|
|

|
|
Home
|
|
Written by scott
|
|
Sunday, 01 April 2007 |
With server time donated by bigwavedave, and www.nefw.net I've successfully updated AOOI to re-image a 1and1 x86_64 system with CentOS 4.4 (x86_64). This includes setting up the RAID1 mirror, on /boot and /. It should be generic enough to adapt to both the low and high end implementations and different disk sizes. Go forth and test. Let CentOS4 be fruitful and multiply at 1and1. That is all. Resume Party.
Video Tutorial updated!
Write Comment (0 Comments) |
|
Last Updated ( Monday, 02 April 2007 )
|
|
|
Written by scott
|
|
Saturday, 17 March 2007 |
Ive stood up the new PSA archive here: http://www.atomicorp.com/channels/plesk. Big changes here are that I've tied this in a true mirror of the PSA archives (updated every 6 hours), and added support for x86_64 architectures. You'll also see the documentation on the page points to the new [atomic] channel, which is also active, but not yet completely populated.
As for the new [atomic] channel, Red Hat 9, RHEL3, CentOS3, and FC2 are NOT supported. Further, core packages like mysql 4/5, php, and the testing/bleeding channels have not been merged into the archive. All new packages are going into this archive, the 3es.atomicrocketturtle.com server should be considered frozen, and no longer directly maintained. Write Comment (2 Comments) |
|
Last Updated ( Sunday, 18 March 2007 )
|
|
|
Written by scott
|
|
Friday, 09 March 2007 |
Can't really make a video of this one due to the time involved to run it, so here is a screenshot of the module in action. What this does is parse through the apache config files to identify all the virtual hosts, then it crawls through each domains files to identify what applications are installed. That in turn is used to tune security settings on the system. This is probably one of the biggest changes over ASL 1.0, which could only reconfigure itself if applications were installed as RPMS. We're still working on the signatures, as you can see from some of the duplicates/overlaps. A neat side effect here is you can see where two app's (mambo/joomla) are using some of the same code.
Application Inventory Module Write Comment (0 Comments) |
|
|
Written by scott
|
|
Wednesday, 28 February 2007 |
These are some screenshots of ASL 2.0, specifically the asl utility itself. It works like a combination of bastille/rkhunter/titan/cops all in one.
Report Mode
Report Mode(pt2)
Fix mode
UpdatedASL Demo video (animated gif)
UpdatedASL Demo video (AVI)
Once complete It will have the following security modules, Kernel, File system, Watchdog, Self-healing, SIM, Web server (sub modules for, app-inventory, mod_security, mod_evasive, php, suspicious process), Firewall, Brute-Force, and SSH. A couple of them are in the screenshots above, kernel, ssh, php, etc. 2.0 takes a much more holistic approach, and combines both analysis of the configuration of the system, and implementing additional security controls.
Write Comment (1 Comments) |
|
Last Updated ( Thursday, 01 March 2007 )
|
|
|
Written by scott
|
|
Sunday, 25 February 2007 |
With the help of Cathy of Orionhost.net I've had the opportunity to look at the latest 1and1 servers, and looked into integration issues with ASL, [atomic] and AOOI.
1) default language is set to german, which is great if you're
german.
2) yum was broken, it points to a server that wont accept
connections (a 1and1 box). This could be their firewall upstream.
3) fixed yum by commenting out their settings in yum.conf, and
used the FC4 defaults. Installed system-config-language to fix item
1 (because I'm not german, and neither is Cathy). Lang is now english (yum install system-config-language,
system-config-language).
4) They're got 3ware hardware raid controllers, which is good.
5) They didn't actually use them, which is bad. Instead of making
a hardware raid, they used soft-raid. You've still got a RAID mirror,
its just kind of silly that they didn't use the hardware raid
controller. I think it might be possible to create the raid container
from a rescue image. This will require mad kung foo.
6) They use lilo as a boot loader
7) Its Fedora Core 4 which is no longer supported as of 31DEC06.
You could rebuild this box with CentOS4, but I'm going to need to
update AOOI for x86_64 to do that.
8) It has a hardware "watchdog" unit. If this box hangs,
its going to reboot itself. Thats really impressive given the cost.
9) They didn't include the utils to fsck its own file system.
Thats really unusual, I'm guessing that they rushed this image out
the door without a whole lot of testing. Fixed that with: yum install
xfsprogs
10) The ASL kernel installs without much trouble (ie, more trouble
than “yum update”), it required one minor change to
modprobe.conf:
alias scsi_hostadapter1 sata_nv
and a manual update of lilo.conf:
image=/boot/vmlinuz-2.6.19-6.art
label=asl
initrd=/boot/initrd-2.6.19-6.art.img
read-only
root=/dev/md1
append="selinux=0 console=tty0 console=ttyS0,57600 panic=30 noapic irqpoll"
11) Its a fast box, reboots only take about 20-30 seconds.
12) Partitioning is still laid out very poorly. Write Comment (10 Comments) |
|
Last Updated ( Sunday, 25 February 2007 )
|
|
|
Written by scott
|
|
Wednesday, 21 February 2007 |
|
Poking through an rpm that
I “traffic” quite a bit today and saw a particularly nasty bit of
code I'd put together. This is a pretty long thread, so I'll spare
everyone loading down the main page with it. Suffice it to say, I'd
like to immortalize my mistake in the website so I never do this
again. If anyones interested I can go into RPM kung-foo like this in
more detail later.
Write Comment (2 Comments) |
|
Read more...
|
|
| | << Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
| | Results 45 - 55 of 184 | |
|
|