Scenario / Question:
How do I setup freeNX on a remote server system and connect to it.
Solution / Answer:
Installing the freeNX server software on the remote server machine and using the NoMachine freenx client to connect to it from you local machine.
Installing freeNX Server:
On the server you want to control with freeNX
Install freenx using yum:
# yum install nx freenx
Copy minimal configuration file:
# cp /etc/nxserver/node.conf.sample /etc/nxserver/node.conf
Enable PASSDB for NX Database User Authentication pass-through:
Uncomment and change the following line in /etc/nxserver/node.conf
Installing Nagios server and network monitoring on Centos 5 server
The official documentation can be found at http://support.nagios.com/knowledge-base/official-documentation
Install necessary packages
yum install httpd gcc glibc glibc-common gd gd-devel php
Create Nagios User account and group
useradd -m nagios
Create nagcmd group for allowing external commands to be submitted through the web interface. Add both the nagios user and the apache user
groupadd nagcmd usermod -a -G nagcmd nagios usermod -a -G nagcmd apache
Create Directory to store Nagios installation files
mkdir /opt/Nagios
Download Nagios and Plugins
Save file to directory /opt/Nagios
The following are simple wrapper scripts for the Xymon server and client that will allow you to automatically start them during boot-up, just as you would any other standard unix service:
cd /etc/rc.d/init.d/xymon
nano xymon
Xymon Server Code
#!/bin/bash
##
# chkconfig: 345 55 25
# description: Xymon Server Monitor
#
# source function library
. /etc/rc.d/init.d/functions
How do I get my VirtualBox Guest VM’s to start and stop when the host system reboots, shutdown, or starts.
Solution / Answer:
Create an init.d script so that VirtualBox Guest VM are controlled as a system service.
Install VirtualBox VM Service script
The original script was for Ubuntu systems found here . Modified for Centos by Kevin Swanson found here .
Create Config File for vboxcontrol service script
# mkdir /etc/virtualbox # touch /etc/virtualbox/machines_enabled
The file “machines_enabled” located in “/etc/virtualbox” is where we list the names of the Guest VM’s that we want vboxcontrol to control.
Casual VirtualBox users might not know about the awesome power that lurks just beneath the surface in the Command Line Interface (CLI).
netstat command and shell pipe feature can be used to dig out more information about particular IP address connection. You can find out total established connections, closing connection, SYN and FIN bits and much more. You can also display summary statistics for each protocol using netstat.
This is useful to find out if your server is under attack or not. You can also list abusive IP address using this method.
# netstat -nat | awk '{print $6}' | sort | uniq -c | sort -n
Output:
1 CLOSE_WAIT
1 established)
1 Foreign
3 FIN_WAIT1
3 LAST_ACK
13 ESTABLISHED
17 LISTEN
154 FIN_WAIT2
327 TIME_WAITDig out more information about a specific ip address:
# netstat -nat |grep {IP-address} | awk '{print $6}' | sort | uniq -c | sort -n
How do I configure a host-based firewall called Netfilter (iptables) under CentOS / RHEL / Fedora / Redhat Enterprise Linux?
Netfilter is a host-based firewall for Linux operating systems. It is included as part of the Linux distribution and it is activated by default. This firewall is controlled by the program called iptables. Netfilter filtering take place at the kernel level, before a program can even process the data from the network packet.
Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system.
#1: Encrypt Data Communication
All data transmitted over a network is open to monitoring. Encrypt transmitted data whenever possible with password or using keys / certificates.
Introduction
Network security is a primary consideration in any decision to host a website as the threats are becoming more widespread and persistent every day. One means of providing additional protection is to invest in a firewall. Though prices are always falling, in some cases you may be able to create a comparable unit using the Linux iptables package on an existing server for little or no additional expenditure.
This chapter shows how to convert a Linux server into: