Real life story. DMZ based server dedicated to SFTP was configured with sshd rules in /etc/hosts.allow sshd : ALL@16.89.97.*:ALLOW sshd : ALL@14.251.*:ALLOW sshd : AAL@208.94.61.*:ALLOW Should have been: sshd : ALL@16.89.97.*:ALLOW sshd : ALL@14.251.*:ALLOW sshd : ALL@208.94.61.*:ALLOW That network was the firewall to the outside world. The end users were inconvenienced and the firewall […]
Read More →Category: Systems Administration
Quick and dirty autofs script share
I run a large unix and linux server farm on the west coast. In the old days we had problems with scrip versions. The problem was we pushed scripts from a central server and inevitably due to network or space issues the updates did not happen reliably. In 2012 we opened up our unix management […]
Read More →Network install point httpd with Centos or RHEL6 using kickstart
Why set up a network install point? So you can do consistent Linux installations. Really so you can do the same installation over and over again and come out with consistent results. Today’s article is how to set up the install point and have it work. There is credit for the source article below but […]
Read More →DNS configuration checklist
BIND has always been a dark art. Recent configuration nuances made in the name of improving security have made things all the more fun. Here is a simple checklist that can avoid trouble and downed websites. Note that on RHEL6/CentOS/ and clones the /var/named/chroot structure has been made obsolete. Before starting cp /etc/named.conf /root # […]
Read More →Centos Continuous Release with caution
Centos Continuous release is very easy to install. Download and install 1 rpm and you are all set. i386: http://mirror.centos.org/centos/6/extras/i386/RPMS/centos-release-cr-6-0.el6.centos.i686.rpm ( sha256: 9fc78d2d79abeb1513f0851d075a2860f5039fc8db3fb0db4c660252fffda894 ) x86_64: http://mirror.centos.org/centos/6/extras/x86_64/RPMS/centos-release-cr-6-0.el6.centos.x86_64.rpm ( sha256: bd55e1505caae2f78c306290d235b7f54833fcad5a9f1942b3cb54e28f7bfe73 ) But I urge caution. In my lab, I downloaded the 64 bit version and installed it. Then I ran the following command: yum -y update […]
Read More →