Thursday, May 31, 2007

Deploying OpenSSH on AIX.

Learn how to improve the security and integrity of your AIX® servers using network services provided by the OpenSSH implementation of the Secure Shell protocol.

This tutorial is designed for administrators of IBM RS/6000 systems who wish to improve the security and integrity of their servers running AIX by replacing standard insecure network services with those provided by the OpenSSH implementation of the Secure Shell protocol.

Neither general network security, nor the use of the SSH client software is discussed in-depth in this tutorial. The primary focus of this tutorial is to detail the necessary components, steps, and configuration required to compile OpenSSH and its prerequisites from source to deploy across AIX systems.

Backing up MySQL data.

Backing up files and directories is relatively easy; databases, however, have some special quirks that you need to address. Our examples use MySQL, but the same principles apply to PostgreSQL and other relational databases.

This article is excerpted from O'Reilly's recently published book Linux System Administration .

Wednesday, May 30, 2007

Industrial-strength Linux lockdown - Removing the shell

For technical and non-technical users alike, maintaining a large installed base of Linux machines can be a harrowing experience for an administrator. Technical users take advantage of Linux®'s extreme configurability to change everything to their liking, while non-technical users running amok within their own file systems. This tutorial is the first in a two-part series that shows you how and why to lock those machines down to streamline the associated support and administration processes. In this tutorial, you learn how to remove the interpreters from the installation base system.

Tuesday, May 29, 2007

PERL --

This web document is a re-organized version of the "perl.1" man page for PERL version 4. (I will not be producing a revised version for Perl5. However, someone else's hypertexted Perl5 manual may be found at many sites, including perl.com)read more

Discover the Linux Kernel Virtual Machine.

Linux® and flexibility go hand in hand, and the options for virtualization are no different. But recently, a change in the Linux virtualization landscape has appeared with the introduction of the Kernel virtual Machine, or KVM. KVM is the first virtualization solution to be part of the mainline Linux kernel (V2.6.20). KVM supports the virtualization of Linux guest operating systems -- even Windows® with hardware that is virtualization-aware. Learn about the architecture of the Linux KVM as well as why its tight integration with the kernel may change the way you use Linux. more

( MULTIPLE IPs - DMZ segments) - I have several EXTERNAL IP addresses that I want to PORTFW to several internal machines. How do I do this?

Though technically possible, DON'T do this with IP MASQ. There are far better solutions for this network design.
MASQ is a 1:Many NAT setup which is the incorrect tool to perform what you are looking for. You are looking for is either Many:Many NAT solution or a Briding setup.
read more

Monday, May 28, 2007

System Administration Toolkit: Monitoring disk space and usage.

Look at methods for determining disk usage across multiple UNIX® systems and how to create a simple warning system to alert you of potential problems. Keeping an eye on your file systems and ensuring they don't fill up is a trivial, but vital process in the day-to-day management of your UNIX systems. In this article, you'll look at methods for keeping an eye on disk space, discovering which files, users, or applications are using up the most space, and how to make use of quotas and other solutions to find the information you need.

Sunday, May 27, 2007

FreeBSD Security Advisory - Heap overflow in file(1) (FreeBSD-SA-07:04.file).

When writing data into a buffer in the file_printf function, the length
of the unused portion of the buffer is not correctly tracked, resulting
in a buffer overflow when processing certain files.more

Saturday, May 26, 2007

Setting up a multicluster environment using General Parallel File System.

Learn how to construct and deconstruct a simple multicluster of System x™ and System p™ computers using the General Parallel File System (GPFS). You can remotely add an existing GPFS cluster to another cluster. See how to mount a file system from the remote cluster using the GPFS secure communication protocol.more

New GCC 4.2.0 -- boon to developers, bore to distros

Earlier this week, the GNU project announced a major release of the popular GNU Compiler Collection. GCC 4.2.0 introduces new features and several improvements for developers, but most of the distribution developers we spoke with aren't rushing to take advantage of the new release.

GCC began life as a C compiler, but it now has compilers for C, C++, Objective-C, Objective-C++, Java, Fortran, and Ada. GCC is most popular for compiling the Linux kernel and has been ported to more than 60 platforms.read more

Thursday, May 24, 2007

Learn 10 good UNIX usage habits.

Adopt 10 good habits that improve your UNIX® command line efficiency -- and break away from bad usage patterns in the process. This article takes you step-by-step through several good, but too often neglected, techniques for command-line operations. Learn about common errors and how to overcome them, so you can learn exactly why these UNIX habits are worth picking up. read more

Wednesday, May 23, 2007

Explore powerful UNIX writer's tools.

Long ago, UNIX® had a proprietary package called the Writer's Workbench (WWB). Developers, administrators, and technical writers who used to use this package in their work deeply miss it—its powerful capabilities made the UNIX workstation a preferred environment for document editing and proofreading. Today, many new implementations of those tools are available for all UNIX systems, and you can also find open source equivalents of the key WWB tools. Discover these tools and learn how to use them, building a custom style guide checker in the process. more

Encrypted home partition in Linux.

Have you ever wondered what would have happened if all the important data have been stolen from your mobile PC? For example the information about a confidential project you have been working on for the last 2 years in your company … A horrifying vision, isn’t it? If you don’t want it come true, please consider encrypting your home drive. read more

Monday, May 21, 2007

How Dumb Does Microsoft Think We Are?

"You can't make this stuff up. Top Microsoft blogger Mary Jo Foley asked, 'What kinds of tools/processes did Microsoft use to determine which open-source code allegedly infringes on Microsoft's patents?' Their answer: 'No further details are available at this time.' read more

UNIX processes.

On UNIX® systems, each system and end-user task is contained within a process. The system creates new processes all the time and processes die when a task finishes or something unexpected happens. Here, learn how to control processes and use a number of commands to peer into your system , read more

Thursday, May 17, 2007

AIX Toolbox for Linux Applications.

AIX® Toolbox for Linux Applications contains a collection of open source and GNU® software built for AIX 5L for IBM IBM eServer pSeries systems and IBM RS/6000. These tools provide the basis of the development environment of choice for many Linux application developers. All the tools are packaged using the easy to install RPM format. There is a strong affinity between Linux and AIX for applications. AIX has a long history of standards compliance and it is generally straightforward to rebuild Linux applications for AIX. The AIX Toolbox for Linux Applications demonstrates the strong affinity between Linux and AIX. more

Monday, May 14, 2007

Migrating from Linux Kernel 2.4 to 2.6 on iSeries and pSeries

Main differences between 2.4 and 2.6 Linux kernels on POWER. read more

Adding, Modifying, and deleting users.

The useradd command can be used to add users to the system. You also invoke this command to change the default settings.
The first thing that you should do is to examine the default settings and make changes specific to your system read more

Sunday, May 13, 2007

Sun hopes for Linux-like Solaris.

In an effort to spur adoption of Solaris, Sun Microsystems has begun a project code-named Indiana to try to give its operating system some of the trappings of Linux.read more

FreeBSD Security Update Fixes IPv6 Type 0 Route Header Denial of Service Issue.

A vulnerability has been identified in FreeBSD, which could be exploited by remote attackers to cause a denial of service. This issue is caused by a design error within the IPv6 protocol when handling IPv6 type 0 route headers, which could be exploited by remote attackers to create a denial of service condition via specially crafted packets.read more

Friday, May 11, 2007

sshfs: Securely Mounting Remote Filesystems

It is possible to mount your remote filesystem as a local filesystem on your Red hat/CentOS Linux system using sshfs.
FUSE is a Linux kernel module also available for FreeBSD, OpenSolaris and Mac OS X that allows non-privileged users to create their own file systems without the need to write any kernel code.
SSHFS command utilizes FUSE to mount a file system using ssh.read more

Wednesday, May 09, 2007

The SysAdmin / Performance Computing / UnixReview Perl columns!

This monthly column by Randal Schwartz for SysAdmin/PerformanceComputing/UnixReview magazine.

what does Randal says:

Because I'm generally busy (or lazy), I simply ran the source files through the pod2html translator so that I could put them online here. It makes them ugly sometimes, but you'll just have to live with that for now until someone comes up with a better solution.read more

Tuesday, May 08, 2007

Perl tutorials.

One of the best Perl tutorials i came across - perlmonks Perl tutorials, im still not that good with Perl but spending some times everyday on this tutorial keeps me rolling and learning much more about this amazing programming language.

Guaranteed porting for a heterogeneous UNIX environment.

Use a componentized build system to automatically port Java™ projects with native extensions on heterogeneous UNIX® platforms. Today, many large-scale Java systems running on UNIX-like platforms require third-party native library support, or you have to develop your own native components. Many utilities and system calls on these platforms do not have corresponding Java wrappers. Constructing a "Write once, run anywhere" Java application under these environments requires maintenance of separate native source sets, and integrating a separate build system for every platform has many shortcomings.more

Saturday, May 05, 2007

Writing endian-independent code in C.

To understand the concept of endianness , you need to be familiar, at a highly abstract level, with memory. All you need to know about memory is that it's one large array. The array contains bytes. In the computer world, people use address to refer to the array locations.
Each address stores one element of the memory array. Each element is typically one byte. In some memory configurations, each address stores something besides a byte. However, those are extremely rare so, for now, let's make the broad assumption that all memory addresses store bytes. READMORE.

Thursday, May 03, 2007

Configuring SSH.

Since SSH is composed of a client and a server, there are two configuration files. Not surprisingly, one is called ssh_config and the other sshd_config. That extra "d", for daemon, or the SSH server -- read more.

Tuesday, May 01, 2007

Beej's Guide to Unix Interprocess Communication.

You know what's easy? fork() is easy. You can fork off new processes all day and have them deal with individual chunks of a problem in parallel. Of course, its easiest if the processes don't have to communicate with one another while they're running and can just sit there doing their own thing.

However, when you start fork()'ing processes, you immediately start to think of the neat multi-user things you could do if the processes could talk to each other easily. So you try making a global array and then fork()'ing to see if it is shared. (That is, see if both the child and parent process use the same array.) Soon, of course, you find that the child process has its own copy of the array and the parent is oblivious to whatever changes the child makes to it.

How do you get these guys to talk to one another, share data structures, and be generally amicable? This document discusses several methods of Interprocess Communication (IPC) that can accomplish this, some of which are better suited to certain tasks than others.

Solaris OS -- an overview.

The following link is a list of questions that are frequently asked about Solaris 2.x and later. Where the FAQ mentions "Solaris 2.x", it really refers to Solaris 2.x, Solaris 7 and later.

uptime