Setting up NAT with CentOS/Red Hat 6

​This will be part 1 in a series of configuring CentOS/Red Hat 6 as a secured firewall. Though I am a huge fan of pfSense (which can be found here pfSense), I wanted to build my own from scratch. So, the first part of this series will consist of setting up PAT (or NAT overload for the Cisco geeks) on Linux. The first step is to configure the network cards. 

Read More

Mounting a USB Device In a Xen Guest

​Mounting a USB device  Attach the USB device to the Dom0 and run ‘dmesg’ to see if the device attached Run ‘fdisk -l’ to see if the drive is partitioned the way you want it For instance: [[email protected] ~]# fdisk -l /dev/sdc Disk /dev/sdc: 1000.2 GB, 1000204886016 bytes 255 heads, 63 sectors/track, 121601 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id

Read More

Getting Linksys AE2500 to work with Fedora 17

​In order to get the AE2500 wireless USB adapter to work you must install ndiswrapper. First, the ndiswrapper-1.57 version is not compatible with the 3.3 or 3.4 version of the Linux kernel so you must install the ndiswrapper-1.58rc1 which is still in test as of this writing. Next, download the AE2500 Windows XP drivers from the Linksys website ( Link ). Unzip the drivers into a directory and load the bcmwlhigh5.inf file into

Read More

MySQL Backup Scripts

I needed a place to host my scripts, so I opened an account on GitHub. If you are unaware of what GitHub is, its a great place to publish code to the public by using Git; they also offer private hosting for a fee. Even if you do not have a need for this I recommend looking through the site as its a great place to view open source

Read More

RHEL/CentOS Server Security

As a part of the sys admin’s job, it is important to take a few extra minutes to go through and properly secure a newly installed Linux server. These steps include enabling SELinux on the machine, configuring the firewall, and setting user permissions. There are however additional steps one should take in order to secure their server. One would be to tune and secure kernel parameters, set limits on

Read More

GPG Keys

​GnuPG is used to encrypt and sign email messages and files. First you need to create the GPG key: Generating Keys ———————————————————– $ gpg –gen-key ———————————————————– Select option 5 for RSA and then type the encryption level. ———————————————————– Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) Your selection? 5 RSA keys may be between 1024 and 4096 bits

Read More

MySQL Replication

​Setting up MySQL replication is an easy process to do. First you need to edit your my.cnf files on your two servers and add the following: Server 1     server-id=1     auto_increment_offset=1     auto_increment_increment=3     log-bin=mysql_log Server 2     server-id=2     auto_increment_offset=1     auto_increment_increment=3     log-bin=mysql_log Make sure that the server id’s in the my.cnf file are unique for each server and the auto_increment_increment is n+1 more than the

Read More

Multiple VLAN’s with Xen Dom0

​A great feature of Linux and Xen is the ability to run DomU’s on multiple networks. To do this we first need to set up the VLAN’s on a switch and then set the port the Dom0 is connected to allow for 802.1q traffic. On a Cisco switch, log into the IOS and change the interface that the server is sitting on and type: switch(config-if) switchport trunk encapsulation dot1q switch(config-if)

Read More

802.1q and LACP Network Card Bonding with Xen Dom0

​As you may/may not know, bonding is the ability of taking two or more network cards and make them act as one. This not only improves fail over, but it also increases the amount of network throughput for the server. The following will show you how to set up such an environment. For this to work you must have a switch that is capable of combining multiple switch ports

Read More