Posts

Showing posts from January, 2012

SCVMM 2012- Creating a Highly Available VMM Server

Image
Here are the pre-requisites for a HA VMM server installation: 1. Failover clustering feature added, cluster created and configured (Windows Server 2008 R2 is the minimum OS version supported as node servers) 2. Windows Automated Installation Kit (AIK) for Windows 7 installed on all nodes that will be used as VMM servers  http://www.microsoft.com/downloads/en/details.aspx?FamilyID=696dd665-9f76-4177-a811-39c26d3b3b34&displaylang=en 3. Server and instance name of a SQL Server 2008 or SQL Server 2008 R2 cluster or remote SQL server (best practice to use clustered SQL Server with HA VMM servers) 4. For our DKM (Distributed Key Management) requirement, either logged on, installing VMM with an account that has “edit” permission on the Active Directory container (can be a lower level container doesn’t have to be the root) or DKM group pre-created on Active Directory and its name available to provide at setup (more on DKM requirement later) HA VMM Installation Steps When we were designin

How to install Data Protection Manager to a Windows 2008 Server

Image
Article  http://technet.microsoft.com/en-us/library/bb808814(TechNet.10).aspx  describes how to install DPM on to a 2008 Server. However I have found that this article is incomplete. The following is how to install DPM onto a 2008 Server. After the 2008 Server setup has finished perform the following: 1. Click Start, point to  Administrative Tools , and then click  Server Manager . 2. Expand Server Manager to the  Features  node, and then select  Features . 3. In the  Features  pane, click  Add Features. 4. Select  Windows PowerShell , and then click  Next . 5. On the  Confirm Installation Selections  page, click  Install . 6. Click Start, point to  Administrative Tools , and then click  Server Manager . 7. Expand Server Manager to the  Roles  node, and then select  Roles . 8. In the  Roles  pane, click  Add Roles . 9.  In the  Add Roles Wizard , on the  Before You Begin  page, click  Next . 10. On the  Select Server Roles  page, select  Web Service (IIS) . 11. In the  Add features re

DHCP -Information

Ipconfig Displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings. Used without parameters, ipconfig displays the IP address, subnet mask, and default gateway for all adapters. Syntax ipconfig [/all] [/renew [Adapter]] [/release [Adapter]] [/flushdns] [/displaydns] [/registerdns] [/showclassid Adapter] [/setclassid Adapter [ClassID]] Top of page Parameters /all : Displays the full TCP/IP configuration for all adapters. Without this parameter, ipconfig displays only the IP address, subnet mask, and default gateway values for each adapter. Adapters can represent physical interfaces, such as installed network adapters, or logical interfaces, such as dial-up connections. /renew [Adapter] : Renews DHCP configuration for all adapters (if an adapter is not specified) or for a specific adapter if the Adapter parameter is included. This parameter is available only on computers with adapters

Upgrade Linux Kernel

You need to compile kernel only if: => You need custom made kernel for specific task such as embedded kernel. => Apply third party security patches. => You need to apply specific patch to Linux Upgrade of the kernel in Red Hat enterprise Linux version <= 4.x If your system is registered with Red Hat Network (RHN), then you can use the up2datecommand as follows: # up2date -f kernel For SMP kernel (multi core or multiple CPU) use command: # up2date -f kernel-smp Upgrade of the kernel in Fedora Linux / CentOS / RHEL 5 Use yum command to upgrade kernel: # yum update kernel If you have downloaded RPM file use rpm command: # rpm -ivh kernel* Upgrade of the kernel in Debian or Ubuntu Linux Use apt-get command. First find your kernel version: $ uname -r Next find available kernel images: $ apt-cache search linux-image Now install kernel by explicitly specifying version number: # apt-get install linux-image-x.x.x-xx OR $ sudo apt-get install linux-image-x.x.x-xx

How to find which kernel version is installed on my Linux system

Q . I am a new proud Linux user. My question to you is - how do I find which kernel version installed on my Linux system? How do I upgrade my kernel to latest version? Any help would be greatly appreciated. A . The Linux kernel is the central component of most computer operating systems (OSs). Its responsibilities include managing the system's resources and the communication between hardware and software components. You need to use uname command to print certain system information including kernel name. Type the following command to print  kernel version  number: $ uname -r Output: 2.6.20-15-generic

20 Linux Server Hardening Security Tips-3

#17: Logging and Auditing You need to configure logging and auditing to collect all hacking and cracking attempts. By default syslog stores data in /var/log/ directory. This is also useful to find out software misconfiguration which may open your system to various attacks. See the following logging related articles: Linux log file locations . How to send logs to a remote loghost . How do I rotate log files? . man pages syslogd, syslog.conf and logrotate. #17.1: Monitor Suspicious Log Messages With Logwatch / Logcheck Read your logs using  logwatch  or  logcheck . These tools make your log reading life easier. You get detailed reporting on  unusual items  in syslog via email. A sample syslog report: ################### Logwatch 7.3 (03/24/06) #################### Processing Initiated: Fri Oct 30 04:02:03 2009 Date Range Processed: yesterday ( 2009-Oct-29 ) Period is day. Detail Level of Output: 0

20 Linux Server Hardening Security Tips-2

#11: Configure Iptables and TCPWrappers Iptables  is a user space application program that allows you to configure the firewall (Netfilter) provided by the Linux kernel. Use  firewall  to filter  out traffic and allow only  necessary traffic. Also use the  TCPWrappers a host-based  networking ACL system to filter network access to Internet. You can prevent many denial of service attacks with the help of Iptables: Lighttpd Traffic Shaping: Throttle Connections Per Single IP (Rate Limit) . How to: Linux Iptables block common attack . psad: Linux Detect And Block Port Scan Attacks In Real Time . #12: Linux Kernel /etc/sysctl.conf Hardening /etc/sysctl.conf file is used to  configure kernel parameters  at runtime. Linux reads and applies settings from /etc/sysctl.conf at boot time. Sample  /etc/sysctl.conf : # Turn on execshield kernel.exec-shield=1 kernel.randomize_va_space=1 # Enable IP spoofing protection net.ipv4.conf.all.rp_filter=1 # Disable IP source routing net.ipv4.conf.all.ac