• Abusive IP ranges blacklist


    Make sure this makes sense for you but I've started to block a lot of commercial Cloud services and easily accessible providers as they are a very high source of abusive traffic. The cost savings for a lot of organizations are huge, as you now have less bandwidth usage and less resource usage from garbage/bot/malicious traffic. This mainly works for when you can be reasonably sure that your audience has no business visiting your service(s) from freely accessible commercial IP ........
  • How to configure OpenDKIM on Linux with Postfix and setup bind zonefile


    This guide assumes you have a working Postfix server and want it to sign with DKIM. There are a few things we have to understand to make all of this work though, which require you to be familiar with DNS as well. 1.) Install OpenDKIM apt install opendkim systemctl enable opendkim 2.) Edit /etc/opendkim.conf Syslog yes SyslogSuccess yes Mode&nbs........
  • How to Configure NVIDIA GPUs with Docker on Ubuntu: A Comprehensive Guide for AI Deep Learning CUDA Solution


    Welcome to our in-depth guide on configuring NVIDIA GPUs with Docker on Ubuntu. This post is tailored for developers, data scientists, and IT professionals who are looking to leverage the power of NVIDIA's GPU acceleration within Docker containers. Whether you're working on machine lea........
  • How to install and configure haproxy on Linux Ubuntu Debian


    haproxy is one of the best known and widely used Open Source load balancers out there and a strong competitor to nginx. haproxy is used by many large sites per Wikipedia: HAProxy is used by a number of high-profile websites including GoDaddy, GitHub,........
  • Virtualbox Best Networking Mode In Lab/Work Environment without using NAT Network or Bridged


    Virtualbox is a very powerful tool, but for some use cases it is less than optimal. Say you are in a work, lab or other environment where you are not alone on the physical network and there could be overlap of IPs, but you need all of your VMs to be contactable from your host, VMs need to communicate with each other, and VMs need internet. NAT Network will give you VM to VM communication and internet, however, it is buggy and unstable. It also doesn't allow host to VM co........
  • iptables NAT how to enable PPTP in newer Debian/Ubuntu/Mint Kernels Linux


    Remember that control connections are established on port 1723 and then actual data is transferred over GRE protocol 47. If you have a NAT setup this will work without special forwarding or accepting of GRE packets (normally if you are not blocking outgoing connections and accepting established and related connections). The below two commands will get things going so PPTP and GRE work We first load the ip_nat_pptp module which allows PPTP to work with........
  • Grandstream Phone Vulnerability Security Issue Remote Backdoor Connection to 207.246.119.209:3478


    Have you checked your router/firewall logs and disconcertingly see connections to an unknown IP207.246.119.209:3478 from your Grandstream VOIPphones? You're not alone and the Grandstream forums have discussed this issue. However, even their own staff d........
  • grub blank screen how to manually boot kernel and initrd Linux Ubuntu Debian Centos won't boot solution


    You probably didn't do an "update-grub" and grub no longer has any proper menu entries, but before you can fix it let's try to get grub booting anyway. If you get this lovely black grub screen here's how you can get things booting. In my case I have a gpt partition with partition 1 and 2. Partion 1 is just my EFI / ESPand partion 2 /dev/sda2 is my root which includes /boot. You will have to adjust this if you had a separate /boot partition.........
  • Docker Tutorial HowTo Install Docker, Use and Create Docker Container Images Clustering Swarm Mode Monitoring Service Hosting Provider


    The Best Docker Tutorial for Beginners We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
  • How To Create OpenVPN Server for Secure Remote Corporate Access in Linux Debian/Mint/Ubuntu with client public key authentication


    Why choose OpenVPN instead of a firewall appliance? OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time. When comparing OpenVPN with traditional firewal........
  • Virtualbox VBOX Howto Port Forward To Guests


    NAT Network, the VMs can communicate but your host cannot access them by default. NAT VMs have internet but cannot communicate with each other. Bridged is simple and allows full LAN access as if you had a physical machine plugged in but is often bad for testing, work or corporate environments and is not very portable when it comes to moving your VMs to other locations and networks. Here is how you can use NAT Ne........
  • Scanner not working in Linux Ubuntu Fedora Mint Debian over the network? Use sane-airscan!


    I have a Canon MF642c and the scanner wouldn't work. I tried to use saned but it didn't work with the BJNPlike it did for some other Canon models. Introducing sane-airscan with packages for the most common distributions: https://software.opensuse.org/download.html?project=home%3Apzz&package=sane-airscan http........
  • How To Boot, Install and Run Windows 2000 on QEMU-KVM


    Interestingly enough Windows 2000 works fine on QEMU 64-bit but you have to specify Pentium as your CPU otherwise it doesn't complete the install (it will not pass the detecting/setting up devices phase). -vga cirrus is wise because it is supported by Windows 2000 and allows higher resolutions and 24-bit color. -cpu Pentium emulates an old computer and is necessary for install to complete -device rtl8139 is important as this oldschool Realtek 8139 NIC is supported by W........
  • QEMU-KVM KVM Command Line Practical Guide


    Iam going to build this based on a series of small howto QEMU / KVMposts I've made as I feel much of the information is actually hard to find and piece together from the rest of the web. What I'm going to focus on is how to use virtio as the NIC because if you don't you get very slow NIC speeds but with the virtio NIC model you basically get host speeds. /usr/libexec/qemu-kvm -enable-kvm -smp 8 -m 16000 -net user -net nic,model=virtio -drive file=ubuntu-gpt2l........
  • OpenVZ vs LXC DIR mode poor security in LXC


    It is unfortunate that LXC's dir mode is completely insecure and allows way too much information from the host to be seen. I wonder if there will eventually be a way to break into the host filesystem or other container's storage? OpenVZ better security: [root@ev ~]# cat /proc/mdstat cat: /proc/mdstat: No such file or directory /dev/simfs 843G 740G 61G........
  • nfs tuning maximum amount of connections


    By default at least on Centos 7 nfs only allows 8 connections and starts 8 nfsd daemons. To fix this edit this file:/etc/sysconfig/nfs Edit the line "RPCNFSDCOUNT" (uncomment it so it looks like this: RPCNFSDCOUNT=30 In the example above we are setting 30 nfsd daemons to run (or in other words 30 connections are possible this way).........
  • Debian Ubuntu Mint Howto Create Bridge (br0)


    Having a network bridge allows you to bridge traffic under multiple devices so they can talk natively without using any special routing, iptables/firewall or other trickery. To create your bridge you need the bridge-utils package for brctl and if you want to do things like bridge VMs that run on a tap device you will need the uml-utilities which provides "tunctl". 1.) Install the utilities to make our bridge sudo apt-get i........
  • chroot in Linux Howto Simple and Easy Guide


    chroot which stands for change root allows you to virtually operate in another operating system even though you haven't booted it. It is commonly used to deploy new distros, applications and to fix a broken Linux/Unix install or prep a new system image without having to physically boot the drive or disk. So in this example let's say we have a drive that has a Linux OS installed on /dev/sdb1 and we have mounted this partition on /mnt/sdb1 The key point is to edit the &quo........
  • iSCSI on Centos 7 Configuration and Setup Guide for Initiator and Target


    initiator = client target = server These are the first concepts you should understand which is that in iscsi essentially the "initiator" is the client and the "target" is the server. iSCSI is derived from the old fashioned SCSI that us oldtimers grew to love. The "i" stands for Internet and the SCSI stands for "Small Computers Systems Interface" (SCSI). iSCSI Target (Server)Setup targetcli is the pac........
  • How Does Cisco CUCM (Cisco Unified Communication Manager) Work?


    Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCMis like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments. Cisco's CUCMmakes communication more effective and simple through centralized management and unification of communications resources.........
  • systemd management using systemctl and journalctl to check systemd logs


    systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system. The key commands or arguments you will use with systemctl are the following: Unit Commands: list-units [PATTERN...] List loaded units &nbs........
  • genisoimage errors with long filenames and deep directory structures


    You'll have to violate the iso9660 standards but it is necessary if you want to preserve your filesystem and filenames and shouldn't be an issue as long as you are using a modern OS like Linux. genisoimage -o Backup-Myfiles.iso -r -J -joliet-long /some/path/ You will get errors like below (even enabling joliet-long didn't help) genisoimage: Error: /some/filename.pdf have the same Joliet name Joliet tree sort failed. The -joliet-lo........
  • zenity popup messages, windows, dialogs, error messages calendars and more howto on Gnome Linux including Ubuntu, Linux Mint, Centos and more


    zenity is a nice utility as part of the gnome window manager that allows you to script from bash and retrieve the input from the user. It could also be helpful in just notifying a user when they login with a popup window. I'll give an overview of what's available with zenity: Application Options: --calendar Display calendar dialog --entry Display tex........
  • Install NFS (Network File System) On Debian Linux Ubuntu Mint Howto


    sudo apt-get install nfs-kernel-server #oops there are no exports so it won't startsudo /etc/init.d/nfs-kernel-server start* Not starting NFS kernel daemon: no exports. #we will use the /tmp/nfstestshare directory for our NFS share mkdir /tmp/nfstestshare #add it to /etc/exports (basically what NFS checks to determine what to make an NFS share) /tmp/nfstestshare 192.168.1.5(rw,sync,........
  • Apache htaccess Custom ErrorDocument not working properly for root home page 403 Error Issue and Solution


    So I have a domain "testdomain.com". Inside test domain.com's root is the following .htaccess: Options +FollowSymLinks -Indexes ErrorDocument 403 /launch/index.html Order Deny,Allow Deny From All Allow From 192.168.1.2 When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html It will show the right error in /launch/........
  • How to start screen in bash script or from /etc/rc.local on startup as a specific user


    It takes some tinkering the main thing is that the "-dmS" flag allows screen to start without a session which of course sudo won't have. solution: /usr/bin/sudo -u user /usr/bin/screen -dmS nameyouchoose /script/start.bash this doesn't work at all: /usr/bin/sudo -u user "/usr/bin/screen /script/s........
  • htaccess apache how deny/allow to block or allow by IP address


    order deny,allow Deny From All Allow From 8.8.8.8 A simple and quick way to improve security by only allowing specific IPs to your web application. In this case the above allows only the IP 8.8.8.8 to access things and everything else is denied.........
  • PHP geoip.so fatal error Solution


    PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0 Remove the GEOIP from PHP: php71w-pecl-geoip-1.1.1-1.w6.x86_64 PHP Fatal error: PHP Startup: apc_shm_create: shmget(0, 67108864, 914) failed: Invalid argument. It is possible that the........
  • l2tp ipsec VPN Error Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated


    Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Some say changing the "leftprotoport=17/%any" will fix this but I have not found this to be the case. Essentially it means at least one end is blocking the ipsec packets. Sometimes the %any allows an alt........
  • Wifi Antenna Extension Cable is called RP-SMA


    This sounds silly but if you don't know you don't know and the cable name is "RP-SMA" and allows you to extend your wifi antenna as long as the cable goes.........
  • apc_shm_attach: shmat failed: in Unknown on line 0 & apc_shm_create: shmget(0, 67108864, 914) failed PHP Solution


    PHP Fatal error: PHP Startup: apc_shm_create: shmget(0, 67108864, 914) failed: Invalid argument. It is possible that the chosen SHM segment size is higher than the operation system allows. Linux has usually a default limit of 32MB per segment. in Unknown on line 0 PHP Fatal error: PHP Startup: apc_shm_attach: shmat failed: in Unknown on line 0 This error is not at all fun because it actually prevents Apache/httpd from starting or working at all. It will........
  • CPanel Link to all of the command line options


    CPanel says you can access 98% of the functions through CLI which experienced Unix/Linux admins prefer for simplicity and for scripting.  I've never found CPanel easy to use from the admin panel, it seems everything is hard to find and a simple task becomes a series of hunts. So for people like me here's the list: http://cpanel.net/system-administrators/command-line-scrip........
  • Apache SNI is not needed what is the issue?


    Iread this article and still don't understand the issue. If I understand correctly the client negotiates after the first SSLconnection and then gets the correct hostname and thus correct certificate. http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI To their credit I know I'm not using SNIbecuase Iget this message in the Apache log :) [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!! B........
  • MySQL Allows blank user with no password to login


    I just realized I have some blank users which I deleted butI can still login to this dummy account without a password for some reason. mysql -u -p Welcome to the MySQL monitor. Commands end with ; or g. Your MySQL connection id is 5 Server version: 5.1.69 Source distribution Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation an........
  • Dell Perc 6/i cannot downgrade


    I flashed an LSI Logic firmware to it and it broke the BIOS (cannot do Ctrl+R) for booting purposes but allows other functionality to work normally. I tried downgrading to a Dell firmware for Perc 6i but it won't work, not even with MegaCli wget http://downloads.dell.com/FOLDER00416606M/1/SAS-RAID_Firmware_W83M2_LN32_6.3.1-0003_A14.BIN --2013-08-26 12:53:39-- http://downloads.dell.com/FOLDER00416606M/1/SAS-RAID_Firmware_W83M2_LN32_6.3.1-0003_A14.BIN Resolvi........
  • Either the lower file is not in a valid eCryptfs format, or the key could not be retrieved. Plaintext passthrough mode is not enabled; returning -EIO


    I'm using ecryptfs and was suddenly unable to access or even ls my home directory (but every subfolder is accessible). It just hangs and throws this message in messages/dmesg: Either the lower file is not in a valid eCryptfs format, or the key could not be retrieved. Plaintext passthrough mode is not enabled; returning -EIO I read somewhere that perhaps some file or folder is owned by root somehow, sure enough there are some and sudoing to root allows me to........
  • Setup PXE Boot using Centos and dhcpd, tftp and syslinux


    This is something I often setup for clients because it's very helpful for people in datacenters, this allows custom OS installs on demand, you can customize it more by using kickstart etc.. but here's a base I use before customizing more: This little script below will install everything you need to get booting by PXE Linux. It also assumes you set a local IP (be sure not to overwrite your existing IP) on eth0:0 (note the :0) as 192.168.1.10 and it........
  • What's Needed To Fix Linux


    I really am a Linux fan but my comments here may not show it. Although I'm quite familiar with Linux CLI to administer servers, I find Linux GUI OS's like Ubuntu at times very clunky. This is partially because there's no such thing as a "self-made" Linux from scratch where the UIwas designed by a single team. Linux is made up of several different projects that are generally completely separate and this lack of integratiion is a key issue that makes things f........
  • rsync preserve attributes, permissions/ownership and times without being root non-root user


    One of the purposes of rsync is to backup whole filesystems and archive them but how can you do that properly and restore things to normal if all permissions and ownerships are not preserved from your root filesystem? It's not desirable to have everything running as root, especially not just for an rsync. The Easy rsync preserve permission solution for non-root users sudo is the answer and all you have to do is edit /etc/sudoers At the end o........
  • FUSE/Curlftpfs mount ftp account as drive partition in Linux


    This is a great way to use your ftp server space, for example on your web hosting account (althoughI believe many hosts don't allow storage like this), but if you have a VPS/Dedicated Server etc.., this would be perfect. Imagine how easy it is to work with an ftp account that you can just mount as a normal partition or directory in Linux, it would be great for backups etc.. Name curlftpfs - mount a ftp host as a local directory Synopsis........
  • Convert HDD/Hard Drive Partition(s) into non-RAID into RAID 1 using existing data without data loss and without reformatting.


    Before we start I take no responsibility for this, you should have a backup and if you make a mistake during this process you could wipe out all of your data. So backup somewhere else before starting this as a precaution, or make sure it's data you could afford to lose. The RAID 1 Setup (Hardware Wise) I've already setup my 2 x 1TB (Seagate) drives with identical partitions, make sure your new hard drive (the empty one) is setup like your curr........
  • Picking an FTPD (vsftpd) Server in Linux Centos/Debian


    I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find. yum search ftp Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * rpmforge: ftp-stud.fht-esslingen.de * base: mirrors.netdna.com * updates: updates.interworx.info * addons: yum.singlehop.com * extras: mirrors.netdna.com rpmforge........
  • E-mail (Thunderbird) with GnuPG encryption


    E-mail (Thunderbird) with GnuPG encryptionThis is great tool for Mozilla Thunderbird which allows you to encrypt your e-mails so only you and the receiver can view it even if the e-mail is intercepting or obtained by another person. The only small catch is that you of course have to install an extension to Thunderbird and then configure each account you want to use it with. Really it can probably all be done in a few minutes and the effort is worth it.........
  • Use Mozilla Firefox, not Internet Explorer - You'll be glad!


    Use Mozilla Firefox, not Internet Explorer - You'll be glad!Hey guys, I just thought I'd recommend that everyone switch to Mozilla Firefox as their web browser. You can find it at http://mozilla.org It is free and it is much better than IE. It has a built-in popup blocker which works great and most importantly, it doesn't have a million critical security flaws which could compromise your security such as passwords for on-line banking etc..........
  • Adventures in pre-paid SIM Cards and data GPRS/Edge/3G in China with China Mobile in Shenzhen, Guangzhou, Shanghai, Beijing and other cities


    This really is a difficult and confusing process for non-Mandarin speakers, but here's what I've done and learned so far: You can purchase an "M-Zone" China Mobile pre-paid SIMCard from almost anywhere but I tried to purchase mine from Suning (a large electronics dealer) hoping they would be able to help me or answer my questions but my plan didn't work out at all. At Suning once I found someone who spoke some English they gave me the 55 RMB M-Zone China Mobile P........
  • Clustered/Distributed Network Filesystems, Which Ones live up to the hype?


    I've tried to find a good sensible solution to cluster with and each technology has it's pros and cons and there is no perfect solution and I've found a lot of "exaggerations" in the applications, benefits and performance of these different filesystems. DRBD I first started off with DRBD and Ihave to say it does live up to the hype, is quite reliable (although it can be annoying to match up the kernel module and user applications since they must match and whe........
  • iPhone Backgrounder Adds True and Real iPhone multitasking on jailbroken phones


    Apple crippled the iPhone by not allowing multi-tasking of the non-primary apps. I use SSH a lot and I don't want to close my session just to check my e-mail, etc, now an app found in Cydia called "Backgrounder" allows just that. Although it's not perfect, we installed the correct one for "3.x" iPhones and hit "Reload SpringBoard" and the hour/circle glass has just been going for minutes. It seems like it installed fine even with the crash t........
  • iPhone 3GS Jailbreak Information & Benefits


    Truly, the only way to unleash the capabilities and customization abilities of iPhone are to jailbreak, it's not just for hackers anymore. A few days ago someone by the named of "geohot" released a single click application called "purplera1n", which does the entire operation smoothly and seamlessly. In our case, the first time it went as far as "done, wait for reboot" on our Windows machine and for minutes we waited and saw the pic on the iPhone w........
  • Samba SMB Error - Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD


    Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD That happens when trying to use smbclient to connect to a share. The weird thing is that I can authnenticate just fine from Windows XP. It is partially my mistake, I forgot this share does have a password. I've tried authenticating with the correct user and also with "Guest" because this works in Windows. In Linux I ........
  • Rackable Systems and their Microslice Clustered 1U Servers


    Ithink there has been a lot of negative press towards Rackable Systems. We will give their new solution credit that it is marketed very well, and comes prepackaged and ready to go. But let's cut through the hype of both sides, the people who love this concept and the people who hate it. What Rackable Systems have done is a first, to minimize space, power and costs into small servers. This is great, and many companies have already built their own servers based........
  • Latest Articles

  • Linux and Windows Dual Boot Issue NIC Won't work After Booting Windows
  • Cisco CME How To Enable ACD hunt groups
  • How to install gns3 on Linux Ubuntu Mint
  • How to convert audio for Asterisk .wav format
  • Using Cisco CME Router with Asterisk as a dial-peer
  • Cisco CME How To Configure SIP Trunk VOIP
  • Virtualbox host Only Network Error Failed to save host network interface parameter - Cannot change gateway IP of host only network
  • Cisco CME and C7200 Router Testing and Learning Environment on Ubuntu 20+ Setup Tutorial Guide
  • Abusive IP ranges blacklist
  • How to Install Any OS on a Physical Drive from Windows Using VMware Workstation (Linux, Windows, BSD)
  • CDN Cloudflare how to set and preserve the real IP of the client without modifying application code on Apache
  • CentOS 7 fix Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=container error was 14: curl#6 -
  • Ubuntu Debian How To Install Recommended Packages Automatically
  • How to set Linux Ubuntu Redhat Debian Command Line http https socks proxy for yum apt
  • How to resize a pdf without losing much quality in Linux Mint Ubuntu Debian Redhat Solution
  • qemu: could not load PC BIOS 'bios-256k.bin' solution
  • Proxmox How To Custom Partition During Install
  • Hyper-V Linux VM Boots to Black Screen, Storage, NIC Not Found Issues
  • Ubuntu Mint How to Fix Missing/Broken /dev and /dev/pts which causes terminal to immediately close exit and not work
  • How high can a Xeon CPU get?