Mail pretending to be sent from your domain? SPF! 
Mail servers usually have no method how to verify valid server which is authorized to send emails from concrete domain. Unless they do use SPF record mechanism. SPF stands for "Sender Permitted From"; SPF record says who is responsible for SENDING mail for a specific domain. (Note the MX record is primary designed to inform the world who is responsible for RECEIVING mail for a domain).

How to tell the world the only authorized mail servers (mail senders) for our domain? Via the DNS.

The example below says: if the mail claims to be from someone in the mail must be sent from the MX server for this domain. The a: record can be used to specify other hosts authorized to sent mail as well (other than hosts with the regular MX record). Those are -all the server. No exceptions.

TXT "v=spf1 mx -all"

Some nice short reading about SPF:


To test SPF settings:

Note: SPF records should also be published in DNS as type SPF records. This is new and most implementations do not support it yet.

Please consider to implement SPF to your mail server while receiving mail as well.

[ add comment ] ( 3 views )   |  [ 0 trackbacks ]   |  permalink
Notes on Veritas FS 

Find out where the diskgroup is imported (on which host)

vxdisk -s list

Start all the volumes in diskgroup

vxvol -g <dg> startall

Import/Deport pool

vxdg deport <dg> # deport pool from host
vxdg import <dg> -C # C switch clears hostid
vxdg import <dg> -f # F force import?

List disks/diskgroup/details

vxdisk list # shows disks
vxdg list # shows dg
vxinfo -g <dg> # show volumes in the groups

[ add comment ] ( 3 views )   |  [ 0 trackbacks ]   |  permalink
Installing Oracle Database 11g Release 1 on Linux - (RHEL 5) ... l#Overview

[ add comment ] ( 5 views )   |  [ 0 trackbacks ]   |  permalink
Disable yum kernel updates in CentOS Linux 

echo "exclude = kernel*" >> /etc/yum.conf

[ add comment ] ( 3 views )   |  [ 0 trackbacks ]   |  permalink
Allow vsftpd to use passive mode 
The design of the FTP protocol relies on two channels. One channel is dedicated to ftp commands (ls, pwd, get, bi, ha) and the other for data transfer only.

FTP protocol originally required ( after the command channel from client to server established - client conneced to port 21 ) server to connect from it's port ( 20 ) to the client's assigned data port ( above 1024 ). This mode nowadays called as "active mode" had problems with various network masquerades and client firewalls as well (because server issues CONNECTion to CLIENT).

Therefore, the other, PASSIVE mode was added to the FTP, which doesn't require server to send syn packet to client. The process works the way the client issues connection from some high-port ( > 1024 ) to FTP server ( to the data port 21 ), then for data transfer client will again sends ack to the FTP server to some of the server's high ports.

When your FTP server is firewalled, you will need to allow both modes, as some clients still have some firewalls in the way which prevent the active mode access.

To allow passive mode in vfstpd (which is the default ftpd in CentOS) you should add lines below to the vsftpd.conf. Vsftpd will use the port range specified to assign data channels in passive mode. One port to one client data connection.


Plus, if you host has the standard CenOS/RedHat firewall on you should add the lines which will allow client to connect the server's high port. The required port range in iptables is specified by colon ( 20000:20050 ).

[ add comment ] ( 4 views )   |  [ 0 trackbacks ]   |  permalink
The Nocturnes memo 
A long time ago Michael Kenna was interviewed by Tim Baskerville about night photography. As I would like to keep Michael's time suggestion, I'm pasting it here. The whole article can be foud at:

"On the first few night sessions students work with one manual camera, one lens set at f5.6, a tripod, cable release, flash light, paper, pencil, and Tri-X film (Tri-X is iso 400). I give basic starting points (i.e. an exposure in the city with direct street lighting-5 second exposure, in the city with indirect street lighting-1 minute, city open spaces with distant lighting-5 minutes, landscape outside the city-30 minutes, etc.), they will bracket one and two stops plus and minus, writing every exposure down, noting as many details as possible about the lighting conditions at the time. I suggest that they process their film 20% less than their usual development time. I think the initial hurdle involved in photographing at night is in getting comfortable with the equipment and the environment - it really is quite different from photographing during the day."

[ add comment ] ( 7 views )   |  [ 0 trackbacks ]   |  permalink
iSCSI scratchpad 

# zpool create pool c1t1d0 c1t2d0

# zfs create pool/iscsi

# zfs create –V 16g pool/iscsi/zvol1

# iscsitadm modify admin –base-directory /pool/iscsi

# iscsitadm create target –type disk –backing-store /dev/zvol/rdsk/pool/iscsi/zvol1

# iscsitadm list target

Target: zvol1

iSCSI Name:

Connections: 0

Then on the client…

# iscsiadm add static-config,

# devfsadm

[ add comment ] ( 3 views )   |  [ 0 trackbacks ]   |  permalink
Bits & Bytes Reference 

1 bit (bit)
1 byte (B) = 8 bits
1 kibibyte (KiB) = 2^10 bytes = 1,024 bytes
1 mebibyte (MiB) = 2^20 bytes = 1,048,576 bytes
1 gibibyte (GiB) = 2^30 bytes = 1,073,741,824 bytes
1 tebibyte (TiB) = 2^40 bytes = 1,099,511,627,776 bytes
1 pebibyte (PiB) = 2^50 bytes = 1,125,899,906,842,624 bytes
1 exbibyte (EiB) = 2^60 bytes = 1,152,921,504,606.846,976 bytes
1 zebibyte (ZiB) = 2^70 bytes = 1,180,591,620,717,411,303,424 bytes
1 yobibyte (YiB) = 2^80 bytes = 1,208,925,819,614,629,174,706,176 bytes

For further reference use: ... ytes.shtml

[ add comment ] ( 4 views )   |  [ 0 trackbacks ]   |  permalink
Simple Solaris iptraf like script 
How to monitor interface throughput on Solaris machine? I was looking for some sort of Linux's IPtraf (which is a great ip traffic monitor which can show you more than just interface traffic throuput) for Solaris. Seems no IPtraf port or similar text utility for Solaris so far. The script below should help you a bit and show the interface throughput.

It only prints out througput of the interface in 5 second intervals. If your system's interface is named ce0 instead of hme0, you need to change the script 'hme:0:hme0:*bytes' to 'ce:0:ce0:*bytes'.



# traffic monitor
# writes total number of bytes (traffic) per interval

I_BYTES_OLD=`kstat -p 'hme:0:hme0:*bytes' | grep rbytes | awk -F" " '{ print $2}'`
O_BYTES_OLD=`kstat -p 'hme:0:hme0:*bytes' | grep obytes | awk -F" " '{ print $2}'`

while true
DATE=`date +%m/%d/%y" "%H:%M:%S`

I_BYTES=`kstat -p 'hme:0:hme0:*bytes' | grep rbytes | awk -F" " '{ print $2}'`
O_BYTES=`kstat -p 'hme:0:hme0:*bytes' | grep obytes | awk -F" " '{ print $2}'`




sleep $WAIT
echo "$DATE interface: hme0 input: $I_BYTES_DIFF output: $O_BYTES_DIFF totalBytes: $T

[ add comment ] ( 3 views )   |  [ 0 trackbacks ]   |  permalink
ILOM quick how-to 
ILOM - Sun(TM) Integrated Lights Out Manager. ILOM is designed for managing SUN AMD based servers via network. You can access ILOM text console (via ssh) or WWW based ILOM frontend (via http/https).

What you can do with ILOM text console? Mostly you will use commands such as:

start /SP/console
reset /SYS
start /SYS
stop /SYS
start /SP/console

the commands above are self explanatory. The first command runs the console and the other thre performs reset/start/stop operation on the box.If you need to interact with hosted operating system, you can go to it's console via start /SP/console.

What you can't do with text ILOM console? You cannot change BIOS settings (as for example boot device priority). If you need to do that, launch ILOM WWW frontend (the same IP address as for the ILOM ssh access) and issue JAVA console redirection plug-in.

The ILOM (text) interface itself is some sort of UNIX shell. After you logon to the console you can use the UNIX commands as ls and cd. To begin with ILOM just issue ls on / (root).

-> ls /




There are so called TARGETS. You will use them as the ordinary directories. Just go to target (cd) and issue ls. The ls output tells you what you can do in each specific directory/target (or namespace - as the SUN sometime calls it).

-> cd /SYS

-> ls


type = Host System
power_state = On


We can go to other targets or issue commands available for that directory. In this case, reset, start/stop etc.

-> cd /SP

-> ls




We went to /SP and here we can go to console - or change some ILOM settings. Let's say we would like to change the network IP address for ILOM management card.

To change the IP address for the ILOM interface change the pending addresses first, then check and commit them.

cd /SP/network
set pendingipaddress=nnn.nn.nn.nn
set pendingipnetmask=nnn.nn.nn.nn
set pendingipgateway=nnn.nn.nn.nn
set commitpending=true

The rest you can find here:

How to escape from ILOM issued console session? Try [ESC] + [(] .

[ add comment ] ( 4 views )   |  [ 0 trackbacks ]   |  permalink

<<First <Back | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | Next> Last>>