• Cisco CME How To Configure SIP Trunk VOIP


    This is how we configure outside PSTNaccess or dialing through another SIPtrunk. Beware that this a simplistic example that neglects most security including SRTP First you'll need to be in config mode: Step - 1 Enter Voice Service VOIP security options There are more options but for now we'll just focus on security/allowing connections to and from our phones and the trunk. Router(config)#voice service voip ........
  • Cisco CME and C7200 Router Testing and Learning Environment on Ubuntu 20+ Setup Tutorial Guide


    Since newer versions of Ubuntu like 20, you will find there is no longer dynagen and that the dynamips provided is faulty and will segfault each time: Cisco Router Simulation Platform (version 0.2.14-amd64/Linux stable) Copyright (c) 2005-2011 Christophe Fillot. Build date: Apr 3 2018 12:20:29 Local UUID: 3c1c0b7f-2fab-4fda-b40b-74841d1bcfe0 Instance ID set to 1. netio_tap_create: unable to open TAP device tap1 (No such fi........
  • Abusive IP ranges blacklist


    Make sure this makes sense for you but I've started to block a lot of commercial Cloud services and easily accessible providers as they are a very high source of abusive traffic. The cost savings for a lot of organizations are huge, as you now have less bandwidth usage and less resource usage from garbage/bot/malicious traffic. This mainly works for when you can be reasonably sure that your audience has no business visiting your service(s) from freely accessible commercial IP ........
  • CDN Cloudflare how to set and preserve the real IP of the client without modifying application code on Apache


    Your frontend CDN (eg. Cloudflare or even your own load balancer/proxy) must be sending the X-Forwarded-For and you must be running Apache on the backend. This solves the problem where your logs and services will only see the proxy/CDN IP and not the real client IP. mod_rpaf will fix all of this This solution transparently sets the real IP of the client for Apache and any services that rely on........
  • hostapd example configuration for high speed AC on 5GHz using WPA2


    This example is using RTL8821AU chipset from a TP-Link T2U Plus USB adapter and other similar ones should work the same. Here's how to get this chipset RTL8821AU working in Linux. Here's how to get RTL8812 and RTL8822 working in Linux.........
  • Debian Ubuntu 10/11/12 Linux how to get tftpd-hpa server setup tutorial


    apt install tftpd-hpa #change TFTP_ADDRESS to by setting address to 192.168.1.1:69 or the IP you need, otherwise it will listen on all IPs and interfaces which could be a security risk. # edit /etc/default/tftpd-hpa TFTP_USERNAME="tftp" TFTP_DIRECTORY="/srv/tftp" TFTP_ADDRESS="192.168.1.1:69" TFTP_OPTIONS="--secure"........
  • How To Stop DNSMasq from listening on all IPs/Interfaces and allow only localhost


    Some people find it less than intuitive to do on DNSMasq and by default DNSMasq is available on 0.0.0.0 which could even be your LAN or Public IP. Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp ........
  • How to install and configure haproxy on Linux Ubuntu Debian


    haproxy is one of the best known and widely used Open Source load balancers out there and a strong competitor to nginx. haproxy is used by many large sites per Wikipedia: HAProxy is used by a number of high-profile websites including GoDaddy, GitHub,........
  • Virtualbox Best Networking Mode In Lab/Work Environment without using NAT Network or Bridged


    Virtualbox is a very powerful tool, but for some use cases it is less than optimal. Say you are in a work, lab or other environment where you are not alone on the physical network and there could be overlap of IPs, but you need all of your VMs to be contactable from your host, VMs need to communicate with each other, and VMs need internet. NAT Network will give you VM to VM communication and internet, however, it is buggy and unstable. It also doesn't allow host to VM co........
  • Linux How to Check Which NIC is Onboard eth0 or eth1 Ubuntu Centos Debian Mint


    So say you happen to have 2 NICs of the exact same chipset, they will generally show up as the same name, with possibly a different revision in lspci. Normally this is not an issue if you have a server with 4 NICs, generally the eth0 to eth3 appears from left to the right (or right to left on some vendors) so it doesn't take much figuring out. Generally if you have different chipsets for different NICs, it should be easy to know which one is eth0 or the first NIC in the OS.........
  • Cisco UC CME How To Enable Licensed Features


    Router#show license Index 1 Feature: ipbasek9 Period left: Life time License Type: Permanent License State: Active, In Use License Count: Non-Counted Lic........
  • amdgpu AMD GPU Xorg Won't Start [3576284.324] (EE) Segmentation fault at address 0x0 [3576284.325] (EE) Fatal server error: [3576284.325] (EE) Caught signal 11 (Segmentation fault). Server aborting


    Here is how Ifixed it on a Mint/Ubuntu install 1.) First download the latest AMDGPU-Pro driver from here: https://www.amd.com/en/support Navigate to your relevant video card: 2.) Download the installer One issue is that by default they give you a version for the latest version of........
  • MP3s Won't Play / ID3 Version 2.4 Issues in Cars and Other MP3 Players/CDs/DVDs Solution


    ID3 2.4 can cause various MP3 players, especially on vehicles or even computers, not to play or at least not to display the ID3 tags. In many cases though, since ID3 2.4 is much different than version 2.3, it will cause some players, especially in cars like Lexus not to play. Even on the computer, you may notice if you check the properties of the MP3 that it won't open or show any details (eg. frequency, bitrate and ID3 tags). One symptom of this in a vehicle (eg. Leuxs,........
  • LXC Containers LXD How to Install and Configure Tutorial Ubuntu Debian Mint


    If you are using mint, delete the preference that stops snap from installing (as it is required for lxc) sudo rm /etc/apt/preferences.d/nosnap.pref 1. Install lxd: sudo apt install lxd Issues install lxd or errors? Click here Debian at this time does not have lxd so you'll need to use snap: sudo apt in........
  • GlusterFS HowTo Tutorial For Distributed Storage in Docker, Kubernetes, LXC, KVM, Proxmox


    This can be used on almost anything, since Gluster is a userspace tool, based on FUSE. This means that all Gluster appears as to any application is just a directory. Applications don't need specific support for Gluster, so long as you can tell the application to use a certain directory for storage. One application can be for redundant and scaled storage, including for within Docker and Kubernetes, LXC, Proxmox, OpenStack, etc or just your image/web/video files or even da........
  • Docker Tutorial HowTo Install Docker, Use and Create Docker Container Images Clustering Swarm Mode Monitoring Service Hosting Provider


    The Best Docker Tutorial for Beginners We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
  • How To Create OpenVPN Server for Secure Remote Corporate Access in Linux Debian/Mint/Ubuntu with client public key authentication


    Why choose OpenVPN instead of a firewall appliance? OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time. When comparing OpenVPN with traditional firewal........
  • HongKong VPS Server, Cloud, Dedicated Server, Co-Location, Datacenter The Best Guide on Hong Kong, China Internet IT/Computing


    In our 2024 VPS Server/Cloud Buyer's Guide, we place the location of your VPS/hosting/server as one of the priorities that is often overlooked. 2024 Update - Datacent........
  • How to install Kubernetes with microk8s and deploy apps on Debian/Mint/Ubuntu Linux


    Kubernetes Easy Beginners Tutorial/Architecture Guide Kubernetes is known as container orchestration and we should start at explaining the container part of it. A Container is what runs the actual application and based on an Image, and are more comparable to something like an LXC Container, Virtuozzo/OpenVZ using the Linux Kernel Namespaces feature. Containers run these images as independent, isolated operating environments under the O........
  • EFI PXE grub2 Howto guide for Linux EFI PXE Booting on Debian, Mint, Ubuntu, RHEL


    Just a quick note and warning is that if you are testing to see if EFIPXE booting works on a VM, MAKE SURE it actually works. For example Iinitially tested using my Distro's QEMU 2.5+dfsg-5ubuntu10.46 and ovmf BIOS firmware (OVMF supports EFI). However, I found on old versions of QEMU (like 2.5), EFIbooting with GRUB NEVER works so it may appear that you have made a mistake when everything is fine when you boot a physi........
  • Juniper JunOS Command Overview and Howtos Switch, Router, Firewall Tutorial Guide


    Enable "cli" mode equivalent in JunOS cli Configure Mode configure So rather than going to the console on a Cisco switch and typing "enable" and then "conf t", the equivalent in JunOS is "cli" and "configure". How Do You Apply Changes You've Made? You can make all kinds of changes to the switch, but remember they are not........
  • ffmpeg how to concat and join two video clips


    This normally works but if not use my mencoder solution if the output video does not play past the joined time. the contents of list.txt need to look like this: file somefile.mp4 file somefile2.mp4 then run ffmpeg ffmpeg -f concat -i list.txt -c copy CME-2-router-dial-peer-final.mp4 The result is almost instant joining since there is no video processing since we are........
  • dynagen / dynamips 100% high CPU usage solution - how to set the idlepc value


    The idlepc value is very important to dynamips and it is both image and often CPU dependent. There is no "magic"value that will work for all images and all CPUs so this is why I'll show you a quick and handy way. Also don't be disappointed, some values do not work well but idlepc gives you several. For example in my example below #6 didn't help at all but #7 got me down to about 6% CPU from 99-100%. *Befo........
  • How To Setup a Cisco CME (Cisco Manager Express) Virtual Router under Linux using dynamips and dynagen


    This tutorial will get your router up and running using emulation tools. In this case we'll be getting a Cisco C7206 (C7200 series) VXR router going which also supports SCCP VOIP services. dynamips is the emulator itself and dynagen is the front-end tool that helps us control everything. It is used by tools such as gns3 and eve-ng. Together the two tools (dynamips and dynagen) allow us to create and emulate REAL router........
  • Asterisk Does Not Retry When Authentication Fails


    When authentication times out that is one thing, but when it just fails like below Asterisk by default will not re-register until you the admin reload the sip or asterisk server: voipserver*CLI> sip show registry Host dnsmgr Username Refresh State&........
  • Linux tftp listens on all interfaces and IPs by DEFAULT Security Risk Hole Solution


    Just edit your tftp file for xinetd like this: *Change the IPto be the IPof the interface you want to listen on. To test if your tftp is available on a certain IP range use nc -u yourip 69 to see if you can still connect (/var/log/messages or /var/log/syslog) should show the connection if it is open. Oct 13 23:20:34 01 xinetd[26631]: Started working: 1 available servic........
  • Virtualbox vbox not starting


    If you've just installed VBox and it is not starting or working, the most common problem is usually that you don't have your kernel source installed, which means there is no kernel driver for vbox so it can't work. You may get an error that says "Kernel driver not installed" in your Virtualbox. So the first thing you should do is install your kernel source by running this: sudo apt-get install linux-headers-`uname -r`........
  • Cisco Unified Communications Manager 12 Install Errors on Proxmox/KVM


    The strange thing is that usually the first install or two will work on any new machine but then it suddenly won't. I had this experience on QEMU 2.13 on a different machine. There is something finicky or buggy about the CUCM installer even when choosing the same virtual hardware specs. qemu-kvm command: /usr/libexec/qemu-kvm -version QEMU PC emulator version 0.12.1 (qemu-kvm-0.12.1.2-2.506.el6_10.1), Copyright (c) 2003-2008 Fabrice Bellard ........
  • Linux Bash Script To List All Connected IPs and their network name


    for ip in `netstat -nt|awk '{ print $5 }'|cut -d ":" -f 1|tail -n +3|sort|uniq`; do echo $ip;whois $ip|grep -i netname;echo "---------------------------" done 77.88.47.40 netname: YANDEX-77-88-47 --------------------------- 40.77.167.5 ------........
  • Centos 6 / 7 / 8 How To Change Default nameservers in /etc/resolv.conf when using DHCP / dhclient


    First we need to create dhclient.conf if it doesn't exist or edit it: vi /etc/dhclient/dhclient.conf #add this line at the top add the IPs as commas they will be the highest priority nameservers and whatever your ISP gives you will be used after these one (good for DNS backup) prepend domain-name-servers 127.0.0.1,10.10.25.8; After you restart your network or run dhclient again you should see the contents of........
  • iSCSI on Centos 7 Configuration and Setup Guide for Initiator and Target


    initiator = client target = server These are the first concepts you should understand which is that in iscsi essentially the "initiator" is the client and the "target" is the server. iSCSI is derived from the old fashioned SCSI that us oldtimers grew to love. The "i" stands for Internet and the SCSI stands for "Small Computers Systems Interface" (SCSI). iSCSI Target (Server)Setup targetcli is the pac........
  • vmkping -I vmk1 10.0.2.69 PING 10.0.2.69 (10.0.2.69): 56 data bytes sendto() failed (Host is down)


    [root@localhost:~] vmkping -I vmk1 10.0.2.69 PING 10.0.2.69 (10.0.2.69): 56 data bytes sendto() failed (Host is down) vsphere distributed switch vmotion not working [root@localhost:~] esxcfg-route -l VMkernel Routes: Network Netmask Gateway Interface&........
  • VMWare ESXi 6.7 SSH/PowerShell CLI Commands


    [root@localhost:~] BootModuleConfig.sh echo host-ind nfcd........
  • [warn] VirtualHost 10.2.5.101:443 overlaps with VirtualHost 10.2.5.101:443, the first has precedence, perhaps you need a NameVirtualHost directive


    [root@thetor2017 conf]# service httpd restart Stopping httpd: [ OK ] Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers, lowering MaxClients to 300. To increase........
  • not allowed to execute '/usr/bin/apt-get install eclipse' as root linux sudo user permisson issue and solution


    This is most likely to happen on a normal GUI system like Ubuntu or Linux Mint. If you or the user is meant to have sudo / root privileges it is as simple as editing the following files: Now assume your username is "iamtheuser" vi /etc/group adm:x:4:syslog,iamtheuser sudo:x:27:anotheruser,iamtheuser Find the above lines and add a comma and "ia........
  • Apache htaccess Custom ErrorDocument not working properly for root home page 403 Error Issue and Solution


    So I have a domain "testdomain.com". Inside test domain.com's root is the following .htaccess: Options +FollowSymLinks -Indexes ErrorDocument 403 /launch/index.html Order Deny,Allow Deny From All Allow From 192.168.1.2 When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html It will show the right error in /launch/........
  • htaccess apache how deny/allow to block or allow by IP address


    order deny,allow Deny From All Allow From 8.8.8.8 A simple and quick way to improve security by only allowing specific IPs to your web application. In this case the above allows only the IP 8.8.8.8 to access things and everything else is denied.........
  • How To Secure Samba NMBD/SMBD to bind to a specific IP address


    By default Samba SMB/NMB listen on ANY and ALLIPs on your system by binding to 0.0.0.0. Obviously this is a huge security risk if you have a public facing server with both internal and external access. Usually when a system administrator sets up a samba server their intention is just to share with a LAN. To do this you need to the following options under the [global] section in smb.conf bind interfaces only = yes interfaces = 192........
  • l2tp ipsec VPN Error Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated


    Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Some say changing the "leftprotoport=17/%any" will fix this but I have not found this to be the case. Essentially it means at least one end is blocking the ipsec packets. Sometimes the %any allows an alt........
  • USB 3.0 PCI x1 Card Review VIA VL805 on Linux Review and Experience


    This is a VIA made VL805 USB 3.0 Chipset with 4-ports and MOLEX powered. First of all this unit was cheap at about only 9 USD with fast shipping. My biggest concern was if this was a quality unit and would it really give you full USB 3.0 speeds (some people reported with similar cards that for some weird r........
  • Openshot 2.2 is very unstable always crashing in Linux Mint 18.1!


    Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Missing folder chosen by user: Jun 1 15:45:42 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: project_data:INFO Removed missing file: MAH02949.MP4 Jun 1 15:45:57 videoeditor-desktop org.mate.panel.applet.MintMenuAppletFactory[1882]: ui_util:WARNING Icon theme media-playback-start not found. Will use backup........
  • MySQL Add multiple IPs for remote user including root howto


    To grant the IP 192.168.2.4 to user mysqlguy GRANT ALL ON *.* TO 'mysqlguy'@'192.168.2.4'; To allow any IPfor mysqlguy just use the wildcard % character GRANT ALL ON *.* TO 'mysqlguy'@'%'; Also note it is normal and fine to have multiple entries in the mysql table.........
  • Centos 5 OpenSSL does not support TLS 1.2 Apache Error


    [Thu Jan 26 14:13:31 2017] [notice] caught SIGTERM, shutting down [Thu Jan 26 14:14:00 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Jan 26 14:14:00 2017] [error] Server certificate is expired: 'Server-Cert' [Thu Jan 26 14:14:00 2017] [notice] SSL FIPS mode disabled [Thu Jan 26 14:14:07 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Jan 26 14:14:07 2017] [error] Server certificate is expired: 'Server-Ce........
  • The connection was reset The connection to the server was reset while the page was loading.


    In Firefox I cannot connect to any website, proxy is disabled and outside network access is confirmed, no system or manual proxy was set on this Linux Mint/Ubuntu system. Normally this can be caused by proxy or DNS problems and the weird thing is that traceroute and ping to other IPs worked fine but even connecting to sites by IP was not working. The connection was reset The connection to the server was reset while the page was loading.........
  • Nvidia Linux Card not working due to LSI 9200/SAS2008 IRQ conflict


    At first my BIOS said the card may not work right because there is no more option ROM space. I disabled the Option ROM for both LSI 1068 and 2008 chipsets, Network Boot ROM and most other PCI slots, Serial Port, etc... and the message went away but the card still does not work properly. But it still cannot initialize the card properly(does not work): [ 33.943272] NVRM: This PCI I/O region assigned to your NVIDIA device is invalid:........
  • Linksys E2500 DD-WRT Upgrade Instructions and Enabling 5ghz with Tomato Firmware


    1.) Flash directly to this file: http://tomato.groov.pl/download/K26RT-N/build5x-132-EN/Linksys%20E-series/tomato-E2500-NVRAM60K-1.28.RT-N5x-MIPSR2-132-Max.zip *I was never able to get the larger "Mega" file to work, at least not initially so I recommend the file above. To enable 5ghz I had to do the "Clear NVRAM" Option before it was shown. 2.) Or if you don't need 5ghz (most devices do not support it and cannot........
  • status: { DRDY ERR } error: { ICRC ABRT } failed command: WRITE FPDMA QUEUED MCP55 Linux Errors


    [ 2868.041375] ata1: EH in SWNCQ mode,QC:qc_active 0x40 sactive 0x40 [ 2868.041554] ata1: SWNCQ:qc_active 0x40 defer_bits 0x0 last_issue_tag 0x6 [ 2868.041556] dhfis 0x40 dmafis 0x40 sdbfis 0x20 [ 2868.041874] ata1: ATA_REG 0x41 ERR_REG 0x84 [ 2868.042013] ata1: tag : dhfis dmafis sdbfis sactive [ 2868.042163] ata1: tag 0x6: 1 1 0 1 [ 2868.042301] ata1.00: exception Emask 0x1 SAct 0x40 SErr 0x400000 action 0x6 frozen [........
  • initial Main Mode message received on 192.168.5.94:500 but no connection has been authorized with policy=PSK


    If you are getting this error from Pluto/IPSEC it is almost always due to a routing or NAT issue.........
  • Linux CLI command to rip audio CD and encode convert to MP3s


    This command rips the audio tracks to .wav files *I recommend making a new directory with the name of the audio disc first and executing everything from within that directory below. cdparanoia -B Use the lame mp3 encoder to encode each one with this script: *Note that this will encode any other files ending in "cdda.wav" for track in `ls *cdda.wav`; do lame -b 192 $track; done........
  • Dell CS24SC Server Info


    Dell CS24SC Info 0000:00:00.0 Host bridge: Intel Corporation 5100 Chipset Memory Controller Hub (rev 90) 0000:00:02.0 PCI bridge: Intel Corporation 5100 Chipset PCI Express x8 Port 2-3 (rev 90) 0000:00:03.0 PCI bridge: Intel Corporation 5100 Chipset PCI Express x4 Port 3 (rev 90) 0000:00:04.0 PCI bridge: Intel Corporation 5100 Chipset PCI Express x16 Port 4-7 (rev 90) 0000:00:05.0 PCI bridge: Intel Corporation 5100 Chipset PCI Express x4 Port 5 (rev 90)........
  • Dell CS10-F1D Server Info lspci Linux specs


    0000:00:00.0 Host bridge: Intel Corporation 5000P Chipset Memory Controller Hub (rev b1) 0000:00:02.0 PCI bridge: Intel Corporation 5000 Series Chipset PCI Express x8 Port 2-3 (rev b1) 0000:00:03.0 PCI bridge: Intel Corporation 5000 Series Chipset PCI Express x4 Port 3 (rev b1) 0000:00:04.0 PCI bridge: Intel Corporation 5000 Series Chipset PCI Express x8 Port 4-5 (rev b1) 0000:00:05.0 PCI bridge: Intel Corporation 5000 Series Chipset PCI Express x4........
  • Centos automatic ifcfg-eth0 scripts based on list of IPs from bash


    It's a basic script that reads the file "ips.txt" in the current directory and then creates a corresponding ifcfg file     #!/bin/bash GATEWAY=192.168.1.1 NETMASK=255.255.255.0 device=eth0 counter=0 for ips in `cat ips.txt`; do........
  • heatbeat ERROR: NV failure (msgfromsteam): [>>> ] ha_msg_add_nv_depth: line doesn't contain '='


    Apr 17 11:55:47 Cluster01 heartbeat: [1426]: WARN: ha_msg_add_nv_depth: line doesn't contain '=' Apr 17 11:55:47 Cluster01 heartbeat: [1426]: info: >>> Apr 17 11:55:47 Cluster01 heartbeat: [1426]: ERROR: NV failure (msgfromsteam): [>>> ] I have never been able to reproduce the above but it happened on heartbeat-3.04-2 when Itook a node down for testing. One thing Ibelieve caused it was by configuring ha.cf........
  • cPanel VPS Server Cannot Login as root


    I was worried the server was hacked, I was logged in already as root but couldn't login to CPanel or a new SSHsession. I even reset the password from the shell and it did not work still. The reason is CPanel Hulk, it detected a brute-force attack so it locked down the root account entirely even from the correct password. According to cPanel the best way around this is to whitelist your IP.........
  • SSH HowTo Create Port Forwards


    ssh -L 5905:localhost:5900 root@yourserver.com The "-L" means to create a port forward to a port on your server. The 5905 means the port on your computer that will be used to access the port 5900 on the remote server. localhost is the IP that you use to access the port forward (you can change it to 0.0.0.0 which will be all IPs on your system/computer but localhost is good for security and privacy unless a whole network of people need access).........
  • cPanel Find/Set Main DNS Servers for Template Howto


    Go to: "Server Configuration" -> Basic cPanel & WHM Setup Scroll to: "Nameservers" (at the bottom) From there you can set the names of the nameserver and their IPs. It's very weird and confusing that nothing under IP Functions/DNS has or links to this.........
  • htaccess allow only certain IPs howto


    order deny,allow deny from all allow from your.ip.here ........
  • Dell CS24-NV7 Howto Enable LAN/NICs and PXEBoot in the BIOS


    Dell CS24-NV7 Unusually the Virtualization was enabled when I got this server but all the NICs were diabled in the BIOS including PXE boot! Advanced -> Advanced Chipset Control PCI Slot 1 Option ROM: Enabled Onboard LAN1 Control: Enabled LAN1 Option ROM Scan: Enabled (you need it for PXE boot) Onboard LAN2 Control: Enabled LAN2 Option ROM Scan: Enabled *you will need to reboot and........
  • Apache SNI is not needed what is the issue?


    Iread this article and still don't understand the issue. If I understand correctly the client negotiates after the first SSLconnection and then gets the correct hostname and thus correct certificate. http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI To their credit I know I'm not using SNIbecuase Iget this message in the Apache log :) [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!! B........
  • htaccess block IPs while RewriteEngine/modrewrite is enabled solution


    Istruggled with this for awhile because the normal setup won't work if modrewrite is being used: ORDER ALLOW, DENY So the solution is something like this: order allow,deny deny from 12.43.12.0/24 allow from all ........
  • Sendmail Gmail.com blocking


    relay=alt4.gmail-smtp-in.l.google.com. [74.125.136.26], dsn=4.0.0, stat=Deferred: 421-4.7.0 [ 10] Our system has detected an unusual rate of This is strange because the mail server IP is not blacklisted anywhere and the IP itself has not been used for years and this server is clean and has only sent a few e-mails to gmail.com in its entire time. I wonder if this is a legacy block on a whole range of IPs as punishment for others in the block........
  • Dell Perc 6/i Restore BIOS/Bricked Solution Guide Howto


    I bricked one of my cards by following a guide from UNRAID. Step #1 from them wipes out the BIOS, but guess what? The step where you restore the BIOS should have been done first, which is sas2flash but no version supports or is able to find my Perc 6/i. So now I'm a bit stuck. I tried using megarec but it's funny that it can wipe the BIOS but can't forcefully reload it: megarec -writesbr 0 mpt2sas.rom Supports 1078 control........
  • Dell Perci 6/i Firmware Upgrade Guide Tutorial


    One thing to remember is that you need MegaCli to do the flashing. You also need the correct file,I tried at least 2 different Perc 6 firmwares from Dell that kept getting rejected as corrupt by MegaCli(they were really the wrong version). I have an external PCI-E Dell 6 Perc/I butI chose images from the 'Integrated" on motherboard version as it was allI could find. They are different, and below is my first time finding success.........
  • LSI MegaRAID Adventures, Guide and HowTo


    LSi Megaraid At first it was configured as a RAID 0, then I deleted the Virtual Disk Group. I thought both drives would be shown and detected in Linux as sda and sdb but it actually shows nothing. To make them work you have to hit Ctrl+R before the system boots (when prompted) and create a Virtual Disk Group. In my case I created each one as RAID 0 (with a single drive only) as I just wanted JBOD but there is no such option or default in these Dell Pe........
  • CPanel domain not working properly: http://vps.thedomain.com/domainnotknown.html Solution


    The Cause Basically it's usually because your Cpanel has new IPs and the old IPs it knows are no longer available/working/valid. The solution is to change the site's IP but you may run into issues for various reasons. Here is what I encountered below. It redirects there even though public_html is empty and doesn't have any index or htaccess redirect. --- This issue happened after a CPanel migration, the site is bein........
  • iptables redirect ports to a different host and port + NAT Masquerade howto/solution


    This is important if you need public access to internal IPs such as at your office and don't want to use a VPN just to SSHinto different servers: Below forwards the port "10001" to the IP192.200.5.53 on port 22 (of course adjust it to your needs). iptables -t nat -A PREROUTING -p tcp --dport 10001 -j DNAT --to-destination 192.200.5.53:22 Remember to enable MASQUERADE on your NAT IPs or they won't be able to talk to the outside world (........
  • SSH Can't Login/Hang


    Client Log OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_d........
  • Centos 6 RTL8111/8168B r8169 link up and down error solution/fix


    02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 03) For whatever reason it seems the r8169 driver that ships and has shipped with most Linux distros for years is still flawed and does not work properly on these cards, causing 100mbit connectivity when it should be 1gbit and even worse, causing random network dropouts. The r8169 driver in Linux kernels is simply not meant to be used on th........
  • OpenVZ - how to manually restore a VPS from another host or backup


    There are 3 pieces that are required to restore and make it work (of course consider if any kernel modules need to re-enabled and if you need to change the IPs): Copy the vz/private/VEID directory to /vz/private Copy the /etc/vz/conf/VEID.conf to /etc/vz/conf/ mkdir /vz/root/VEID After that you should be able to see the VE in vzlist -a You should then be able to start it normally.........
  • Setup PXE Boot using Centos and dhcpd, tftp and syslinux


    This is something I often setup for clients because it's very helpful for people in datacenters, this allows custom OS installs on demand, you can customize it more by using kickstart etc.. but here's a base I use before customizing more: This little script below will install everything you need to get booting by PXE Linux. It also assumes you set a local IP (be sure not to overwrite your existing IP) on eth0:0 (note the :0) as 192.168.1.10 and it........
  • Linux/Centos how to block SSH bruteforce/dictionary attacks automatically with denyhosts


    A lot of people become nervous (and understandably so) when checking their auth or security logs, in Centos /var/log/secure and see dozens, hundreds of even thousands of attempted logins to various services, especially SSH. Of course you could manually block these people/IPs but no one has time to read the logs like that, what if some program or script could do it for you? This is what denyhosts does for you, it checks the logs and based on a certain number of failed SSH attem........
  • OpenVPN don't use bridgestart.sh or bridge at all use iptables


    I used the suggested script to bridge from OpenVPN and it took my client's server off-line! Don't ever use their "sample" scripts if you don't have another way of accessing the server than SSH. I actually found it easier to use iptables to tell it to route IPs based on a certain subnet to route through eth0: iptables -t nat -A POSTROUTING -s 192.168.200.0/24 -o eth0 -j MASQUERADE Replace "192.168.200.0/24" with your subnet of cour........
  • 2011 Best Laptop - HP 15.6" Laptop featuring AMD Athlon II P340 Processor (G62-420CA)


    My mother needed a new laptop and I recommended her the same one I would have bought myself or my wife, that means the cheapest possible laptop with the most features for the money. This HP shines at this price point and one thing that made me stay away from buying more and recommending HP/Compaq was the poor battery life. Not anymore, this model has an industry leading up to 4 hours of battery life. Key Factors for Choosing It: HDMI Out........
  • Yahoo Mail (email) DNS Server Out Of Date Problems


    I don't expect this to be solved soon but some of Yahoo's DNS servers are out of whack. I changed the IPs of some nameservers of some domains and now most Yahoo users can't e-mail to those domains! As you can see below by the "No MX or A records for mychangedomain.com", now Yahoo's DNS/mailserver DNS cache is wrong. You would think they would at least have cached the old incorrect records, but instead for some reason their DNS cache has no entry and doesn't seem........
  • email server messsages rejected without reverse DNS DNS check failure Client host rejected: cannot find your reverse hostname Cannot resolve PTR record


    Basically you should always be 100% sure that whatever IPyour mail server sends out with has reverse DNS/PTR records. Remember that unless you own your IPs then you won't be able to set your own reverse DNS. Even if you were to create a reverse PTR record on your DNS servers it will be ignored. Reverse DNS is queried to pre-assigned DNS servers of your ISP, so therefore you'll need to contact your ISP/Colo/Hosting provider to do a reverse DNS entry. If you don't have........
  • CPU #1 not responding - cannot use it.


    I think this will be useful to others because I have a server that kept crashing mysteriously during intense disk usage/RAID checks. It would only crash during the weekly RAID integrity check. ThenI noticed during a reboot that not all CPUs were being brought up, as a result this actually creates much higher temperatures with the output I got from sensors, just booting the system produced higher than normal temperatures. You can imagine that a full blown RAID check........
  • rsync preserve attributes, permissions/ownership and times without being root non-root user


    One of the purposes of rsync is to backup whole filesystems and archive them but how can you do that properly and restore things to normal if all permissions and ownerships are not preserved from your root filesystem? It's not desirable to have everything running as root, especially not just for an rsync. The Easy rsync preserve permission solution for non-root users sudo is the answer and all you have to do is edit /etc/sudoers At the end o........
  • yum in Centos 5/Xen halts and exits suddenly


    yum exits in the middle The problem is this VPS seems to be an OpenVZ template from HyperVM. The only way to make it work was to disable i386 packages since this was an x64 kernel. That shouldn't be necessary but it was the only way to make yum stop quitting after the first package or two. I couldn't find any issue by checking the logs either. echo y|yum install vim-minimal telnet expect jwhois net-tools slocate iptables elinks gawk L........
  • Subnet Mask Lengths / Quick Reference


    Subnet Mask Lengths / Quick Reference This is for when you say how many IPs would be in a /20 or /24 Now instead of doing math just remember this table or visit here more often :) /32 1 IP Address(es) /31 2 IP Address(es)........
  • How not to change an IP address in CPanel during a migration


    /usr/local/cpanel/bin/swapip domain(s) It simply doesn't work, the Apache VHOSTS remain 100% unchanged, why does this script exist? I'm sure it would work from the control panel but I am locked out because my IP was changed and it doesn't match the CPanel license. I wish CPanel would make it easier to update the license IP. I even took it a step farther, I manually edited the vhosts and restarted Apache and it........
  • sed script to automatically update IPs in named/BIND and httpd/Apache


    Always make a backup of the original file before trying this, I find this kind of thing when updating IPs etc.. to use a script. Where the old IP is "192.168.5.8" and the new IP is "10.10.5.8" sed -i s/192.168.5.8/10.10.5.8/g testdomain.org.db The -i with sed means "inline" meaning we edit the file directly, but without the -i we could just use >and output the results to another file or do whatever else we wanted.........
  • Realtek r8169 1gbit/1000mbit NIC/Ethernet Goes Down/Halts on Large File Transfer/Heavy Network Usage


    This is obviously a bug in the r8169 kernel module and it seems to affect a lot of people. I upgraded to the latest kernel and hope this won't happen anymore, as it is a very serious error. This is especially serious for those who are running servers with this chipset, who can afford for the NIC to randomly go off-line for no apparent reason? [655548.189113] type=1505 audit(1277067560.902:5): operation="profile_load" name="/usr/bin/freshclam&q........
  • cPanel complaint - No Shared SSL! cPanel 11.25.0-R46156 - WHM 11.25.0 - X 3.9


    I've recently used CPanel on the admin side for the first time and have to say I hate it. Everything from the layout to the functionality screams "hackish". It just lacks so many common sense features and way of working. I was never 100% impressed with Plesk but the basics were definitely laid out and done in a sensible manner, even though it is made by a Russian company, they definitely thought about how to make a Control Panel. I have no idea why people........
  • How To Set DHCP/Static IP Address in Centos/RHEL/Fedora & Debian/Ubuntu/Kubuntu/MEPIS Set DHCP/Static IP Address


    Basically the two main types of distros are Debian and RHEL/Centos based. I'm just going to give a quick overview of how the configuration of IP interfaces works in Debian/Centos based distros. *Just one thing to remember, when setting IPs statically you have to manually specify a DNS server in /etc/resolv.conf (since DHCP is what normally does it automatically) Debian/Ubuntu/Kubuntu/MEPIS The IP (DHCP &........
  • Intel Corei5 750 Complaint/Onboard Video Issue on Intel H57 chipset not working


    Do you have an LGA1156 board and wonder why your onboard video isn't working? It's probably because there is no GPU integrated on the board itself, it is supposed to be on the CPU and new CPU's from Intel don't come with it! I was shocked to learn that you can buy a motherboard with onboard video which doesn't work. Inever knew it was being done or possible, but to make it worse the latest Core i5's don't have video on the die of the CPU. This means having on........
  • Unixbench Score on Core i5 750 with OpenVZ Kernel vs Xen/Openvz


    This was unbelievable how much the Xen kernel slows things down, keep in mind both tests were done on the hostnode, one was with the Openvz-Xen hybrid kernel and the other was just OpenVZ. You can see the performance difference is nearly 300% better when not using the Xen kernel. OpenVZ-Xen Kernel Test Results (I was wondering what was wrong/so slow with my Core i5!) # # # # # #&n........
  • Compaq V2405CA Laptop - Unixbench Performance Test


    Here are the results, it is Sempron 3000+ AMD Mobile, 500Gig HDD, 512MB RAM with shared ATI Radeon graphics. # # # # # # # ##### ###### # # #### # # # # ## # # # #&nb........
  • PHP cannot access /usr/bin/openssl


    PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist: [code:1:1fd0f3abbe] if (!file_exists($OPENSSL)) { //echo "ERROR: OPENSSL $OPENSSL not foundn"; }[/code:1:1fd0f3abbe] I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
  • Upgrade Release Kernel Tips


    Upgrade Release Kernel TipsThis is for CentOS 3.1 to 3.8 but the methodology will apply everywhere. I ran into a problem first of all with a non-booting system after running #yum update centos-release It took me to 3.8 and upgraded all the other packages [b:7e931c835d]BUT[/b:7e931c835d] because of some stupid flags enabled in /etc/yum.conf the KERNEL WASN'T UPGRADED SO AFTER BOOTING, WELL IT DIDN'T BOOT OF COURSE :) H........
  • E-mail (Thunderbird) with GnuPG encryption


    E-mail (Thunderbird) with GnuPG encryptionThis is great tool for Mozilla Thunderbird which allows you to encrypt your e-mails so only you and the receiver can view it even if the e-mail is intercepting or obtained by another person. The only small catch is that you of course have to install an extension to Thunderbird and then configure each account you want to use it with. Really it can probably all be done in a few minutes and the effort is worth it.........
  • Intel's Finnish Fetish


    Intel's Finnish FetishIntel's Finnish Fetish By Dave Mock June 13, 2005 Chipmaker Intel (NASDAQ: INTC) has successfully topped the personal computer market for decades. Breaking into related areas such as communications has been much difficult for the world's largest semiconductor maker. But a new partnership with Nokia (NYSE: NOK) could help to change that. Intel's forays into cellular-phone and home-entertaiment-device chips have........
  • Basic Port Listing


    Basic Port ListingHopefully someone finds this useful or at least interesting. http://www.sans.org/top20/#u9 Name Port Protocol Description Small services ........
  • Tyan S2735-8M Maximum Hard Drive Limit/Not Working/Doesn't work with 1TB 1000GB hard drives


    Inever saved any of the logs, but basically no matter what OS (Linux)I used, I could not get my 1000GB hard drive to work (Seagate SATA). The BIOS recognizes the drive and fdisk -l shows the hard drive as it should. The tricky thing is that different OS's will give you different results, but don't be fooled. You can't use these larger drives for long. Iwas getting all kinds of seek/IOerrors and also messages that the port could not be read.........
  • RTL8111/8168B R8169 Gigabit Link slow speeds


    This is the Intel Atom 330 motherboard with integrated Realtek Gigabit NIC (Intel Desktop Board D945GCLF2 Motherboard W/ Atom 330 1.6 GHz Dual Core Processor - Mini-ITX) I cannot achieve more than 15 MB/s, even doing a local transfer through eth0 to it's own IP. 100% 95MB 15.9MB/s 00:06 So this is not a cabling, switch or hardware issue, it seems like a driver or chipset limitation problem. Here is my........
  • Latest Articles

  • How to install gns3 on Linux Ubuntu Mint
  • How to convert audio for Asterisk .wav format
  • Using Cisco CME Router with Asterisk as a dial-peer
  • Cisco CME How To Configure SIP Trunk VOIP
  • Virtualbox host Only Network Error Failed to save host network interface parameter - Cannot change gateway IP of host only network
  • Cisco CME and C7200 Router Testing and Learning Environment on Ubuntu 20+ Setup Tutorial Guide
  • Abusive IP ranges blacklist
  • How to Install Any OS on a Physical Drive from Windows Using VMware Workstation (Linux, Windows, BSD)
  • CDN Cloudflare how to set and preserve the real IP of the client without modifying application code on Apache
  • CentOS 7 fix Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=container error was 14: curl#6 -
  • Ubuntu Debian How To Install Recommended Packages Automatically
  • How to set Linux Ubuntu Redhat Debian Command Line http https socks proxy for yum apt
  • How to resize a pdf without losing much quality in Linux Mint Ubuntu Debian Redhat Solution
  • qemu: could not load PC BIOS 'bios-256k.bin' solution
  • Proxmox How To Custom Partition During Install
  • Hyper-V Linux VM Boots to Black Screen, Storage, NIC Not Found Issues
  • Ubuntu Mint How to Fix Missing/Broken /dev and /dev/pts which causes terminal to immediately close exit and not work
  • How high can a Xeon CPU get?
  • bash fix PATH environment variable "command not found" solution
  • Ubuntu Linux Mint Debian Redhat Youtube Cannot Play HD or 4K videos, dropped frames or high CPU usage with Nvidia or AMD Driver