Category: linux

chattr Against Sneaky Postinstall Scripts

I was once reading my Twitter stream and came across a link to a systems monitoring service I had never heard about before. I went to their website, liked what I saw in their list of features and their pricing, and signed up for an account. Then it was time...

Read more...

Building Erlang R13B02-1

This is a quick note in case anyone is having the same issue. When building erlang R13B02-1 on a 64bit non-SMP machine (not sure if it matters), “make -j 2” somehow resulted in an error which I could not work around. Reverting to simply make (without -j 2) and starting...

Read more...

Don't Use OpenDNS On Servers

Are you thinking about using OpenDNS in your servers’ /etc/resolv.conf? Don’t. Why? Because when OpenDNS receives a query for a non-existing name, instead of returning NXDOMAIN (essentially name you’re looking for does not exist), it will return some IP, which probably is meant to catch typos, misspelt URLs or phishing...

Read more...

Compiling Erlang On Linux With Old Glibc

I recently wanted to compile Erlang (in order to install RabbitMQ) on a Linux box with old glibc (2.3.2, from days of Red Hat Linux 7.0). It was the only out-of-date component, everything else was quite fresh - GCC 4.3.3, binutils 2.19.1. Version of Erlang I used was R12B-5. I...

Read more...

Protect Your Blog Against Misbehaving Bots With Apache

I recently glanced over Apache httpd logs for this blog. Among other things, I discovered several bots that were making quite a few useless requests, thus driving load on the machine. It wasn’t a big deal but a matter of principle. If all of us webmasters start paying attention to...

Read more...

On Private IPv4 Address Spaces

Most people who work with Internet know about RFC1918 “Address Allocation for Private Internets.” But did you know that RFC 3330 “Special-Use IPv4 Addresses” has even more address spaces allocated for non-public use? I didn’t know about it till today.

Read more...

Gotta Love Open Source

… And it’s not only because it’s often cheaper to own or use, but also because it raises the bar for every single piece of proprietary software - they no longer can get away with poor user interface or limited features like they used to. Proprietary software now has to...

Read more...

EC2 Instances Always Boot to Runlevel 4

It appears that Amazon EC2 instances always boot to runlevel 4, no matter what runlevel you set as default in your /etc/inittab. I found a very old reference to this fact in forums (see here), which explains how it happens (XEN does it) but doesn’t explain why. And yes, by...

Read more...

VcubeV Idea Getting Followers?

Check this out - someone else is thinking along the same lines - http://elasticvapor.com/2008/05/virtual-private-cloud-vpc.html

Read more...

"Least Used" Load Balancing

See an interesting discussion on benefits and shortcomings of “least used resource” mode of load balancing at High Scalability. Here is what I think: When dealing with TCP-based services (say http), my solution is not to use this load balancing mode at all precisely for this reason (you bring a...

Read more...

VcubeV review on Highscalability.com

Check out this great review of my VcubeV article by Todd Hoff of Highscalability.com.

Read more...

My VcubeV Article Now Publicly Available

Have you ever needed to expand your colocated servers at more than one provider and allow applications to communicate as if they were on the same LAN, possibly over multiple sets of firewalls and layers of NAT? Or, maybe you’ve wanted to move from one hosting service to another to...

Read more...

VBulletin and spam bots

If you maintain a VBulletin installation and spam bots are causing trouble, these two links are a must read: http://www.vbulletin.com/forum/showthread.php?t=211647 and http://www.vbulletin.com/forum/showthread.php?t=205214

Read more...

VcubeV

Update: Commercial counterpart of VcubeV is called VPN-Cubed, it's being developed by my employer CohesiveFT. VPN-Cubed is a vastly superior product, which eliminates various limitations of VcubeV and introduces new functionality. Check it out at http://cohesiveft.com/vpncubed. This week on Elastic Server blog we announced the official name of the technology...

Read more...

Linux Journal publishes my article

February issue of Linux Journal includes my article titled Building a Multisourced Infrastructure Using OpenVPN.

Read more...

Apache Config Trick: A Special Directory

So say you need to require users to enter their username and password before they can get content from your Apache server? Well, that’s easy: <Location "/"> AuthType ... AuthName... Require valid-user ... </Location> But what if you want to have one special directory where you don’t want to authenticate...

Read more...