Strat from the release of OpenBSD 4.2, you will find that cdrom42.fs was not provided in OpenBSD official ftp sites. however, it is relatively easy to custom build your OpenBSD bootable installer CD. I will show you the steps in making your own OpenBSD bootable CD.
Create download directory.
shell> mkdir -p /OpenBSD
Download OPENBSD Files
shell> wget ftp://ftp.openbsd.org/pub/OpenBSD/4.3/i386/*
if the download is disconnected suddenly due to the Internet connection problem. You can resume it by
shell> wget -c ftp://ftp.openbsd.org/pub/OpenBSD/4.3/i386/*
Create Cdrom43.fs
A PERL module, call "geteltorito" need to use for grab a copy/make executable and extract boot image from the file cdemu43.iso with simple command.
shell > geteltorito cdemu43.iso > cdrom43.fs
Booting catalog starts at sector:29
Manufacturer of CD: Copyright (c) 2007 Theo
Image architecture: x86
Boot Media type is: 2.88meg floppy
E1 Torito image starts at sector 30 and has 5760 sector(s) of 512 Bytes
Image has been written to stdout.........
To Create Boot Image
shell> mkyhybrid -r -b cdrom43.fs -c "boot.catalog" -o OpenBSD43.iso OpenBSD
By now, you should already have the OpenBSD43.iso and you can burn it to CD using any kind of operating system.
After finished, you can create the bootable iso image:
Tuesday, September 23, 2008
Sunday, September 21, 2008
10 reasons to migrate from Windows 2003 server to Windows 2008 server
1. Windows Server 2008 offers a world-class Web and application platform designed to provide security and ease of management for developing and reliably hosting enterprise applications and services.
2. The platform offers improved networking performance to harness the power of today’s multigigabit networks and help IT organizations secure and control network traffic.
3. Every aspect of Windows Server 2008 is designed with enhanced security and strict compliance in mind. In action, Network Access Protection features help enforce policies designed to ensure that any computer connecting to the network meets corporate requirements for system health.
4. By migrating to Windows Server 2008 now, organization can maximize the OS cycle and take full advantage of the financial and technical benefits of powerful new functionality.
5. Windows Server 2008 provides outstanding control over remote infrastructure with enhancements to Microsoft Active Directory services, including read-only domain controllers and administrative role separations.
6. The platform provides simplified server management through the server manager console – a tool that helps streamline management of server configurations, status reporting, and role management.
7. Superior scripting and task automation enable IT organizations to automate common tasks and easily control system administration.
8. Windows Server 2008 supports presentation virtualization, enabling secure access to internal applications through firewall-friendly ports.
9. Hyper-V virtualization technology facilitates production server consolidations, fast disaster recovery, and simplified management of dynamic data centers.
10. Windows Server 2008 helps business leverage the power of the Windows Vista OS. The two platform share several networking, storage, security, and management technologies.
2. The platform offers improved networking performance to harness the power of today’s multigigabit networks and help IT organizations secure and control network traffic.
3. Every aspect of Windows Server 2008 is designed with enhanced security and strict compliance in mind. In action, Network Access Protection features help enforce policies designed to ensure that any computer connecting to the network meets corporate requirements for system health.
4. By migrating to Windows Server 2008 now, organization can maximize the OS cycle and take full advantage of the financial and technical benefits of powerful new functionality.
5. Windows Server 2008 provides outstanding control over remote infrastructure with enhancements to Microsoft Active Directory services, including read-only domain controllers and administrative role separations.
6. The platform provides simplified server management through the server manager console – a tool that helps streamline management of server configurations, status reporting, and role management.
7. Superior scripting and task automation enable IT organizations to automate common tasks and easily control system administration.
8. Windows Server 2008 supports presentation virtualization, enabling secure access to internal applications through firewall-friendly ports.
9. Hyper-V virtualization technology facilitates production server consolidations, fast disaster recovery, and simplified management of dynamic data centers.
10. Windows Server 2008 helps business leverage the power of the Windows Vista OS. The two platform share several networking, storage, security, and management technologies.
Wednesday, September 17, 2008
Monitor Proftpd Server by Using phpftpwho
Install phpftpwho
Note :- phpftpwho must be installed on the same machine that is running Proftpd server.
Download phpftpwho from here using the following command in apache web server root document folder (/var/www)
#wget http://www.rivetcode.com/files/phpftpwho/phpftpwho-1_05.tar.gz
Now you have tar.gz file you need to extract using the following command
# tar xzvf phpftpwho-1_05.tar.gz
Now you should be having phpftpwho folder in your apache root document folder(/var/www)
If you want to access your phpftpwho program you need to go to http://yourserverip/phpftpwho
Now you need to login into the ftp server and refresh your phpftpwho page you should see similar to the following screen
Note :- phpftpwho must be installed on the same machine that is running Proftpd server.
Download phpftpwho from here using the following command in apache web server root document folder (/var/www)
#wget http://www.rivetcode.com/files/phpftpwho/phpftpwho-1_05.tar.gz
Now you have tar.gz file you need to extract using the following command
# tar xzvf phpftpwho-1_05.tar.gz
Now you should be having phpftpwho folder in your apache root document folder(/var/www)
If you want to access your phpftpwho program you need to go to http://yourserverip/phpftpwho
Now you need to login into the ftp server and refresh your phpftpwho page you should see similar to the following screen
Monday, September 15, 2008
Spam filtering in sendmail by using DNSBL definitions
If you wish to be even more aggressive with your spam filtering, you can configure Sendmail to completely ignore senders that have bad reputations. With this step, Sendmail won’t even talk to them.
Editing the file /etc/mail/sendmail.mc, insert the following lines anywhere in the FEATURE section of the file:
dnl #
dnl # Here are Sharky's favorite DNSBL definitions.
dnl #
FEATURE(`dnsbl', `list.dsbl.org')dnl
FEATURE(`dnsbl', `bl.spamcop.net')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org')dnl
FEATURE(`dnsbl', `blackholes.mail-abuse.org')dnl
FEATURE(`dnsbl', `relays.mail-abuse.org')dnl
Apply the changes by saving the file and running the following commands:
cd /etc/mail
make all
/sbin/service sendmail restart
From this point on, every time an SMTP client connects to Sendmail, Sendmail will refer to the blacklist authorities you added to verify the client’s reputation. If the client is reported to have a shady reputation, Sendmail will hang up on him.
Editing the file /etc/mail/sendmail.mc, insert the following lines anywhere in the FEATURE section of the file:
dnl #
dnl # Here are Sharky's favorite DNSBL definitions.
dnl #
FEATURE(`dnsbl', `list.dsbl.org')dnl
FEATURE(`dnsbl', `bl.spamcop.net')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org')dnl
FEATURE(`dnsbl', `blackholes.mail-abuse.org')dnl
FEATURE(`dnsbl', `relays.mail-abuse.org')dnl
Apply the changes by saving the file and running the following commands:
cd /etc/mail
make all
/sbin/service sendmail restart
From this point on, every time an SMTP client connects to Sendmail, Sendmail will refer to the blacklist authorities you added to verify the client’s reputation. If the client is reported to have a shady reputation, Sendmail will hang up on him.
Monday, September 8, 2008
Opensource load balancing Software
Linux Virtual Server
The Linux Virtual Server Project is a project to cluster many real servers together into a highly available, high-performance virtual server. The LVS load balancer handles connections from clients and passes them on the the real servers (so-called Layer 4 switching) and can virtualize almost any TCP or UDP service, like HTTP, HTTPS, NNTP, FTP, DNS, ssh, POP3, IMAP4, SMTP, etc. It is fully transparent to the client accessing the virtual service.
Homepage: http://www.LinuxVirtualServer.org/
BalanceNG
BalanceNG is a modern software IP load balancing solution. It is small, fast, and easy to use and setup. It offers session persistence, different distribution methods (Round Robin, Random, Weighted Random, Least Session, Least Bandwidth, Hash, Agent, and Randomized Agent) and a customizable UDP health check agent in source code. It supports VRRP to set up high availability configurations on multiple nodes. It supports SNMP, integrating the BALANCENG-MIB with Net-SNMPD. It implements a very fast in-memory IP-to-location database, allowing powerful location-based server load-balancing.
Homepage:http://www.inlab.de/balanceng/
HAproxy
HAproxy is a high-performance and highly-robust TCP and HTTP load balancer which provides cookie-based persistence, content-based switching, advanced traffic regulation with surge protection, automatic failover, run-time regex-based header control, Web-based reporting, advanced logging to help trouble-shooting buggy applications and/or networks, and a few other features. Its own event-driven state machine achieves 20,000 hits per second and surpasses GigaEthernet on modern hardware, even with tens of thousands of simultaneous connections.
Homepage:http://haproxy.1wt.eu/
Pen
Pen is a load balancer for "simple" TCP-based protocols such as HTTP or SMTP. It allows several servers to appear as one to the outside. It automatically detects servers that are down and distributes clients among the available servers. This gives high availability and scalable performance.
Homepage:http://siag.nu/pen/
Crossroads Load Balancer
Crossroads is a daemon running in user space, and features extensive configurability, polling of back ends using wake up calls, status reporting, many algorithms to select the 'right' back end for a request (and user-defined algorithms for very special cases), and much more. Crossroads is service-independent: it is usable for any TCP service, such as HTTP(S), SSH, SMTP, and database connections. In the case of HTTP balancing, Crossroads can provide session stickiness for back end processes that need sessions, but aren't session-aware of other back ends. Crossroads can be run as a stand-alone daemon or via inetd.
Homepage:http://crossroads.e-tunity.com/
balance
Balance is a simple but powerful generic TCP proxy with round-robin load balancing and failover mechanisms. Its behavior can be controlled at runtime using a simple command line syntax. Balance supports IPv6 on the listening side, which makes it a very useful tool for IPv6 migration of IPv4 only services and servers.
Homepage:http://www.inlab.de/balance.html
Distributor load balancer
Distributor is a software TCP load balancer. Like other load balancers, it accepts connections and distributes them to an array of back end servers. It is compatible with any standard TCP protocol (HTTP, LDAP, IMAP, etc.) and is also IPv6 compatible. It has many unique and advanced features and a high-performance architecture.
Homepage:http://distributor.sourceforge.net/
Pure Load Balancer
Pure Load Balancer is a high-performance software load balancer for the HTTP and SMTP protocols. It uses an asynchronous non-forking/non-blocking model, and provides fail-over abilities. When a backend server goes down, it automatically removes it from the server pool, and tries to bring it back to life later. Pure Load Balancer has full IPv6 support and works on OpenBSD, NetBSD, FreeBSD and Linux.
Homepage:http://plb.sunsite.dk/
Load Balancer Project
The Load Balancer Project is a tool that allows you to balance requests using clusters of servers. The goal is to achieve high availability load balancing with a simple configuration for the load balancer and the network topology. It leaves the servers untouched so the configuration only resides on the load balancer, and it allows you to manage any type of service via a plugin model design and a transparent proxy feature.
Homepage:http://www.jmcresearch.com/projects/loadbalancer/
mod_athena
mod_athena is an Apache-based application load balancer for large systems. It allows the HTTP server to act as a load balancer either internally to Apache's own mod_proxy (for reverse proxying), or externally to machines querying it. Arbitrary statistics are sent to the engine via a simple GET plus query-string interface, from which it will then make decisions based on chosen algorithms.
Homepage:http://ath.sourceforge.net/
udpbalancer
Udpbalancer is a reverse proxy that sorts UDP requests from your clients to your servers. It may operate in round-robin, volume balance, and load balance modes.
Homepage:http://dev.acts.hu/udpbalancer/
MultiLoad
MultiLoad is a load balancer that redirects HTTP requests to pre-defined servers/locations. It gives the provider a way to balance the traffic and hides the real download location. It allows you to manage different version of each download. It is also a load balancing server extension. You can distribute files on some servers so that a downloaded file can be loaded form different servers. These servers can have different priorities to control the active traffic.
Homepage:http://download.laukien.com
The Linux Virtual Server Project is a project to cluster many real servers together into a highly available, high-performance virtual server. The LVS load balancer handles connections from clients and passes them on the the real servers (so-called Layer 4 switching) and can virtualize almost any TCP or UDP service, like HTTP, HTTPS, NNTP, FTP, DNS, ssh, POP3, IMAP4, SMTP, etc. It is fully transparent to the client accessing the virtual service.
Homepage: http://www.LinuxVirtualServer.org/
BalanceNG
BalanceNG is a modern software IP load balancing solution. It is small, fast, and easy to use and setup. It offers session persistence, different distribution methods (Round Robin, Random, Weighted Random, Least Session, Least Bandwidth, Hash, Agent, and Randomized Agent) and a customizable UDP health check agent in source code. It supports VRRP to set up high availability configurations on multiple nodes. It supports SNMP, integrating the BALANCENG-MIB with Net-SNMPD. It implements a very fast in-memory IP-to-location database, allowing powerful location-based server load-balancing.
Homepage:http://www.inlab.de/balanceng/
HAproxy
HAproxy is a high-performance and highly-robust TCP and HTTP load balancer which provides cookie-based persistence, content-based switching, advanced traffic regulation with surge protection, automatic failover, run-time regex-based header control, Web-based reporting, advanced logging to help trouble-shooting buggy applications and/or networks, and a few other features. Its own event-driven state machine achieves 20,000 hits per second and surpasses GigaEthernet on modern hardware, even with tens of thousands of simultaneous connections.
Homepage:http://haproxy.1wt.eu/
Pen
Pen is a load balancer for "simple" TCP-based protocols such as HTTP or SMTP. It allows several servers to appear as one to the outside. It automatically detects servers that are down and distributes clients among the available servers. This gives high availability and scalable performance.
Homepage:http://siag.nu/pen/
Crossroads Load Balancer
Crossroads is a daemon running in user space, and features extensive configurability, polling of back ends using wake up calls, status reporting, many algorithms to select the 'right' back end for a request (and user-defined algorithms for very special cases), and much more. Crossroads is service-independent: it is usable for any TCP service, such as HTTP(S), SSH, SMTP, and database connections. In the case of HTTP balancing, Crossroads can provide session stickiness for back end processes that need sessions, but aren't session-aware of other back ends. Crossroads can be run as a stand-alone daemon or via inetd.
Homepage:http://crossroads.e-tunity.com/
balance
Balance is a simple but powerful generic TCP proxy with round-robin load balancing and failover mechanisms. Its behavior can be controlled at runtime using a simple command line syntax. Balance supports IPv6 on the listening side, which makes it a very useful tool for IPv6 migration of IPv4 only services and servers.
Homepage:http://www.inlab.de/balance.html
Distributor load balancer
Distributor is a software TCP load balancer. Like other load balancers, it accepts connections and distributes them to an array of back end servers. It is compatible with any standard TCP protocol (HTTP, LDAP, IMAP, etc.) and is also IPv6 compatible. It has many unique and advanced features and a high-performance architecture.
Homepage:http://distributor.sourceforge.net/
Pure Load Balancer
Pure Load Balancer is a high-performance software load balancer for the HTTP and SMTP protocols. It uses an asynchronous non-forking/non-blocking model, and provides fail-over abilities. When a backend server goes down, it automatically removes it from the server pool, and tries to bring it back to life later. Pure Load Balancer has full IPv6 support and works on OpenBSD, NetBSD, FreeBSD and Linux.
Homepage:http://plb.sunsite.dk/
Load Balancer Project
The Load Balancer Project is a tool that allows you to balance requests using clusters of servers. The goal is to achieve high availability load balancing with a simple configuration for the load balancer and the network topology. It leaves the servers untouched so the configuration only resides on the load balancer, and it allows you to manage any type of service via a plugin model design and a transparent proxy feature.
Homepage:http://www.jmcresearch.com/projects/loadbalancer/
mod_athena
mod_athena is an Apache-based application load balancer for large systems. It allows the HTTP server to act as a load balancer either internally to Apache's own mod_proxy (for reverse proxying), or externally to machines querying it. Arbitrary statistics are sent to the engine via a simple GET plus query-string interface, from which it will then make decisions based on chosen algorithms.
Homepage:http://ath.sourceforge.net/
udpbalancer
Udpbalancer is a reverse proxy that sorts UDP requests from your clients to your servers. It may operate in round-robin, volume balance, and load balance modes.
Homepage:http://dev.acts.hu/udpbalancer/
MultiLoad
MultiLoad is a load balancer that redirects HTTP requests to pre-defined servers/locations. It gives the provider a way to balance the traffic and hides the real download location. It allows you to manage different version of each download. It is also a load balancing server extension. You can distribute files on some servers so that a downloaded file can be loaded form different servers. These servers can have different priorities to control the active traffic.
Homepage:http://download.laukien.com
Sunday, September 7, 2008
Why qmail? - Comparison of qmail with other MTAs
I am just giving the comparison of qmail with sendmail which is being widely used as MTA for the past few decades.
Qmail is a light weight product, and unlike many other MTAs you don.t have to run qmail as root. This is one of the best security features of qmail.
Qmail is a much smaller than sendmail, and it lacks many of the features that most mail servers have today. It has no native support for RBL, which sendmail does have. Also, unlike sendmail, Qmail can’t reject E-mail addressed to a mailbox that doesn’t exist.
Qmail will accept the E-mail message, and then it will generate a "no such user" bounce internally. But these are the standard features of qmail, a large number of add-ons or patches are available, and by applying these add-ons or patches you can make the qmail more powerful than any other MTA.
Qmail.s security features are widely discussed and documented. Sendmail has been hacked, revised, and patched for years. Security vulnerabilities of sendmail is an established fact and well documented also.
One of the nice features of Qmail is that it supports an alternate mail storage format, that’s directory-based, instead of one huge file containing all your messages. If you do a lot of POP3 serving, you can save a lot of CPU cycles and disk activity with Qmail.
Unfortunately, Pine does not natively support this storage format. But, again, there are patches for that out there.
Qmail has a problem if you are sending mails to multiple users of the same domain; qmail will connect multiple times unlike sendmail. This may lead to the wastage of bandwidth.
Qmail is a light weight product, and unlike many other MTAs you don.t have to run qmail as root. This is one of the best security features of qmail.
Qmail is a much smaller than sendmail, and it lacks many of the features that most mail servers have today. It has no native support for RBL, which sendmail does have. Also, unlike sendmail, Qmail can’t reject E-mail addressed to a mailbox that doesn’t exist.
Qmail will accept the E-mail message, and then it will generate a "no such user" bounce internally. But these are the standard features of qmail, a large number of add-ons or patches are available, and by applying these add-ons or patches you can make the qmail more powerful than any other MTA.
Qmail.s security features are widely discussed and documented. Sendmail has been hacked, revised, and patched for years. Security vulnerabilities of sendmail is an established fact and well documented also.
One of the nice features of Qmail is that it supports an alternate mail storage format, that’s directory-based, instead of one huge file containing all your messages. If you do a lot of POP3 serving, you can save a lot of CPU cycles and disk activity with Qmail.
Unfortunately, Pine does not natively support this storage format. But, again, there are patches for that out there.
Qmail has a problem if you are sending mails to multiple users of the same domain; qmail will connect multiple times unlike sendmail. This may lead to the wastage of bandwidth.
Wednesday, September 3, 2008
Network visualization
The Interactive Network Active-traffic Visualization (INAV), is a monitoring tool that allows network administrators to monitor traffic on a local area network in real-time without overwhelming the administrator with extraneous data. The visualization tool can effectively perform a variety of tasks from passively mapping a LAN to identifying reoccurring trends over time.
Currently, INAV supports Ethernet, IP, TCP, UDP, and ICMP. INAV is implemented using a client-server architecture that allows multiple administrators to easily view network traffic from different vantage points across the network.
Once established, the INAV server passively sniffs data from the network and dynamically displays activity between different nodes on the network while keeping statistics on bandwidth usage.
The current state of the network is stored and broadcast to the different INAV clients. The INAV client uses an intuitive, lightweight graphical user interface that can easily change views and orient on specific clusters of nodes.
Once a node on the network is selected, the client highlights any node that has sent traffic to or from that location. The client receives the current state of the network with a variable refresh rate that is adjustable to limit INAV generated
Communications on the network. Installation of the tool is straight forward and its operation is very intuitive. The INAV server runs on any Linux operating system with root privileges, while the client was developed in Java and can be run on most operating systems.
You can download INAV at inav.scaparra.com and a detailed white paper is available at inav.scaparra.com/docs/whitePapers/INAV.pdf.
Currently, INAV supports Ethernet, IP, TCP, UDP, and ICMP. INAV is implemented using a client-server architecture that allows multiple administrators to easily view network traffic from different vantage points across the network.
Once established, the INAV server passively sniffs data from the network and dynamically displays activity between different nodes on the network while keeping statistics on bandwidth usage.
The current state of the network is stored and broadcast to the different INAV clients. The INAV client uses an intuitive, lightweight graphical user interface that can easily change views and orient on specific clusters of nodes.
Once a node on the network is selected, the client highlights any node that has sent traffic to or from that location. The client receives the current state of the network with a variable refresh rate that is adjustable to limit INAV generated
Communications on the network. Installation of the tool is straight forward and its operation is very intuitive. The INAV server runs on any Linux operating system with root privileges, while the client was developed in Java and can be run on most operating systems.
You can download INAV at inav.scaparra.com and a detailed white paper is available at inav.scaparra.com/docs/whitePapers/INAV.pdf.
Subscribe to:
Comments (Atom)
