Author: admin

Windows

Using simple username in Windows Outlook mail configuration

Lately a friend asked me to help configuring Outlook in Windows for an account where the username is not an email address. The new standard seems to be using the email address as username in mail server logins. Unfortunately for compatibility to older mail servers very often the username required is a simple name like …

Linux, Postfix

Relaying emails dependent on either sender or receiver

Introduction: I use a Relay SMTP service for sending my emails but I want to use it only for certain conditions like the sender address or the receiver address. Here is how it’s done: Relay to relay host depending on sender address Add in /etc/postfix/main.cf Create file /etc/postfix/relayhost_map and add this content: Run the following …

Linux

Creating SOCKS Web Proxy using SSH

Introduction: It is known that one can use SSH to create a Tunnel but SSH has more tricks in its sleeves. It can be used to create a SOCKS based Web proxy. The full explanation is really clearly shown in this article: Thanks to the author for that. https://ma.ttias.be/socks-proxy-linux-ssh-bypass-content-filters/ Basics: Prerequisites: A Linux server in …

Apache, Linux, Uncategorized

Configuring Apache for Magento to show different Store Views in from different URLs/Domains.

Introduction: In the following example I try to set environment variables according to the incoming request’s ‘HTTP_HOST’ value. The following example pertains to Magento Webshop software which offers a different Store view for every domain configured to land in the main store. Prerequisites: – Magento is been configured, apart from its default Store View, to …

Linux, MySQL

Repairing MySQL InnoDB databases

Introduction: This post is a copy of the wonderful following post: https://blackbird.si/mysql-corrupted-innodb-tables-recovery-step-by-step-guide/https://blackbird.si/mysql-corrupted-innodb-tables-recovery-step-by-step-guide/ Here are some important exerts from it: MySQL – Corrupted InnoDB tables recovery – Step by step guide Posted in Databases By Alen Krmelj On March 19, 2013, 5-6 minutes InnoDB tables don’t get corrupted easily, but when they do, it usually happens …

Linux

Installing SNMP in Ubuntu 18.04

Here are the simple steps to install SNMP in Ubuntu 18.04 Reference: https://support.auvik.com/hc/en-us/articles/204221884-How-to-enable-SNMP-on-Linux-based-servers-workstations Next, using your text editor, edit /etc/snmp/snmpd.conf to look like this: # this will make snmpd listen on all interfaces # Or make it listen only to the local private network interface eg. eth0(192.168.100.3) # a read only community ‘local’ and the …

Linux, Linux on MACBook, Uncategorized

Linux Mint 19.3 disabling the menu pop on Mac ‘Left Command’ Press

Introduction: After having installed Linux Mint 19.3 on an old MacBook Pro, I wanted to disable the Menu pop-up function on the ‘Left Command’ key press. Solution: Delete the following entry in the Settings Editor(in the settings menu): xfce4-keyboard-shortcuts –>> /commands/custom/Super_L | xfce4-popup-wiskermenu Calveat: First I could not delete the command. Then I simply deleted …

Linux, Linux on MACBook

Linux Mint 19.3 on MacBook Pro: Set F1-F12 as default function without pressing ‘Fn’

Inroduction: After having installed Linux Mint 19.3 on an old MacBook Pro I wanted to be able to use the function keys without having to press on the ‘Fn’ key Here is the answer: Reference: https://www.reddit.com/r/linuxmint/comments/4cecsz/set_f1f12_as_default_function_without_pressing_fn/ Solution: You can run a simple command to change the behavior. Therefore to get what I wanted the command …

Uncategorized

Adding a title to SSH login terminal TAB

Introduction: Reference: https://unix.stackexchange.com/questions/177572/how-to-rename-terminal-tab-title-in-gnome-terminal Each terminal emulator has its own way of configuring a TAB title name for an SSH connection. To make sure it works for all well behaving terminal emulators, you can force the Title via an escape sequence set in the destination server. Howto: Login to a server via SSH and ad one …

Linux, Windows

Using Postfix to deliver mail using SMTP Authentication

Reference: https://www.linode.com/docs/email/postfix/postfix-smtp-debian7/ Open or create the /etc/postfix/sasl_passwd file, using your favorite text editor: Add your destination (SMTP Host), username, and password in the following format: If you want to specify a non-default TCP Port (such as 587), then use the following format: Create the hash db file for Postfix by running the postmap command: If …

Uncategorized

Create a simple and general access Samba share

apt-get install samba smbclient cifs-utils heimdal-clients mcedit /etc/samba/smb.conf Here we will create one share as read only from guests users and one share as read/write for a specific user Create read only Share [Photos] comment = “Family Photos” path = /media/NextCloud/Photos browseable = yes read only = yes guest ok = yes Create the read/Write …

Linux

APT ‘Not Found [IP: 2001:67c:1562::15’

Reference: https://ubuntuforums.org/showthread.php?t=2282646 If you encounter such errors of fetching packages with apt/apt-get: E: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/u/ubuntu-release-upgrader/python3-distupgrade_18.04.36_all.deb 404 Not Found [IP: 91.189.88.142 80] E: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/u/ubuntu-release-upgrader/ubuntu-release-upgrader-core_18.04.36_all.deb 404 Not Found [IP: 91.189.88.142 80] E: Unable to fetch some archives, maybe run apt-get update or try with –fix-missing? Then do the following to give precedence …

Uncategorized

Changing DNS resolving entries in Systemd controlled systems

References: https://unix.stackexchange.com/questions/442598/how-to-configure-systemd-resolved-and-systemd-networkd-to-use-local-dns-server-f Make sure the resolvconf package is deinstalled. This resolvconf package is useful for ‘on-the-road’ Laptops but is an overkill and can create problems in Servers.apt-get remove resolvconfreboot Edit the systemd controlled resolved.conf mcedit /etc/systemd/resolved.conf [Resolve]DNS= 8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844FallbackDNS=Domains=itmatrix.eu srv#LLMNR=no#MulticastDNS=no#DNSSEC=no#Cache=yes#DNSStubListener=yes Update systemd to the new edited resolved.conf systemctl daemon-reloadsystemctl restart systemd-networkdsystemctl restart systemd-resolved

Uncategorized

Gmail problem with Thunderbird

The authentication problem encountered when creating a new Gmail account in Thunderbird can be solved as follows:Reference: https://support.google.com/mail/thread/4528103?hl=en 1. Set Thunderbird in safe mode https://support.mozilla.org/en-US/kb/safe-mode-thunderbird If Thunderbird is not running: Start Thunderbird in Safe Mode by holding down the option key while starting the application.If Thunderbird is already running: At the top of the Thunderbird …

Uncategorized

Installing BearExtender for Mac on Mac OSX 10.11(El Capitan)

These instructions are a mix of what I got from: https://blog.alfa.com.tw/2016/03/01/using-alfa-network-awus036nh-awus036neh-awus036nf-awus051nh-v2-awus052nh-on-osx-10-11-el-capitan/ https://www.bearifi.com/pages/bearextender-1200-support Run the following instructions: Create a new directory for the downloads mkdir ~/BearExtender Put the following download in the directory called ~/BearExtender Download the BearExtender Kernel Extension from here: http://107.170.140.210/s/8aa1Wf38QGi7R7v Get the BearExtender software Put the following download in the directory called ~/BearExtender …

Uncategorized

FTPS on command line using LFTP

# In Debian/Ubuntu, install LFTPapt-get install lftp # Create the configuration file in home directory of the user# eg. admin user will be running the program: cd /home/admintouch .lftprc (Content)set ftp:ssl-auth TLSset ftp:ssl-force trueset ftp:ssl-protect-list yesset ftp:ssl-protect-data yesset ftp:ssl-protect-fxp yesset ssl:verify-certificate no Command line to upload 2 files: software.txt and software2.txt cd /DATA/files/lftp user:PASSWORD@servername <<EOFput …

Uncategorized

Solution for MySQL/MariaDB Field ‘xxx’ doesn’t have a default value

Situation:Using PhpMyAdmin I was trying to add a user and this error kept on coming up and I could not add the user. After some research here are 2 solutions: The following articles are so good and helpful that as soon as I saw them in Internet I wanted to copy them here. The first …

Uncategorized

Unassign a software RAID member volume to become again a normal volume.

Situation:I had assigned the drive partition (/dev/sdb1) to a Linux Software RAID disk group. Now I want to take out this drive from the software RAID group and use it as a normal drive. Since the drive has been assigned to a group simply trying to use it as a normal drive by re-partitioning and …

Uncategorized

Solving the Running /scripts/local-block loop while booting in linux

Problem: Linux booting and taking a long time while looping with the script: /scripts/local-block Reason: Linux boot needs to know the UUID of the Swap file it tries to mount. Solution:Run the command:blkidand get the UUID of the Swap file.Run the command:nano /etc/initramfs-tools/conf.d/resumeThis file doesn’t exist. It will then be created.Add the following line as …

Email, Linux, Mailman

Minimize the Digests shown Headers in Mailman 2.1.xx

Problem: Digests in Mailman are composed of a lots of unneeded headers which clutter the messages. Solution: Edit the Mailman configuration file manually as follows: WARNING !!!: These headers are part of a the ‘RFC 1153’ which if changed can have unpredictable or unwanted effects. So here I kept the headers: Date:, From:, Subject:, Keywords(if …

Email, Linux, Postfix

Configuring Domain Relaying with ISPConfig 3.1.xx

Intention: Redirect (reroute) specific email addresses via, for example, an SMTP service: Steps: – Enter the destination domain in the Advanced Routing Table (Email ==> Email Accounts/Email Routing) – Enter the same destination domain in the (Email ==> Global Filters / Relay Recipients) as @domain Example: eg. rerouting all emails of destination domain mydomain.com via …

Email, Linux, Postfix

No Type list in ISPConfig 3.1.11

Problem: The brand new version of ISPConfig 3.1.11 when I add or modify an email transport, no value is displayed anymore on “type”. Solution: Ref: https://git.ispconfig.org/ispconfig/ispconfig3/issues/4924 Edit /usr/local/ispconfig/interface/web/mail/mail_transport_edit.php Change this line: $app->tpl->setVar($rec, null, true); to this: $app->tpl->setVar($rec); and should work again.

Linux, MySQL, Security

Resetting MySQL/MariaDB root password in Ubuntu 16.04/18.04

Introduction: In case you have forgotten the ‘root’ password in MySQL/MariaDB(10.0.x) you can reset the password as follows: Ref: https://kofler.info/root-login-problem-mit-mariadb/ STEPS: Stop the currently running MySQL/MariaDB service mysql stop Start MySQL/MariaDB in non-protected mode: mysqld_safe –skip-grant-tables –skip-networking & Login as root in MySQL/MariaDB mysql -u root Set the new root password: For MySQL Previous to …

Apache, Linux, Wordpress

Installing the missing mcrypt module for PHP 7.2

Inroduction: Because of the module mcrypt for PHP neot being maintained since a bout 10 years the PHP team has decided to drop it from the PHP version 7.2 on. For PHP applications that need this module here are the instructions to compile and install it for PHP 7.2. Reference: https://lukasmestan.com/install-mcrypt-extension-in-php7-2/ STEPS: We need to …

Email, Mailman

Changing the mailman subscribers ‘moderation’ bit on the command line

Intro: In my mailman installation with over 3K subscribers I could not find why the web interface didn’t allow me to change the ‘moderation’ bit of subscribers, or any other property. So I found this tool which allows me to the ‘moderation’ bit for any subscriber using the command line. Sinc ethe Python module for …

Apache, Linux, NGinX, Postfix, Security

Install CERTBOT in Ubuntu-16-04-xenial and Debian Stretch

Intro: Here is a 1-to-1 copy of the article on how to install certbot in Ubuntu 16.04 and Debian Stretch Ubuntu 16.04 HOWTO: Install On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you’ll need to do is apt-get the following packages. $ sudo apt-get …

Apache, Linux, Security

Configuring Letsencrypt in ISPConfig 3.1

Intro: Since a while now the wonderful idea of creating the service Letsencrypt has made lots of admins happy. Here is how we can also use Letsencrypt with ISPConfig 3.1. Ref: https://www.howtoforge.com/community/threads/ssl-how-to-for-ispconfig-3-with-letsencrypt.74738/ STEPS: Define ISPconfig to use the new SSL certificate with symbolic links. (If you don’t know how to use symbolic links this how-to …

Email, Linux

Rectify mailman URLs after a hostname change

Intro: I had to change the server name of my mailman server. I changed it in /etc/mailman/mm_cfg.py as follows: # Default domain for email addresses of newly created MLs DEFAULT_EMAIL_HOST = ‘mailman.myserver.com’ #————————————————————- # Default host for web interface of newly created MLs DEFAULT_URL_HOST = ‘mailman.myserver.com’ BUT! Some links in the mailman site were OK …

Email, Linux, Postfix

Blocking reception of full TLDs

Intro: Lately I was receiving a lot of spam from a ‘.date’ TLD sources and wanted to block all these emails using Postfix. Here is a solution found at: https://serverfault.com/questions/728641/blacklisting-tld-in-postfix/728658 Steps: Install the Postfix PCRE dictionary apt-get install postfix-pcre Configure postfix postconf -e smtpd_sender_restrictions=pcre:/etc/postfix/rejected_domains postconf -e reject_unauth_destinations=pcre:/etc/postfix/rejected_domains Edit the new file /etc/postfix/rejected_domains with the following …

Email, Linux, Postfix, Security, Systemd

OpenDKIM doesn’t start after Upgrade from Jessie to Stretch

Introduction: After having done a dist-upgrade fo Jessie to Stretch OpenDKIM didn’t start any more. After research I found the answer which worked for me in this site: https://serverfault.com/questions/847435/cant-change-opendkim-socket-in-debian-stretch-in-etc-default-opendkim INFO: I’m using the ‘inet’ socket for the communication between Postfix and OpenDKIM at port 12345. eg. My config in of OpenDKIM in Postfix: milter_default_action = …

Linux, Monitoring

Some Zabbix tools

Introduction: In order to debug some Zabbix problems here are some tools I gathered to help. Requirements: Installation of the package zabbix-get in the monitoring server apt-get install zabbix-get Installation of the package zabbix-agent in the monitored hosts. apt-get install zabbix-agent TIP: In order to programmatically (using bash for example) create scripts that monitor anything …

Apache, Linux, NGinX

piwik: Could not open input file: ./console

Introduction: In order to know the location of the visits your website received before you started using Piwik with GeoIP you need to run a command. The reference to this command is at: https://piwik.org/faq/how-to/faq_167/ Problem: Unfortunately after having logged in as root in the server this command gave me the following error: Could not open …

GlusterFS, Linux

Prepare Debian Stretch for Installing GlusterFS 3.12

In order to install this version of GlusterFS we need to add the repositories: Ref: https://download.gluster.org/pub/gluster/glusterfs/LATEST/Debian/ echo deb [arch=amd64] http://download.gluster.org/pub/gluster/glusterfs/3.12/LATEST/Debian/stretch/apt stretch main > /etc/apt/sources.list.d/gluster.list wget -O – http://download.gluster.org/pub/gluster/glusterfs/3.12/rsa.pub | apt-key add – apt-get update apt-get install glusterfs-server xfsprogs Format the dedicated partition for GlusterFS synchronized data: eg. /dev/xvda3 mkfs.xfs -f -i size=512 /dev/xvda3 Example of …

Email, Linux, Postfix

Transferring IMAP account mails and folders to another IMAP account on another server … or locally.

Introduction: The other day I was asked to install a completely new email server and transfer all the email accounts from the old mail server to the new one. I noticed that since the new mail server was using a different mail INBOX format I had to do some research and found this really good …

Linux, Monitoring

Installing Filebeat, Logstash, ElasticSearch and Kibana in Ubuntu 14.04

PREPARATIONS #Ref: https://www.elastic.co/guide/en/logstash/current/installing-logstash.html First install Java 8 in Ubuntu 14.04 # Ref: https://www.liquidweb.com/kb/how-to-install-oracle-java-8-on-ubuntu-14-04-lts/ apt-get install python-software-properties software-properties-common apt-add-repository ppa:webupd8team/java apt-get update apt-get install oracle-java8-installer java -version Result: java version “1.8.0_144” Java(TM) SE Runtime Environment (build 1.8.0_144-b01) Java HotSpot(TM) 64-Bit Server VM (build 25.144-b01, mixed mode) Facilitate updating of all packages via APT repositories apt-get install …

Atlassian, Linux, Security

Disabling the admin security password confirmation in Jira and Confluence

Introduction: Although in Jira and Confluence the WebSudo, requesting the confirmation of the administrator’s password, are neat security features if you are working in a company where the chances of someone fiddling around with your computer are high. BUT in a very small company, where this risk is almost none, this feature has proven very …

Apache, Email, Linux, Postfix, Security

Hardening the SSL security in Apache, Dovecot and Postfix

Introduction: After having gotten a report from OpenVAS that my SSL security level of the mail server were medium, I looked for ways to improve this. I found very good sites which helps me making these improvements: https://weakdh.org/sysadmin.html https://wiki.dovecot.org/SSL/DovecotConfiguration Click to access applied-crypto-hardening.pdf Based on this site and extending to cover dovecot mail service here …

Email, Linux, Postfix

Whitelisting Hosts in Postfix/Amavis

Introduction: I have an email server with very strong spam filtering and every now and then it does see the emails that I send from our own networks as SPAM. In order to bypass the SPAM scanner for those networks without bypassing the virus scanning of Amavis I found these instructions in Internet at: http://verchick.com/mecham/public_html/spam/bypassing.html#1 …

Apache, Linux, Security

Installing TeamPass in Debian Jessie

Introduction: TeamPass is a very good Web application which can store securely Passwords for single person or teams. Here are the steps I used to install it in Debian Jessie. These instructions can also be used with no or minimal changes to install TeamPass in other Debian or Ubuntu systems. These instruction are partly based …

Linux, MAC OS X, Security

SSH doesn’t accept my key since upgrade Mac OS X to Sierra

Introduction: I have two MacBooks. One that still has Mavericks OS X and one that I just upgrade to Sierra OS X. Since the upgrade I can’t connect via SSH to one of my Linux servers using the RSA/DSA Keys any more. It always asks for a password. After adding the ‘-v’ option to the …

Linux, XEN

pygrub: Unable to find partition containing kernel

Introduction: Lately after I upgraded many packages in a Xen 4.4 DOMU VM the pygrub could not boot the VM any more. During the security update, the installed grub2(grup-pc), which never created any problems before with pygrub, got updated and suddenly it did create problems to boot the VM. Here is the error message I …

Bash, Linux

Force reboot a remote Linux server

Introduction: After having tried to do a reboot of a remote Linux server via the command reboot which had no effect, I tried to find a command that would force the server to reboot immediately. I found the commands that do exactly that at: https://major.io/2009/01/29/linux-emergency-reboot-or-shutdown-with-magic-commands/ Commands: echo 1 > /proc/sys/kernel/sysrq echo b > /proc/sysrq-trigger This …

Linux, MySQL

Switch database type from H2 to MySQL in Atlassian Jira

Introduction: After having tested Jira and decided to keep it for production it is very recommended to change the type of database used by Jira. The default database at delivery time is H2(local file dB) and in this HOW-TO I describe what I had to do to execute that switch under Debian Jessie. Steps: References: …

Bash, Linux, MySQL

Display MySQL databases types in bash

Based on the site: http://stackoverflow.com/questions/213543/how-can-i-check-mysql-engine-type-for-a-specific-table Here is a bash command that will display the databases types(innoDB or MyISAM) of all the MySQL databases except for the defaults ones(mysql, etc) for i in $(mysql -u root -p -e “show databases;” | egrep -v ‘Database|information_schema|mysql|performance_schema’); do echo “——————–$i——————–“; mysql -u root -p -e “use $i; show table …

Linux, Security

Changing Linux system password in bash script

Introduction: I created a script that creates a full email account for a new user including setting the password. I was looking for a way to change/set the password programmatically in the script using clear text passwords provided in variables. I took this information for the man page of chpasswd Some solution examples: Changing/setting the …

Linux, XEN

‘init: plymouth-upstart-bridge main process ended, respawning’ error messages at boot.

I installed a new Ubuntu 14.04 as a Xen server and found out that on booting the following messages repeated itself many times, [ 2.811553] init: plymouth-upstart-bridge main process (191) terminated with status 1 [ 2.812789] init: plymouth-upstart-bridge main process ended, respawning [ 2.874117] init: plymouth-upstart-bridge main process (210) terminated with status 1 [ 2.875167] …

Linux, Security

Discover live hosts on a network under Linux

There are lost of tools available to scan a network and list the IPs of the hosts that are live. Here is one that I find quite cool using nmap with the following command(for example for the LAN network 192.168.100.0/24): Reference: http://security.stackexchange.com/questions/36198/how-to-find-live-hosts-on-my-network nmap 192.168.100.0/24 -n -sP | grep report | awk ‘{print $5}’ the result …

Linux, XEN

Installing Xen Hypervisor 4.8 on Debian Jessie

Introduction: I was looking for a way to install Xen 4.8 in Jessie because in some of the newest Processors Intel series called Skylake the default version of Xen Hypervisor on Jessie (4.4) results in endless booting loops. NOTE: If you already had the Xen 4.4(original installed) no worries the version 4.4 will not be …

Bash, Linux, Security

Forcing pam users to use only FTPS and block SFTP/SSH

Introduction: I needed to force certain PAM users(configured in /etc/passwd) to use FTPS and block them from using SSH or SFTP. Here is a solution I found in: http://askubuntu.com/questions/93411/simple-easy-way-to-jail-users Solution: Add to /etc/shells a new shell: vim /etc/shells Add one line: /bin/false Save. For each user you want to deny ssh/sftp, change the user’s shell: …

GlusterFS, Linux

Upgrading GlusterFS from 3.2(Debian) to 3.4 for Debian Wheezy

Reference: https://download.gluster.org/pub/gluster/glusterfs/3.4/LATEST/Debian/wheezy/ Packages of GlusterFS 3.4.7 for Debian wheezy are available here from the Gluster Community… Add the GPG key to apt: wget -O – http://download.gluster.org/pub/gluster/glusterfs/3.4/LATEST/Debian/wheezy/pubkey.gpg | apt-key add – Add the source: echo deb http://download.gluster.org/pub/gluster/glusterfs/3.4/LATEST/Debian/wheezy/apt wheezy main > /etc/apt/sources.list.d/gluster.list Update package list: apt-get update Install: apt-get install [ glusterfs-server | glusterfs-client ] Packages from …

Linux, Systemd, XEN

Ubuntu 16.10 : xenconsole: Could not read tty from store: Success

Introduction: After having had some stability problems, with running Xen DOMUs under Ubuntu 16.04/Xen 4.6, I decided to upgrade to Ubuntu 16.10/Xen 4.7. Unfortunately, as I tried to start any of the DOMUs with the option -c to see the console content, the following error message was displayed and I got kicked out and no …

Linux, MAC OS X

Extending SSD life expectancy by tuning Firefox

Introduction: If you are using Firefox and SSD drive(s) then according to this site: https://www.servethehome.com/firefox-is-eating-your-ssd-here-is-how-to-fix-it/ it is very recommended to make the small configuration change in Firefox to extend the life of your SSD. Reason: SSD Drives do have a lifespan depending on how many times we write to it. Therefore the function of regular …

Bash, Linux

Displaying the list of all ‘at’ jobs and their respective commands

Introduction: The command atq gives me the list of at jobs waiting to be executed and their execution times. Each line starting with the job number. The command at -c JobNumber gives me the content of the job including the environment variables. What I wanted is a command that would give me the list of …

Linux, MySQL, Security, Systemd, Wordpress

Resolving Mysql error: Too many open files

Introduction: As I upgraded from Mysql 5.5 to 5.6 suddenly some sites were showing the following error: …… Too many open files The issue has to do with the present limitations given to the system and PAM system to open max 1024 files. After doing some research I found this site below here which is …

Apache, Linux

Upgrading php from 5.4 to 5.6 in Debian Wheezy

In order to upgrade PHP from 5.4 to 5.6 we need to use the DOTDEB repositories by which many other packages will also be upgraded. Here are the steps. References: https://www.dotdeb.org/instructions/ STEPS: Edit the file /etc/apt/sources.lst and add the following lines: deb http://packages.dotdeb.org wheezy all deb-src http://packages.dotdeb.org wheezy all deb http://packages.dotdeb.org wheezy-php56-zts all deb-src http://packages.dotdeb.org …

ZIMBRA

LibClamAV Error: mpool_malloc(): Attempt to allocate 8388608 bytes

Lately I updated the Ubuntu 12.04 where I run Zimbra 8.x and found that the log file of ‘clamd’ process was filling incredibly fast with the follwoing error line and the emails received’s subject were tagged with ‘**UNCHECKED**’ LibClamAV Error: mpool_malloc(): Attempt to allocate 8388608 bytes. Please report to http://bugs.clamav.net Finally I found a solution …

Windows

Reset Administrator password in Windows XP

Reference URL: http://ccm.net/faq/8228-how-to-recover-windows-xp-admin-password Steps: Recover Windows XP Administrative Password The first step in recovering your Windows XP password is to reboot your computer in safe mode. You can do this by restarting your computer and repeatedly pressing F8 as the computer loads. Once in safe mode, click on Start > Run. In the box that …

Linux

Preferring use of ipv4 instead of ipv6 for DNS IP resolution in Debian

The last time I did an apt-get update in a specific Debian Wheezy I could not connect to the repositories because apt was preferring to use the IPv6 first. So here is a simple solution to system-wide add a preference to ipv4 in DNS IP resolution: Edit the file /etc/gai.conf and add the following line …

Linux

Making rpcbind(previously portmap, port 111) more secure

Introduction: I often use NFS files system between servers of the same internal network. But because having rpcbind open to Internet is considered insecure, I needed to protect it. I could have done this with the firewall, but since the only service I wanted to protect from Internet access I didn’t want to bother with …

Linux, Security

Blocking all traffic from individual countries using IPSet and IPTables

Introduction: As I looked at the syslog I found too often that SSH login attacks are coming either from China or from Russia. Having enough of that, and anyway not expecting any traffic from any of these countries, although I use fail2ban still I decided to block any traffic coming from these 2 countries. Fail2ban …

Linux, MySQL

Resetting MariaDB root password in Ubuntu 16.04 LTS

Introduction: Becasue it’s such a good article and don’t want to lose it, this following article is a full copy (with maybe some minor changes) taken from this site: http://tecadmin.net/steps-to-reset-mariadb-root-password-in-linux/# Step 1: Stop MariaDB Service First we need to stop MariaDB service using following command. # /etc/init.d/mysql stop Shutting down MySQL. [ OK ] Step …

Linux

Installing GRUB2 on mdadm software Raid in Debian Wheezy/Jessie

Principle: If you look at the result of the command df -h and you are using the mdmadm software RAID 1 then you can only see the /dev/mdx partitions. eg. Filesystem Size Used Avail Use% Mounted on /dev/md2 1.8T 524G 1.2T 31% / udev 10M 0 10M 0% /dev tmpfs 3.1G 288K 3.1G 1% /run …

Linux, NGinX, NGinX

Enabling SPDY and Strict-Transport-Security to NginX in Ubuntu 14.04

In Ubuntu 14.04 NginX is been compiled with the SPDY capability. To use it one must enable it inside the server {…} block for each virtual host. eg. server { server_name mprofi.com www.mprofi.com; root /var/www/mprofi.com; index index.php; # # Added to handle HTTP and HTTPS and SPDY listen 80; listen 443 ssl spdy; ssl_certificate /etc/letsencrypt/live/www.mysite.com/fullchain.pem; …

Linux, Monitoring, Security

Installing Webmin in Debian 8(Jessie)

These instructions are a ‘Plagiat’ of the site: http://www.christophe-casalegno.com/2015/07/14/how-to-install-webmin-on-debian-8/ To install webmin on Debian 8 just follow this instructions : cd /root wget http://www.webmin.com/jcameron-key.asc apt-key add jcameron-key.asc echo “deb http://download.webmin.com/download/repository sarge contrib” >> /etc/apt/sources.list echo “deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib” >> /etc/apt/sources.list apt-get update apt-get -y install webmin If it’s too long for you, you can …

Docker, Docker, Linux

Some DOCKER Commands

Here are a few basic Docker commands: Also see: https://github.com/wsargent/docker-cheat-sheet Installing the latest Docker environment in Linux: curl -sSL https://get.docker.com/ | sh Start the docker terminal in OSX bash –login ‘/Applications/Docker/Docker Quickstart Terminal.app/Contents/Resources/Scripts/start.sh’ Info: Container Names without ‘/’ in the name refers to basic public containers templates Containers Names with a ‘/’ refers to user …

Bash, Linux

Useful ps options

Here are some (growing) tricks in order to get the maximum of the PS command: I set the command’s options in an alias to simplify the running of it. alias psa=’ps –headers axf -o pid,ppid,pri,state,user:15,group:15,nlwp,%cpu,%mem,rss,vsz,maj_flt,time,start,comm’ # One advantage of this above command is that it displays the username in its full length even if it’s …

Email, Linux, Postfix, Security

Fixing Spamassassin in Debian Jessie(8)

Introduction: For a long time under Debian Wheezy Spamassassin was running quite well until I upgraded the system to Jessie. That is when Spamassassin(spamd) started to crash every now and then without giving much reasons why. Cause of error message: Looking in the system logs(/var/log/syslog) I found the following error: spamd[7490]: util: refusing to untaint …

Apache, Linux, Security

Using HTTPS as proxy backend in Apache 2.4

Introduction: In Apache 2.4 in a Vhost in order to be able to proxy to a backend with HTTPS using either a self-signed or expired certificate on the backend we need to include the following directives: SSLProxyEngine on SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off You also need to enable the required Apache2 modules …