Top 20 OpenSSH Server Best Security Practices

Posted on in Categories CentOS, Debian Linux, fedora linux, FreeBSD, Gentoo Linux, Howto, Linux, Networking, package management, RedHat/Fedora Linux, Security, Suse Linux, Sys admin, Tips, Ubuntu Linux, UNIX last updated July 24, 2009
Don't tell anyone that I'm free

OpenSSH is the implementation of the SSH protocol. OpenSSH is recommended for remote login, making backups, remote file transfer via scp or sftp, and much more. SSH is perfect to keep confidentiality and integrity for data exchanged between two networks and systems. However, the main advantage is server authentication, through the use of public key cryptography. From time to time there are rumors about OpenSSH zero day exploit. Here are a few things you need to tweak in order to improve OpenSSH server security.

Vmware Linux Guest Add a New Hard Disk Without Rebooting Guest

Posted on in Categories CentOS, fedora linux, Hardware, Howto, Linux, Linux desktop, Linux distribution, Linux Virtualization, RedHat/Fedora Linux, Storage, Sys admin, Tips, vmware last updated July 18, 2009

As a system admin, I need to use additional hard drives for to provide more storage space or to separate system data from user data. This procedure, adding physical block devices to virtualized guests, describes how to add a hard drive on the host to a virtualized guest using VMWare software running Linux as guest.

It is possible to add or remove a SCSI device explicitly, or to re-scan an entire SCSI bus without rebooting a running Linux VM guest. This how to is tested under Vmware Server and Vmware Workstation v6.0 (but should work with older version too). All instructions are tested on RHEL, Fedora, CentOS and Ubuntu Linux guest / hosts operating systems.

6 Tools To Find Out Website Load Speed

Posted on in Categories Apache, Beyond nixCraft, Business, Hardware, High performance computing, Howto, Linux, Linux desktop, Sys admin, Troubleshooting, UNIX, Windows, windows vista last updated July 15, 2009

Research shows that if your web pages take longer than 5 seconds to load, you lose 50% of your viewers and sales. As a UNIX admin often end users and web developers complain about website loading speed and timings. Usually, there is nothing wrong with my servers or server farm. Fancy java script and images / flash makes site pretty slow. These tools are useful to debug performance problems for sys admins, developers and end users. Here are six tools that can analyzes web pages and tells you why they are slow. Use the following tools to:

  • Make your site faster.
  • Debug site problem, especially client side and server side stuff.
  • Better user experience.
  • Improve the web.

20 Linux System Monitoring Tools Every SysAdmin Should Know

Posted on in Categories CentOS, Debian Linux, Howto, Linux, Monitoring, Networking, RedHat/Fedora Linux, Security, Sys admin last updated June 27, 2009

Need to monitor Linux server performance? Try these built-in commands and a few add-on tools. Most Linux distributions are equipped with tons of monitoring. These tools provide metrics which can be used to get information about system activities. You can use these tools to find the possible causes of a performance problem. The commands discussed below are some of the most basic commands when it comes to system analysis and debugging server issues such as:

  1. Finding out bottlenecks.
  2. Disk (storage) bottlenecks.
  3. CPU and memory bottlenecks.
  4. Network bottlenecks.

Lighttpd Traffic Shaping: Throttle Connections Per Single IP (Rate Limit)

Posted on in Categories Apache, CentOS, fedora linux, FreeBSD, Howto, Iptables, lighttpd, Linux, Networking, PF Firewall, RedHat/Fedora Linux, Security, Ubuntu Linux, UNIX last updated June 21, 2009

If you do not control or throttle end users, your server may run out of resources. Spammers, abuser and badly written bots can eat up all your bandwidth. A webserver must keep an eye on connections and limit connections per second. This is serving 101. The default is no limit. Lighttpd can limit the throughput for each single connection (per IP) or for all connections. You also need to a use firewall to limit connections per second. In this article I will cover firewall and lighttpd web server settings to throttle end users. The firewall settings can be applied to other web servers such as Apache / Nginx and IIS server behind PF / netfilter based firewall.

Visual Representations Of Linux File Systems

Posted on in Categories File system, Howto, kernel, Linux last updated June 16, 2009

This is an interesting visualization techniques for software analysis. From the article:

Despite being a very important part of any operating system, file systems tend to get little attention. Linux has three editions for Linux Device Drivers, another three for Understanding the Linux Kernel and two for Linux Kernel Development. The first is a detail analysis of one particular Linux Kernel tree and the second is a shorter one done over a large number of file systems from Linux Kernel 2.6.0 to 2.6.29. After that there is a small section that shows some aspects of the BSD family. After conclusions there is an appendix consisting of three things: the first one explains how the file systems for Linux were compiled, the second one shows timelines for the releases of Linux Kernel, FreeBSD, NetBSD and OpenBSD; the last is a detailed map of the external symbols of the kernel modules analyzed in the second section.

A Visual Expedition Inside the Linux File Systems

Increase Your VMware Virtual Hard Disk Size ( vmdk file )

Posted on in Categories Backup, Hardware, Howto, Linux desktop, Linux Virtualization, Storage, Sys admin, Tips, Ubuntu Linux, vmware, windows vista last updated June 9, 2009

I’ve Windows Vista installed as a guest under Ubuntu Linux using VMWARE Workstation 6.0. This is done for testing purpose and browsing a few site that only works with Internet Explorer. Since I only use it for testing I made 16GB for Vista and 5GB for CentOS and 5GB in size for FreeBSD guest operating systems. However, after some time I realized I’m running out of disk space under both CentOS and Vista. Adding a second hard drive under CentOS solved my problem as LVM was already in use. Unfortunately, I needed to double 32GB space without creating a new D: drive under Windows Vista. Here is a simple procedure to increase your Virtual machine’s disk capacity by resizing vmware vmdk file.

Linux Find Out If PCI Hardware Supported or Not In The Current Running Kernel

Posted on in Categories CentOS, Debian Linux, fedora linux, Gentoo Linux, GNU/Open source, Hardware, Howto, Linux, RedHat/Fedora Linux, Sys admin, Tips last updated June 3, 2009

From my mailbag:

How do I find out if a given PCI hardware is supported of by the current CentOS / Debian / RHEL / Fedora Linux kernel?

You can easily find out find out if a given piece of PCI hardware such as RAID, network, sound, graphics card is supported or not by the current Linux kernel using the following utilities under any Linux distributions.

OpenOffice.org Quick Introduction For New User

Posted on in Categories GNU/Open source, Howto, Linux desktop, OpenOffice.Org, Troubleshooting, Ubuntu Linux, UNIX, Windows, windows vista last updated June 3, 2009

OpenOffice.org (OOo) is a freely available, full-featured office suite. OOo is both a software product and a community of volunteers that produces and supports the software. However, new users may get lost while finding help, support and productivity enhancing extensions. This blog post covers OOo new user orientation to to discover support, tutorials, community insights, templates, clip art, extensions, and blogs for OOo.

Linux x86_64: Detecting Hardware Errors

Posted on in Categories CentOS, Debian Linux, fedora linux, Gentoo Linux, Hardware, Howto, kernel, Linux, Linux distribution, Networking, package management, RedHat/Fedora Linux, Shell scripting, Sys admin, Tips, Troubleshooting, Ubuntu Linux last updated June 2, 2009

The Blue Screen of Death (BSoD) is used for the error screen displayed by Microsoft Windows, after encountering a critical system. Linux / UNIX like operating system may get a kernel panic. It is just like BSoD. The BSoD and a kernel panic generated using a Machine Check Exception (MCE). MCE is nothing but feature of AMD / Intel 64 bit systems which is used to detect an unrecoverable hardware problem.

Program such mcelog decodes machine check events (hardware errors) on x86-64 machines running a 64-bit Linux kernel. It should be run regularly as a cron job on any x86-64 Linux system. This is useful for predicting server hardware failure before actual server crash.