Category: Administration / Server

19.04.2018

/scripts/update_server.sh apk update; apk upgrade –available; sync; https://alpinelinux.org/ https://en.wikipedia.org/wiki/Alpine_Linux About Alpine Linux is an independent, non-commercial, general purpose Linux distribution designed for power users who appreciate security, simplicity and resource efficiency. Small Alpine Linux is built around musl libc and […]

Monitoring your Network
04.04.2018

so i guess „monitoring“ is about two things: availability and performance: detect performance bottlenecks get informed if parts (harddisks) / servers have failed / are about to fail security: detect, report and (if possible) automatically fence off „unusual“ network activity […]

how to verify Debian ISO Image – BAD signature – how to sign a file – chain of trust – the problem with short key IDs
17.03.2018

make sure you downloaded the SHA512SUMS.sign from the same directory as the iso. https://keyring.debian.org/ https://www.debian.org/CD/verify https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/9.4.0+nonfree/amd64/iso-cd/ https://bits.debian.org/2016/08/debian-and-tor-services-available-as-onion-services.html otherwise you will get BAD signature. steps to reproduce: # download the iso image with non-free drivers (yes it sucks non-free drivers are […]

NGINX as HTTP proxy – vhosts and SSL for Tomcat
01.03.2018

Secure Socket Layer (SSL) is a protocol that provides security for communications between client and server by implementing encrypted data and certificate-based authentication. Technically, the term „SSL“ now refers to the Transport Layer Security (TLS) protocol, which is based on […]

apt yum exclude package from update upgrade
01.03.2018

maybe you want to run your own version of the kernel and you will have to prevent during an automatic update that this kernel will get „replaced“. same goes with firefox, thunderbird and LibreOffice yum and apt might not install […]

27.02.2018

in a script you can specify to save output to a file with current date/time like: LOGFILE=/path/to/logfiles/$(date ‚+%Y-%m-%d‘)_task.log echo „this script was run“ >> $LOGFILE; to cleanup regularly is important in order to ensure the harddisk does not fill up. […]

NMAP basic network scanning – overview over LAN
27.02.2018

What computers are online? What services/ports in what versions are online/open? over poorly or not so poorly documented LANs you can get an overview by using nmap. yum install nmap; # centos/redhat apt-get install nmap; # debian/ubuntu # get a […]

CENTOS7 – vnc server remote desktop setup howto screen sharing in 2018
20.02.2018

UPDATED! it is wise to, monitor all logs while you are trying to get vnc server working… it can reveal a lot what is going on and wrong. forget about Xvnc and tigervnc… x11vnc is probably what you want: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-vnc-remote-access-for-the-gnome-desktop-on-centos-7 […]

CentOS7 setup virtualbox
07.02.2018

1. http://dwaves.de/2017/06/30/centos-redhat-compiling-the-latest-kernel/ 2. checkout what is the latest version of VirtualBox for your System: https://www.virtualbox.org/wiki/Downloads su; # become root mkdir /software; cd /software; wget https://download.virtualbox.org/virtualbox/5.2.6/VirtualBox-5.2-5.2.6_120293_el7-1.x86_64.rpm rpm -i VirtualBox-5.2-5.2.6_120293_el7-1.x86_64.rpm; # install usermod -a -G vboxusers YourDefaultNonRootUser; # add DefaultNonRootUser to group […]

Docker
29.01.2018

who is who? concepts: docker is written in Google Go by Docker Inc, SanFrancisco because it does not emulate any hardware – it is a linux container / sandbox or jail like Free BSD Jail or Solaris Zones. For example […]

12.01.2018

When you reserve a new domain – and the registrar asks you for your (personal?) mail to be published in the whois database. You better give it a mail address designated for spam. I just received a spam letter at […]

amd arm intel cpus all got problems – Meltdown and Spectre – JavaScript could steal your Firefoxs Passwords
04.01.2018

update 2018-03-15: from C’t: new micro codes for intel iCPUs (2011 and onwoards) seem to fix Spectre v2 (CVE-2017-5715) 60minutes: https://www.heise.de/security/meldung/Spectre-Luecke-Intels-Microcode-Updates-fuer-Linux-und-Windows-3994347.html update: good overview and explanation of the situation: ARM also affected. The Meltdown + Spectre Vulnerabilities The Project Zero […]

Sidexis4 – 3d xray and kvm virtualization
23.12.2017

as addressed here, kvm allows GPU pass through to VM. Basically making it possible to run Sidexis4 client on a linux host. when connecting via RDP (Microsoft Remote Desktop) Sidexis complains about the Graphic card being not suitable… but starts […]

How to setup Dokuwiki – where is the login admin screen?
22.12.2017

per default there is no admin/login screen… until you run install.php here is the complete setup documentary… have fun. ssh into your server create subdirectory mkdir /web/root/dokuwiki wget https://download.dokuwiki.org/out/dokuwiki-c5525093cf2c4f47e2e5d2439fe13964.tgz; # download tar fxv dokuwiki-c5525093cf2c4f47e2e5d2439fe13964.tgz; # unpack depending on your rights […]

20.12.2017

on intel / amd cpus/boards: use lm sensors: apt-get install lm-sensors; # install sensors-detect; # detect available temperature sensors, answer with YES usually # monitor cpu temp every second while true; do sensors|grep Core; sleep 1; clear; done; service kmod […]

19.12.2017

tested on: hostnamectl Static hostname: DebianLaptop Icon name: computer-laptop Chassis: laptop Operating System: Debian GNU/Linux 8 (jessie) Kernel: Linux 3.16.0-4-686-pae Architecture: x86 i assume you have your laptop/pc LAN connected to a switch/router and your default network card is eth0. […]

17.12.2017

it is pretty cool… a 32Bit Linux Host can run a 64Bit Linux guest. NICE 😉 i assume you have a working CentOS7 basic installation and are root. tested on/with: tested with: Host: Debian 8 Jessie and CentOS7 Operating System: […]

06.08.2017

ome observers might well believe that the kernel has accumulated plenty of special-purpose virtual filesystems. Even so, 2.6.14 will include yet another one: securityfs. This filesystem is meant to be used by security modules, some of which were otherwise creating […]

06.08.2017

the mail system is a very broken and corrupted system. sending-addresses can be forged – spam from all over the world is flooding the mailboxes – viruses get attached… nobody trusts attachments anymore. it’s a completely newly C++ developed mailserver […]