Welcome to Server Circle. It's a friendly site and all levels of experience are welcome. Be aware that we use cookies for your login.
Server Circle - Ask questions about Servers and get answers from experts.
Beta (0.36 sec)
BonoEstente's profile (1464 points)

About: I am in the UK and work in Europe most of the time. Boutros Boutros-Ghali.
Flushing the DNS cache in XP
Asked in: DNS Servers with 2 answers
Altering an email address in Postfix
Asked in: Email Servers with 1 answers
API for registering domain names over the command line
Asked in: DNS Servers with 1 answers
Alternative to using mk-parallel-dump for database backups
Asked in: Linux Servers with 0 answers
Pulling a random line from a text file in PHP
Asked in: Programming with 1 answers
Check if a Debian kernel is custom or stock built
Asked in: Linux Servers with 1 answers
Trigger alarms for user password changes after certain number
Asked in: Linux Servers with 1 answers
Will the Smarty engine cause a performance hit with PHP ?
Asked in: Programming with 1 answers
Convert a site from using Smarty to pure PHP
Asked in: Programming with 0 answers
Using two database connections with Smarty PHP
Asked in: Linux Servers with 0 answers
Remove all IPtables modules from a running Debian server
Asked in: Debian Linux with 2 answers
Best approach for heartbeat failover on Linux
Asked in: Linux Servers with 2 answers
Other than ntop what else can give me network statistics over time on Linux ?
Asked in: Networking with 2 answers
Terminator shell in Ubuntu and SSH
Asked in: Ubuntu Linux with 1 answers
Switch off Smarty engine half way through a page
Asked in: Programming with 0 answers
REWARD: Securing RDP for Terminal Services
Asked in: Windows Servers with 2 answers
MYSQL cache causes speed decrease ?
Asked in: Linux Servers with 3 answers
REWARD: Reverse DNS at RIPE testing tool
Asked in: DNS Servers with 4 answers
Windows 2008 Server broadcasting traffic from port 49803
Asked in: Windows Servers with 2 answers
Help with NIC Errors - packets dropped
Asked in: Networking with 4 answers
Windows XP LAN Server wont boot black screen flashing cursor
Asked in: Windows Servers with 1 answers
IPtables for WHOIS lookups from Server
Asked in: Server Firewalls with 1 answers
Using lsof -i for application paths
Asked in: Linux Servers with 2 answers
Using rsync for data transfer over SSH
Asked in: Shell Scripting with 2 answers
Tips for speeding up MySQL and PHP site
Asked in: Linux Servers with 5 answers
Apache mod_rewrite and VirtualHosts Question
Asked in: Linux Servers with 1 answers
PHP Smarty Engine not excluding literal tags
Asked in: Linux Servers with 1 answers
Logwatch no longer sends e-mails properly but used to fine, is it a known bug ?
Asked in: Linux Servers with 2 answers
i have install bind9. i have create some zones. How can i create a root name server?
Asked in: Linux-Servers  (3 answers)
BonoEstente's response: I think this is probably what you mean, sorry if not ! http://www.cyberciti.biz/faq/unix-linux-update-root-hints-data-file/
I'm not an advanced IT specialist, and therefore have setup my dedicated servers on my own, adding things and increasing system resources as my business has grown. Please bear with me. I have 3 boxes total, each with 8GB RAM. Each runs its own MySQL server in addition to the usual CentOS 5 distribution with PHP, Apache, BIND, etc and ISPConfig Control Panel. Nearly every website is a WordPress blog, some with customized static pages that don't require MySQL integrated under one website domain. Websites on all boxes tend to access information on one server (Server A) that I *thought* could carry more load than the others. For example, Server B calls Server A for data feeds, information, and Flash powered scrollers that I have created as WordPress plugins for people to use externally on their own blogs. Now, I have a problem. It seems Server A is coming under some sort of attack, with a dramatic increase in "Hits" shown in my AWSTATS website analytics files, even though actual traffic has remained the same or only increased slightly. I looked at my log files and it seems the homepage and RSS feed are being grabbed by thousands of different IPs/hosts multiple times, behavior which is not typical of my "normal" human visitors. Over the past few days, MySQL has started throwing errors, failing to provide database information for websites on all three on my servers. The problem is most apparent on Server A, where websites either show a "Too Many Connections" error and fail to load, or take a LONG time to load simple graphics and text. I've done my best to optimize my.cnf on Servers A and B using the advice from this page: http://rackerhacker.com/2008/06/24/mysql-error-1040-too-many-connections and even used a popular MySQLtuner.pl PERL script to evaluate my system performance. I tweaked numbers in my.cnf accordingly, yet problems persist. Should I: 1. Purchase a new box solely for MySQL and have my servers access this box for all database information instead of relying on MySQL on each box, which might be hindering system performance given that each server must support website production as well? 2. Order DDOS network protection and leave setup as is? 3. Both 1 and 2? I'm leaning towards 1 because my WordPress plugins are popular and used on many websites and that means eventually the load on Server A will be too much to bear especially when it's necessary to produce websites already existing on the server. TIA for any thoughts or ideas, they are appreciated.
Asked in: Linux-Servers  (1 answers)
BonoEstente's response: You could do much worse than use this anti-flood script for stopping the unwanted traffic with this: http://www.servercircle.com/Ubuntu-Linux-Servers/Stopping-flood-of-traffic-on-ports-80-and-443-with-IPtables_1351 Test it on a desktop first and incorporate it into a solid IPtables script. It might just reduce your load enough. Let us know if not.
How do I add (enable) the mail command in Ubuntu ?
Asked in: Ubuntu-Linux-Servers  (2 answers)
BonoEstente's response: On Ubuntu and Debian you can install apt-get install mailx which actually allows you to install: Reading package lists... Done Building dependency tree Reading state information... Done Package mailx is a virtual package provided by: mailutils 1:2.1+dfsg1-4ubuntu1 heirloom-mailx 12.4-1.1 bsd-mailx 8.1.2-0.20090911cvs-2ubuntu1 You should explicitly select one to install If you use heirloom-mailx then you can explicit set "from" line in your emails which is the one I prefer.
Can I limit each individual IP to a certain amount of hits per minute and then slow them down somehow ? Thanks for your help.
Asked in: Ubuntu-Linux-Servers  (2 answers)
BonoEstente's response: This should do it: iptables -A INPUT -p tcp -m multiport --dport 80,443 -m state --state NEW -m limit --limit 100/minute --limit-burst 300 -j ACCEPT iptables -A INPUT -p tcp -m multiport --dport 80,443 -m state --state NEW -m limit --limit 100/minute --limit-burst 300 -j LOG --log-level info --log-prefix NEW-HTTP-DROP: iptables -A INPUT -p tcp -m multiport --dport 80,443 -m state --state RELATED,ESTABLISHED -m limit --limit 100/second --limit-burst 100 -j ACCEPT iptables -A INPUT -p tcp -m multiport --dport 80,443 -m state --state RELATED,ESTABLISHED -m limit --limit 100/second --limit-burst 100 -j LOG --log-level info --log-prefix EST-HTTP-DROP: iptables -A INPUT -p tcp -m multiport --dport 80,443 -j DROP iptables -A OUTPUT -p tcp -m multiport --sport 80,443 -j ACCEPT
Having studied this page for ages and tried a few functions it seems there's still issues with HTML output, in some cases nl2br outputs two line breaks. Any ideas ? I'm at a loss ! http://php.net/manual/en/function.nl2br.php
Asked in: OtherProgramming  (1 answers)
BonoEstente's response: Try this handy function: function nl2brStrict($text, $replacement = ' < br / > '){return preg_replace("((\r\n)+)", trim($replacement), $text);} Remove spaces in the < br / > tag. It's a normal HTML line break.
I have Arpwatch running on one NIC but not the other network interface. How can I change this in Ubuntu Server ? Help appreciated.
Asked in: Ubuntu-Linux-Servers  (2 answers)
BonoEstente's response: On Debian-based systems it's a case of just adding the NICs you need to add -i ETH0 -i ETH1 etc to ARGS: Look in the file: /etc/default/arpwatch # Debian: don't report bogons, don't use PROMISC. ARGS="-N -p" # Debian: run as `arpwatch' user. Empty this to run as root. RUNAS="arpwatch"
We'd like a private chat system for IM for our company. I think they use the XMPP protocol but we know it as Jabber. Any good alternatives to Openfire ? It looks a bit clunky. Thank you.
Asked in: Linux-Servers  (1 answers)
BonoEstente's response: This is an excellent tutorial for Openfire. I don't think it's too bad at all. Worth trying out if you haven't. http://www.howtoforge.com/how-to-set-up-an-openfire-instant-messaging-server-on-centos-5.6
I've installed curl on the filesystem but can't get a PHP script working - it's saying curl_init() is undefined. Ideas ?
Asked in: Ubuntu-Linux-Servers  (2 answers)
BonoEstente's response: Ahh, you need apt-get install php5-curl if you're using a Debian-based system !
I would like to be able to provide hosted webserver support to clients from two remote locations so that if one location goes off line the other location provides the websites. Both locations' files and databases would need to remain in sync. DNS updates would need to occur so that domain names resolve correctly to the active webserver site. I am looking for an open-source solution versus a commercial one.
Asked in: Linux-Servers  (1 answers)
BonoEstente's response: This is quite a vast and contentious topic :) Among the many ways of doing it you can do some clever multi-site stuff with BGP, you can use basic DNS services with low TTLs (which lose a few percent of traffic at failover because of Proxy Caching etc) or my preferred approach is to have a "static" connection between both sites. This could be using a leased line, a LES circuit, two DSL connections or a form of connectivity that's otherwise unrelated to how you're serving to the users over the Internet. You simply sync data over your private circuit and run something like keepalived or script something yourself to alter DNS if one site can't reach the Internet. If this private link (it could be a VPN even but should be provisioned from a different provider than the Internet connectivity) goes down then you simply sync over the Internet until it's back online. The BGP dual-site approaches can get expensive so really you're relying on DNS to one extent or another. There is also this (but I'm reluctant to recommend it without knowing more): http://www.autofailover.com
I want to make two networks (one local and one public) in MAC OS server. How can I do this ?
Asked in: Server-Networking  (3 answers)
BonoEstente's response: It's a case of binding one set of IPs to one network card and one set of IPs to another. So you need two network cards and put an IP from a private range like 192.168.168.0/24 on one and another IP from a (public range) on the other.
I read that tinydns doesn't have any concept of DNS secondaries and zone transfers. Are there any scripts that I can use to replicate the data file between servers safely ? I was thinking about rsync. Thank you in advance.
Asked in: DNS-Servers  (1 answers)
BonoEstente's response: I'm pretty sure that djbdns doesn't use "secondaries" in the BIND sense as you say, so use SCP or sFTP or rsync over SSH to keep the data files exactly the same whenever they're changed.
I've just read this: http://enginesmith.wordpress.com/2010/09/11/mysql-read-write-split-myth-and-why-i-wouldnt-use-it/ I think I want two master databases for safety and load balancing but should I definitely only use ONE node for writing ? Any experiences must be well received and welcome.
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: This is the way round it by all accounts: http://mysql-mmm.org/mmm2:guide Not sure if it's still essential for a busy master-master site though.
It's a long story but I have a production server that has IPtables running on it and it has loaded up a few obvious IPtables modules. I need to carefully unload those modules so I can run something else (obviously without causing any problems to a critical server). I have these listed but how can I be absolutely sure that I've manually rmmod X properly and unloaded them all before trying this other software ? Module Size Used by xt_multiport 2794 16 nf_conntrack_ipv4 12742 42 nf_defrag_ipv4 1481 1 nf_conntrack_ipv4 xt_state 1490 42 nf_conntrack 73326 2 nf_conntrack_ipv4,xt_state xt_tcpudp 2667 44 iptable_filter 1841 1 ip_tables 18201 1 iptable_filter x_tables 22361 4 xt_multiport,xt_state,xt_tcpudp,ip_tables Thanks !
Asked in: Debian-Linux-Servers  (2 answers)
BonoEstente's response: Thanks but that's not really what I'm looking for :( How can I be certain that _all_ IPtables modules are _safely_ removed ?
I lost a file when moving it inside my pendrive memory. Can I retrieve it?
Asked in: Linux-Servers  (5 answers)
BonoEstente's response: You could try this, it's not a particularly trivial task but ... http://www.cyberciti.biz/tips/linuxunix-recover-deleted-files.html
Is keepalived still the most popular and is it relatively easy to get going ? Thanks.
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: Thanks, Trinity.
I've used Logwatch but don't like some its features and customising it can be tiresome. I will offer 50 points on top of the 50 best answer points for some suggestions for alternatives for log monitoring. I just want syslog etc sent with concise daily e-mail reporting please.
Asked in: Ubuntu-Linux-Servers  (3 answers)
BonoEstente's response: There's also logcheck if you haven't seen it.
I don't want to install the Zabbix agent on all my servers for security reasons. How would I set up just to monitor pings and http and smtp without installing the agent. That way I get good graphs and reports and alerts still. The docs aren't clear ! Thank you for help.
Asked in: Fedora-Linux-Servers  (1 answers)
BonoEstente's response: Yes, this can work but isn't that straight forward - at least I din't find it that obvious: Look for the agentless part in the docs for a brief rundown first: http://www.zabbix.com/documentation/1.8/manual/installation For agentless pings uncomment fping in Server's .conf file FpingLocation=/usr/bin/fping (get path right and install it if not). Look here: http://tinyurl.com/3lpmnwg Choose simple checks for all services, create a host, then an item and then the trigger. ICMP needs funny monitoring details (a multiplier etc) but check the Safari book if stuck again. This might help a little too: http://www.debianhelp.co.uk/zabbix.htm
If I adjust my .bash_profile file can I reload it without having to log back in again ?
Asked in: Ubuntu-Linux-Servers  (4 answers)
BonoEstente's response: This also works in the same way if you're in your home directory: source .bash_profile
I have just done a fresh install of Ubuntu Server 11.04 and after the initial login tried to do a "sudo apt-get update" followed with a "sudo apt-get upgrade" and im getting transfer rates in the bytes!! So I used "vi /etc/apt/sources.list" and removed gb. in each line ie what was http://gb.whatever is now http://whatever, and rebooted still the transfer rate is awfully slow. I have installed both server and desktop versions on several different machines in the past with no problem, never experiencing such slow speeds Is there anyway to improve the transfer rates ? Thanks
Asked in: Linux-Servers  (4 answers)
BonoEstente's response: I actually find the German mirrors are fastest from the UK, along the lines of: http://de.archive.ubuntu.com/ubuntu/ I'd be more suspicious of your broadband provider at this time of night but of course it could be a number of things slowing down the updates. Maybe trying .de update mirrors might help.
What command line tools can I use to check current bandwidth usage from a NIC ? Thanks.
Asked in: Ubuntu-Linux-Servers  (2 answers)
BonoEstente's response: Have you tried "iftop -i eth1" ?
I'm looking for a lightweight script to generate as much UDP traffic as possible on my server's 100Mbit connection for penetration testing. Any recommends ? Thanks.
Asked in: Server-Networking  (2 answers)
BonoEstente's response: This might be what you need: http://ryanc.org/index.php?s=49 I haven't used it but if it does what it says ...
I'm trying to take some load off my Apache Server. Is Amazon S3 with expiry headers set for a long expiry, like a week, just as good as Amazon Cloudfront for static content serving ? Or are other CDNs better ? Thanks.
Asked in: RedHat-Linux-Servers  (1 answers)
BonoEstente's response: If you use S3 already then Cloudfront is really simple to set up - create a distribution with a directory in S3 and use its generated cloudfront.net hostname for your media serving. You'll get decent reliability from using S3 directly but there's little point when Cloudfront just plugs in and will give you higher performance and more reliability.
Thanks to this post I can now blacklist sender domains and IPs: http://www.servercircle.com/Suse-Linux-Servers/Postfix-blacklist-senders_433 But can I drop a user or recipient early on in the mail handshake so that it doesn't cause any load on my mail server ?
Asked in: Email-Servers  (1 answers)
BonoEstente's response: It's pretty similar to the blacklisting of senders. Try adding this line under smtpd_recipient_restrictions in main.cf. check_recipient_access hash:/etc/postfix/recipient_access Then create the blacklist file with the format of /etc/postfix/recipient_access being: user@domain.com REJECT Dropped another-user@anotherdomain.com REJECT Dropped Create the hash file with: postmap hash:/etc/postfix/recipient_access That should do it !
I have a wired desktop that I would like to use as a file server to my notebook. The notebook connects to my wireless router. I'm not sure if this can even be done and I expect it's too much to explain here. What I'm asking of the server experts is a link or links to good explanations of how it's done if it can be. I'm good at following instructions, just not savvy enough to figure it out on my own. So, can it be done? BTW. I'm using Linux Mint 10 with Gnome, and using a Netgear wireless router.
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: Good old Samba should save the day: http://tinyurl.com/3lyoqhq https://help.ubuntu.com/10.04/serverguide/C/samba-fileserver.html
I have a small home network all running ubuntu 11.04 either desktop or server versions, upstairs i have 2 hp proliant servers and 2 dell 2500 servers, down stairs i have 3 desktop computers. on a desktop machine downstairs, I would like to be able to click on a workspace (currently there are 4) and see the screen of one of the servers upstairs and have keyboard and mouse and buffer control I use synergy and quicksynergy on the 3 machines downstairs this sort of does what i want on that half of the network, except that when i move my mouse off the screen edge it moves over on to the monitor of another machine, rather than bringing that machines screen onto mine I dont want to use VNC as its very slow on these machines is this possible? Many Thanks in advance
Asked in: Linux-Servers  (3 answers)
BonoEstente's response: Can I ask what OS are the servers running ? If not VNC would Vino be faster unencrypted over a local network ?
I'm looking for a software router (or VM) that can emulate slow link and packet loss. This is especially useful to simulate long distance communications and bad quality links.
Asked in: Server-Networking  (1 answers)
BonoEstente's response: This is probably along the lines of what you're looking for: http://www.codealias.info/technotes/network_delay_and_packet_loss_emulation_using_netem
Is it possible to completely block certain domains or IPs in Postfix ? So they don't cause the server any work. Like *.spam.com or an IP ?
Asked in: Fedora-Linux-Servers  (1 answers)
BonoEstente's response: Yes, Postfix can do this. It's pretty powerful. Under smtpd_recipient_restrictions in main.cf add a line check_client_access regexp:/etc/postfix/blacklist_clients. Then in the file /etc/postfix/blacklist_clients lay it out like this: # IP /^10\.10\.1\.2$/ REJECT UCE black-listed # IP block /^10\.10\.1/ REJECT UCE black-listed # exact domain /^example\.com$/ REJECT UCE black-listed Then build the hashed file whenever you change it with: postmap hash:/etc/postfix/sender_blacklist
I'm looking for a device which I can connect to the VGA and USB port of my server to give me keyboard and display over IP. At $dayjob I'm used to using Dell's DRAC and HP iLo to remote admin when there's boot problems and I need something for my own personal server. I also want to keep costs to a minimum, however features may outway the cost. I've been looking at something like this here.
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: I found a list of reviews if it helps: http://www.42u.com/kvm_switch_reviews.htm
My web logs fill up too quickly with not that many hits. How do you turn off logging for ALL images but keep HTML and PHP logging on ? Is it possible on Apache ? Does it mean less work for the web server too, making it faster ? Thanks !
Asked in: CentOS-Linux-Servers  (4 answers)
BonoEstente's response: FWIW I think the max connections situation has changed with modern browsers. This link suggests that Chrome tries to grab as many connections as it can for example: http://tinyurl.com/6e76bdd
I get an error during the install process from the VMWare script on Ubuntu where it says cannot find a compiler present. What does that mean and how do I fix it ? Thanks.
Asked in: Virtual-Machines-Servers  (3 answers)
BonoEstente's response: Yes, gcc is needed for the modules you're correct.
Is there any way of knowing if this security update needs me to restart Apache on my web servers ? It's this update: http://www.debian.org/security/2011/dsa-2237 Thanks, I really hate stopping and starting Apache !
Asked in: Debian-Linux-Servers  (3 answers)
BonoEstente's response: Yes, it only refreshes your config. If I can then I always do a full restart.
I'm looking through the specs for the cisco 3560V2 series of switches. I notice in a lot of documentation it no longer mentions the max value for L2 .1q vlans and it might be causing my servers to drop connections when a maxmum number of configured vlans is reached. This makes me suspicious. Does anyone have an authoritative answer or know of the location of the correct pdf hidden in cisco : on the maximum number of configurable layer 2 and Layer 3 VLANS (svi) running both IP Services and IP Base? Thanks in advance.
Asked in: Server-Networking  (5 answers)
BonoEstente's response: I'd guess that's not what's causing you the connectivity problems.
How often should I run this emerge -vDNu world ? Thanks.
Asked in: Gentoo-Linux-Servers  (2 answers)
BonoEstente's response: I read that this should be done "periodically". Whatever that means, I actually now run it every time I check for new packages because my server is so slow, I go for deep dependencies each time to get updates out of the way. It hasn't done any harm in a year or so.
How can we restrict Fedora/Ubuntu User to not to make changes to Network Preference (Proxy) set by root?
Asked in: Fedora-Linux-Servers  (2 answers)
BonoEstente's response: If it's file permissions you're looking for then: chmod 600 filename chown root:0 filename should do it.
I have a sun4u box running Gentoo which works very well but it uses the Tulip NIC drivers and even at 10HD it crashes out every few weeks, falling offline, needing reset. Any fixes ? Latest drivers etc installed.
Asked in: Gentoo-Linux-Servers  (2 answers)
BonoEstente's response: Remember to force the same settings to the switch end.
Can someone please explain the differences ? There's a lot of debate about this subject it seems !
Asked in: Fedora-Linux-Servers  (5 answers)
BonoEstente's response: Interesting points.
I'm new to Qmail. How can I change the "servername" that will show up in the emails saying where the email has come from ? Thanks.
Asked in: Email-Servers  (3 answers)
BonoEstente's response: Most configs live in /var/qmail/control usually.
I have a site that I enabled this on: query_cache_size = 268435456 query_cache_type=1 query_cache_limit=1048576 from here: http://www.cyberciti.biz/faq/mysql-set-cache-size/ If anything I'm seeing a slight decrease in page load speed. Any thoughts welcome.
Asked in: Linux-Servers  (3 answers)
BonoEstente's response: I would suggest playing with the values a little and trying remote speed tests.
I've heard of SQL injection attacks and have written my PHP application using mysql_real_escape_string but I'm not sure of other ways to break into the server through PHP code. I've looked at Suhosin but I'm not sure about it. I also remember a PHPBB cookie attack a few years ago. I'm looking for other insights please.
Asked in: OtherProgramming  (2 answers)
BonoEstente's response: Look at this too: http://www.servercircle.com/Linux-Servers/Best-ways-to-secure-PHP-and-Apache-?_308
Any ideas ? Thank you. An error occurred at line: -1 in the jsp file: null
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: This should help you: http://wiki.apache.org/tomcat/FAQ/Miscellaneous#Q1
I have a site that I enabled this on: query_cache_size = 268435456 query_cache_type=1 query_cache_limit=1048576 from here: http://www.cyberciti.biz/faq/mysql-set-cache-size/ If anything I'm seeing a slight decrease in page load speed. Any thoughts welcome.
Asked in: Linux-Servers  (3 answers)
BonoEstente's response: Thanks, I'll look further into it.
order allow,deny deny from all allow from 11.11.11.11 allow from 22.22.22.22 allow from 33.33.33.33 I think this should work but it just isn't :) Any help appreciated.
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: You need to have AllowOverride All in your vhost.
Can anyone tell me which application to disable to stop this please ?
Asked in: WindowsServers  (2 answers)
BonoEstente's response: Yes ! It was Sharepoint, office stuff, now removed. Thanks very much.
I've just updated my small business server with a patch and "always up to date" is failing on exchange. I think that's something to do with activesync.
Asked in: WindowsServers  (1 answers)
BonoEstente's response: Here you go, sounds like this: http://blogs.technet.com/b/sbs/archive/2008/07/17/some-services-may-fail-to-start-or-may-not-work-properly-after-installing-ms08-037-951746-and-951748.aspx
After I updated my CentOS box, it was a yum update and now Apache won't start web services ... The error from directadmin is: Starting httpd: Apache configuration directives found [FAILED]
Asked in: CentOS-Linux-Servers  (5 answers)
BonoEstente's response: I'd guess that there's more logging information needed from error.log,
I'm new to IT and need to be able to measure packet loss between our two office file servers. They connect over an SDSL line.
Asked in: Server-Networking  (6 answers)
BonoEstente's response: Using the ping command is easiest. Simply run ping -c10 google.com or ping -n10 google.com then you'll see the packet loss (if any) at the bottom. Such as: 0% packet loss
I have some production servers and get bogged down with what feels like constant kernel upgrades. Has anyone used Uptrack from Ksplice ? It seems to increase security fine enough but I'm not sure if the reliability of the servers is ever compromised at all. Shared experiences would be welcomed.
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: I've used it in Ubuntu and Debian production environments and haven't had a single problem. Trial it on desktops for free if you're unsure.
I've got some experience with DNS but only really need a few domains served. BIND is heavy and cumbersome but is TinyDNS any good ?
Asked in: DNS-Servers  (3 answers)
BonoEstente's response: TinyDNS, after a learning curve of how the file is formatted, is really fast and secure. I can't recommend it enough.
I see VMWare have said that they'll stop issuing security updates for this product. Can I run VMs as VMWare Player in a production environment ? I know ESXi is recommended but I can't afford to change to hardware that is compatible at the moment.
Asked in: Virtual-Machines-Servers  (4 answers)
BonoEstente's response: If you're using Linux then I'd recommend KVM.
Can someone recommend the best greylisting software for Postfix please ?
Asked in: Email-Servers  (2 answers)
BonoEstente's response: I use Postgrey and find it really easy to use. Simply set up a few whitelists, like yahoo.com, that you trust and set how long you'd like mail servers to retry the mail's delivery and you'll drop spam and hardly see any false positives if any.
I use lsof -i to look up which ports are open and to which application but I'd like more information on the application/daemon opening the port. Any ideas ?
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: That sounds like just what I was after. I see the standard lsof output gives more too.
Can anyone offer advice on tweaking a MYSQL PHP Server to improve performance on a busy site please ? Thanks in advance.
Asked in: Linux-Servers  (5 answers)
BonoEstente's response: Thanks, @trevHCS, that's very helpful.
Can anyone offer advice on tweaking a MYSQL PHP Server to improve performance on a busy site please ? Thanks in advance.
Asked in: Linux-Servers  (5 answers)
BonoEstente's response: Thanks that's great.
I can set up AllowUsers in sshd_config to only allow certain people to log in but is there a an equivalent AllowGroup ? If so how does it work ? It would be easier to admin I think.
Asked in: Linux-Servers  (4 answers)
BonoEstente's response: Yes, I'm pretty sure that it's just AllowGroup isn't it ?
I messed arround with armagetronad, then I wanted to remove it and I got this error: # sudo apt-get remove armagetronad Reading package lists... Done Building dependency tree... Done E: The package armagetronad needs to be reinstalled, but I can't find an archive for it. Now every time I want to use apt-get for anything I can't: # sudo apt-get install supertux Reading package lists... Done Building dependency tree... Done E: The package armagetronad needs to be reinstalled, but I can't find an archive for it. Can anyone help me workaround this problem, its driving me nuts?
Asked in: Linux-Servers  (4 answers)
BonoEstente's response: You can always try dpkg -a --configure if that doesn't do it.
We'd like a private chat system for IM for our company. I think they use the XMPP protocol but we know it as Jabber. Any good alternatives to Openfire ? It looks a bit clunky. Thank you.
Asked in: Linux-Servers  (1 answers)
BonoEstente's response: This is an excellent tutorial for Openfire. I don't think it's too bad at all. Worth trying out if you haven't. http://www.howtoforge.com/how-to-set-up-an-openfire-instant-messaging-server-on-centos-5.6
I don't want to install the Zabbix agent on all my servers for security reasons. How would I set up just to monitor pings and http and smtp without installing the agent. That way I get good graphs and reports and alerts still. The docs aren't clear ! Thank you for help.
Asked in: Fedora-Linux-Servers  (1 answers)
BonoEstente's response: Yes, this can work but isn't that straight forward - at least I din't find it that obvious: Look for the agentless part in the docs for a brief rundown first: http://www.zabbix.com/documentation/1.8/manual/installation For agentless pings uncomment fping in Server's .conf file FpingLocation=/usr/bin/fping (get path right and install it if not). Look here: http://tinyurl.com/3lpmnwg Choose simple checks for all services, create a host, then an item and then the trigger. ICMP needs funny monitoring details (a multiplier etc) but check the Safari book if stuck again. This might help a little too: http://www.debianhelp.co.uk/zabbix.htm
Thanks to this post I can now blacklist sender domains and IPs: http://www.servercircle.com/Suse-Linux-Servers/Postfix-blacklist-senders_433 But can I drop a user or recipient early on in the mail handshake so that it doesn't cause any load on my mail server ?
Asked in: Email-Servers  (1 answers)
BonoEstente's response: It's pretty similar to the blacklisting of senders. Try adding this line under smtpd_recipient_restrictions in main.cf. check_recipient_access hash:/etc/postfix/recipient_access Then create the blacklist file with the format of /etc/postfix/recipient_access being: user@domain.com REJECT Dropped another-user@anotherdomain.com REJECT Dropped Create the hash file with: postmap hash:/etc/postfix/recipient_access That should do it !
I have a wired desktop that I would like to use as a file server to my notebook. The notebook connects to my wireless router. I'm not sure if this can even be done and I expect it's too much to explain here. What I'm asking of the server experts is a link or links to good explanations of how it's done if it can be. I'm good at following instructions, just not savvy enough to figure it out on my own. So, can it be done? BTW. I'm using Linux Mint 10 with Gnome, and using a Netgear wireless router.
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: Good old Samba should save the day: http://tinyurl.com/3lyoqhq https://help.ubuntu.com/10.04/serverguide/C/samba-fileserver.html
Is it possible to completely block certain domains or IPs in Postfix ? So they don't cause the server any work. Like *.spam.com or an IP ?
Asked in: Fedora-Linux-Servers  (1 answers)
BonoEstente's response: Yes, Postfix can do this. It's pretty powerful. Under smtpd_recipient_restrictions in main.cf add a line check_client_access regexp:/etc/postfix/blacklist_clients. Then in the file /etc/postfix/blacklist_clients lay it out like this: # IP /^10\.10\.1\.2$/ REJECT UCE black-listed # IP block /^10\.10\.1/ REJECT UCE black-listed # exact domain /^example\.com$/ REJECT UCE black-listed Then build the hashed file whenever you change it with: postmap hash:/etc/postfix/sender_blacklist
Any ideas ? Thank you. An error occurred at line: -1 in the jsp file: null
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: This should help you: http://wiki.apache.org/tomcat/FAQ/Miscellaneous#Q1
order allow,deny deny from all allow from 11.11.11.11 allow from 22.22.22.22 allow from 33.33.33.33 I think this should work but it just isn't :) Any help appreciated.
Asked in: Linux-Servers  (2 answers)
BonoEstente's response: You need to have AllowOverride All in your vhost.
About Us : Contact Us : Etiquette : Terms : CDN Failover : ShorterURL : CDN Fallback : © 2013 Server Circle