I have noticed some posts need updating. I will be adding new posts for new software versions and moving old posts to a archive. If something on here is incorrect or needs updating sign up and leave me post or use our simple contact form on the right!

IPtables, SSH, Ubuntu Securty, etc..

Bookmark It

#—————————————————————
# Initialize all the chains by removing all the rules
# tied to them
#—————————————————————

iptables –flush
iptables -t nat –flush
iptables -t mangle –flush

#—————————————————————
# The loopback interface should accept all traffic
# Necessary for X-Windows and other socket based services
#—————————————————————

iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

#—————————————————————
# Allow outbound DNS queries from the FW and the replies too
#
# – Interface eth0 is the internet interface
#
# Zone transfers use TCP and not UDP. Most home networks
# websites using a single DNS server won’t require TCP statements
#
#—————————————————————

iptables -A OUTPUT -p udp -o eth0 –dport 53 –sport 1024:65535 \
-j ACCEPT
iptables -A INPUT -p udp -i eth0 –sport 53 –dport 1024:65535 \
-j ACCEPT

#—————————————————————
# Allow previously established connections
# – Interface eth0 is the internet interface
#—————————————————————

iptables -A OUTPUT -o eth0 -m state –state ESTABLISHED,RELATED \
-j ACCEPT

#—————————————————————
# Allow port 80 (www) and 22 (SSH) connections to the firewall
#—————————————————————

iptables -A INPUT -p tcp -i eth0 –dport 22 –sport 1024:65535 \
-m state –state NEW -j ACCEPT

iptables -A INPUT -p tcp -i eth0 –dport 80 –sport 1024:65535 \
-m state –state NEW -j ACCEPT

#—————————————————————
# Allow port 80 (www) and 443 (https) connections from the firewall
#—————————————————————

iptables -A OUTPUT -j ACCEPT -m state \
–state NEW,ESTABLISHED,RELATED -o eth0 -p tcp \
-m multiport –dport 80,443 -m multiport –sport 1024:65535

#—————————————————————
# Allow previously established connections
# – Interface eth0 is the internet interface
#—————————————————————

iptables -A INPUT -j ACCEPT -m state –state ESTABLISHED,RELATED \
-i eth0 -p tcp

#—————————————————————
# If a packet doesn’t match one of the built in chains, then
# The policy should be to drop it
#—————————————————————

iptables -A INPUT -j DROP
iptables -A OUTPUT -j DROP
iptables -A FORWARD -j DROP

Bookmark It

This guide will walk you through Installing VMware Server 2 on Windows XP Professional in seven simple steps.

To view larger images just click the picture.

Step One: Download VMware Server.

Step Two: Run the Installer and click next.

Step Three: Read license terms and if you agree select yes, then next.

Step Four: Choose your installation location and select next.

Step Five: Fill out your domain name or your machines netbios domain name if just using locally. also select your ports to access and the click next.

Step Six: Select which icons you want the installer to create.

Step Seven: This may very well be the most crucial step in installing VMware Server. Select “Install”.

When the installer is finished just click finish and restart your computer.

Bookmark It

The market is growing for paid virtualization technologies although it still represents a minor portion of the entire server marketplace – hovering around 10% according to Microsoft. What is new is that virtual machine (VM) server technology is now available and more attractive to small business users for four reasons:

• Free versions are becoming more capable.

• Prices are coming down on paid versions or support for free versions

• Ease of setup and management is growing.

• The technology can help reduce power and cooling requirements just as being green is gaining attraction to more.

Keep in mind Virtual servers are just one part of the entire virtualization market, which is growing to include storage virtualization all the way virtual desktops.

But in the past year, four trends are obvious:

1) Growth of the hypervisor: The hypervisor is now found in more places, both exploited in the latest processor chips from Intel’s Virtualization Technology vPro and AMD-V, and as a standard package with most of the popular Linux distributions and soon for Solaris too. The hypervisors, or virtual machine control programs, for the three major vendors (Microsoft, Citrix and VMware) now support this embedded hardware, which makes for simplified installation and nearly one-button booting of virtual servers.

2) Interoperability: Interoperability has taken chief cause, and we have seen in the past year a series of initiatives to make managing multiple VM vendors easier. VMware announced several management tools that enable automation of the entire lifecycle of a VM, including staging the migration from a development/test environment into production, according to Bogomil Balkansky, the Senior Director of Product Marketing for the company. “Our customers tend to want to do more with virtual servers once they get it into their shops.”

Another dimension to the interoperability story is a standards effort called the open VM format. “With this format, organizations can use a standard set of VM management metadata to manage VMs running on different hypervisors.

“While work remains, the eventual goal of these standards is to provide hypervisor interoperability, such as by taking a VM image built on the Microsoft Hyper-V hypervisor and running it on a Citrix XenServer hypervisor without having to modify the VM’s configuration.”

3) Falling Prices: Prices are coming down and functionality for even the free versions is improving. The free products – and indeed, all of Microsoft’s virtual server line – continue to be a great way for enterprises to become familiar with VM technology and to do any evaluations before deploying them into production.

On the paid products, XenServer continues to be the lower-priced spread, offering single-CPU versions and better value when compared to VMware. The latter’s prices are now almost comprehendible, an improvement from their obscure complexity of last year. VMware also introduced support for 10 gigabit Ethernet networks and larger memory and disk support with its latest version, and now has more than 700 pre-built virtual “appliances” or virtual disk images.

4) Widening Channels: The virtual server channel continues to widen, with more partnerships, agreements, and expertise. As smaller, specialty companies enter this market, they are looking to cement relationships, expand distribution, and make just about every component in the data center virtualized.

table.virtual { font-size: 11px; font-family: Verdana, Helvetica; margin: 10px; }

Table: Virtual Server product comparison

*Microsoft’s offering does not have an embedded hypervisor, it does recognize and take advantage of computers with either the AMD or Intel virtualization.

Viertualization is a growing trend in the market and will continue in the years to come.

Bookmark It

This is a disturbing trend that I have been seeing; noone knows, and then someone responds in a way that seems to imply that the question should not be asked.

“The Kernel can handle it….”

“You won’t see any performance gain…”

“Only people who….”

All these answers I have seen; Everyone needs to remember ALL questions deserve to be asked, even if a search engine should first be consulted, even if there will be no real performance gain some people just want to be able to do something or learn something.

Here is what I have been able to find so far:

There is a program installed in Ubuntu (default with the minimal install) called “taskset”

You SHOULD be able to run a command like
taskset -c <core#> -p <process ID>

#:~$ taskset -c 2 -p 6721
sched_setaffinity: Invalid argument

or

# taskset -c 0 -p 6721
execvp: No such file or directory
failed to execute -p

(Which is fine since I don’t think c 0 is valid)

I would really like the ability to automatically set a process to a core, even though the kernel is pretty good at it, some apps break the mold.

I will attempt to update this as I research this more.

Bookmark It