public marks

PUBLIC MARKS from lecyborg with tags linux & serveur

February 2008

Using Nagios to Monitor Networks

Nagios is a powerful, modular network monitoring system that can be used to monitor many network services like smtp, http and dns on remote hosts. It also has support for snmp to allow you to check things like processor loads on routers and servers. I couldn't begin to cover all of the things that nagios can do in this article, so I'll just cover the basics to get you up and running.

Munin, une alternative simple à Cacti?

by 1 other
Cela fait près d’un an et demi que j’utilise le logiciel Cacti pour monitorer l’activité réseau. Aussi bien dans le cadre de mon activité professionnelle que pour mon usage personnel. Mais j’ai récement découvert une alternative sérieuse : Munin. Celui-ci présente de nombreux avantages par rapport à Cacti et mérite d’être plus connue.

Munin

by 6 others
Munin the monitoring tool surveys all your computers and remembers what it saw. It presents all the information in graphs through a web interface. Its emphasis is on plug and play capabilities. After completing a installation a high number of monitoring plugins will be playing with no more effort. Using Munin you can easily monitor the performance of your computers, networks, SANs, applications, weather measurements and whatever comes to mind. It makes it easy to determine "what's different today" when a performance problem crops up. It makes it easy to see how you're doing capacity-wise on any resources.

Network Weathermap | See Everything

by 1 other
Script PHP établissant une carte du réseau avec les informations de traffic

Postfix Cyrus IMAP SSL LDAP

La série d'articles de cette rubrique est entièrement dédiée à la mise en oeuvre d'un serveur de mail basé sur Postfix et Cyrus-Imap. Ces deux éléments sont tout simplement ce qui ce fait de mieux actuellement dans leur domaine respectif: * Postfix : protocole smpt ou smtps pour le mode sécurisé * Cyrus imap : protocole POP3 ou POP3S (mode sécurisé) ou IMAP ou IMAPS (mode sécurisé).

WebDav Autoversioning

A while back I stumbled upon a lesser known feature of SVN and WebDav, but didn’t have the time to blog about it until now. WebDAV and SVN is an exceedingly useful tool as we all know, and pretty damn easy to setup, see here. But what if you could have everything entered into the WebDav repository automatically versioned into a repository. Well you can! And the good news is, it’s really really easy.

January 2008

Integrating amavisd-new Into Postfix For Spam- And Virus-Scanning

by 1 other
This article shows how to integrate amavisd-new into a Postfix mail server for spam- and virus-scanning. amavisd-new is a high-performance interface between MTAs such as Postfix and content checkers: virus scanners, and/or SpamAssassin. We will use ClamAV for virus scanning and SpamAssassin for spam scanning in this tutorial. I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

ctail project page

ctail is like running tail -f, but can be used on multiple files. It uses the Curses library to split the screen into as many windows as there are files to watch. The size of each file's window can optionally be specified on the command line. Regular expressions can be used to display only lines matching (or not matching) arbitrary criteria. Each file's window has a status bar, showing the file name, date and time of last change and current file size.

Postfix Virtual Domain Hosting Howto

This document requires Postfix version 2.0 or later. This document gives an overview of how Postfix can be used for hosting multiple Internet domains, both for final delivery on the machine itself and for the purpose of forwarding to destinations elsewhere. The text not only describes delivery mechanisms that are built into Postfix, but also gives pointers for using non-Postfix mail delivery software.

December 2007

Sauvegarder ses données avec rsync

C’est simple copie est assez simple à mettre en place, et peut s’avérer très pratique en cas de crash du disque dur. La sauvegarde peut paraitre un peut basique, mais qui à besoin (et qui à assez d’espace disque) pour avoir une sauvegarde jours par jours avec les modifications ?

Convertir système debian en Raid1

Our intention is not to build a fail-safe system nor a HA-Linux. We are just using RAID-1 mirrored disks to make sure that the system can be restored easily if 1 disk crashes. The following has been tested only twice (hey, we've got other things to do). It did work for us, it might work for you. It might also make your rats go berserk or just blow your mind.

PHP Login script

by 2 others
If you're looking for a serious script to manage your users then you're at the right place. Built with security in mind and packed with dozens of features, our PHP login script is the right solution for every webmaster looking to take his website to the next level. Trust us, we've stayed (and we still do for early versions) open-source long enough to learn what people really need.

November 2007

Data Encryption

Gestion du cryptage des données avec Bacula.

SSH Port Forwarding

SSH also has a wonderful feature called SSH Port Forwarding, sometimes called SSH Tunneling, which allows you to establish a secure SSH session and then tunnel arbitrary TCP connections through it. Tunnels can be created at any time, with almost no effort and no programming, which makes them very appealing. In this article we look at SSH Port Forwarding in detail, as it is a very useful but often misunderstood technology. SSH Port Forwarding can be used for secure communications in a myriad of different ways. Let's start with an example.

[A] m p a c h e : Pour l'Amour de la Musique depuis le 5 Mai 2001

by 3 others (via)
Ampache is a Web-based Audio file manager. It is implemented with MySQL, and PHP. It allows you to view, edit, and play your audio files via the web. It has support for playlists, artist and album views, album art, random play, playback via Http/On the Fly Transcoding and Downsampling, Vote based playback, Mpd and Icecast, Integrated Flash Player, as well as per user themes and song play tracking. You can also Link multiple Ampache servers togeather using XML-RPC. Ampache supports GETTEXT translations and has a full translation of many languages

SSH-Agent Tutorial

by 1 other
Security is best when it is handy. ssh-agent is pretty darn handy. Ssh-agent can authenticate you to a remote machine via keypairs, rather than the traditional hand-typed username/password combination, with no loss of security.

Certificat SSL client apache

SSL côté client Pour accéder à ce serveur, le client devra posséder un certificat authentifié par (c'est à dire signé ou crypté par la clé privée de) l'autorité de certification choisie. Pour produire un tel certificat au format PKCS#12

RAID1 on Debian Sarge

A RAID device is a Redundant Array of Independent Disks. The concept was developed in 1987 at UC Berkeley and involves the creation of a virtual disk from multiple small disks in order to deliver improved performance and reliability. There are many flavors of RAID and lots of variations in how to implement it. We detail here a specific instance we use: software RAID1 using IDE disks on a Dell PowerEdge box running Debian "sarge" loaded with grub, managed by mdadm, using the ext3 journaling file system.

How to convert your debian partition to a software raid 1 on the fly

The system is equipped with 2 similar hard disks (they do not have to be the same but it helps if they are at least similar). The first disk is attached to the primary IDE as master, it will be referenced as /dev/hda. The second disk is attached to the secondary IDE also as master, it will be referenced as /dev/hdc.

HOWTO improving your internet connection using wondershaper - Ubuntu Forums

wondershaper is an easy to use traffic shaping script that provides these improvements: * Low latency for interactive traffic (and pings) at all times * Allow websurfing at reasonable speeds while uploading / downloading * Make sure uploads don't hurt downloads * Make sure downloads don't hurt uploads

How to Install Openvpn

The purpose of this document is to describe how to install OpenVPN server on an Ubuntu Linux system and have it utilize an Ethernet bridge to access your local network. Ethernet bridges essentially allow the operating system to treat multiple network interfaces as one combined port. When used with OpenVPN a bridge will allow you to easily connect external users to your internal network and have them receive all traffic as though they were locally connected. The alternative is to use OpenVPN with a route but that will not allow some forms of traffic through (such as multicast), multicast traffic is important to me as many games require multicast data.

Le RAID sous GNU/Linux

Ce document explique comment mettre en place plusieurs types différents de RAID logiciel sur une plateforme Linux.

Firewall Builder

Firewall Builder is multi-platform firewall configuration and management tool. It consists of a GUI and set of policy compilers for various firewall platforms. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations. Firewall Builder currently supports iptables, ipfilter, OpenBSD PF and Cisco PIX. Technical summary of features supported by the policy compilers for all platforms can be found in the section "Modules" (see menu on the left). Being truly vendor-neutral, Firewall Builder can generate configuration file for any supported target firewall platform from the same policy created in its GUI. This provides for both consistent policy management solution for heterogeneous environments and possible migration path.

IPtables log analizer

IPTables log analizer (TODO : find a nice name for it) displays Linux 2.4 iptables logs (rejected, acepted, masqueraded packets...) in a nice HTML page (it support rough netfilter logs but also Shorewall and Suse Firewall logs). This page shall be easy to read and understand to reduce the manual analysis time. This page containts statistics on packets and links to more detailled information on a given host, port, domain and so on.

firewall Eyes : iptables log analysis tool

Firewall Eyes est un outil d'analyse de logs en temps réel pour le pare-feu iptables. Grâce à une interface Web, vous visualisez et supervisez simplement et efficacement l'activité réseau traversant votre firewall. Vous détectez aisément les activités suspectes et ajustez votre politique de sécurité.

lecyborg's TAGS related to tag linux

active directory +   administration +   aircrack +   amarok +   amavis +   apache +   backup +   blog +   citadel +   comparatif +   cron +   crontab +   cryptage +   ctail +   cups +   damn vulnerable +   debian +   desktop +   DHCP +   disque +   dmz +   dns +   documentation +   e17 +   ebook +   ebox +   EeePC +   exaile +   ext3 +   fichiers +   firewall +   fonts +   forwarding +   free +   ftp +   funambol +   gnome +   gparted +   graphisme +   groupware +   icones +   ie +   installation +   ipcop +   iptables +   jabber +   java +   kerberos +   laptop +   ldap +   linutop +   logiciel +   lvm +   mail +   materiel +   monitoring +   munin +   musique +   nagios +   network +   opensource +   palm +   partition +   pdf +   php +   pinholes +   postfix +   proprio +   proxy +   radeon +   raid +   rails +   ruby +   samba +   scheduleworld +   security +   serveur +   smoothwall +   ssh +   ssl +   subversion +   synchro +   syncml +   tail +   test +   thinkpad +   tutorial +   ubuntu +   usb +   utile +   vmware +   vpn +   web +   web2.0 +   wifi +   windows +   wine +   xdmcp +   xen +   zerina +