In my last post i have described how to configure network in Ubuntu 10.04 LTS in bare metal form. Now we will check how to configure hostname in Ubuntu based distributions. First of all let me asure that the process of seting up hostname is very straight forward in Ubuntu 10.04 LTS.
You can directly query or set the hostname with the "hostname" command.
The current hostname can be viewed using:
# sudo /bin/hostname
To set hostname you can use the command:
# sudo /bin/hostname demo.demoserver.in
NOTE: Need not to say that you should change the hostname from demo.demoserver.in to your requirements.
While rebooting Ubuntu based distributions will read the hostname from /etc/hostname file.
So you can open the file /etc/hostname in your favourite editor and specify the hostname there to make the change persistant.
# sudo vi /etc/hostname
# specify your hostname here.
demo.demoserver.in
Monday, September 20, 2010
Network Interface Configuration in Ubuntu 10.04 LTS Lucid Lynx
Normally all the users will create and configure their network while installing the Operating System Itself. However here I am post the process of configuring the network using command line in Ubuntu 10.04 LTS Lucid Lynx. You can also configure network using GUI utilities in Ubuntu 10.04 LTS such as network-admin or else your famous ifcfg command etc.
Here I am following the bare metal method and will edit the main network configuration files for providing the network information. The main network configuration file of any Ubuntu based distribution is the "/etc/network/interfaces" file. Just open the file in your favourite editor and start configuring it as follows.
Here I am following the bare metal method and will edit the main network configuration files for providing the network information. The main network configuration file of any Ubuntu based distribution is the "/etc/network/interfaces" file. Just open the file in your favourite editor and start configuring it as follows.
Wednesday, August 4, 2010
Tips for secure SSH connection to remote servers
Some tips for secured SSH connection to remote servers.
Also please go through my previous posts for detailed howto.
- Use only SSH V2 -- V1 is vulnerable to compromise. On Linux, this is usually done by default and managed in your /etc/ssh/sshd_config file by the Protocols option.
- Don't allow root or Administrators to log in directly. Only normal users should be allowed to log in and then if required they can escalate their privileges by using su or sudo. On Linux this is controlled, again in the sshd_config file, by the PermitRootLogin option.
- Ensure you use suitable authentication, for example passwords or keys.
- Try to avoid using port 22 for your SSH connections. Automated brute force attack tools are commonly used by attackers to scan port 22 and try to brute usernames and passwords. Changing the port to something else, for example 2222, is a quick and simple way of reducing this risk.
- lternatively, if you must use port 22, you can use tools like BlockSSHD or Fail2Ban to block excessive or inappropriate login attempts.
- Ensure you have configured suitable logging of your SSH daemon and that you review your logs for illicit login attempts. Ttools like Swatch and SEC can assist with this.
- Only bind SSH to the addresses required. If you have multiple interfaces in your host, for example an interface on your internal network and another on an external network such as the Internet, then only bind the daemon to the interface through which you need to connect. This is controlled on Linux using the ListenAddress option.
Monday, August 2, 2010
Things I do not like about Ubuntu LTS 10.04
The new Ubuntu 10.04 release is a great release and it is really a task to find things you dislike. Anyhow no operating system is perfect and this one also has some flaws. But now itself I am telling you that this is from my point of view and my dislikes may not be your dislikes!!!!
- The new themes
Thursday, July 29, 2010
Things I love about Ubuntu 10.04 LTS Lucid Lynx
The things I Love and Hate about the new Ubuntu 10.0.4 Lucid Lynx.
- GNOME 2.30
- HAL begone
Ubuntu 10.04 has done away with HAL (Hardware Abstraction Layer) during the boot process. This means that 10-second boot time has finally arrived. Hence the 10 second booting can be achieved in a charming way. The removal of HAL also drastically speeds up resume-from-suspend times for those of you in laptop land.
Friday, June 4, 2010
The system-config-firewall
secuThe firewall rules in the kernel can be configured by using iptables since 2.4 kernel. There are number of tools for configuring the firewall like command line tool, Shorewall, and a number of other GUIs. The default firewall configuration tool in Fedora systems is called “Firewall Configuration”, which can be accessed from Systemà Administration à Firewall in GNOME or from command line via, “system-config-firewall”.
This GUI allows you to set which services are allowed to be accessed via the Internet using a very simple interface. It defines a set of trusted services to be configured. To allow access, you simply need to check the box next to the entry. Each entry lists the service name, the port and protocol, and any additional iptables modules it uses. So if you wanted to allow Samba access to the system, you would check off the box next to the Samba and Samba Client service as in figure below.
This GUI allows you to set which services are allowed to be accessed via the Internet using a very simple interface. It defines a set of trusted services to be configured. To allow access, you simply need to check the box next to the entry. Each entry lists the service name, the port and protocol, and any additional iptables modules it uses. So if you wanted to allow Samba access to the system, you would check off the box next to the Samba and Samba Client service as in figure below.
The Oracle effect on Sun Microsystem VARs
The new policies introduced by Oracle in terms of “Oracle hardware support” for Sun servers are creating tensions among Sun VARs. The new policies from Oracle are “sinking” the customers as told by some VARs.
One Sun Microsystems systems integrator commented that it was getting pretty bad. The maintenance renewals and services are 3 times what they had in terms of price. Oracle also revoked the prepaid discounts and other flexibilities. Now Oracle charges 12% of the Sun hardware cost per year but in the past it depended on the hardware type and the multiplier was roughly 5% 0r 6%.
"Before this year, a customer buying a Sun 5240 server got three years of support for $3,800, including a discount for paying for the three years at once," this partner said. "That same box will now cost $7,699 to support for three years, a customer told.
One Sun Microsystems systems integrator commented that it was getting pretty bad. The maintenance renewals and services are 3 times what they had in terms of price. Oracle also revoked the prepaid discounts and other flexibilities. Now Oracle charges 12% of the Sun hardware cost per year but in the past it depended on the hardware type and the multiplier was roughly 5% 0r 6%.
"Before this year, a customer buying a Sun 5240 server got three years of support for $3,800, including a discount for paying for the three years at once," this partner said. "That same box will now cost $7,699 to support for three years, a customer told.
Subscribe to:
Posts (Atom)