Introduction: For a long time since the SSDs have appeared on the market, Apple had as default disabled the TRIP support for the SSDs IF the SSD was not manufactured from Apple. Thad certainly didn’t quite pleased the Mac users who wanted to upgrade their Macs with a non-Apple SSD. The company Cindori has since …
Author: admin
Upgrading php from 5.4 to 5.6 in Debian Wheezy
In order to upgrade PHP from 5.4 to 5.6 we need to use the DOTDEB repositories by which many other packages will also be upgraded. Here are the steps. References: https://www.dotdeb.org/instructions/ STEPS: Edit the file /etc/apt/sources.lst and add the following lines: deb http://packages.dotdeb.org wheezy all deb-src http://packages.dotdeb.org wheezy all deb http://packages.dotdeb.org wheezy-php56-zts all deb-src http://packages.dotdeb.org …
LibClamAV Error: mpool_malloc(): Attempt to allocate 8388608 bytes
Lately I updated the Ubuntu 12.04 where I run Zimbra 8.x and found that the log file of ‘clamd’ process was filling incredibly fast with the follwoing error line and the emails received’s subject were tagged with ‘**UNCHECKED**’ LibClamAV Error: mpool_malloc(): Attempt to allocate 8388608 bytes. Please report to http://bugs.clamav.net Finally I found a solution …
Reset Administrator password in Windows XP
Reference URL: http://ccm.net/faq/8228-how-to-recover-windows-xp-admin-password Steps: Recover Windows XP Administrative Password The first step in recovering your Windows XP password is to reboot your computer in safe mode. You can do this by restarting your computer and repeatedly pressing F8 as the computer loads. Once in safe mode, click on Start > Run. In the box that …
Preferring use of ipv4 instead of ipv6 for DNS IP resolution in Debian
The last time I did an apt-get update in a specific Debian Wheezy I could not connect to the repositories because apt was preferring to use the IPv6 first. So here is a simple solution to system-wide add a preference to ipv4 in DNS IP resolution: Edit the file /etc/gai.conf and add the following line …
Making rpcbind(previously portmap, port 111) more secure
Introduction: I often use NFS files system between servers of the same internal network. But because having rpcbind open to Internet is considered insecure, I needed to protect it. I could have done this with the firewall, but since the only service I wanted to protect from Internet access I didn’t want to bother with …
Disable the ‘System Integrity Protection’ in Mac
Follow these steps: 1. Boot to Recovery OS by restarting your machine and holding down the Command and R keys at startup. 2. Launch Terminal from the Utilities menu. 3. Enter the following command: csrutil enable –without debug Reboot your computer.
Blocking all traffic from individual countries using IPSet and IPTables
Introduction: As I looked at the syslog I found too often that SSH login attacks are coming either from China or from Russia. Having enough of that, and anyway not expecting any traffic from any of these countries, although I use fail2ban still I decided to block any traffic coming from these 2 countries. Fail2ban …
Adding a new service to Linux systemd
Since the System V is slowly being phased out one most likely needs to learn how to get along with SYSTEMD which is much more powerful. For example, one useful feature is to automatically restart services that stop on their own. Such features are found for example in BluePill etc. With Systemd there is no …
Resetting MariaDB root password in Ubuntu 16.04 LTS
Introduction: Becasue it’s such a good article and don’t want to lose it, this following article is a full copy (with maybe some minor changes) taken from this site: http://tecadmin.net/steps-to-reset-mariadb-root-password-in-linux/# Step 1: Stop MariaDB Service First we need to stop MariaDB service using following command. # /etc/init.d/mysql stop Shutting down MySQL. [ OK ] Step …
Installing GRUB2 on mdadm software Raid in Debian Wheezy/Jessie
Principle: If you look at the result of the command df -h and you are using the mdmadm software RAID 1 then you can only see the /dev/mdx partitions. eg. Filesystem Size Used Avail Use% Mounted on /dev/md2 1.8T 524G 1.2T 31% / udev 10M 0 10M 0% /dev tmpfs 3.1G 288K 3.1G 1% /run …
Enabling SPDY and Strict-Transport-Security to NginX in Ubuntu 14.04
In Ubuntu 14.04 NginX is been compiled with the SPDY capability. To use it one must enable it inside the server {…} block for each virtual host. eg. server { server_name mprofi.com www.mprofi.com; root /var/www/mprofi.com; index index.php; # # Added to handle HTTP and HTTPS and SPDY listen 80; listen 443 ssl spdy; ssl_certificate /etc/letsencrypt/live/www.mysite.com/fullchain.pem; …
Activating SPDY in Apache 2.4 (Ubuntu 14.04)
SPDY is a new protocol created by Google and given to the Apache Foundation which allows faster Web traffic under SSL. Apache 2.4 is SPDY capable but its module is not included in Ubuntu 14.04 LTS Server. Here are some instructions that allow to get, install and enable SPDY feature foe Apache 2.4 under Ubuntu …
Installing Webmin in Debian 8(Jessie)
These instructions are a ‘Plagiat’ of the site: http://www.christophe-casalegno.com/2015/07/14/how-to-install-webmin-on-debian-8/ To install webmin on Debian 8 just follow this instructions : cd /root wget http://www.webmin.com/jcameron-key.asc apt-key add jcameron-key.asc echo “deb http://download.webmin.com/download/repository sarge contrib” >> /etc/apt/sources.list echo “deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib” >> /etc/apt/sources.list apt-get update apt-get -y install webmin If it’s too long for you, you can …
Some DOCKER Commands
Here are a few basic Docker commands: Also see: https://github.com/wsargent/docker-cheat-sheet Installing the latest Docker environment in Linux: curl -sSL https://get.docker.com/ | sh Start the docker terminal in OSX bash –login ‘/Applications/Docker/Docker Quickstart Terminal.app/Contents/Resources/Scripts/start.sh’ Info: Container Names without ‘/’ in the name refers to basic public containers templates Containers Names with a ‘/’ refers to user …
Useful ps options
Here are some (growing) tricks in order to get the maximum of the PS command: I set the command’s options in an alias to simplify the running of it. alias psa=’ps –headers axf -o pid,ppid,pri,state,user:15,group:15,nlwp,%cpu,%mem,rss,vsz,maj_flt,time,start,comm’ # One advantage of this above command is that it displays the username in its full length even if it’s …
Fixing Spamassassin in Debian Jessie(8)
Introduction: For a long time under Debian Wheezy Spamassassin was running quite well until I upgraded the system to Jessie. That is when Spamassassin(spamd) started to crash every now and then without giving much reasons why. Cause of error message: Looking in the system logs(/var/log/syslog) I found the following error: spamd[7490]: util: refusing to untaint …
Using HTTPS as proxy backend in Apache 2.4
Introduction: In Apache 2.4 in a Vhost in order to be able to proxy to a backend with HTTPS using either a self-signed or expired certificate on the backend we need to include the following directives: SSLProxyEngine on SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off You also need to enable the required Apache2 modules …
Redirecting HTTP to HTTPS in NginX
Here is a working method of redirecting any requested HTTP URL to HTTPS in NginX VirtualHosts that handles both HTTP and HTTPS. For example, to have a single vhost support both HTTP and HTTPS you have normally the following directives: # Support for HTTP and HTTPS listen 80; listen 443 ssl; ssl_certificate /etc/letsencrypt/live/www.myserver.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.myserver.com/privkey.pem; …
Testing SSL Connections with SSLyze, Nmap or OpenSSL
Introduction: OpenSSL is a great tool to check SSL connections to servers. The difficulty here is when one want a full scan of all possible SSL Cyphers and protocols used by a server. That is where SSLyze comes in handy. This tool is a Python script which will scan the target host/port for SSL handshake …