http://www.randombugs.com Just another Bastard Operator From Hell. Everything from *nix to programming Thu, 06 May 2010 14:21:46 +0000 en hourly 1 http://wordpress.org/?v=3.0 http://www.randombugs.com/linux/contentfilter-unsolicited-bulk-email.html http://www.randombugs.com/linux/contentfilter-unsolicited-bulk-email.html#comments Tue, 16 Mar 2010 14:07:18 +0000 admin http://www.randombugs.com/?p=643
After an Amavis upgraded my e-mail system started to have a strange behavior. A lot of emails sent internally from one user to another stopped with the following message: ——– Original Message ——– Subject: Considered UNSOLICITED BULK EMAIL, apparently from youis considered local. Date: Tue, 13 Mar 2010 00:13:39 +0200 (EET) From: Content-filter at xxx13.randombugs.com To: A message from to: -> yyy@randombugs.com was considered unsolicited bulk e-mail (UBE). Our internal reference code for your message is 00311-13/npX-RCahiLdc The message carried your return address, so it was either a genuine mail from you, or a sender address was faked and ...]]> http://www.randombugs.com/linux/contentfilter-unsolicited-bulk-email.html/feed 0 http://www.randombugs.com/tuning/compile-install-run-modlimitipconn-apache2-debian.html http://www.randombugs.com/tuning/compile-install-run-modlimitipconn-apache2-debian.html#comments Mon, 22 Jun 2009 17:17:48 +0000 admin http://www.randombugs.com/?p=509
Limiting abusers from running 20 download threads from the same Apache server is easy now with mod_limitipconn. But the apache 2 module, mod_limitipconn, is not available under the latest Debian distribution, Lenny. In this mini how-to I will show you how-to manage this module to work for Debian Lenny users. The compile process of mod_limitipconn is a little bit more than “make install”. First install apache prefork development utilities (we need apxs2 to compile our module) [rb@randombugs]# apt-get install apache2-prefork-dev After that, download source code of iplimit module from http://dominia.org/djao/limitipconn2.html and unpack it [rb@randombugs]# ...]]> http://www.randombugs.com/tuning/compile-install-run-modlimitipconn-apache2-debian.html/feed 3 http://www.randombugs.com/java/glassfish/changeing-defaults-ports-jms-glassfish.html http://www.randombugs.com/java/glassfish/changeing-defaults-ports-jms-glassfish.html#comments Thu, 28 May 2009 07:47:28 +0000 admin http://www.randombugs.com/?p=452
Why you should do that? All this ports, by default, are allocated dynamically and if you want to use a firewall between your client and JMS broker then you should have static ports assigned. Another solution is to tunnel through httpjms and httpsjms protocol but this are slow. In the next article I will show you how to assign static ports to this JMS service in Glassfish. To show you the all ports what need for JMS I just “ripped” the following table from SUN Site: http://docs.sun.com/app/docs/doc/820-4916/gcuhq?a=view Connection ...]]> http://www.randombugs.com/java/glassfish/changeing-defaults-ports-jms-glassfish.html/feed 0 http://www.randombugs.com/linux/gpg-ubuntu-debian.html http://www.randombugs.com/linux/gpg-ubuntu-debian.html#comments Wed, 13 May 2009 12:40:28 +0000 admin http://www.randombugs.com/?p=443
Gpg is stands for Gnu Privacy Guard and is a free alternative to the PGP cryptographic software. GnuPG (or GPG) follows the RFC 4880 which is the standard specification of OpenPGP. The most important thing GPG is interoperable with PGP. GPG is build as a command line utility but also have several front-ends for KDE, Gnome and other Linux desktops, but also is directly integrated in other software like: Email Clients as Mozilla Thunderbird, Evolution, Kmail, Instant Messaging as PSI, Fire, Browsers as Mozilla Firefox etc. GnuPG encrypts messages using ...]]> http://www.randombugs.com/linux/gpg-ubuntu-debian.html/feed 2 http://www.randombugs.com/linux/migrating-ext3-ext4.html http://www.randombugs.com/linux/migrating-ext3-ext4.html#comments Tue, 24 Mar 2009 07:53:49 +0000 admin http://www.randombugs.com/?p=347
Ext4 is the normal evolution of the most used Linux filesystem: Ext3. The evolution of Ext3 from Ext2 had add just 1 new important feature: journalization. But ext4 is a result of hardly improved Ext3 and is coming with better performance, modified data structures, reliability and new features like bigger filesystem/file sizes, subdirectory scalability, extents, multiblock allocation, delayed allocation, journal checksumming, online defragmentation, persistent preallocation. The first stable version of ext4 is already out and probably a lot of you want to test it a little bit, so I write ...]]> http://www.randombugs.com/linux/migrating-ext3-ext4.html/feed 0 http://www.randombugs.com/linux/howto-work-ssh-keys-agents-usefull-stuff.html http://www.randombugs.com/linux/howto-work-ssh-keys-agents-usefull-stuff.html#comments Tue, 17 Mar 2009 13:54:45 +0000 admin http://www.randombugs.com/?p=314
Managing more than 80 Linux servers is not an easy job, but with the help of ssh I can distribute a command to all servers without typing, retyping the password every time for that. Don’t understand me wrong, you will need to type a password for accessing this servers, but just one time. If you manage correctly your keys you will don’t need to have any fear in heavy exploiting the ssh keys. What is SSH ? SSH stands for Secure Shell and is a protocol that allows secure data exchange ...]]> http://www.randombugs.com/linux/howto-work-ssh-keys-agents-usefull-stuff.html/feed 0 http://www.randombugs.com/hacker/chkrootkit-debian-ubuntu.html http://www.randombugs.com/hacker/chkrootkit-debian-ubuntu.html#comments Mon, 09 Mar 2009 13:32:09 +0000 admin http://www.randombugs.com/?p=244
When we auditing a Linux system we have a lot of good tools to monitor unexpected changes and unexpected behaviour of a system. Earlier we talked about rkhunter as a system check for rootkits and now, as an alternative, we will talk about chkrootkit (Determine whether the system is infected with a rootkit). If you want to know a definition of what is a rootkit please read the first article about rkhunter. chkrootkit is a freesoftware what is work with Linux, FreeBSD, OpenBSD, NetBSD, Solaris, HP-UX 11, Tru64, BSDI and Mac ...]]> http://www.randombugs.com/hacker/chkrootkit-debian-ubuntu.html/feed 0 http://www.randombugs.com/hacker/scan-rootkits-ubuntu-debian.html http://www.randombugs.com/hacker/scan-rootkits-ubuntu-debian.html#comments Sat, 07 Mar 2009 16:44:25 +0000 admin http://www.randombugs.com/?p=230
GNU/Linux and other unix operating systems are a very hostile environments for viruses, but they are still in the front of other malware / exploits. The most dangerous malware under GNU/Linux are the rootkits. What is a rootkit? Is a program (or a set of programs or scripts) designed to hide the fact a system was compromised. Also a rootkit can leave a backdoor entrance for a malicious person and can modify your system (hiding files, process, network connections, blocks of memory) to don’t detect that person when is on ...]]> http://www.randombugs.com/hacker/scan-rootkits-ubuntu-debian.html/feed 3 http://www.randombugs.com/hacker/password-protecting-grub-bootloader-linux.html http://www.randombugs.com/hacker/password-protecting-grub-bootloader-linux.html#comments Wed, 04 Mar 2009 21:55:51 +0000 admin http://www.randombugs.com/?p=217
Protecting your bootloader is intended for a desktop workstation and not for a production server. Why protecting your bootloader ? Because with a simple boot in single mode a malicious person can change your root password or steal your data. Protecting your bootloader with a password will protect your computer to run in single mode without your permission, but will not protect you to boot from a bootable cd if you don’t also protect your BIOS. Because some people use grub some and some people are using LILO I will explain ...]]> http://www.randombugs.com/hacker/password-protecting-grub-bootloader-linux.html/feed 1 http://www.randombugs.com/linux/rebooting-kernel-panic.html http://www.randombugs.com/linux/rebooting-kernel-panic.html#comments Wed, 04 Mar 2009 13:24:54 +0000 admin http://www.randombugs.com/?p=205
By default, a Linux, is waiting direct input of a person / sysadmin when is crashing with kernel panic/oops. Obviously is very important to know or to see directly the dumped screen, but sometimes in production environments is better just to reboot itself without any intervention and debug the problem with the system online. Off course for debugging and seeing the dump you will need to install and configure kdump, but that is another story (I will probably write about that soon). Anyway to set your system to reboot after 1 ...]]> http://www.randombugs.com/linux/rebooting-kernel-panic.html/feed 0