By default a ClamAV installation on CentOS 7 is not working. In this blog post we reconfigure the required systemd and configuration files for freshclam and clamd.
If you want to have anonymous access to the Internet from multiple remote locations around the globe, there are several VPN providers such HideMyAss, ExpressVPN and PureVPN who offers such services.However, if you need to have your own VPN server, here’s how to do it using OpenVPN on Linux CentOS 7.How to Setup OpenVPN Using firewalld Instead of iptablesFor this tutorial, I will be using a CentOS cloud server from DigitalOcean. By the way, if you’ve never heard of DigitalOcean, I strongly advise you have a look at them. You can easily deploy a fully functional VPS in just a few minutes and they are insanely fast.
This is a guide on setting up an IPSEC VPN server on CentOS 7 using StrongSwan as the IPsec server and for authentication. It has a detailed explanation with every step. We choose the IPSEC protocol stack because of recent vulnerabilities found in pptpd VPNs and because it is supported on all recent operating systems by default.
Tell DRBD that the local copy of the data is the good one.
drbdadm -- --overwrite_data_of_peer primary <resource>
Make the local data Primary
drbdadm primary <resource>
Make the resource standalone
drbdadm disconnect <resource>
List the current block device in use:
# virsh domblklist <VMNAME>
Create an external disk snapshot:
# virsh snapshot-create-as --domain <VMNAME> <VMNAME>-snap1 --disk-only --atomic --quiesce
Now that the guest is using the external snapshot disk we can take a backup of the original disk in background using your favorite tool.
When the backup is finished, perform active blockcommit by live merging contents of <VMNAME>-snap1 into base:
# virsh blockcommit <VMNAME> vda --active --verbose --pivot
Block Commit: [100 %]
List the current block device in use, again. It can be noticed, once the blockcommit operation is completed, the live QEMU is pivoted to the base image again:
# virsh domblklist <WMNAME>
Finaly, if we want, we can remove the external snapshot to not to leave it there:
# virsh snapshot-delete <VMNAME> <VMNAME>-snap1 --metadata
Domain snapshot <VMNAME>-snap1 deleted
Then remove the <VMNAME>-snap1.qcow2 file created above.
Owner manual and Service manual for the Harley Davidson Sportster.
To place a network interface into promiscuous mode (for network monitoring) use:
ifconfig eth0 promisc
To take it out again use:
ifconfig eth0 -promisc
Most Linux servers offer an SSH login via Port 22 for remote administration purposes. This port is a well-known port, therefore, it is often attacked by brute force attacks. Fail2ban is a software that scans log files for brute force login attempts in real-time and bans the attackers with firewalld or iptables. Fail2ban recognizes unwanted access or security breach efforts to the server within the administrator set time frame and blocks the IP addresses which show signs of brute force attacks or dictionary
I was looking into deploying foreman for our rapidly multiplying linux server farm. This was a great introduction, and even better, the instructions work!
The recent vulnerability in bash, got me running to update bash. It’s easy when you have maybe one or two Linux servers, but what do you do if you have 100’