Linux x86_64: Detecting Hardware Errors

Posted on in Categories CentOS, Debian Linux, fedora linux, Gentoo Linux, Hardware, Howto, kernel, Linux, Linux distribution, Networking, package management, RedHat/Fedora Linux, Shell scripting, Sys admin, Tips, Troubleshooting, Ubuntu Linux last updated June 2, 2009

The Blue Screen of Death (BSoD) is used for the error screen displayed by Microsoft Windows, after encountering a critical system. Linux / UNIX like operating system may get a kernel panic. It is just like BSoD. The BSoD and a kernel panic generated using a Machine Check Exception (MCE). MCE is nothing but feature of AMD / Intel 64 bit systems which is used to detect an unrecoverable hardware problem.

Program such mcelog decodes machine check events (hardware errors) on x86-64 machines running a 64-bit Linux kernel. It should be run regularly as a cron job on any x86-64 Linux system. This is useful for predicting server hardware failure before actual server crash.

Linux Kernel Security (SELinux vs AppArmor vs Grsecurity)

Posted on in Categories CentOS, Debian Linux, fedora linux, Gentoo Linux, GNU/Open source, Linux, Linux distribution, Networking, RedHat/Fedora Linux, Security, Slackware, Suse Linux, Ubuntu Linux last updated May 27, 2009

Linux kernel is the central component of Linux operating systems. It is responsible for managing the system’s resources, the communication between hardware and software and security. Kernel play a critical role in supporting security at higher levels. Unfortunately, stock kernel is not secured out of box. There are some important Linux kernel patches to secure your box. They differ significantly in how they are administered and how they integrate into the system. They also allow for easy control of access between processes and objects, processes and other processes, and objects and other objects. The following pros and cons list is based upon my personal experience.

Lighttpd mod_rrdtool: Monitor The Load, Requests Per Seconds and Traffic

Posted on in Categories CentOS, Debian Linux, fedora linux, Hardware, Howto, lighttpd, Linux, Monitoring, RedHat/Fedora Linux, Ubuntu Linux last updated May 23, 2009

The round-robin database tool aims to handle time-series data like network bandwidth, temperatures, CPU load etc. The data gets stored in round-robin database so that system storage footprint remains constant over time. Lighttpd comes with mod_rrdtool to monitor the server load and other details. This is useful for debugging and tuning lighttpd / fastcgi server performance.

Red Hat / CentOS VSFTPD FTP Server Configuration

Posted on in Categories CentOS, FTP Server, Howto, Iptables, Linux, RedHat/Fedora Linux, Security, User Management last updated May 21, 2009

Vsftpd (Very Secure FTP Daemon) is an FTP server for UNIX-like systems, including CentOS / RHEL / Fedora and other Linux distributions. It supports IPv6, SSL, locking users to their home directories and many other advanced features.

In this guide you will learn:

  1. Setup vsftpd to provide FTP service.
  2. Configure vsftpd.
  3. Configure Firewalls to protect the FTP server.
  4. Configure vsftpd with SSL/TLS.
  5. Setup vsftpd as download only anonymous internet server.
  6. Setup vsftpd with virtual users and more.

Linux HugeTLBfs: Improve MySQL Database Application Performance

Posted on in Categories CentOS, Hardware, High performance computing, Howto, MySQL, RedHat/Fedora Linux last updated May 20, 2009

Applications that perform a lot of memory accesses (several GBs) may obtain performance improvements by using large pages due to reduced Translation Lookaside Buffer (TLB) misses. HugeTLBfs is memory management feature offered in Linux kernel, which is valuable for applications that use a large virtual address space. It is especially useful for database applications such as MySQL, Oracle and others. Other server software(s) that uses the prefork or similar (e.g. Apache web server) model will also benefit.

The CPU’s Translation Lookaside Buffer (TLB) is a small cache used for storing virtual-to-physical mapping information. By using the TLB, a translation can be performed without referencing the in-memory page table entry that maps the virtual address. However, to keep translations as fast as possible, the TLB is usually small. It is not uncommon for large memory applications to exceed the mapping capacity of the TLB. Users can use the huge page support in Linux kernel by either using the mmap system call or standard SYSv shared memory system calls (shmget, shmat).

Lighttpd Install mod_geoip For Country / City Level Geo Targeting

Posted on in Categories CentOS, Debian Linux, FreeBSD, Gentoo Linux, Howto, lighttpd, Linux, Networking, package management, RedHat/Fedora Linux, Suse Linux, Ubuntu Linux, UNIX last updated March 29, 2009

Geolocation software is used to get the geographic location of visitor using IP address. You can determine country, organization and guess visitors location. This is useful for:

a] Fraud detection.

b] Geo marketing and ad serving.

c] Target content.

d] Spam fighting.

e] And much more.

mod_geoip is a Lighttpd module for fast ip/location lookups. In this tutorial you will learn about mod_geoip installation and php server side examples to determine visitors country.

Linux Convert ext3 to ext4 File system

Posted on in Categories CentOS, Data recovery, Linux, Linux desktop, Linux distribution, RedHat/Fedora Linux, Storage, Suse Linux, Sys admin, Tips, Troubleshooting, Tuning, Ubuntu Linux last updated January 23, 2009

Some time ago ext4 was released and available for Linux kernel. ext4 provides some additional benefits and perforce over ext3 file system. You can easily convert ext3 to ext4 file system. The next release of Fedora, 11, will default to the ext4 file system unless serious regressions are seen. In this quick tutorial you will learn about converting ext3 to ext4 file system.

Vsftpd FTP Server With Virtual Users ( Berkeley DB + PAM )

Posted on in Categories CentOS, FTP Server, Howto, Linux, Networking, package management, RedHat/Fedora Linux, Security last updated January 21, 2009

VSFTPD supports virtual users with PAM (pluggable authentication modules). A virtual user is a user login which does not exist as a real login on the system in /etc/passwd and /etc/shadow file. Virtual users can therefore be more secure than real users, because a compromised account can only use the FTP server but cannot login to system to use other services such as ssh or smtp.

Vsftpd Set Download Only Anonymous Internet Server

Posted on in Categories CentOS, fedora linux, Howto, Iptables, Linux, Networking, PF Firewall, RedHat/Fedora Linux, Security last updated January 21, 2009

This example shows how you might set up a large internet facing FTP site for distributing file or software updates. The emphasis will be on security and performance. VSFTPD will make sure only world-readable files and directories are served to the world via anonymous / ftp account. You force to originates FTP port connections from a secure port – so users on the FTP server cannot try and fake file content. You will hide the FTP server user IDs and just display ftp in directory listings. This is also a performance boost. Set a 40000-60000 port range for passive connections. This will help firewall setup.

CentOS / RHEL: Vsftpd SSL / TLS FTP Server Configuration

Posted on in Categories CentOS, FTP Server, Linux, Networking, RedHat/Fedora Linux, Security last updated January 21, 2009

Vsftpd FTP server supports secure connections via SSL / TLS, same encryption used with online banking and shopping. This applies to the control connection (including login) and also data connections. You will need a ftp client with SSL support too. In this post, I am going to show you how To configure vsftpd to yse SSL/TLS on a CentOS or Red Hat Enterprise Linux (RHEL) version 5.x/6.x to secure communication.