Category: Linux

Posted on

VMware ESXi – Enable SSH

SSH access is not enabled, by default, in VMwae ESXi 4.

To enable SSH:

  1. Go to the ESXi console and press alt+F1, note: you will need to do this on your physical server.
  2. Type: unsupported, press enter.
  3. Enter the root password, press enter.
  4. At the prompt type: “vi /etc/inetd.conf”
  5. Look for the line that starts with “#ssh” (you can search with pressing “/”)
  6. Remove the “#” (press the “x” if the cursor is on the character)
  7. Save “/etc/inetd.conf” by typing “:wq!”
  8. Restart your ESXi server: reboot

Note: If your trying to find the location of your virtual machines do a global find using: #find . -name ‘*.vmdk’

Posted on

Snort Active Alering for Untangle 7.x

Snort Active Alerting allows email alerts to be sent to a pre-defined address in the event that Snort identifies and/or blocks a attack. This is useful in order to identify attacks as they occur rather than waiting for daily report logs.

These instructions are for enabling Snort Active Alerting in Untangle version 7.x and above –

1. Edit /etc/rsyslog.conf with the following:

Under: #### MODULES ####

Add:

$ModLoad ommail

Under: # provides UDP syslog reception, uncomment the following two lines:

#$ModLoad imudp
#$UDPServerRun 514

Under: #### GLOBAL DIRECTIVES ####, add the following action, changing to your information:

Continue reading "Snort Active Alering for Untangle 7.x"

Posted on

Lost Dell DRAC Password

If you’ve lost (or miss-placed) the password for a Dell Remote Access Card (DRAC) in a Dell PowerEdge server, you can follow this process to reset the password on the local server.

DRAC 4 Card

1. Check the administrator ID , note that on the DRAC 4, the first index slot is “root” by default.

$racadm getconfig -g cfgUserAdmin -i 1

2. Reset the administrator password:

$racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 1 “newpasswordhere“

DRAC 5 Card

1. Check the administrator account, note that the DRAC 5 index 1 is “Administrator”, index 2 is “root”.

$racadm getconfig -g cfgUserAdmin -i 2

2. Reset the administrator password:

$racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 2 “newpasswordhere“

This process will work in Windows or Linux, using the command line.

Posted on

Enable Disk Quota Support for Plesk

In order to monitor client disk space usage in Plesk, disk quota must be enabled. This is a two step process and the initial quota scan may take some time (~1 hour) and may cause notable load on your server so I recommend running this outside of your peak load times.

1. Add userquota to the FSTAB options:

Original FSTAB:

/dev/md0 / ext3 defaults 1 1

FSTAB with usrquota enabled:

/dev/md0 / ext3 defaults,usrquota 1 1

Lastly, remount your file system to enable quota support then run a quota scan:

# mount -o remount /
# quotaoff -av
# quotacheck -avum
# quotaon -av

More information regarding disk quota options can be found here.

Posted on

IP Blacklisting

In the event you find that an IP address you manage or access the Internet from is blacklisted, DNSBL can be a big help in quickly identifying who’s blacklisted you and why.

DNSBL includes links to all known public black lists and information on how to delist an IP address from each system.

Domain Name System Blacklists, also known as DNSBL’s or DNS Blacklists, are spam blocking lists that allow a website administrator to block messages from specific systems that have a history of sending spam. As their name implies, the lists are based on the Internet’s Domain Name System, which converts complicated, numerical IP address such as 140.239.191.10 into domain names like example.net, making the lists much easier to read, use, and search. If the maintainer of a DNS Blacklist has in the past received spam of any kind from a specific domain name, that server would be “blacklisted” and all messages sent from it would be either flagged or rejected from all sites that use that specific list.

For more information click here.