sysadmin

"opsi is an open source Client Management System for Windows clients and is based on Linux servers Key features: Automatic OS installation (unattended or image based) Automatic software distribution and patch management Hardware and software inventories License management opsi server runs on Debian, Ubuntu, OpenSuse, SLES, CentOS, UCS and RHEL." - imabonehead from Bookmarklet

"I promised that I would write an article about setting of the chrooted sftp accounts with openssh and SELinux. So here it is." - imabonehead from Bookmarklet

"awk, sed, and grep are three of my favorite tools in the Linux or UNIX command line. They are all pretty powerful. Today we’ll look at how to get cracking with awk to help you ease into using it. Then we’ll look at some useful awk one liners to make things a bit more fun for you. AWK is a programming language designed for processing text-based data, either in files or data streams. It was created at Bell Labs in the 1970s. Although it’s quite old, don’t get fooled by it’s age. It is extremely powerful and efficient at what it does. Let’s get our hands dirty now." - imabonehead from Bookmarklet

"This post is more of a comment on my feelings about the two different systems and comparing the way in which they work. Unlike Nathen, I didn’t have to make any of the WIIF decisions – the only question I had to ask was “Oh, they use Chef. Do I want a contract?” to which the answer to the second part will always override the first. I am new to Chef (I’ve been using it for a total of four hours now!) however I’m already starting to see some of the differences and I hope that this post will help others who find themselves in my position. I’ll be running Chef in the same way I run Puppet (centralised client/server model) and I’ll try to be as subjective as I can – where I love something I’ll say so, where I think there are flaws I’ll point them out!" - imabonehead from Bookmarklet

"In this post, i will show you 10 most rated linux commands for last past weeks at commandlinefu." - imabonehead from Bookmarklet

"The PC BIOS is a dreadful thing. Poorly standardised and often poorly implemented, it has one job to do and frequently does it badly. The kernel and bootloaders are obliged to devote extensive sections of code to working around issues present in the BIOS, code and time that could have been better spent elsewhere. Everyone agrees that the PC BIOS is awful." - imabonehead from Bookmarklet

"Today marks the start of a new era for IPv6. Building on the great success of last year’s World IPv6 Day, this year’s “World IPv6 Launch” will bring together major Internet service providers (ISPs), home networking equipment manufacturers, and web companies around the world to permanently enable IPv6 for their products and services! No more “test flight”… this is the real deal! The date is June 6, 2012, and you can get involved by visiting: www.worldipv6launch.org" - imabonehead from Bookmarklet

"You’ve heard all about the Windows cleaning tools — on every level. What you haven’t heard of nearly as much are tools to help clean up the Linux file system. Believe it or not, they do exist, and I want to introduce you to them. Some you may have heard of, some are functions within tools you already know, and some are just plain obscure. Regardless, each of these tools will help you keep your Linux file system clean." - imabonehead from Bookmarklet

"Recently I have been asked about how I handle the gpg key I use for Apache releases. For what is worth, the question popped up in the context of a few other community members taking on the release manager role. As those of you that follow Apache Camel already know the Camel PMC decided to actively support and issue patch releases for the two latest minor branches. But I digress. As I mentioned, I don't keep my private key on my laptop, but on an encrypted usb flash disk. The main reason is security, as the probability of someone getting access to my box greater than zero. In particular the key used for Apache releases is trusted by other ASF members and making sure it doesn't get compromised is one of the duties of the release manager. Of course one could revoke a key, but then verifying the integrity of a release becomes complicated at best. My setup works on Ubuntu 11.10 and the idea behind it was using something similar to 2-factor authentication (something I have and something I... more... - imabonehead from Bookmarklet

"Environment: HP BladeSystem Proliant BL460c G6(ip: 192.168.0.0/24, DHCP/tftp/kickstart/PXE/HTTP server is on different network: 192.168.1.0/24) Objective: install CentOS 6.1 into bare-metal blades from" - imabonehead from Bookmarklet

"At first, I thought copying permissions would be a simple matter of using icacls to perform some kind of permission dump. Sadly, and somewhat surprisingly, I was not able to find an easy way to do that. Certainly you can simply pipe the output of icacls to a text file, however I could not find an easy way to consume that text-based permission record. That’s where the wonder of RoboCopy comes in." - imabonehead from Bookmarklet

"Rather than storing your IMAP and SMTP passwords in plain text on disk, you can store them encrypted using GnuPG, OpenSSL, the GNOME Keyring, or any other method of password storage encryption. It still requires a “master password” from you to decrypt the file(s) on the fly, and set the appropriate passwords, but then it will remain in RAM in plain text for the duration Mutt is running, and no worries about the password in plain text going to disk. Here’s how I set mine up using my GnuPG key. First, I created a ~/.mutt/passwords file. The file is in plain text. Before encrypting it, here are its contents..." - imabonehead from Bookmarklet

"WebSockets is definately one of the brighter features of HTML5. It allows for easy and efficient real-time commucation with the server, and with the introduction of Socket.IO, node.js and similar libraries, it is sure to gain popularity. It's a must when you're developing an interactive application like chat, game, realtime reporting system etc. But, from a security standpoint there are many things to consider when implementing WebSockets in your next project. I don't call them vulnerabilities - but they will most likely create a vulnerability when not dealt with correctly. In this post I describe all these aspects and release socket_io_client - tool for testing & exploiting WebSockets servers." - imabonehead from Bookmarklet

"You've read all about systemd, the new Linux init daemon. You know what it does, and why. Now it's time to dig in and learn how to make it sit up and beg — or at least start, stop, and get information on services." - imabonehead from Bookmarklet

"I’m happy to announce the release of version 3 of the REMnux Linux distribution for reverse-engineering malware. This release incorporates many usability improvements, software updates and new tools to make the environment even more useful for analyzing malicious software. REMnux is available as a VMware virtual appliance and as an ISO image of a Live CD. The easiest way to get started with and derive the most value from REMnux is to refer to the new REMnux Usage Tips cheat sheet." - imabonehead from Bookmarklet

"Packet capture is one of the most fundamental and powerful ways to do network analysis. You can learn virtually anything about what is going on within a network by intercepting and examining the raw data that crosses it. Modern network analysis tools are able to capture, interpret and describe this network traffic in a human-friendly manner. tcpdump is one of the original packet capture (or "sniffing") tools that provide these analysis capabilities, and even though it now shares the field with many other utilities, it remains one of the most powerful and flexible." - imabonehead from Bookmarklet

"What were the hot topics for Data Center Knowledge readers during 2011? Readers are fascinated with the companies running the Internet’s largest infrastructures – Google, Facebook, Apple, Microsoft and Amazon – and how operate their data centers. Also popular: coverage of supercomputers and data center cooling. What were the stories that held your attention this year? See the Top 10 Data Center Stories of 2011 for our rundown of the 10 most popular stories on DCK, ranked by the number of page views they received." - imabonehead from Bookmarklet

"As infrastructure costs rise, there's an urgent need to squeeze more performance from the same hardware. After several years of measuring and managing the capacity of thousands of Linux servers, we have learned that most typical tools and metrics are not sufficient to predict performance bottlenecks, particularly during traffic spikes. By using queue theory formulas and instrumenting our applications we were able to find the limits of our systems, improve reliability, and maximize throughput and performance." - imabonehead from Bookmarklet

"Append the following options to your kernel command line (ESC, then F6 at the boot screen): priority=critical locale=en_US url=http://bit.ly/uquick" - http://blog.dustinkirkland.com/2011... - imabonehead

"This article is about how to use the S/MIME encryption function of common e-mail clients to sign and/or encrypt your mails safely. S/MIME uses SSL certificates which you can either create yourself or let a trusted certificate authority (CA) create one for you. This tutorial comes without warranty of any kind. I do not guarantee that this will work for you." - imabonehead from Bookmarklet

"Iptables is the standard Linux® firewall application. It is easy to configure and maintain while powerful enough to provide the control expected from a high-end appliance. Learn how to get started with iptables, recover from common issues, and simulate a small-office usage scenario." - imabonehead from Bookmarklet

"I’ve compiled 25 performance monitoring and debugging tools that will be helpful when you are working on Linux environment. This list is not comprehensive or authoritative by any means. However this list has enough tools for you to play around and pick the one that is suitable your specific debugging and monitoring scenario." - imabonehead from Bookmarklet

"Pointing and clicking is fine for most day-to-day computing tasks, but to really take advantage of the strengths of Linux over other environments, you eventually need to crack the shell and enter the command line. Lots of command shells are available, from Bash and Korn to C shell and various exotic and strange shells. Learn which shell is right for you." - imabonehead from Bookmarklet

"So, I want to take a shell script and be able to put it on any machine - and have it backup the databases on that machine using mysqldump.. and put them each separately into a backup directory.. here's what I came up with. Can you make it better?" - imabonehead from Bookmarklet

"If you routinely use multiple computers, it can be a challenge to keep your data files organized and to manage multiple login IDs. OpenSSH can help you with those tasks. It’s a powerful, secure tool that lets you share files without having to set up a file server, run applications remotely, and perform remote administration chores quickly and securely. You probably already know how to use OpenSSH for file transfers. Here we’ll uncover some less well-known OpenSSH tricks that can make life easier for roaming computer users." - imabonehead from Bookmarklet

"A demonstration on a fully automated bare-metal provisioning of a multi-node open stack compute installation. The demo is done using two hardware nodes and uses MCollective and Puppet and custom developed automation code by Cloud9ers." - imabonehead from Bookmarklet

"rsnapshot is a backup tool written in Perl that utilizes rsync as its back-end. rsnapshot allows users to create customized incremental backup solutions. This article will discuss the following: the benefits of an incremental backup solution, rsnapshot's installation, its configuration, and usage examples." - imabonehead from Bookmarklet

"We do a ton of password cracking for our clients. Sometimes its because we've compromised one system and are looking for password reuse, sometimes its because we're pulling password complexity statistics to prove a point, and sometimes we're just trying to break a WPA-PSK. Nonetheless it helps to have a beefy system on your side. We've recently revamped our cracking server, here is some information about its specifications and configuration." - imabonehead from Bookmarklet