Cisco – ASA 5510 – Basic SNMP (V2 and V3) configuration.

SNMP V2 : 

 SNMP V3 : 

Troubleshooting SNMP : 

 

 

Citrix XenApp 7.5 – Ramblings

1) Machine Catalogs

2) Delivery Groups

3) Application Deployment ( Need to install the VDA for the server to be registered)

 

CentOS 6.5 – How to upgrade Splunk

Existing install : 6.1.1-207789
Upgrade : 6.1.2.213098

  • First, create a backup of the entire Splunk folder. In theory, the /etc and it’s sub-folders would be sufficient, but a full backup can’t hurt.
  • Download the new source files. The Splunk developers have been kind enough to provide a wget friendly link. Simply click the “Download” button and look at the next page.
  • Extract (tar -xvf) the splunk folder.
  • Copy that entire folder over your previous installation. You can use ” yes | cp -r source_path destination_path” to answer yes to all the overwrite prompts.
  • That’s it!

Sources

http://docs.splunk.com/Documentation/Splunk/6.0/Admin/Backupconfigurations

http://docs.splunk.com/Documentation/Splunk/6.0/Indexer/Backupindexeddata

http://docs.splunk.com/Documentation/Splunk/6.1.2/installation/Upgradeto6.1onUNIX

 

CentOS 6.5 – Create a Certificate Authority

yum install easy-rsa
Default Directory : /usr/share/easy-rsa/2.0/

 

 

CentOS 6.5 – Plex Media Server

Key issues :

  • Port numbers to allow auto-discovery on a local network. : “32410, 32412, 32413, 32414” ALL UDP
  • Port number for default admin interface “32400” TCP
  • File/Folder permissions to allow the Plex process to read the files.
  • TV-Shows Folder type require a specific naming scheme for files.
  • Movies folder type is not as strict.
 

CentOS 6.5 – Private key authentication for ssh

SSH is secure! I don’t need anything else!

Well, you are not exactly wrong. But security is not something that should be taken lightly.

I’ve recently acquired a Linode host and I was stunned by the number of unauthorized login attempts. About 99% of those attempts were probably automated scripts crawling the Internet for anything responding to queries on port 22. I believe that a huge part of modern “hacking” is entirely automated which reinforces the perspective that security is a 24/7 concern.

Since SSH is your main entry point to control your machine, it’s especially critical that it’s well protected. Private/public key authentication allows you to login into your machine without providing a password.

Here is a very basic overview.

You first create a key pair : Private and Public key. The private key allows you to apply your “signature” to content. The only way to verify that signature is to have your Public key. You then transfer that public key file unto your server. When you try to connect to the server using your Private key, the server will try to match the unique signature using the Public key you had previously transferred. That entire operation completely removes the need to transfer a password. It’s almost much more complex to brute-force.

That said, it’s up to you to protect your private key. I recommend adding a passphrare during the key generation. Without that extra step, both the public and private key would both be written in clear-text.


China is knocking…

Jun 16 02:12:30 li362-86 sshd[2234]: Failed password for root from 116.10.191.227 port 32848 ssh2 Jun 16 02:12:31 li362-86 sshd[2232]: Failed password for root from 116.10.191.227 port 29883 ssh2 Jun 16 02:12:32 li362-86 sshd[2234]: Failed password for root from 116.10.191.227 port 32848 ssh2 Jun 16 02:12:34 li362-86 sshd[2232]: Failed password for root from 116.10.191.227 port 29883 ssh2 Jun 16 02:12:34 li362-86 sshd[2234]: Failed password for root from 116.10.191.227 port 32848 ssh2 Jun 16 02:12:36 li362-86 sshd[2232]: Failed password for root from 116.10.191.227 port 29883 ssh2


Prerequisites : This guide was performed on a CentOS 6.5 machine with almost no extra packages. Most, if not all commands, should be the same on Debian based OS. That said, be aware that you will have to substitute your own folder and files path. Any variable you need to replace with your own will be marked with the “$” sign.

Folder has to be owned by the appropriate user attempting to log in.

 

CentOS 6.5 – Mumble and Django-Mumble

Mumble – Open source voice server

Django Mumble – Open source django based administration interface

 

Cisco Etherchannel – LACP and PAGP

Cisco Etherchannel – LACP and PAGP

 

CentOS 6.5 – Nfsen and Nfdump

CentOS 6.5 – Nfsen and Nfdump