Introduction FreeIPA is an open-source security solution for Linux which provides account management and centralized authentication, similar to Microsoft’s Active Directory. FreeIPA is built on top of multiple open source projects including the 389 Directory Server, MIT Kerberos, and SSSD. FreeIPA has clients for CentOS 7, Fedora, and Ubuntu 14.04/16.04. These clients make it fairly […]
In this Mini Tutorial we will be deleting a user account from a MySQL server instance, using DROP USER call to the mysql.user table. First, fire up MySQL in your terminal and login as an administrator account with: mysql -u root -p You will be prompted for your root password before being granted access to the […]
Well, basically, that means you have too low memlock limit setting in your OS. This can be easily fixed in two steps: 1) Edit /etc/security/limits.conf file and add to the end: 1 2 * hard memlock unlimited * soft memlock unlimited 2) Add a line in the /etc/pam.d/common-session file: 1 session required pam_limits.so that’ll make sure your limits are […]
We are building a portable IDS that we take from location to location to assess different legs of the network. The concept was to build the box, test it out in the office, configure and apply upgrades the perform some maintenance. Snort As for snort, security onion makes sure disk use is below 90% with […]
Many Mac users like to make a bootable installer drive for installing OS X El Capitan, whether for performing a clean install, or for making it easier to install OS X 10.11 onto multiple Macs. We will walk through creating a bootable install flash drive from OS X El Capitan with the final public version. […]
I am an OSX user, and I run a lot of VMs using VMware Fusion 7 which I have been very happy with since I purchased it. One thing that always bugged me is that Fusion allocated a different IP address to each VM every time it started up, or resumed from a suspend. Applications […]
Grep can remove all the comments and all the blank lines from a configuration file. grep -v ^# configfile | grep -v ^$ grep -v ^# will remove all lines beginning with # (While keeping lines with comments after the setting, as in Whatever = Foo #sets Whatever to Foo) grep -v ^$ removes all […]
Tip #1: Know Your Deployment Topology Before You Set Configs Loggly is running ES 0.90.13 with separate master and data nodes. We won’t be going into too much detail about that right now (look out for a subsequent post), other than to say that you need to determine your deployment topology in order to make […]
This can be caused be a resource limit on the Elasticsearch user. They are simply not allowed to lock that much memory. Change locked memory size in the host by Edit the file /etc/security/limits.conf
Linux’s ext2/ext3 filesystem uses UUID UUID benefits As a sesonded UNIX admin I have to deal with various data storage technologies such as SAN, iSCSI, DAS, scsi disks volumes. Sometime you may need to move storage from one device to another and updating /etc/fstab can be pain in a$$. With UUID Linux kernel should automatically […]
The hostnamectl tool is provided for administering the three separate classes of host names in use on a given system. View All the Host Names To view all the current host names, enter the following command: ~]$ hostnamectl status The status option is implied by default if no option is given.
Introduction SaltStack is a powerful, flexible, high performing configuration management and remote execution system. It can be used manage your infrastructure from a centralized location while minimizing manual maintenance steps. To learn more about some of the terminologies and tools involved with SaltStack, check out this guide.
Problem: apt-get-repository Command is Missing I was trying to install the latest version of git from the Ubuntu Git Maintainers Team and I needed to add a Personal Package Archive (PPA) to the Software Sources. But when I tried to do this, I got an error: sudo: add-apt-repository: command not found Solution: Install the software-properties-common […]
How do I find the largest top files and directories on a Linux or Unix like operating systems? Sometime it is necessary to find out what file(s) or directories are eating up all your disk space. Further, it may be necessary to find out it at the particular location such as /tmp or /var or […]
Security is an incredibly complex problem when administering online servers. While it is possible to configure firewalls, fail2ban policies, secure services, and lock down applications, it is difficult to know for sure if you have effectively blocked every attack. A host-based intrusion detection system (HIDS), works by collecting details about your computer’s filesystem and configuration. […]
ElasticSearch is flexible and powerful open source, distributed real-time search and analytic engine. Using a simple set of APIs, it provides the ability for full-text search. Elastic search is freely available under the Apache 2 license, which provides most flexibility. This article will help you for configuring ElasticSearch Multi Node Cluster on CentOS, RHEL, Ubuntu […]
About crontab The crontab is a list of commands that you want to run on a regular schedule, and also the name of the command used to manage that list. crontab stands for “cron table,” because it uses the job scheduler cron to execute tasks;cron itself is named after “chronos,” the Greek word for time.
How to install FFmpeg on Ubuntu 14.04 FFmpeg has been removed from Ubuntu 14.04 and was replaced by Libav. This decision has been reversed so that FFmpeg is available now in Ubuntu 15.04 again, but there is still no official package for 14.04. In this tutorial, I will show you how to install FFmpeg from […]
There are many reasons why you would want to configure Postfix to send email using an external SMTP provider such as Google Apps (Gmail), Mandrill, SendGrid, Amazon SES, or any other SMTP server. One reason is to avoid getting your mail flagged as spam if your current server’s IP has been added to a spam […]
Sending mail can be accomplished by a number of programs on a linux system. Here are a few examples provided you have already setup postfix relay services on your server. Then you have to configure it, and once you have done that, you can send email like this:
GNS3 team has done a great job in stabilizing the ASA implementation. On the new version1.2.1 they have already set all default options (kernel command and Qemu options) to the best possible set that is out there( which you see below). And they have also stabilized the cpu utilization issue with ASA by integrating cpulimit […]
This guide explains how to configure PXE server in Ubuntu 14.10 PXE Server, stands for preboot execution environment, is used to enable a network computer to boot only from a network interface card. This method will be very helpful, if a System Administrator wants to install many systems which doesn’t have a CD/DVD device on […]
Cat, Grep and Tail are the commands that truly set Linux based syslog servers apart from one running on windows. Don’t get me wrong, there are other decent alternatives but it’s hard to beat a typed command and an instant result.
Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, Snorby, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!
Generate a single alert when something goes wrong. Don’t spam. Be able to alert on both volume of a particular message or lack thereof If alerting on lack thereof, alert even if there was 0 messages during the period I started with the throttle filter but felt the use case I wanted to use was […]
You need to use the find command to list all hidden files recursively on a Linux or Unix like systems. Syntax: Recursively list all hidden files and directories on Linux/Unix
I was recently asked if it was possible to forward vCenter Server logs to a regular syslog server and if so, how difficult would it be to setup? I had researched this topic several years back, but did not find an ideal solution as vCenter Server was only available on the Windows platform and vCenter […]
Most of web-based application development todays were developed using database. The most popular one is using PHP and MySQL. When developing using MySQL most of beginners were using phpMyAdmin as their power tools in database CRUD (Create-Read-Update-Delete) as well as databases/tables creation and manipulation. PhpMyAdmin supports encryption feature which enables database developers to raise their […]
If you have shell or telnet access to your web server, you can backup your MySQL data by using the mysqldump command. This command connects to the MySQL server and creates an SQL dump file. The dump file contains the SQL statements necessary to re-create the database. Here is the proper syntax:
How do I create a custom static HTTP 404 or HTTP 403 error page under nginx web server? First create 404.html in your document root. The default is location is /usr/local/nginx/html/. So create a HTML file as follows: