How to download an ISO image with BitTorrent fast and safely from the command line

If you are one of those guys who have urge to try out every new (or even beta) release of Linux distribution to satisfy your curiosity and stay up-to-date, you will need to deal with the hassle of downloading big ISO images every now and then. ISO providers typically put up .torrent file of their […]
Continue reading…

 

How to verify the authenticity and integrity of a downloaded file on Linux

When you download a file (e.g., an installer, an ISO image, or a compressed archive) from the web, the file can be corrupted under a variety of error conditions, e.g., due to transmission errors on the wire, interrupted download, faulty storage hardware, file system errors, etc. Such failure cases aside, a file can also be […]
Continue reading…

 

How to monitor and troubleshoot a Linux server using sysdig

What is the first thing that comes to mind when you need to track system calls made and received by a process? You’ll probably think of strace, and you are right. What tool would you use to monitor raw network traffic from the command line? If you thought about tcpdump, you made an excellent choice […]
Continue reading…

 

How to configure a host intrusion detection system on CentOS

One of the first safety measures that any sysadmin may want to implement in their production servers is a mechanism to detect file tampering – not only the content of files, but also their attributes. AIDE (short for “Advanced Intrusion Detection Environment”) is an open source host-based intrusion detection system. AIDE checks the integrity of […]
Continue reading…

 

How to harden Apache web server with mod_security and mod_evasive on CentOS

Web server security is a vast subject, and different people have different preferences and opinions as to what the best tools and techniques are to harden a particular web server. With Apache web server, a great majority of experts -if not all- agree that mod_security and mod_evasive are two very important modules that can protect […]
Continue reading…

 

How to create a cloud-based encrypted file system on Linux

Commercial cloud storage services such as Amazon S3 and Google Cloud Storage offer highly available, scalable, infinite-capacity object store at affordable costs. To accelerate wide adoption of their cloud offerings, these providers are fostering rich developer ecosystems around their products based on well-defined APIs and SDKs. Cloud-backed file systems are one popular by-product of such […]
Continue reading…

 

How to install and configure ownCloud on Debian

According to its official website, ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view, edit and sync your contacts, calendars and bookmarks across all your devices. Even though ownCloud is very similar to the widely-used Dropbox cloud storage, the primary difference is […]
Continue reading…

 

How to secure a LAMP server on CentOS or RHEL

LAMP is a software stack composed of Linux (an operating system as a base layer), Apache (a web server that “sits on top” of the OS), MySQL (or MariaDB, as a relational database management system), and finally PHP (a server-side scripting language that is used to process and display information stored in the database). In […]
Continue reading…

 

How to create a site-to-site IPsec VPN tunnel using Openswan in Linux

A virtual private network (VPN) tunnel is used to securely interconnect two physically separate networks through a tunnel over the Internet. Tunneling is needed when the separate networks are private LAN subnets with globally non-routable private IP addresses, which are not reachable to each other via traditional routing over the Internet. For example, VPN tunnels […]
Continue reading…