chkconfig --list | grep 5:on | awk '{ print $1 }' | \
while read LINE; do chkconfig --level 12345 $LINE off; done
Tuesday, December 16, 2008
Change runlevel Settings for a Group of Services
The following command changes all services set to run at runlevel 5 and sets them to off.
Sunday, December 14, 2008
Network Access Control
Enterasys has a mature and unmatched product offering, today.
http://www.enterasys.com/products/index.aspx
http://www.enterasys.com/products/index.aspx
Fact Sheet NSA Suite B Cryptography [08dec2008]
Key length recommendations from the NSA for companies making products for Gov't use.
http://www.keylength.com/en/6/
http://www.keylength.com/en/6/
Friday, December 5, 2008
Apache Worker vs. Prefork
This is a good post.
http://www.camelrichard.org/apache-prefork-vs-worker
Good Hints:
Worker is superior in 2+ cpu applications
Compile PHP5 after installing Apache
http://www.camelrichard.org/apache-prefork-vs-worker
Good Hints:
Worker is superior in 2+ cpu applications
Compile PHP5 after installing Apache
Thursday, December 4, 2008
Restoring Hard Links to Protected Files in Linux
I got this syslog message today:
Dec 4 9:47:56 [hostname] restorecond: Will not restore a file with more than one hard link (/etc/resolv.conf) Invalid argument
Here is how I resolved it:
$ sudo ls -i /etc/resolv.conf # find innode
[inode number] /etc/resolv.conf
$ sudo find /etc -inum [inode number] # find hard links
$ /usr/sbin/lsof | grep resolv.conf # check if file is open
$ mv /etc/sysconfig/networking/profiles/default/resolv.conf ~ # move
$ sudo restorecon /etc/resolv.conf # set selinux defaults
$ sudo ln /etc/resolv.conf /etc/sysconfig/networking/profiles/default/resolv.conf #recreate hard link
Dec 4 9:47:56 [hostname] restorecond: Will not restore a file with more than one hard link (/etc/resolv.conf) Invalid argument
Here is how I resolved it:
$ sudo ls -i /etc/resolv.conf # find innode
[inode number] /etc/resolv.conf
$ sudo find /etc -inum [inode number] # find hard links
$ /usr/sbin/lsof | grep resolv.conf # check if file is open
$ mv /etc/sysconfig/networking/profiles/default/resolv.conf ~ # move
$ sudo restorecon /etc/resolv.conf # set selinux defaults
$ sudo ln /etc/resolv.conf /etc/sysconfig/networking/profiles/default/resolv.conf #recreate hard link
Wednesday, December 3, 2008
DDOS Incident Cheat Sheet
This is very well put together:
http://www.zeltser.com/network-os-security/ddos-incident-cheat-sheet.pdf
http://www.zeltser.com/network-os-security/ddos-incident-cheat-sheet.pdf
Tuesday, December 2, 2008
Using SSH Remote and Local Tunnels
The following example demonstrates how to use Remote and Local SSH tunneling to access a service on your highly secure home computer (that's not exposed explicitly through a firewall at your home) from a remote location.
For example:
On Home Computer, before traveling:
ssh -R 44444:localhost:22 user@remote.computer.ip.address
On Remote Computer, after arriving at work:
ssh -L 22222:localhost:44444 user@remote.computer.ip.address (possibly rfc1918 ip)
ssh user@localhost -p22222
Wa la, you now have a SSH session to your home computer from work.
For example:
On Home Computer, before traveling:
ssh -R 44444:localhost:22 user@remote.computer.ip.address
On Remote Computer, after arriving at work:
ssh -L 22222:localhost:44444 user@remote.computer.ip.address (possibly rfc1918 ip)
ssh user@localhost -p22222
Wa la, you now have a SSH session to your home computer from work.
Subscribe to:
Posts (Atom)