Nirlog.com

If you’re running a web site and have come to a point where a single web server cannot handle the traffic, then it’s time to get multiple web servers and share the loading. To do that you’ll need a load balancer which distributes the web traffic among multiple web servers.

Basically you’ve two choice — go for the hardware solutions (expensive with many nice features) or software solutions (possibly free but with limited features). If you want a free and open source solution then Pound is the choice.

Pound is a Free Open Source reverse-proxy, load balancer, SSL wrapper, http/https sanitizer, fail over server and a request redirector:

1. a reverse-proxy: it passes requests from client browsers to one or more back-end servers.
2. a load balancer: it will distribute the requests from the client browsers among several back-end servers, while keeping session information.
3. an SSL wrapper: Pound will decrypt HTTPS requests from client browsers and pass them as plain HTTP to the back-end servers.
4. an HTTP/HTTPS sanitizer: Pound will verify requests for correctness and accept only well-formed ones.
5. a fail over-server: should a back-end server fail, Pound will take note of the fact and stop passing requests to it until it recovers.
6. a request redirector: requests may be distributed among servers according to the requested URL.

Pound is built with security in mind, it can run as setuid/setgid and/or in a chroot jail. It’s a very small, robust and efficient program.

It’s very easy to install and configure.

Read the rest of this entry »

I’ve just upgraded my MacBook Pro to Leopard. I expected it to be very smooth and painless as many other users have reported, but unfortunately I encountered some problem. I had to spend around extra 4 hours, and was worried about losing my data all the way until the upgrade was complete.

So, this is what happened. I inserted my Leopard DVD and clicked on Install Mac OS X, then my MBP restarted. I chose the option to Upgrade (it actually detected and told me that I wanted to upgrade). It took around 2 hours to complete and asked for a final restart. That was supposed to be the end of upgrade, but after the final restart my MBP was stuck on white screen with apple logo. I waited for half an hour, then it became obvious that nothing was happening, so I pushed the power button and re-started again, which led to the same white screen. At this point I was quite worried about my data. I had done my last backup 2 months ago. Actually I should have backed up before starting the upgrade, but I thought since everyone is doing it smoothly why would I have a problem? Also I was too excited to experience the Leopard that I didn’t want to spend time backing up, and neglected the risk of losing 2 months data.

Stuck in the white screen forever

Read the rest of this entry »

Few years ago I was looking for a virtual host management system, that’s when I came across Virtualmin. The features satisfied my requirements and of course you can’t beat the free, price wise . I’ve been using it in an environment with 100+ virtual hosts since then, and don’t have any regret on my choice. It’s running all these years without any problem.

What is Virtualmin

Virtualmin is a free and open-source virtual hosting management system designed to make virtual hosting quick, reliable, and secure. It’s a Webmin module, which supports the creation and management of Apache virtual hosts, BIND DNS domains, MySQL/PostgresSQL databases, and mailboxes and aliases with Sendmail, Postfix or Qmail. It utilizes existing Webmin modules for these servers, and works with any existing system configuration, rather than needing it’s own mail server, web server and so on. There’s also a commercial version of Virtualmin that you’ve to pay for, called Virtualmin Pro, which includes some extra features and support.

Read the rest of this entry »

It has changed the way we communicate and do business, with it’s ease of use, price (free for end users), and effectiveness, e-mail has taken our productivity to a whole new level. But there’s a darker side to it. Now people are getting addicted to emails. The misuse and addiction is doing just the opposite, costing businesses millions of dollars in lost productivity. But there’s a hope, reuters put it this way — “Alcoholics have one, and so do drug abusers. Now people addicted to e-mail also have a 12-step program designed to tackle their obsession.” Here are the 12 steps to manage your e-mail:

1. Admit that e-mail is managing you. Let go of your need to check e-mail every ten minutes.
2. Commit to keeping your inbox empty.
3. Create files where you can put inbox material that needs to be acted on.
4. Make broad headings for your filing system so that you have to spend less time looking for filed material.
5. Deal immediately with any e-mail that can be handled in two minutes or less but create a file for mails that will take longer.
6. Set a target date to empty your in box. Don’t spend more than an hour at a time doing it.
7. Turn off automatic send/receive.
8. Establish regular times to review your e-mail.
9. Involve others in conquering your addiction.
10. Reduce the amount of e-mail you receive.
11. Save time by using only one subject per e-mail; delete extra comments from forwarded e-mail, and make the subject line detailed.
12. Celebrate taking a new approach to e-mail.

This guide describes how to install and configure the OpenVPN Server in Linux and clients in Windows XP and Mac OSX. There are many advanced features in OpenVPN and if you’re interested in those advanced stuff, there’s a more detailed HowTo for you. This guide was created from my successful installation, so it works for me. If you find any problems or have suggestions please leave a comment. I’ll try my best to help. I’m sure, you know that you’re using this at your own risk

In our scenario, a small office network is protected by Linux firewall and we’ll implement the secure OpenVPN to access the internal office network (File Server, Database Server and Desktop PCs) securely from anywhere in the Internet.

Read the rest of this entry »

Allen suggests that mind is like a muscle and weakens if you don’t exercise it regularly. He offers very simple 10 ways to exercise our mind.

1. Regularly solve puzzles
2. Play a musical instrument
3. Paint, sketch or draw.
4. Learn a new language.
5. Learn how to juggle.
6. Play Chess, Backgammon, Checkers or even Go!
7. Play computer games.
8. Write!
9. Try amateur dramatics.
10. Travel.

Firewalls have become an integral part of all corporate networks. They’re the first line of defense against attacks from outside network (Internet) and also the point of control to make sure internal users (employees) are using the Internet as they’re supposed to. Recently the UTM (United Threat Management) Firewalls have become very popular. They’ve built in gateway anti-virus, anti-spam, web content filtering and IPS (Intrusion Prevention System) on top of traditional firewall functions. These firewalls generate loads and loads of log data and it’s very difficult to analyze the traffic and security event levels by just looking at the log files. So, a firewall logging and analyzing tool becomes necessary to generate easy to understand reports. After trying few softwares, I came across Firewall Analyzer, which was the exact tool I was looking for.
Read the rest of this entry »

Marius Ducea has a great article on How to restore a hacked Linux Server. He provides a very practical baseline on how you should develop your own plan of action to restore a hacked Linux Server. These are the steps he recommends:

- Don’t panic. Keep your calm and develop a plan of actions
- Disconnect the system from the network
- Discover the method used to compromise the system
- Stop all the attacker scripts and remove his files
- Restore not affected services
- Fix the problem that caused the compromise
- Restore the affected services
- Monitor the system

I’ve a personal experience of restoring a hacked Linux Server. I agree with all of his recommended steps. Out of them, I think finding the method (security hole) used to compromise the system is most important, because if you don’t know this then the attacker can immediately use the same security hole to attack and compromise the system after you restore.

With perfect password manager, I thought I had the complete set of tools in my Mac for getting things done. But today I realized, I’d overlooked ethereal. I use it sometimes and it’s a gem without which it would be very difficult to solve some network problems. Ethereal is a free and open source packet sniffer application, used for network troubleshooting, analysis, software and protocol development, and education. It has all of the standard features of a protocol analyzer.

I was happy to see Ethereal for Mac OS X listed at the top of the download page. But, was confused with the choice I had to make between Fink Project and DarwinPorts. I was not sure what they meant or which one was better. So, after Googling a while and reading the FAQs, I found that the number one goal of both projects were to port open source Linux/Unix softwares to Mac OS X. They just differ in the packaging approach they’ve taken. DarwinPorts was written from scratch to try a different approach to a packaging system, where as Fink Project utilizes robust package management tools dpkg and apt-get from Debian Linux Project . So, I decided to try ethereal with Fink Project and this is how I did it.

Read the rest of this entry »

After switching to Mac, my Samsung notebook with Windows Xp has been free, so I decided to test dual booting Windows Vista and Ubuntu Linux in this laptop. The downloading, burning cd/dvd and installation was easy and straight forward. Only special thing I had to do was to modify the menu.lst file in Ubuntu. This is how I did it:
Read the rest of this entry »