Nagios check_netsnmp_memory and RHEL6

Today I was searching for a nagios check which gets memory information over snmp. So I came across check_netsnmp_memory. It has also a nice php template for pnp4nagios. To test the command I run: # ./check_netsnmp_memory -L “Memory Utilization” -A ‘*’ -H graylog2.domb.net -C public -a ‘total,user,cached,buffer,%used_real,%used_swap,%user_real,%cached_real’ -w ‘,,,500MB,,65%,65%,’  -c ‘,,,800MB,,80%,80%,’ As a result I…

Read More

Bitdefender 2012 free for Linux Mint 12

Today I was searching anti virus software for Linux and I came across Bitdefender. Surprisingly Bitdefender gives away free licenses for home use. Here are the steps to install Bitdefender on Mint 12: 1. Go to their website http://download.bitdefender.com/SMB/Workstation_Security_and_Management/BitDefender_Antivirus_Scanner_for_Unices/Unix/Current/EN_FR_BR_RO/Linux/ and download the file BitDefender-Antivirus-Scanner-7.6-4.linux-gcc4x.i586.deb.run 2. Set the correct permission for BitDefender-Antivirus-Scanner-7.6-4.linux-gcc4x.i586.deb.run # chmod +x BitDefender-Antivirus-Scanner-7.6-4.linux-gcc4x.i586.deb.run…

Read More

RHEL6 SELinux cheat sheet

Lot of admin turn SELinux off because it looks complicated. Here is a cheat sheet to make your life easier Two important documentations about Selinux can be found here: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/index.html http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Confined_Services/index.html —————————————————————————– If you work on Centos or Redhat, install the following packages on your system: setroubleshoot.noarch : Helps troubleshoot SELinux problems setroubleshoot-plugins.noarch : Analysis…

Read More

RHEL6 openldap server

Please note that all  double quote characters in this example are plain ASCII ” characters not  typographical ones! Step 1: first we need to install the required packages: #yum install openldap-servers migrationtools Step2: As the configuration for LDAP is stored inside the LDAP server itself the configuration has to be done by editing LDIF files…

Read More

RHEL6 virsh console domain

To use the #virsh console command on a RHEL6 Virtual Server you need to configure the guests. If you do not configure them, this Escape character is ^] Is all you get. For RHEL6  clients you have to configure 2 files: /boot/grub/menu.lst add the modification in bold: default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz serial –unit=0 –speed=115200 terminal –timeout=10…

Read More

RHEL6 vsftp anonymous access selinux

First install the vsftpd package #yum install vsftpd after that edit the /etc/vsftpd/vsftpd.conf anonymous_enable=YES write_enable=YES local_umask=022 anon_upload_enable=YES anon_mkdir_write_enable=YES anon_other_write_enable=YES dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES ftpd_banner=Welcome to blah FTP service. listen=YES local_root=/var/ftp/upload pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES then edit tcpwrappers /etc/hosts.allow vsftpd: ALL Lets set the iptables: #iptables -A INPUT -m state –state NEW -m tcp -p tcp…

Read More

RHEL6 and SElinux

One of the most important packages to run successfully RHEL6 and SElinux is the setroubleshoot package. It includes useful tools like the setroubleshoot daemon and utils like sealert, sestatus….. So lets see whats the sestatus of my system: [root@rhel1 ~]# sestatus SELinux status:                 enabled SELinuxfs mount:                /selinux Current mode:                   enforcing Mode from config file:          enforcing…

Read More

RHEL secondary Name Server

Open /etc/named.conf // // named.conf for Red Hat caching-nameserver // options { directory “/var/named”; dump-file “/var/named/data/cache_dump.db”; statistics-file “/var/named/data/named_stats.txt”; // query-source address * port 53; (only needed when there is a FW between master an slave) allow-transfer {192.168.1.104/24;}; (slaveip) }; // // a caching only nameserver config // controls { inet 127.0.0.1 allow { localhost; }…

Read More