Posted inbind9 centos

Upgrading Bind9 on centos 4.7

I’ve just upgrading one of my dns server recently. Orginaly centos 4.7 using bind-9.2.4-30.el4_7.2. Although this version not affected by cache poisoning vulnerability. as Dan Kaminsky  announced a massive, multi-vendor issue with DNS that could allow attackers to compromise any name server. Here’s how to upgrade bind-9.2.4 to bind-9.5.0.

Download the SOURCE rpms

# wget http://patrick.vande-walle.eu/upload/bind-9.5.0-33.P1.src.rpm

Compile/Build source RPM

# rpm -Ivh bind-9.5.0-33.P1.src.rpm
# cd /usr/src/redhat/SPECS/
# vi bind.spec

find this lines

# configuration files:
tar -C ${RPM_BUILD_ROOT} -xf %{SOURCE28}

change it to

tar -C ${RPM_BUILD_ROOT} -xjf %{SOURCE28}

Source28 is tar.bz2 file so we need tar -xjf options

Tags: , , No Comments
Posted incentos mysql policyd

Postfix + Centos + Policyd V2 + MySQL

Prerequisites

Requirements for Policyd v2

  • MySQL
  • Net::Server >= 0.96
  • Net::CIDR
  • Config::IniFiles (Debian based: libconfig-inifiles-perl, RPM based: perl-Config-IniFiles)
  • Cache::FastMmap (Debian based: libcache-fastmmap-perl, RPM based: perl-Cache-FastMmap)
  • Mail::SPF (Required for SPF)

Requirements for webui

  • PHP v5+

Download policyd v2

# wget http://downloads.sourceforge.net/project/policyd/2.0.x%20%28Stable%29/v2.0.7/cluebringer-2.0.7.tar.bz2?use_mirror=biznetnetworks

Build rpm from source tarball

# rpmbuild -ta cluebringer-2.0.7.tar.bz2
Tags: , , , 18
Posted indnswl postfix

Postfix + DNSWL

Sometimes we need to do manual whitelisting for mail users whose customers' admins don't respond to your complaints about their server settings. Another option to consider ist automatic whitelisting by using the hand-crafted DNSWL ( http://www.dnswl.org/ ). We should also consider requesting to get added to DNSWL. dnswl-update.sh [bash] #!/bin/sh…
Tags: , No Comments
Posted inpostfix

Postfix stress test

Source: The Book of Postfix by Ralf Hildebrandt and Patrick Koetter.

In order to measure how much traffic our postfix  can handle, we need to perform some kind of stress testing. To put an adequate load on the server, We need a fast mail traffic generator. Postfix comes with two  programs named smtp-source and smtp-sink for this purpose. Here’s how they work:

smtp-source

This program connects to a host on a TCP port (port 25 by default) and sends one or more messages, either sequentially or in parallel. The program speaks both SMTP (default) or LMTP and is meant to aid in measuring server performance.

smtp-sink

This test server listens on the named host (or address) and port. It recieves messages from the network and throws them away. You can measure client and network performance with this program.

The following example injects 100 total messages of size 5k each in 20 parallel sessions to a Postfix server running on localhost port 25. Because you’re also interested in how much time this takes, use the time command:

Tags: No Comments
Posted inUncategorized

Sujud Tilawah / Sujud Sajdah

Sujud Tilawah atau Sujud Sajdah ialah sujud yang disunatkan apabila membaca atau mendengar bacaan ayat-ayat suci Al-Quran. Sujud ini disunatkan apabila yang membaca itu sujud apabila sampai ke suatu tempat yang ditentukan. Begitu juga si pendengar juga sunat sujud apabila ia mendapati si pembaca itu sujud. Sabda Rasulullah S.A.W :…
No Comments
Posted inapache

Apache stress test

Apache includes a very useful tool for hammering the server. It’s called Apache Benchmark “ab” is the binary’s name and it can really hand a server it’s own ass if you don’t watch it. [bash] $ ab -kc 10 -t 30 http://localhost/ [/bash] That will open 10 connections, use Keep-Alive…
Tags: No Comments
Posted inpostfix

Postfix Debugger

This how to activate postfix debugger on my centos 5.2 in main.cf [text] debugger_command = PATH=/bin:/usr/bin:/usr/local/bin; (strace -p $process_id 2>&1 | logger -p mail.info) & sleep 5 [/text] in master.cf [text] smtp inet n - n - - smtpd -D [/text] [bash] # postfix reload [/bash]
Tags: , No Comments
Posted inesmtp smtp

Extended SMTP

Extended SMTP

Extended SMTP (ESMTP), sometimes referred to as Enhanced SMTP,is a definition of protocol extensions to the Simple Mail Transfer Protocol standard.
The extension format was defined in IETF publication RFC 1869 (1995) which established a general structure for all existing and future extensions.
ESMTP defines consistent and manageable means by which ESMTP clients and servers can be identified and servers can indicate supported extensions.

Extensions

The main identification feature is for ESMTP clients to open a transmission with the command EHLO (Extended HELLO), rather than HELO.

Some relatively common keywords (not all of them corresponding to commands) used today are:

Tags: , No Comments
Posted insmtp

The Difference Between HELO and EHLO

EHLO indicates that the client supports at least one of several possible extensions that are not part of the basic SMTP specification. HELO indicates that it does not, and that only the minimum SMTP set will be used when talking to this server. Many of these extensions are common and…
Tags: , , No Comments
Posted inmemory ram

Memory

ECC Memory

ECC stands for Error Checking and Correction. ECC memory is widely used in workstation and server computers.

What Is ECC and How Does It Work?

As the name “Error Checking and Correction” suggests, ECC is technology that allows computers to correct memory errors. The most popular type of ECC used in memory modules is single bit error correction. This enables the detection and correction of single-bit errors (within a byte, or 8bits of data). It will also detect two-bit and some multiple bit errors, but is unable to correct them.

How dos ECC work? Take the most common single bit error correction for example. For each byte of data sent across the memory bus, a check-bit is generated by calculating that byte of data using an Exclusive OR algorithm. This check-bit will be stored in a separate memory chip. That is why memory modules with ECC capabilities sport 9 memory chips on each side, rather than the 8 chips per side we often see with non-ECC memory modules.

Tags: , , , No Comments