Linode is an original cloud platform and founded before AWS. Back then, we used to call them VPS (Virtual Private Server). Recently they added a new firewall feature to control network access to my Linode server from the Cloud. Let us test drive Linode cloud firewall.
Linux / Unix Networking
Tutorials, news and howtos about Linux / Unix networking. It includes firewall, servers, services, remote access, security, servers and much more ( rss feed ).
On Linux, we encrypt our partitions and entire disk using Linux Unified Key Setup-on-disk-format (LUKS) for security and privacy reasons. We unlock LUKS protected disk by providing a passphrase at boot time. You need to be in front of your computer or use a remote console to open the encrypted disk under Linux at boot time. However, if your system is in the basement, remote datacenter/office, or upstairs office, you won’t able to unlock and boot your Linux box. We can use the Dropbear SSH server for LUKS encrypted Debian or Ubuntu or any other Linux distro via SSH to solve this problem. Let us see how to unlock LUKS using Dropbear SSH keys in Linux at boot time.
The last ten years in the computer and IT security world are crippled with so many vulnerabilities. We saw massive cloud computing adoption and end-users using mobile devices with high speed 4G LTE networks. A threat actor may have exploited such weakness in modern computers and networks. Let us look into top vulnerabilities and the attack surface in this decade (2010-2020) that affected Linux/Unix, macOS, IT, cloud-computing, and computers in general.
Let’s Encrypt is a non-profit certificate authority that provides X.509 certificates for Transport Layer Security (TLS) encryption free of cost. The TLS certificate is valid for 90 days only. However, Due to the bug, they need to revoke many (read as “certain”) Let’s Encrypt TLS/SSL certificates. Let us see how to find out if you are affected by this bug and how you can fix it to avoid any problems with your TLS/SSL certificates.
OpenBSD version 6.3 has been released. OpenBSD is demonstrating to be an excellent server operating system. Security is more critical now than ever before. OpenBSD leads the pack when it comes to security features. OpenBSD provides a very robust and trustworthy system that comes with the cutting-edge security feature. OpenBSD 6.3 continues to offer the “multi-platform, ultra-secure operating system” experience. The OpenBSD team releases a new version every six months.
- Multiple WAN support (3G/4G/Static IP/Cable/ADSL2)
- Virtual Wireless
- FTP/Media server via USB
- BiTorrent Client via USB
- UPS support
- OpenVPN client and server
- Tinc VPN server and much more.
I also connected my 2 bay NAS to this server. Sometimes I need to wake up my NAS using WOL.
If you want to monitor network throughput on the command line interface, use nload application. It is a console application which monitors network traffic and bandwidth usage in real time. It visualizes the in and outgoing traffic using two graphs and provides additional info like total amount of transferred data and min/max network usage.
In this post, I will explain how to install and use the nicstat command to find out stats about your NICs under Debian / Ubuntu / RHEL / CentOS Linux operating systems.
Nmap is short for Network Mapper. It is an open-source security tool for network exploration, security scanning, and auditing. However, the Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. The purpose of this guide is to introduce a user to the Nmap command line tool to scan a host or network to find out the possible vulnerable points in the hosts. You will also learn how to use Nmap for offensive and defensive purposes. Let us see some common Nmap command examples running on Linux or Unix-like systems.
The HTTP 2xx class of status codes indicates the action requested by the client was received, and processed successfully. HTTP/1.1 200 OK is the standard response for successful HTTP requests. When you type www.cyberciti.biz in the browser you will get this status code. The HTTP/1.1 206 status code allows the client to grab only part of the resource by sending a range header. This is useful for:
- Understanding http headers and protocol.
- Troubleshooting network problems.
- Troubleshooting large download problems.
- Troubleshooting CDN and origin HTTP server problems.
- Test resuming interrupted downloads using tools like lftp or wget or telnet.
- Test and split a large file size into multiple simultaneous streams i.e. download a large file in parts.