I am going to sell a Linux server to a random person. For obvious reasons I want to clean up the hard disks so that the current data on the disk can never be retrieved. What is the safest way to do so? OS re-install? rm -rf *? or something else? The server is colocated and I don’t have physical access. Asked by alfish shred -z /dev/sdX This will overwrite the hard disk three times [...]

I have a distributed MsAccess front-end database which uses a mysql backend. It uses the Windows System DSN ODBC connections to connect to the server. All my Linked tables refer to that ODBC connection. The thing is though, they all use the same username and password which is hard-coded into each computer. What would be a better way to implement it so that each user gets it’s login. Since each DSN Connection is “hard-wired” I [...]

I have several managed switches at work that connect all computer within our office to the ADSL modem. However I would like enforce a VLAN policy to isolate traffic within the network. Through my previous studies of the CCNA certification it has come clear to me that I would require a router. The router would facilitate routing traffic back and forth between the different VLANs and the ADSL modem. However I have a limited budget [...]

UFW’s man page mentions that it can setup iptables rate limiting for me: ufw supports connection rate limiting, which is useful for protecting against brute-force login attacks. ufw will deny connections if an IP address has attempted to initiate 6 or more connections in the last 30 seconds. See http://www.debian-administration.org/articles/187 for details. Typical usage is: ufw limit ssh/tcp Unfortunately this is all the documentation that I could find. I would like to stick with UFW, [...]

I read recently in blogs that by default wget on linux is 750, so only root can execute it. I would like to allow users wget and change it to 755, but I read around the web that it is a big security risk.. Asked by giorgio79 Setting the permissions to 755 is no security risk. The security risk is, if you have software installed that have bugs (for example a blogging software, or other [...]

I’m looking to create a high-availability, scalable networking solution by using a distributed system of data. A node here, describes a network that has control over one copy of the data. These nodes might contain more than one machine but has one copy of the data. The nodes will contain data records which can be in a spent state or an unspent state. A client can request a transition for a record to go from [...]

Hi I recently got an email from Amazon, saying that my EC2 instance is sending spam. So what they say is my mail server is receiving email for a non-existing user and therefore bounces the email back without validating the source netrange. So to my understanding, some jerks are sending bogus emails to my mail server claiming to be someone else, and since the email delivery failed my mail server bounces the email back to [...]

I am running Linux virtual machines on a cloud provider. So effectively, the disk is a VHD file. The machine will have some sensitive information on the disk, such as certificates, passwords… I would like to encrypt some part (or all) of the disk so that in case someone gets their hands on the VHD file, they can’t recover the private information. Of course, since the server might be rebooted at any time by the [...]

A console-app runs on a single server in a domain and is tasked with deleting some home areas of users, who are no longer active. These homeareas are located on 50+ different servers spread around the network. The account runs under the context of an account, that is also a member of the Local Administrator group on each storage server, which has “Full Control” access to the relevant folders. This works great on a bunch [...]

My e-mail account, for my privately run business which I’ll call “VeryCoolCompany”, is starting to receive bounce-backs for users who don’t exist, like these: alan12ab1@verycoolcompany.com dietskra44-hey@verycoolcompany.com In short, somebody is sending e-mails which pretend to be from my company. No, they are not using my servers to do this. To be precise, my business e-mail is actually a g-mail account in disguise; it is rigged up to my company domain name. Nevertheless, if there is [...]