You are here

Risharde's Blog

NAT forwarding on OpenVZ Linux (iptables)

This allows NAT (basically for routing internet) for your VPN
iptables -t nat -A POSTROUTING -j SNAT --to
iptables -t nat -A POSTROUTING -s /8 -o venet0 -j SNAT --to-source

List/Check the rules
iptables -t nat --list

Enable ipforwarding for ipv4 via /etc/sysctl.conf

Getting Unix Bench to run on CentOS

Okay, firstly you have to download Unix Bench via http://code.google.com/p/byte-unixbench/

You can use the wget command to do this

Next, after you download the unixbench.tar.gz file, you need to extract the files from the archive.
I use: tar -xvf unixbench.tar.gz

Make sure to install the libXext packages
I use: yum install libXext*

Go into the unixbench folder via the command line interface and type

./Run

That's it

Good luck! ;)

Block a host (iptables firewall)

Thanks to lowendtalk.com and Alex_Liquidhost for this:

iptables -A INPUT -s x.x.x.x -j DROP

where x.x.x.x is the IP address

I haven't tried it but it seems fairly straight forward and should work.

Of course, please be careful using the iptables command since it can be used to block all connections to your server.

Good luck!

Stay away from EVE and SANTA ROSA brand products in Trinidad and Tobago

I noticed today that EVE brand canned sausages did not include the cholesterol values in its nutrition facts. Santa Rosa also DOES NOT put the values anymore either! What you may not know is that in nearly every can of sausages, there is about 40 mg of cholesterol per serving - which I can tell you is not very good for you to consume often from my experience. What does this imply? I would guess that EVE is purposefully not putting the value on its products in order to get it sold which I believe is wrong and I therefore distrust them even more now. Can you imagine what else they may not be putting on their products? You wouldn't even know what you are eating. This is unacceptable and a very shady practice and a big shame on EVE for doing this.

Fail2ban 0.8.8 configuration to block SSH bruteforce on CENTOS

Okay, so I'm relatively new to fail2ban and after installing fail2ban from the source tar.gz files, I noticed the that the /etc/fail2ban/jail.conf settings for blocking ssh looked a bit odd concerning the "log" file it was suppose to scan. By default, the configuration looks at the /var/log/sshd.log file which does not exist in CENTOS 5 so after some research, I found out that the log file should be set as /var/log/secure . The clause should look like the following:

[ssh-iptables]

enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=risharde@gmail.com, sender=fail2ban@dev.risharde.com]
logpath = /var/log/secure
maxretry = 5

In the above, please replace my email address with your email information...

Good luck!

Toast to the bridesmaids examples

VERSION 1
Thank you Master of Ceremonies, family, friends, distinguished guests.

Firstly, to my and his lovely bride congratulations!

Today, I am ecstatic being given the envious opportunity
to propose a toast to 7 beautiful, elegant, charming, stunning,
exquisite, intelligent young braidesmaids and of course to thank
God that none of them fell in slow motion style at the altar!
Ladies and gentlemen, please raise your glasses as we toast
to the bridesmaids. Bridesmaids, we salute you!
Thank you

VERSION 2
Thank you Master of Ceremonies, family, friends, distinguished guests.

Firstly, to my and his lovely bride congratulations!

Today, I am ecstatic being given the envious opportunity
to propose a toast to 7 beautiful, elegant, charming, stunning,
exquisite, intelligent young braidesmaids and of course to thank
God that none of them fell in slow motion style at the altar!
Ladies and gentlemen, please raise your glasses as we toast
to one of the best support systems a bride could ever have.
Bridesmaids, we salute you!

VERSION 3
Bridesmaids form part of the integral structure of support before, during and
after weddings. Without their final approval of the groom, no wedding would take place!
Today, I am ecstatic to salute 7 beautiful, elegant, stunning,
exquisite, intelligent bridesmaids that adorned the bride!
Ladies and gentlemen, please raise your glasses as I toast to these young ladies.
Thank you.

Good luck!

SSH logins without password prompt

To generate a public key which is to be placed in the /home//.ssh/authorized_keys of the server you are trying to connect to. This will allow you to SSH without a password.

On the client machine, run: ssh-keygen -t rsa

Put this key into the authorized_keys in the remote computer :)

Presto

--Rish

If this helped you, please link back to the article! Thanks!

SSH Timing out / Timeouts Fix

Okay, so I have CENTOS installed and realized that if I connect to the server via SSH but stay idle for a while, the connection closes on me. Well apparently there's a setting that solves this problem. Edit your /etc/ssh/sshd_config file

nano /etc/ssh/sshd_config
Now add the following to the end of the file:

KeepAlive yes ClientAliveInterval 30
Now save the file and either restart your sshd service or reboot

NOTE: PLEASE BE CAREFUL! EDITING THE SSHD_CONFIG FILE WRONGLY COULD LEAD TO LOGIN PROBLEMS. IN OTHER WORDS, IT CAN CAUSE YOU TO NOT HAVE ACCESS TO YOUR DATA SO DO IT CORRECTLY!

4G Internet Regression?

Sorry but are we regressing in technology? Why would I want a 4G limited internet plan for my phone? So I could give money to money hungry cellular phone companies? I don't know about you but I am not stupid enough to do that. Since Digicel Customer Care did not contact me back within my 24 hours request I want to urge everyone to stay away from these 4G packages that are not unlimited (in other words, stay away from this limit package). It is not of true value to you nor in your best interest to pay for a limited amount of internet... this will only cause YOU to lose more money than you should. My best suggestion is always go with an unlimited internet plan especially when you are doing anything with multimedia or social media such as youtube, facebook etc. Do not succumb and encourage companies to ride your backs.

Did you know that Digicel Trinidad and Tobago does not support Blackberry Internet Service to be tethered to your laptop? What sort of company that wants to revolutionize cell phone services in Trinidad and Tobago would not be competent enough to offer this service? Maybe perhaps they are interested in selling you their limited 4G packages so that they can suck you dry of your money while they become corporate giants. Think about it, either way, it isn't good for you.

I know that even after I say all this, some of you will still encourage this but I have to try. It's purely ridiculous, illogical and down right a lack of intelligence. We need to get out of this 3rd world mentality.
There should be one package that just works, you should not have to order 3 packages just to get internet for the month. This makes sense only to the corporate giants at YOUR EXPENSE.

BE SMART!

Keshorn Walcott

Keshorn Walcott, you is the man of the hour! Don't take on them people who jealous you get so much stuff, you deserved it, well done!

Less tired, much better ;)

Since my post yesterday, I'm really sticking by what I'm saying and to be honest, today was pretty good not having to try to change the world all in vain. So now, I'll focus on making myself happy ;) Glad to finally move on to better things :)

Premium Gas goes up

The prime minister Kamla Persad-Bissessar just said on tv after the budget that this increase in premium gas from around 3 dollars to 5.75 per litre only affects 6% of the country's consumers. She also claims that only high end cars use premium gas... so clearly my cheap mitsubishi lancer 2002 with a 1.5 GDI engine is a "high end" car since it is recommended by Mitsubishi to use "premium" gas. I don't know how they are so utterly misinformed - so shameful.

Pages