Archive for IT

Tcpdump usage examples

Tcpdump usage examples

In most cases you will need root permission to be able to capture packets on an interface. Using tcpdump (with root) to capture the packets and saving them to a file to analyze with Wireshark (using a regular account) is recommended over using Wireshark with a root account to capture packets on an «untrusted» interface. See the Wireshark security advisories for reasons why.

See the list of interfaces on which tcpdump can listen:

tcpdump -D

Listen on interface eth0:

tcpdump -i eth0
Read more

Hardening Nginx SSL/TSL Configuration

Days ago I had to investigate a SSL issue in one of my customer’s servers, he installed a SSL certificate but the Nginx SSL configuration was not hardened at all, so he was getting a very poor grade while checking his site at SSL Server Test.

In the same case, if you have a grade lower than A, you should try to optimize your Nginx SSL configuration. Here are some tips to harden your Nginx SSL Configuration.
Read more

CentOS 6 — Configure NFS Client

Configure NFS Client to mount directories provided from NFS Server.
Read more

Use Speedtest.net from command line

Wouldn’t it be nice to be able to test your upload/download speed from your VPS and share the “famous” picture from speedtest.net ?

Speedtest.net uses Flash to test upload/download speed which is a hassle on most VPS.
The long way to get this is to install VNC and run it from a browser, but that is no longer necessary.
We can now use Matt Martz python script speedtest-cli to accomplish this from the commandline.

Read more

Как создать template из ruby_block в chef-opscode

Иногда нужно создать template во время исполнения ruby_block.
Вот как это можно сделать.
Read more

Google and GitHub insist — go store your binaries in a proper place!

Well, first GitHub, and now Google Code, both cease to host your binaries on their platforms. The reasons are the same — distributing binaries is not what they do. They manage source code, documentation, issues, etc., but not binaries, that’s a whole different business.

How do we know? Because it’s our business. As opposed to project development platforms, Bintray is a platform, that does one thing right — distributing your OSS binaries. And it’s free.
Read more

How to run a template that creates a init.d script before the service is created in Chef

How to run a template that creates a init.d script before the service is created in Chef
Read more

Install «android-tools» package (adb and fastboot) in Ubuntu 12.04, 11.10 or 11.04

A package called «android-tools», which comes with «adb» and «fastboot» command line utilities, has been uploaded to the Ubuntu 12.10 Quantal Quetzal repositories recently. I’ve got a request to upload this package in a PPA for older Ubuntu releases, so I’ve backported it to Ubuntu 12.04, 11.10 and 11.04.

«adb» (Android Debug Bridge) is a command line tool you can use to access the file system from an Android device; it can be used to send commands, transfer or receive files, install or uninstall applications and more.

«fastboot» is a command line tools that you can use to flash the filesystem on Android devices over USB.

These tools can be found in the Android SDK too; using the official package in Ubuntu 12.10 or the packages in our PPA is just an alternative and easier way I’d say, to install them in Ubuntu. Also, the packages in the PPA are available for both 32bit and 64bit, while the Android SDK provided by Google is only available for 32bit.
Read more

Windows 7 не подключается к Windows 2000

Windows 7 client cannot access remote file share
Regedit:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\
Add new DWORD record LmCompatibilityLevel and value 2
Read more

Востановление mdraid на переустановленной системе

apt-get install mdadm
mdadm --detail --scan --verbose | awk '/ARRAY/ {print}' >> /etc/mdadm/mdadm.conf

И поправить fstab

/dev/md1p1      /media/2TB      xfs     defaults        0 0