Category: Administration / Server

Monitoring your Network
04.04.2018

so i guess „monitoring“ is about two things: availability and performance: detect performance bottlenecks get informed if parts (harddisks) / servers have failed / are about to fail security: detect, report and (if possible) automatically fence off „unusual“ network activity […]

how to verify Debian ISO Image – BAD signature – how to sign a file – chain of trust – the problem with short key IDs
17.03.2018

make sure you downloaded the SHA512SUMS.sign from the same directory as the iso. https://keyring.debian.org/ https://www.debian.org/CD/verify https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/9.4.0+nonfree/amd64/iso-cd/ https://bits.debian.org/2016/08/debian-and-tor-services-available-as-onion-services.html otherwise you will get BAD signature. steps to reproduce: # download the iso image with non-free drivers (yes it sucks non-free drivers are […]

NGINX as HTTP proxy – vhosts and SSL for Tomcat
01.03.2018

Secure Socket Layer (SSL) is a protocol that provides security for communications between client and server by implementing encrypted data and certificate-based authentication. Technically, the term „SSL“ now refers to the Transport Layer Security (TLS) protocol, which is based on […]

apt yum exclude package from update upgrade
01.03.2018

maybe you want to run your own version of the kernel and you will have to prevent during an automatic update that this kernel will get „replaced“. same goes with firefox, thunderbird and LibreOffice yum and apt might not install […]

27.02.2018

in a script you can specify to save output to a file with current date/time like: LOGFILE=/path/to/logfiles/$(date ‚+%Y-%m-%d‘)_task.log echo „this script was run“ >> $LOGFILE; to cleanup regularly is important in order to ensure the harddisk does not fill up. […]

NMAP basic network scanning – overview over LAN
27.02.2018

What computers are online? What services/ports in what versions are online/open? over poorly or not so poorly documented LANs you can get an overview by using nmap. yum install nmap; # centos/redhatapt-get install nmap; # debian/ubuntu # get a quick […]

CENTOS7 – vnc server remote desktop setup howto screen sharing in 2018 – x11vnc error: socket: Address family not supported by protocol (97)
20.02.2018

UPDATED! checkout vnc section of: https://dwaves.org/2018/05/07/getting-started-with-raspberry-pi-2-model-b-v1-1-vs-odroid-xu4-vnc-display-0-and-1/ UPDATED AGAIN! if you have problems connecting and get the error message: „x11vnc error: socket: Address family not supported by protocol (97)“ then you probably have ipv6 disabled on the client. (and even if […]

CentOS7 setup virtualbox
07.02.2018

headless server: tested: 2018-10-17 on CentOS Linux 7.5 (Core) wget https://www.virtualbox.org/download/oracle_vbox.asc rpm –import oracle_vbox.asc cd /etc/yum.repos.d/ wget https://download.virtualbox.org/virtualbox/rpm/el/virtualbox.repo yum update yum search virtualbox yum install VirtualBox-5.2.x86_64 # if you want/need usb 3.0 extension package wget https://download.virtualbox.org/virtualbox/5.2.20/Oracle_VM_VirtualBox_Extension_Pack-5.2.20.vbox-extpack VBoxManage extpack install Oracle_VM_VirtualBox_Extension_Pack-5.2.20.vbox-extpack […]

Docker
29.01.2018

who is who? concepts: docker is written in Google Go by Docker Inc, SanFrancisco because it does not emulate any hardware – it is a linux container / sandbox or jail like Free BSD Jail or Solaris Zones or OpenVZ so […]

12.01.2018

When you reserve a new domain – and the registrar asks you for your (personal?) mail to be published in the whois database. You better give it a mail address designated for spam. I just received a spam letter at […]

amd arm intel cpus all got problems – Meltdown and Spectre – JavaScript could steal your Firefoxs Passwords
04.01.2018

Update: 2019.01: Redhat CPU fixes overview: Is CPU microcode available to address CVE-2017-5715 via the microcode_ctl package? https://access.redhat.com/articles/3436091 update 2018-03-15: from C’t: new micro codes for intel iCPUs (2011 and onwoards) seem to fix Spectre v2 (CVE-2017-5715) 60minutes: https://www.heise.de/security/meldung/Spectre-Luecke-Intels-Microcode-Updates-fuer-Linux-und-Windows-3994347.html update: […]

Sidexis4 – 3d xray and kvm virtualization
23.12.2017

as addressed here, kvm allows GPU pass through to VM. Basically making it possible to run Sidexis4 client on a linux host. when connecting via RDP (Microsoft Remote Desktop) Sidexis complains about the Graphic card being not suitable… but starts […]

How to setup Dokuwiki – where is the login admin screen?
22.12.2017

per default there is no admin/login screen… until you run install.php here is the complete setup documentary… have fun. ssh into your server create subdirectory mkdir /web/root/dokuwiki wget https://download.dokuwiki.org/out/dokuwiki-c5525093cf2c4f47e2e5d2439fe13964.tgz; # download tar fxv dokuwiki-c5525093cf2c4f47e2e5d2439fe13964.tgz; # unpack depending on your rights […]

20.12.2017

on intel / amd cpus/boards: use lm sensors: apt-get install lm-sensors; # install sensors-detect; # detect available temperature sensors, answer with YES usually # monitor cpu temp every second while true; do sensors|grep Core; sleep 1; clear; done; service kmod […]

19.12.2017

tested on: hostnamectl Static hostname: DebianLaptop Icon name: computer-laptop Chassis: laptop Operating System: Debian GNU/Linux 8 (jessie) Kernel: Linux 3.16.0-4-686-pae Architecture: x86 i assume you have your laptop/pc LAN connected to a switch/router and your default network card is eth0. […]

Linux CentOS7 install mate and virtualbox guest additions
17.12.2017

Update: as of 2019-01 and CentOS 7.6 the below setup may fail by now, for those reasons… BUT you CAN compile the latest kernel and all modules yourself (DON’T BE SHOCKED! YOU CAN DO IT! IT’S NOT ROCKET SIENCE!… just […]

06.08.2017

ome observers might well believe that the kernel has accumulated plenty of special-purpose virtual filesystems. Even so, 2.6.14 will include yet another one: securityfs. This filesystem is meant to be used by security modules, some of which were otherwise creating […]