Synchronization by Taxydromos69
I already wrote
how to configure a basic High Availability Ubuntu cluster. The steps to setup a basic cluster are detailed in the previous post, so please read the post if you don’t know how to make the cluster up&running. Same conventions are used here.
One of the topic I didn’t covered on the old post was “
application replication/synchronization between the nodes“. Now it’s time to show you how to keep in sync files between cluster nodes, using DRBD software. DRBD is a powerful component of Linux kernel and is designed to keep in sync data via TCP/IP between nodes volumes. In this post we will setup a clustered freeradius service that sync /etc/freeradius/clients.conf file between nodes. Continue reading “Configure Linux High Availability Cluster in Ubuntu with Corosync and DRBD file sync”
No more flash
One of the trending topic I discuss regularly with my company IT department is the need to block Flash content on our navigation proxies.
As a Security people I have no doubt about,
Flash must be blocked. Period.
Because I manage some
Squid proxy I made this simple and effective configuration in squid.conf file. Continue reading “Block Flash content on Squid proxy”
Forticlient SSLVPN for Ubuntu/Debian
This post is just to point to the page where the great
Rene mantains the .deb packages for Forticlient SSLVPN Linux client (instead of .tar.gz provided by Fortinet).
You can find the .deb files built by Rene in
his blog Bits and Bites.
Kudos to him!
Jellyfish Cluster – photo by robin on flickr
HA Cluster with DRBD file sync which adds file sync configuration between cluster nodes]
: tested the configuration also with UPDATED on March 7, 2017 Ubuntu 16.04 LTS]
This post show how to configure a basic High Availability cluster in Ubuntu using
Corosync (cluster manager) and Pacemaker (cluster resources manager) software available in Ubuntu repositories (tested on Ubuntu 14.04 and 16.04 LTS). More information regarding Linux HA can be found here.
The goal of this post is to setup a freeradius service in HA. To do this we use two
Ubuntu 14.04 or 16.04 LTS Server nodes, announcing a single virtual IP from the active cluster node. Notice that in this scenario each freeradius cluster istance is a standalone istance; I don’t cover application replication/synchronization between the nodes (rsync or shared disk via DRBD). Maybe I can do a new post in the future 🙂 [ ] I did the post Continue reading “Configure basic Linux High Availability Cluster in Ubuntu with Corosync”
Postfix email relay
OTRS Help Desk is an
open source application (with Enterprise support) that has a lot of useful features: ITSM, Surveys, Time Accounting and System monitoring.
I use it on my company as a Service Desk for
Security purposes (and more).
As you can read from our Success Story one of the feature we currently appreciate is the ability to track all the email exchanges into tickets simply putting ticket number in email Subject end CCing the proper configured email address. This allow us to interact with external parties without the need for other people to access our OTRS istance. Continue reading “Configure OTRS to process multiple Tickets in email Subject”
Lone Hacker in Wharehouse by Brian Klug
Security Onion is an Ubuntu based distribution created to handle a lot of Security task.
One of the security tool installed is
SNORT, the best open source Intrusion Detection System (IDS). Security Onion use Pulledpork to get IDS rules and process them.
I wrote a perl script to make advanced modification to the downloaded SNORT rules. This script can handle rule transformation based on regular expression and multiple substitution patterns.
Continue reading “SNORT rules Advanced Parser for pulledpork”
Network by Rosmarie Voegtli
Metasploit is my favorite tool while I do Pen Test and Secuirty Checks. I use also Nessus for Vulnerability Assessment and integrate Nessus and Metasploit is a must.
Follow a short guide on how to launch Nessus from Metasploit (for reference, I used NESSUS 6.5 and Metasploit PRO but also Community Edition should be ok).
Continue reading “Launching Nessus scans inside Metasploit”