Showing headlines posted by nixcraft

Boxes command is a text filter and a little known tool that can draw any kind of ASCII art box around its input text or code for fun and profit. You can quickly create email signatures, or create regional comments in any programming language. This command was intended to be used with the vim text editor, but can be tied to any text editor which supports filters, as well as from the command line as a standalone tool.

An alias is nothing but shortcut to commands. The alias command allows user to launch any command or group of commands (including options and filenames) by entering a single word. Use alias command to display list of all defined aliases. You can add user defined aliases to ~/.bashrc file. You can cut down typing time with these aliases, work smartly, and increase productivity at the *nix command prompt.

Linux operating systems comes with various set of tools allowing you to manipulate the Wireless Extensions and monitor wireless networks. This is a list of tools used for wireless network monitoring tools that can be used from your laptop or desktop system to find out network speed, bit rate, signal quality/strength, and much more.

PHP is a widely used and often misconfigured server-side scripting language. Vulnerabilities are caused mostly by not following best practice programming rules.

I've 10Mbps server port dedicated to our small business server. The server also act as a backup DNS server and I'd like to slow down outbound traffic on port 80. How do I limit bandwidth allocation to http service 5Mbps (burst to 8Mbps) at peak times so that DNS and other service will not go down due to heavy activity under Linux operating systems? You need use the tc command which can slow down traffic for given port and services on servers and it is called traffic shaping.

This happens lot of times. I login as a normal user and start to edit httpd.conf or lighttpd.conf or named.conf in vim / vi text editor. However, I'm not able to save changes due to permission issue (all config files are owned by root). How do I save file without creating a temporary file (/tmp/httpd.conf) and then move the same (mv /tmp/httpd.conf /etc/httpd) as root using vim / vi itself?

Generally, all Linux distributions needs a scheduled reboot once to stay up to date with important kernel security updates. RHN (or other distro vendors) provides Linux kernel security updates. You can apply kernel updates using yum command or apt-get command line options. After each upgrade you need to reboot the server. Ksplice service allows you to skip reboot step and apply hotfixes to kernel without rebooting the server.

Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers and hackers. The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system.

Red Hat Enterprise Linux v5.4 has been released and available via RHN for immediate update. The new version includes the kernel-based virtual machine (KVM) virtualization, next generation of developer features and tools including GCC 4.4, a new malloc(). Also included clustered, high-availability filesystem to support Microsoft Windows storage needs on Red Hat Enterprise Linux.

A growing number of platforms implement IPv6, allowing Apache to allocate IPv6 sockets and handle requests which were sent over IPv6. This article explains how to setup dual stacked, IPv4 and IPv6 enabled Apache networking under any Linux or UNIX like operating systems. You need to update httpd.conf file with the Listen directive. It instructs Apache to listen to only specific IPv4 and IPv6 addresses or ports.

A non-linear editing system (NLE) is a video editing (NLVE) or audio editing (NLAE) system which can provide editing method for video clips or frams. You will be able to access any frame in a video clip. Non-linear editing is done for film and television post-production. However, the cost of editing system gone down and non-linear editing tools (including software) are now within the reach of most home users.

Linux comes with various GUI based email client to stay in touch with your friends and family, and share information in newsgroups with other users. The following software is similar to Outlook Express or Windows Live Mail and is used by both home and office user.

OpenVZ virtualization uses the concept of containers to run Linux only instances on the same hadware. OpenVZ is an operating system-level virtualization technology based. It allows a physical server to run multiple isolated different Linux distributions operating system instances, known as containers or Virtual Private Servers (VPSs), or Virtual Environments (VEs). It's similar to FreeBSD Jails and Solaris Zones. This article explains how to install and setup VEs under RHEL and CentOS Linux server 5.x.

OpenSSH is the implementation of the SSH protocol. OpenSSH is recommended for remote login, making backups, remote file transfer via scp or sftp, and much more. SSH is perfect to keep confidentiality and integrity for data exchanged between two networks and systems. However, the main advantage is server authentication, through the use of public key cryptography. From time to time there are rumors about OpenSSH zero day exploit. Here are a few things you need to tweak in order to improve OpenSSH server security.

According to RFC2821 the lowest-numbered records are the most preferred MX for domain. So a target Postfix backup server is used to keep the messages in a queue waiting for the primary server to become available. This ensures that if my primary MX goes down you do not loss any emails. However, spammers are connects to backup MX to avoid anti spam filters that are running on the primary MX server. This also hides their real IP from my primary MX. This tutorial shows how to configure anti-spam and anti-virus for Red Hat / CentOS Linux ver5.3 based Postfix mx server.

FreeBSD is just plain old good UNIX with rock solid networking stack. A new version of the FreeBSD 7.2 has been released. Systems running FreeBSD 7.0-RELEASE, 7.1-RELEASE, 7.2-BETA1, 7.2-RC1, 7.2RC2 can upgrade using this tutorial.

IPv6 support under YaST is not upto date. You need to manually edit the configuration files. This is NOT recommended as YaST may get confused later on. This tutorial covers both command line and persistence IPv6 networking configuration option under Suse Enterprise Linux version 10.x.

Linux computer console is a physical device to operate a computer / server. Here are few steps which, if taken, make it more difficult for an attacker to quickly modify a system from its console.

Transaction signatures (TSIG) is a mechanism used to secure DNS messages and to provide secure server-to-server communication. This includes zone transfer, notify, and recursive query messages. TSIG uses shared secrets and a one-way hash function to authenticate DNS messages, particularly responses and updates.

A chroot on Red Hat / CentOS / Fedora Linux operating changes the apparent disk root directory for the Apache process and its children. Once this is done attacker or other php / perl / python scripts cannot access or name files outside that directory. This is called a "chroot jail" for Apache. You should never ever run a web server without jail. There should be privilege separation between web server and rest of the system.