Important: Openssl Security Update [CVE-2008-5077]

Posted on in Categories CentOS, Debian Linux, fedora linux, FreeBSD, GNU/Open source, Howto, Linux, News, RedHat/Fedora Linux, Security Alert, Slackware, Suse Linux, Sys admin last updated January 8, 2009

Linux / BSD and UNIX like operating systems includes software from the OpenSSL Project. The OpenSSL is commercial-grade, industry-strength, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as general purpose cryptography library.

The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a malicious server, or able to effect a “man in the middle” attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client and bypass validation.

This update has been rated as having important security impact on FreeBSD, all version of Ubuntu / Debian, Red Hat (RHEL), CentOS, Fedora and other open source operating system that depends upon OpenSSL.

BIND Named: Set a Zone Transfer IP Address For Master DNS Server

Posted on in Categories BIND Dns, CentOS, data center, fedora linux, FreeBSD, High performance computing, Linux Scalability, RedHat/Fedora Linux, Troubleshooting last updated January 8, 2009

I’ve three nameserver load-balanced (LB) in three geo locations. Each LB has a front end public IP address and two backend IP address (one for BIND and another for zone transfer) are assigned to actual bind 9 server running Linux. So when a zone transfer initiates from slave server, all I get errors. A connection cannot be established, it tries again with the servers main ip or LB2 / LB3 ip. This is a problem because my servers are geo located and load balanced. However, there is a small workaround for this problem.

XEN Virtualization Set The MTU For xenbr0 Interface

Posted on in Categories CentOS, Debian Linux, fedora linux, Gentoo Linux, High performance computing, kernel, Linux, Linux Virtualization, Networking, RedHat/Fedora Linux, xen last updated December 31, 2008

I’ve already written about setting the MTU (Maximum Transmission Unit) under Linux including Jumbo frames (FreeBSD specific MTU information is here).

With this quick tip you can increase MTU size to get a better networking performance.

Apache2 mod_fastcgi: Connect to External PHP via UNIX Socket or TCP/IP Port

Posted on in Categories Apache, CentOS, fedora linux, Howto, lighttpd, Networking, php, RedHat/Fedora Linux, Security, Tips, Troubleshooting, Tuning last updated December 30, 2008

Now, mod_fastcgi is configured and running. FastCGI supports connection via UNIX sockets or TCP/IP networking. This is useful to spread load among various backends. For example, php will be severed from 192.168.1.10 and python / ruby on rails will be severed from 192.168.1.11. This is only possible with mod_fastcgi.

Linux: Boot a 2TB+ partition or Larger Array Using Grub

Posted on in Categories CentOS, data center, fedora linux, File system, Gentoo Linux, Hardware, High performance computing, Howto, kernel, Linux, Linux Scalability, Linux Virtualization, RedHat/Fedora Linux, Storage, Tips, vmware, xen last updated December 6, 2008

I’ve already written about creating a partition size larger than 2TB under Linux using GNU parted command with GPT. In this tutorial, I will provide instructions for booting to a flat 2TB or larger RAID array under Linux using the GRUB boot loader.

Download Fedora 10 CD / DVD ISO

Posted on in Categories Download of the day, fedora linux, GNU/Open source, Linux, Linux desktop, Linux distribution last updated June 10, 2009

Fedora Linux version 10 has been released and available for download. Fedora Linux is a community-based Linux distribution. Fedora is sponsored by Red Hat, Inc.

Fedora 10 Desktop

Fedora 10, codenamed “Cambridge”, was released on November 25, 2008. The features include a web-based package installer similar to Linux Mint’s, a faster startup using Plymouth instead of Red Hat Graphical Boot, better webcam support, GNOME 2.24, KDE 4.1, RPM 4.6 and many other features.