this link | permapage | score:8579 | -nixcraft, June 24, 2012

Redhat enterprise Linux 5 network configuration guide

Up
vote
Down

Red hat enterprise Linux 5 (RHEL5) provides different tools to make changes to Network configuration such as add new card, assign IP address, change DNS server etc. This guide covers configuration using GUI and command line tools. The instructions are compatible with CentOS and Fedora Core Linux. read more...
permapage | score:8486 | -nixcraft, April 13, 2007

Squid Proxy HowTo: Listen Pandora to In Europe

Up
vote
Down

I have Pandora Internet Radio One subscription, and recently I moved to Europe for a few months as part of my work schedule. The service fully available only in the United States. How do I access Pandora one service in Europe? Can I get around it by using a proxy server installed on my own server located in USA at home or ISP data center? read more...
permapage | score:8481 | -nixcraft, November 22, 2012

Debian / Ubuntu: Block unwanted sites with SquidGuard Web Filter

Up
vote
Down

How do I install and configure SquidGuard Ė a web filter plugin for Squid to restrict access to domains/URLs based upon access control lists? How do I block porn, gambling, and other web-sites using squid proxy server version 3.x under Debian or Ubuntu Linux server for my school? read more...
permapage | score:8477 | -nixcraft, August 24, 2012
More articles...
Abstract Art Prints on Canvas

Selected articles

Librenix T-Shirts and Coffee Mugs!

Scripting: A parallel Linux backup script

Why software sucks

Microsoft to push unlicensed users to Linux

Space Tyrant: A threaded C game project: First Code

Download: Linux 3D Client for Starship Traders

Apple DIY Repair

Linux vs. Windows: Why Linux will win

Hacker Haiku

Missing the point of the Mac Mini

The Real Microsoft Monopoly

No, RMS, Linux is not GNU/Linux

Closed Source Linux Distribution Launched

The life cycle of a programmer

Apple to Intel move no threat to Linux

VPS: Xen vs. OpenVZ

MiniLesson: An introduction to Linux in ten commands

Space Tyrant: Multithreading lessons learned on SMP hardware

Space Tyrant: A multiplayer network game for Linux

Graffiti Server Download Page

The Network Computer: An opportunity for Linux

Why Programmers are not Software Engineers

How to install Ubuntu Linux on the decTOP SFF computer

Shadow.sh: A simple directory shadowing script for Linux

Mono-culture and the .NETwork effect

The short life and hard times of a Linux virus

Tutorial: Introduction to Linux files

Beneficial Computer Viruses

Currency Traders Telnet Game

Space Tyrant: A threaded game server project in C

Linux dominates Windows

The Supreme Court is wrong on Copyright Case

Programming Language Tradeoffs: 3GL vs 4GL

 

Firefox sidebar

Site map

Site info

News feed

Features

Login
(to post)

Search

 
Articles are owned by their authors.   © 2000-2012 Ray Yeargin