Showing headlines posted by linux_servers

Great for testing and great for beginners, run multiple Linux distributions on one machine with UI-driven virtualisation.

When you first connect a freshly installed desktop machine to the Internet, there are several important things to bear in mind. Two obvious considerations of securing a desktop machine include frequently running package updates and configuring a few firewall rules to help keep the bad guys out. With just two simple steps it's genuinely possible to make a difference to your desktop security.

What with all the furore around containers and orchestrators it can be easy to lose sight of some of their highly useful features.

Root inside your containers is the root user on your host. Securing your Docker containers and the hosts upon which they run is key to sustaining reliable and available services. From my professional DevSecOps perspective securing the containers and the orchestrators (such as OpenShift, Docker Swarm and Kubernetes) is usually far from easy.

It's probably a little unfair to label everyone who uses privileged containers as "lazy" but certainly from what I've seen some (even security) vendors deserve to be labelled as such.

The container giant, Docker has announced a flexible, extensible Operating System where system services run inside containers for portability. You might be surprised to hear that even includes the Docker runtime daemon itself.

Recently I’ve been working more with the sophisticat that is Docker and it hasn’t escaped me that the foundations of the DevOps world is essentially comprised of layer after layer of diffs.

There are a number of Mail Servers available on the market today. Some are more confounding than others to configure but super-reliable, others are a little old-school and rely on no small degree of background knowledge prior to getting them up and running.

One of the original Internet services was SMTP (the Simple Mail Transfer Protocol).

Thanks to forward planning it remains one of the fundamental cornerstones of the Internet that we know and love today.

The load mitigation and anti-spam solution in Postfix is highly sophisticated thanks to Postscreen.

We examine its innards and look at how to deploy it to your advantages.

Making your servers invisible on the network reduces the chance of attack significantly.

Never lose traffic again after changing IP address or migrating between hosts.

Being asked to find needles in haystacks is all too familiar a task for Sysadmins.

Despite your best efforts sometimes daemons don't behave and your services stop working.

On a continually changing network it is often difficult to spot issues due to the amount of noise generated by expected network traffic. Even when communications are seemingly quiet a packet sniffer will display screeds of noisy data. To monitor your network in detail what you need is a super-fast and lightweight alternative, directly from the console.

A fundamental design feature of Unix-like Operating Systems is that many of a system’s resources are accessible via the filesystem, as a file. For example the “procfs” pseudo-filesystem offers us access to all kinds of valuable treasures.

In this article I will briefly explore the powerful “dig” utility. For anyone that hasn't used in the command in the past hopefully this insight into dig will give a useful overview of what its features can be used for. And, for those that have utilised dig in the past hopefully this article will be a reminder of its versatility and extensive functionality.

This in-depth tutorial walks you through step-by-step setting up such a system using the very popular rsyslog system logging daemon.