Your passwords are at risk

Image
Your website and email passwords might have been captured. Your website sessions can be impersonated because cookies can be captured. If you haven’t heard about this the last few days, this is a real uproar on the Internet.

I’ve spent the last two days listening to podcast after podcast describing the technical details of the computer programming flaw that allows attackers slurp unprotected memory from websites, Tor nodes, and IMAP email servers. Thousands of websites have patched their web servers but millions more email and web servers are going to be slow to patch their services.

Go install Lastpass. Use it’s Security Report feature. Create new passwords for sites that have fixed themselves against the Heartbleed bug.

Linux friendly JBOD controller? (Not LSI!)

I am refurbishing my ZFS on Linux backup box. It is an Asus/A2 motherboard chipset and runs slow but happily on two 3 four port sata controllers in a addition to all its server onboard sata ports. One of those sata crontrollers is on the PCI slot which will never run as fast. I can measure the difference watching the drives in iostat.

I picked up a likely pair of 8-port SAS controllers off ebay thinking I could get some PCIe-x8 action going. Unfortunately, I had to learn my lessons about LSI Megaraid, the MegaSAS 2008 controller… What a farce! These cards only want to run in HW raid mode and they entirely block bootup by obscuring the onboard SATA controller. (Who wants them?)

But clearly, I need some advice on a good JBOD HBA, or a raid card that won’t kill the budget. Is the SuperMicro AOP controller going to be a better choice? http://tinyurl.com/ohcy5t4 ? Or will Dell PERC H310 controllers http://tinyurl.com/pncuuem do the job?

I don’t want to reformat the drives of course, I would just like them to run consistently faster.

Fixing SSH login long delay

jedreynolds:

I use all of these tricks when setting up my own ssh servers.

Originally posted on In just five minutes...:

For a long time I had a problem with ssh login on a Redhat 6 server – it was taking too long to connect to it, around 30 seconds. Normally it hasn’t been a big issue – after all, you connect once and work for all day as long as you enable server keepalive packets to avoid session timeout.

However when it comes to work with SFTP o GIT it might become annoying. Everytime you sFTP upload or  git push you have to wait 30 seconds again.

This kind of problems are often related to DNS issues but this is not always the case. Following are the most common solutions:

1. Disable reverse IP resolution on SSH server

It turns out there is a setting in OpenSSH that controls whether SSHd should not only resolve remote host names but also check whether the resolved host names map back to remote…

View original 494 more words

Setup DNS Server step by step in CentOS 6.3/6.4/6.5 / RHEL 6.3/6.4/6.5 / Scientific Linux 6.3/6.4/6.5

jedreynolds:

Always good to have a nice reminder on how to configure a DNS service!

Originally posted on Ostechnix:

DNS (Domain Name System) is the core component of network infrastructure. The DNS service resolves hostname into ip address and vice versa. For example if we type http://www.ostechnix.com in browser, the DNS server translates the domain name into its corresponding ip address. So it makes us easy to remember the domain names instead of its ip address.

DNS Server Installation in CentOS 6.5

This how-to tutorial will show you how to install and configure Primary and Secondary DNS server. The steps provided here were tested in CentOS 6.5 32 bit edition, but it should work in RHEL 6.x(x stands for version) and Scientific Linux 6.x too.

Scenario

Here are my test setup scenario

[A] Primary(Master) DNS Server Details:

Operating System     : CentOS 6.5 32 bit (Minimal Server)
Hostname             : masterdns.ostechnix.com
IP Address           : 192.168.1.200/24

[B] Secondary(Slave) DNS…

View original 1,878 more words

Adware from your classic utilities? Arrrg!

ImageSo yesterday I whipped up a temporary virtual machine of windows 7 for a brief test run. I needed winscp and 7zip. I am STUNNED by how much adware landed with those installs. Arcade software? Pre-bundled Chrome browser? Toolbars for Yahoo, and google?

I am so IRRITATED by this! Am also grateful I was running in a vm so I can roll back to previous snapshot. I am too paranoid and too proud to leave adware on a system. But also, I think I need to be more aware of where I get those classic programs. I know that sourceforge.net has been going more and more ad-supported. It would appear that places like softpedia might be following suit.

 

Keep that Laptop from Racing thru Battery

Linux and Laptops: a long, old story. However, one that with a bit homework, helps get the most out of your battery. Using powertop, you can see your energy usage profile and your device power settings. The downside to powertop is that you cannot "export as shell script." (Seriously, y u no export?) To get these power savings on boot, I wrote my own script.

  1 #!/bin/bash
  2 /usr/sbin/rfkill block 0 #bt
  3 /usr/sbin/rfkill block 1 #wifi
  4 /usr/sbin/rfkill block 2 #bt
  5 for i in /sys/class/scsi_host/host*/link_power_management_policy
  6 do
  7     echo "min_power" > $i
  8 done
  9 echo 0 > /proc/sys/kernel/nmi_watchdog
 10 echo 1 > /sys/module/snd_hda_intel/parameters/power_save
 11 echo 60000 > /proc/sys/vm/dirty_writeback_centisecs
 12 
 13 find /sys/devices/ \
 14 | grep 'power/control' \
 15 | while read i
 16 do
 17     echo -n "$i@"
 18     cat $i 2>/dev/nulll
 19 done \
 20 | grep -v auto \
 21 | awk -F@ '{print $1}' > /tmp/sleepy.tmp
 22 
 23 for i in `cat /tmp/sleepy.tmp`
 24 do
 25     echo "auto" > $i
 26 done
 27 
 28 for i in `find /sys -name autosuspend -exec echo {} \;`
 29 do
 30     echo "1" > $i
 31 done
 32 
 33 find /sys/devices/pci0000:00 -type f -iname autosuspend_delay_ms \
 34    -exec echo "1000" > {} \;
 35 
 36 for i in /sys/bus/usb/devices/usb*/power/autosuspend_delay_ms
 37 do
 38     echo "1000" > $i
 39 done
 40 
 41 for i in /sys/bus/usb/devices/usb*/power/autosuspend
 42 do
 43     echo "1" > $i
 44 done
 45 
 46 for i in /sys/bus/usb/devices/*/power/autosuspend
 47 do
 48     echo "1" > $i
 49 done
 50 
 51 webcamDev=$( lsusb | grep -i webcam | awk '{print $2 "-" $4 }' | tr -d ':0' )
 52 if [ ! -z "$webcamDev" ]
 53 then
 54     echo 1 > /sys/bus/usb/devices/$webcamDev/power/autosuspend
 55     echo auto > /sys/bus/usb/devices/$webcamDev/power/level
 56     echo 1000 > /sys/bus/usb/devices/$webcamDev/power/autosuspend_delay_ms
 57 fi
 58 
 59 # eof

The best way to run this script is to open two windows, one running powertop, the other for this script. After adjusting this script, type r in the powertop window to refresh the device stats. I was able to take my T60 from 30.1W down to somewhere between 19.8 – 16.1W. Unfortunately, I haven’t seen that 16.1W reading since.

I hope this serves as a good starting point for your own laptop power savings! And not just laptops, but this script can also be used for home NAS or media center or other small servers where you need thermal management, too.