Linux / BSD and UNIX like operating systems includes software from the OpenSSL Project. The OpenSSL is commercial-grade, industry-strength, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as general purpose cryptography library.
The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a malicious server, or able to effect a “man in the middle” attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client and bypass validation.
This update has been rated as having important security impact on FreeBSD, all version of Ubuntu / Debian, Red Hat (RHEL), CentOS, Fedora and other open source operating system that depends upon OpenSSL.
I’ve three nameserver load-balanced (LB) in three geo locations. Each LB has a front end public IP address and two backend IP address (one for BIND and another for zone transfer) are assigned to actual bind 9 server running Linux. So when a zone transfer initiates from slave server, all I get errors. A connection cannot be established, it tries again with the servers main ip or LB2 / LB3 ip. This is a problem because my servers are geo located and load balanced. However, there is a small workaround for this problem.
I’ve already written about setting the MTU (Maximum Transmission Unit) under Linux including Jumbo frames (FreeBSD specific MTU information is here).
With this quick tip you can increase MTU size to get a better networking performance.
Now, mod_fastcgi is configured and running. FastCGI supports connection via UNIX sockets or TCP/IP networking. This is useful to spread load among various backends. For example, php will be severed from 192.168.1.10 and python / ruby on rails will be severed from 192.168.1.11. This is only possible with mod_fastcgi.
I’ve already written about creating a partition size larger than 2TB under Linux using GNU parted command with GPT. In this tutorial, I will provide instructions for booting to a flat 2TB or larger RAID array under Linux using the GRUB boot loader.
Fedora Linux version 10 has been released and available for download. Fedora Linux is a community-based Linux distribution. Fedora is sponsored by Red Hat, Inc.
Fedora 10, codenamed “Cambridge”, was released on November 25, 2008. The features include a web-based package installer similar to Linux Mint’s, a faster startup using Plymouth instead of Red Hat Graphical Boot, better webcam support, GNOME 2.24, KDE 4.1, RPM 4.6 and many other features.
fold is really nifty command line utility to make a text file word wrap. This is useful for large number of text files processing. There is no need to write a perl / python code or use a word processor.
Linux and other Unix-like operating systems use the term “swap” to describe both the act of moving memory pages between RAM and disk and the region of a disk the pages are stored on. It is common to use a whole partition of a hard disk for swapping. However, with the 2.6 Linux kernel, swap files are just as fast as swap partitions. Now, many admins (both Windows and Linux/UNIX) follow an old rule of thumb that your swap partition should be twice the size of your main system RAM. Let us say I’ve 32GB RAM, should I set swap space to 64 GB? Is 64 GB of swap space required? How big should your Linux / UNIX swap space be?
Linux target framework (tgt) aims to simplify various SCSI target driver (iSCSI, Fibre Channel, SRP, etc) creation and maintenance. The key goals are the clean integration into the scsi-mid layer and implementing a great portion of tgt in user space.
The developer of IET is also helping to develop Linux SCSI target framework (stgt) which looks like it might lead to an iSCSI target implementation with an upstream kernel component. iSCSI Target can be useful:
a] To setup stateless server / client (used in diskless setups).
b] Share disks and tape drives with remote client over LAN, Wan or the Internet.
c] Setup SAN – Storage array.
d] To setup loadbalanced webcluser using cluster aware Linux file system etc.
In this tutorial you will learn how to have a fully functional Linux iSCSI SAN using tgt framework.
Really scary exploit attack in wild, which affects all browsers under any desktop operating systems including MS IE, Linux, Apple safari, Opera, Firefox and Adobe flash. Any website that uses CSS and IFRAME (used to serve ads) can be used to attack on end users as attacker is able to take control of the links that your browser visits. In this article I will share few tips to stop this deadly attack until final patch is released by vendors.