Skip to main content


Showing posts with the label Linux

Booting process of LINUX ( step by step )

There are lot of forum links , articles which explains the booting process of Linux.  I am not going to tell any thing different but I would like to show my point of perspective on some extra details of the  Linux Booting procedure. Here we go ! The stages involved in Linux Booting Process are: BIOS Boot Loader     - GRUB Init Runlevel scripts BIOS This is the first thing which loads once you power on your machine. When you press the power button of the machine, CPU looks out into ROM for further instruction. The ROM contains JUMP function in the form of instrucion which tells the CPU to bring up the BIOS BIOS determines all the list of bootable devices available in the system. Prompts to select bootable device which can be Hard Disk, CD/DVD-ROM, Floppy Drive, USB Flash Memory Stick etc (optional) Operating System tries to boot from Hard Disk where the MBR contains primary boot loader. Boot Loader  It is the first sector of the Hard Disk with a siz

Connect to the iSCSI array

Now that you have the initiator software installed, you need to tell it where to look for mountable volumes. Start the initiator configuration by going to the Control Panel and choosing the iSCSI Initiator option. From the initiator, choose the Discovery tab, shown in Figure B. Figure B The iSCSI initiator’s Discovery tab. On the Discovery tab, click the Add button under the Target Portals box. This will open the Add Target Portal dialog box, shown in Figure C. Figure C The Add Target Portal dialog box. In the Add Target Portal dialog box, provide the name or IP address of your iSCSI array. The default communication port for iSCSI traffic is 3260. Unless you have changed your port, leave this as is. If you have configured CHAP security or are using IPSec for communication between your client and the array, click on the Advanced button and make necessary configuration changes. The Advanced Settings dialog box is shown in Figure D. Figure D Advanced options for conn

Linux Configuration

The Linux bonding driver provides a method for aggregating multiple network interfaces into a single logical bonded interface.The behavior of the bonded interfaces depends upon the mode; generally speaking, modes provide either hot standby or load balancing services. Additionally, link integrity monitoring may be performed. You have to install ifenslave, it is a tool to attach and detach slave network interfaces to a bonding device.     sudo apt-get install ifenslave Configuring your network interfaces and modules You need to edit /etc/network/interfaces file and make it looks like     sudo nano /etc/network/interfaces Add the following (This is just example enter you ip details)     # This file describes the network interfaces available on your system     # and how to activate them. For more information, see interfaces(5).     # The loopback network interface     auto lo     iface lo inet loopback     # The primary network interface     auto eth0     iface

Upgrade Linux Kernel

You need to compile kernel only if: => You need custom made kernel for specific task such as embedded kernel. => Apply third party security patches. => You need to apply specific patch to Linux Upgrade of the kernel in Red Hat enterprise Linux version <= 4.x If your system is registered with Red Hat Network (RHN), then you can use the up2datecommand as follows: # up2date -f kernel For SMP kernel (multi core or multiple CPU) use command: # up2date -f kernel-smp Upgrade of the kernel in Fedora Linux / CentOS / RHEL 5 Use yum command to upgrade kernel: # yum update kernel If you have downloaded RPM file use rpm command: # rpm -ivh kernel* Upgrade of the kernel in Debian or Ubuntu Linux Use apt-get command. First find your kernel version: $ uname -r Next find available kernel images: $ apt-cache search linux-image Now install kernel by explicitly specifying version number: # apt-get install linux-image-x.x.x-xx OR $ sudo apt-get install linux-image-x.x.x-xx

How to find which kernel version is installed on my Linux system

Q . I am a new proud Linux user. My question to you is - how do I find which kernel version installed on my Linux system? How do I upgrade my kernel to latest version? Any help would be greatly appreciated. A . The Linux kernel is the central component of most computer operating systems (OSs). Its responsibilities include managing the system's resources and the communication between hardware and software components. You need to use uname command to print certain system information including kernel name. Type the following command to print  kernel version  number: $ uname -r Output: 2.6.20-15-generic

20 Linux Server Hardening Security Tips-3

#17: Logging and Auditing You need to configure logging and auditing to collect all hacking and cracking attempts. By default syslog stores data in /var/log/ directory. This is also useful to find out software misconfiguration which may open your system to various attacks. See the following logging related articles: Linux log file locations . How to send logs to a remote loghost . How do I rotate log files? . man pages syslogd, syslog.conf and logrotate. #17.1: Monitor Suspicious Log Messages With Logwatch / Logcheck Read your logs using  logwatch  or  logcheck . These tools make your log reading life easier. You get detailed reporting on  unusual items  in syslog via email. A sample syslog report: ################### Logwatch 7.3 (03/24/06) #################### Processing Initiated: Fri Oct 30 04:02:03 2009 Date Range Processed: yesterday ( 2009-Oct-29 ) Period is day. Detail Level of Output: 0

20 Linux Server Hardening Security Tips-2

#11: Configure Iptables and TCPWrappers Iptables  is a user space application program that allows you to configure the firewall (Netfilter) provided by the Linux kernel. Use  firewall  to filter  out traffic and allow only  necessary traffic. Also use the  TCPWrappers a host-based  networking ACL system to filter network access to Internet. You can prevent many denial of service attacks with the help of Iptables: Lighttpd Traffic Shaping: Throttle Connections Per Single IP (Rate Limit) . How to: Linux Iptables block common attack . psad: Linux Detect And Block Port Scan Attacks In Real Time . #12: Linux Kernel /etc/sysctl.conf Hardening /etc/sysctl.conf file is used to  configure kernel parameters  at runtime. Linux reads and applies settings from /etc/sysctl.conf at boot time. Sample  /etc/sysctl.conf : # Turn on execshield kernel.exec-shield=1 kernel.randomize_va_space=1 # Enable IP spoofing protection net.ipv4.conf.all.rp_filter=1 # Disable IP source routing