iptables: Stop Bruteforce attacks

What is iptables?

A simple wiki definition goes as “iptables is a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall (implemented as different Netfilter modules) and the chains and rules it stores.

It is a tool that allows sysadmins to manipulate linux kernel firewall for security. I have used iptables to secure webserver from any anomaliies that may occur from intruders.

Before proceeding to the iptables firewall, Please follow the basic server configuration which consists of basic security configs.

Linux Server Configuration Best Practices

Continue reading iptables: Stop Bruteforce attacks

Linux Server configuration best practices

Most of the time, beginners in Linux get confused about the things they need to consider while installing and configuring Linux server for deployments.

During Installation

  1. Opt for hardware raid. If not you can go for software raid.
  2. If possible configure Hardware raid 10. If not you can configure hardware raid 5 orĀ  raid 1.
  3. Except boot partition, please configure LVM for every partitions.
  4. Make swap double of physical RAM size for less than 4GB and same as physical RAM for more than 4GB

After we install and configure servers, Please be aware of doing following tasks. Continue reading Linux Server configuration best practices

[MX] PPPoE Calling-Station-Id issue on JunOS

After making my bras live, I was unable to get the client’s mac address which made my team difficult to troubleshoot. Here I found a tweak to get Client’s Mac address into the database.

Juniper BRAS sends the client MAC address, but not in the attribute. It uses the ERX-Dhcp-Mac-Addr attribute instead of Calling-Station-Id, and its value comes in a different pattern, 00oc.429e.7ef1, than we are used to see MAC addresses.

Continue reading [MX] PPPoE Calling-Station-Id issue on JunOS

VMware Manual Power on

Those who have just started using VMware vSphere EXSI might be thinking how they can power on the virtual instances from CLI of the vmware server. It is needed when you are not able to access the management console and there is some issues with virtual instances which is not powering on.

Continue reading VMware Manual Power on

[MX] Time based Firewall filter

I was testing different firewall filters in Juniper MX when i got to think about time based firewall filters that should only be applied at given time.

This configurations might be useful when we need to block some IP address for some time interval.

Continue reading [MX] Time based Firewall filter

Increase the size of virtual disk in Vmware EXSI

Recently, One of my virtual machine disk space was full due to different logs and files. I had to increase the space to run the system smoothly. I have documented briefly that I found from Vmware KB. Please have a look:

Continue reading Increase the size of virtual disk in Vmware EXSI

[EX] Switch file system corruption on the primary root partition

Recently, I faced the issue with EX switch that booted from the backup root partition. The error reported during logging was file corruption occured on the primary root partition.
Below is the documentation published on Juniper.net KB which I have copied for
reference:

Continue reading [EX] Switch file system corruption on the primary root partition

Restore home directory in RHEL

Lets consider you are working as System Admin and you come across that the user’s home directory is deleted completely.

what will u do?

No need to worry , Follow these step :

1)copy all the .bashrc files from the different user’s home.
command : cp -rvpf .bash_* <username>
(Username means the user who’s home profile exist)

cd /etc/skel (Here are the skeleton files present )

cd /etc/skel
ls -g
cp -rvpf .bashrc /home/user
(user means the one who’s home directory is deleted )
this will bring back all his directories and login .

Enjoy….:)

OS X: How to reset the DNS cache

Though I have googled the topic multiple times, I keep forgetting the exact time everytime I go for DNS Flushing in my MAC.

OS X keeps a local cache of resolved DNS queries for a time defined by the DNS server, but sometimes it may be necessary to reset the cache immediately and re-query a DNS server. For example, you might do this after an entry on the server is changed or a new entry is added.

OS X Mountain Lion or Lion

Use the following Terminal command to reset the DNS cache:

sudo killall -HUP mDNSResponder

Mac OS X v10.6

Use the following Terminal command to reset the DNS cache:

sudo dscacheutil -flushcache

 

 

Source: Apple Support.