Nov 5, 2013
tom

What are the advantages of tape drives?

IBM still develop and sell tape drives today. The capacity of them seems to be on a par with today’s hard drives, but the search time and transfer rate are both significantly lower than that of hard drives. So when is tape drives preferable to hard drives (or SSDs) today? Asked by kba For me, the single biggest argument in favour of tape is that doubling your storage capacity is cheap. That is, to go […]

Continue Reading »
Nov 2, 2013
tom

SSLCipherSuite – disable weak encryption, cbc cipher and md5 based algorithm

A developer recently ran a PCI Scan with TripWire against our LAMP server. They identified several issues and instructed the following to correct the issues: Problem: SSL Server Supports Weak Encryption for SSLv3, TLSv1, Solution: Add the following rule to httpd.conf SSLCipherSuite ALL:!aNULL:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM Problem: SSL Server Supports CBC Ciphers for SSLv3, TLSv1 Solution: Disable any cipher suites using CBC ciphers Problem: SSL Server Supports Weak MAC Algorithm for SSLv3, TLSv1 Solution: Disable any cipher suites […]

Continue Reading »
Nov 2, 2013
tom

VMware vSphere cluster design for site redundancy

I have a question about the best design for site redudancy when using vSphere clusters. A bit of background info about our situation first though. We are a medium-sized company with two main offices, located in different countries. Our networks are linked by a Layer2 150Mbps leased line which is currently underused. We have a variety of services running for internal use within the company, some on physycal servers and some on existing vSphere clusters. […]

Continue Reading »
Oct 30, 2013
tom

Setup NTP on Debian

I installed ntp on my debian system: apt-get install ntp ntpdate ntp-server. My questions: How often is the time synchronized – is there a schedule? Is there a log that says when the time was synchronized? Is it possible to control when the time should be synchronized – like, once every day at 01:48:00? Asked by Dánjal Salberg Adlersson How often is the time synchronized – is there a schedule? The NTP protocol syncs constantly. […]

Continue Reading »
Oct 30, 2013
tom

I am under DDoS. What can I do?

This is a Canonical Question about DoS and DDoS migitation. I found a massive traffic spike on a website that I host today; I am getting thousands of connections a second and I see I’m using all 100Mbps of my available bandwidth. Nobody can access my site because all the requests time out, and I can’t even log into the server because SSH times out too! This has happened a couple times before, and each […]

Continue Reading »
Oct 29, 2013
tom

10 day grace period on my 180 day server 2012 evaluation?

I just installed an eval copy of windows server 2012 (datacenter) core. It says its a 180 evaluation, but checking the licensing info I see this: Is this different for core installs than GUI because I have used the same iso to do full GUI installs and it always gives me 180 days. I should also add when downloading the trail I was not provided a license key. Asked by red888 You never activated it […]

Continue Reading »
Oct 27, 2013
tom

How to redirect http to https using iptables

I have purchased a valid SSL certificate. I have a web server running on port 443, that displays correctly when I visit https://mydomain.com. How can I use iptables to forward all http requests to use https? Thanks Asked by dave You cannot do this directly with iptables, because doing the “redirect” at layer 3/4 will not allow SSL negotiation to take place, as the client’s browser will still being using plain HTTP. What you need […]

Continue Reading »
Oct 25, 2013
tom

Configuring the pg_hba.conf file to allow access from other servers to the database

I have a postgres database on one server and I need access it from another server. I need to edit the pg_hba.conf file, but have now idea what are the steps to edit this file. Server Centos I need to add the following line in the file host all all 10.0.2.12 255.255.255.255 trust I located it in var/lib/pgsql/data/ Now basically I’m not sure what are the correct steps to do this Asked by Roland First […]

Continue Reading »
Oct 23, 2013
tom

Does amazon provide secure networking between servers

For example, suppose I have an ec2 instance and an elastic load balancer, is it safe to receive HTTPS traffic at the loadbalancer and forward it (unencrypted) to the instance. I’ve enabled the minimum set of security group permissions to allow the load balancer to talk to the instance, however, its unclear to me whether these permissions are applied at VM level, or at the networking level. If just at the VM level then, presumably, […]

Continue Reading »
Oct 22, 2013
tom

Why is Windows Update suddenly failing with error 0x80244019?

Since installing updates yesterday, one of our 2008 R2 servers refuses to connect to our WSUS again and, instead, reports the unknown error 0x80244019. Connecting to the official Windows Update repository works without any issues. The problem happens only with our local WSUS. The Windows support website on the error suggests: If you receive one of these errors while downloading updates, the most common cause is a computer virus that has turned off Windows Update, […]

Continue Reading »
Pages:1234567...5702»