In case you ever installed VMWare server 2.02 on Centos 5.5 or 5.4 you probably ran into some problems where the web management keeps crashing and only the command-line is trustworthy.

The problem is caused by a new version of Glibc since the older versions work fine. Until CentOS or VMWare find a good solution this one will do the trick.

1. You need root access to solve this.
2. Go to the /etc/yum.repos.d folder and copy the CentOS-Base.repo to CentOS53-Base.repo .
3. Edit the CentOS53-Base.repo file, eg: vim /etc/yum.repos.d/CentOS53-Base.repo .
4. Append "53" to all packages, eg:
   [base] -> [base53]
   [updates] -> [updates53]
   etc.
5. Comment out the mirrorlist by putting a # in front of it.
6. Remove the baseurl line for all packages and replace it with the following:
   
   baseurl=http://vault.centos.org/5.3/os/x86_64/
   
   OR
   
   baseurl=http://vault.centos.org/5.3/os/i386/
   
   Depending if you are using the 32-bit or 64-bit version.
   
   
7. Now it's time to downgrade glibc and glibc-common.
   
   yum downgrade glibc glibc-common
   
   
8. I had to do this 7-8 times from a fully updated CentOS 5.5 version until you have the correct version. The version you are looking for is 2.5-34.
   
   
9. After you have the correct version installed, edit yum.conf so you can't update glibc again. Put this in your yum.conf:
   
   exclude=glibc* nscd gcc gcc-c++ cpp libstdc++* nss_ldap
   
   
10. Final step: restart your server and run /usr/bin/vmware-config.pl again.

If you want to make a backup from a MYSQL Database on a plesk server you can do this from the command line. There's just one catch...you need to be careful that you can't specify the username/password yourself. Instead you need to use the following command:

mysql -uadmin -p`cat /etc/psa/.psa.shadow`

For example; if you want to make a backup of a database this is what you should do:

mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` databasename > backupfile.sql

This will do the trick!

If you want to know all the hardware information about a linux machine without having the box in front of you, there's a way to solve this remotely using dmidecode.

For example I needed to know what version a certain server was, I knew it was a HP Proliant but I didn't know if it was a G3,4 or 5.

By using dmidecode you can get the following information:

dmidecode --type 1

Will give you all the system information, including the model number:

# dmidecode 2.10
SMBIOS 2.3 present.

Handle 0x0100, DMI type 1, 25 bytes
System Information
Manufacturer: HP
Product Name: ProLiant DL360 G4p
Version: Not Specified
Serial Number: xxxxxxxx     
UUID: xxxxxxxx
Wake-up Type: Power Switch

There are a lot of options you can use with dmidecode to get all the information you want, check out this list:

Type   Information
----------------------------------------
0   BIOS
1   System
2   Base Board
3   Chassis
4   Processor
5   Memory Controller
6   Memory Module
7   Cache
8   Port Connector
9   System Slots
10   On Board Devices
11   OEM Strings
12   System Configuration Options
13   BIOS Language
14   Group Associations
15   System Event Log
16   Physical Memory Array
17   Memory Device
18   32-bit Memory Error
19   Memory Array Mapped Address
20   Memory Device Mapped Address
21   Built-in Pointing Device
22   Portable Battery
23   System Reset
24   Hardware Security
25   System Power Controls
26   Voltage Probe
27   Cooling Device
28   Temperature Probe
29   Electrical Current Probe
30   Out-of-band Remote Access
31   Boot Integrity Services
32   System Boot
33   64-bit Memory Error
34   Management Device
35   Management Device Component
36   Management Device Threshold Data
37   Memory Channel
38   IPMI Device
39   Power Supply

This will make your life as a Linux Engineer much easier!

If you have any questions or comments please let me know.

On some webservers PHP is only allowed to have access to subdirectories under the website's root. This is a problem with subdomains or some PHP scripts. For example, I needed this to fix Akeeba Backup for Joomla.

The following example is for a Plesk server, perhaps directory structure for your webserver is different...

First you need to create a vhost.conf for this domainname, do this in /var/www/vhosts/<DOMAINNAME.TLD>/conf .

Put this in the vhost.conf file:

<Directory /var/www/vhosts/<DOMAINNAME.TLD>/httpdocs>
php_admin_value safe_mode off
php_admin_value open_basedir none
</Directory>

Now you need to rebuild the domain configs, just for this domain:

/usr/local/psa/admin/sbin/websrvmng -u --vhost-name=<DOMAINNAME.TLD>

Now you need to restart Apache and the problem should be solved!

Many people ask me where to start when they want to study Cisco so I decided to write a blog post about this.

Cisco offers different "tracks" when it comes to certification:

• Routing & Switching
• Design
• Network Security
• Service Provider
• Service Provider Operations
• Storage Networking
• Voice
• Wireless

Most of the tracks have 3 "levels" of certification:

• CCNA (Cisco Certified Network Associate)
• CCNP (Cisco Certified Network Professional)
• CCIE (Cisco Certified Ineternetwork Expert)

The most popular track is routing & switching, most people first start with routing & switching and take on another track later on. If you are interested in configuring networks for VoiP you will need to know some routing & switching protocols, especially quality of service. Implementing security is also kinda hard if you have no idea what to secure...

On the Cisco website you will always see this pyramid when they are talking about certifications:

At the bottom you see the "entry" level, i'm skipping that one and jumping right to the "Assosicate" level (CCNA) because that's where most people are starting. As you can see the bottom is very width, and if you go to the professional (CCNP) and expert (CCIE) level it's narrow.This image is chosen for a reason.

CCNA

If you start with studying Cisco, you'll start with the Associate level (CCNA). There are a lot of topics and technologies that you might have never heard about, so there's a lot of studying for you to do...I believe this makes it a hard exam for newcomers. If you want to self-study for CCNA I recommend you to get this book:

CCNA: Cisco Certified Network Associate Study Guide: Exam 640-802

It covers all the topics for the exam, if you read this book a couple of times and do all the exercises...you'll have a very good basic understanding of networking. It shows you the basics of networking, switching, routing, ip, etc.

You can get the CCNA certification by doing 2 seperate or a combined exam. If you do the combined exam you need to get a higher score and I only suggest doing this when you feel really confident about your networking knowledge or already have experience.

To beat Cisco exams you need to get hands-on experience. You can achieve this by buying old equipment (from ebay) and practice. This is what you will need at least:

2x Cisco 2950 Catalyst Switch. (any version will do)
2x Cisco 2610 Router with at least 1x FastEthernet and 1x Serial Connection.
1x Serial Console Cable (those are the famous blue Cisco cables for console connections)
1x Serial Cable
1x Serial 2 USB (in case you don't have a serial port on your PC or laptop).

If you are planning to continue studying Cisco I would suggest to buy Cisco 2550 Catalyst Switches instead of the 2950's, they are more useful for your CCNP.

It's possible to skip the routers because you can run Cisco IOS (Cisco's Operating System) on your PC or laptop by using Dynamips/GNS3. For more information and practice labs please visit my other website GNS3Vault.

Cisco 2610 Router

Cisco Catalyst 2950 Switch

Cisco Serial Console Cable:

Cisco Serial Cable:

CCNP

This equipment and the study guide should help you to pass your CCNA, Now if you want to continue studying your CCNP you will find that this is much easier (that's my opinion) then when you studied for your CCNA. When you started with the CCNA you had to study complete new material that you perhaps never heard or read about before, now you have a basic level of networking knowledge that you will further develop.

To achieve your CCNP certification you need to pass 3 exams:

• Route (Routing)
• Switch (Switching)
• Tshoot (Troubleshooting)

For passing your CCNP i'd suggest to read the following books:

Routing TCP/IP Volume 1:

This book isn't special for the CCNP but covers all the interior routing protocols and is written very well, a must read for every networking professional.

Routing TCP/IP Volume 2:

Sometimes more is better and that is definitely true for Routing TCP/IP. This book is more about BGP (Border Gateway Protocol), NAT and some IPv6.

The other books you should read are the Cisco Press books that cover the exam goals:

CCNP Route:

This is the official Cisco Press book, covers everything you need to know for the "Route" exam.

CCNP Switch:

Also the official Cisco Press book about the Switch exam. Teaches you everything about switching you need to know to pass the exam.

CCNP Tshoot:

Troubleshooting networks is fun, this book will show you everything you need to know.

Besides reading books you need to increase your hands-on experience...do more labs, build networks and so on. You can do alot of labs with routers by using the dynamips/gns3 software. Check out my website GNS3Vault which will help you a lot.

The new Cisco exams are very "practical". This means you will get a lot of questions you cannot answer if you don't have the hands-on experience. You need to build networks...do labs, try stuff out. Just reading the books is not going to be enough!

CCIE

Now the CCIE is a completely different beast. Honestly you can't compare this to CCNA or CCNP level. To pass the CCIE you need to do a written exam and pass the lab...currently I'm working on the CCIE myself and i'll write a blog post about this in the future ;)

One last note: buying books is very expensive...so perhaps you will like to check out "Safari Books Online". For a monthly fee you can read plenty of books. If you like reading like me, this is cheaper then having a full bookshelf at home :)

For labs: Don't forget to check my other website "GNS3Vault". It's free and has plenty of Cisco Labs to help you study!

Mod security will increase the security of your server, but sometimes it's blocking legitimate traffic. If you want to disable it for a single domain on your Plesk server, this is what you need to do:

1. Create a vhost.conf file and place it in the following directory:
   
   /var/www/vhosts/domainname/conf
   
   
2. It should include the following:
   
   <IfModule mod_security2.c>
   SecRuleEngine Off
   </IfModule>
   
   
3. Reconfigure Apache:
   
   /usr/local/psa/admin/bin/websrvmng -u --vhost-name=domainname.com
   
   
4. Restart Apache:
   
   service httpd restart

That's it, Mod Security is now disabled for this single domainname...

In case you are not sure what a buffer overflow exactly is, check out the following animation. It explains very well what it is...

Buffer Overflow Animation

A couple of weeks ago I launched GNS3Vault, you can download any Cisco Lab you like here for free and use it with the GNS3 software.

This is ideal when you are studying for your CCNA, CCNP, CCSP, CCIP or any other Cisco certificate. Even if you just want to upgrade your network knowledge this is a good place to check out.

If you haven't seen the website yet, here's the link:

http://www.gns3vault.com

Have fun, and good luck studying!

Rene

Hello all,

In case you are studying for you CCIE and are not sure what the DOC CD is about, and how importance it is...please check out this great link explaining it all:

DOC CD - IP Expert

I found a nice little overview of some IOS features that are possible on a Cisco router, some of them are enabled by default and possibly a security risk..it's a good idea to check them out and perhaps disable them on your network!

1. CDP: We all know CDP, the Cisco Discovery Protocol. It's a layer2 protocol that will tell your all the information about your neighboring devices..IP address, hardware, IOS version and so on. If you don't use it, disable it.
2. TCP Small servers: This is some TCP standard network services like echo, disable it.
3. UDP Small servers: Same but for UDP, disable it.
4. Finger: User lookup service, originally for Unix. Can be used remotely to list logged in users. Nobody needs to know this kind of information remotely...
5. HTTP server: very nice for in a lab (www.gns3vault.com) but not a good idea in a production environment.
6. Bootp server: Allows other routers to boot from this router, hardly ever used...
7. Configuration auto-loading: Your router will try to boot up from a TFTP, i've only used this once so my regular 2600's could boot the XM image in a lab...not gonna use it in production.
8. PAD service: Router will support X.25, not gonna use it.
9. IP Source routing: allows the creator of an IP packet to choose the route, you don't want this.
10. Proxy ARP: Your router will answer (proxy) for L2 ARP requests, don't use this.
11. IP directed broadcasts: Allows you to send packets to the broadcast address of another subnet, allows "smurf attacks". Used for DOS attacks...so disable this.
12. IP Unreachable notifications: Your router will notify a sender of incorrect IP addresses, gives away information.
13. IP Mask reply: Router will send the subnet mask of an interface in response to a ICMP mask request, gives away information.
14. IP Redirects: Your router will send an ICMP redirect in response to some router IP packets.
15. Maintenance Operations Protocol (MOP): Old management protocol, part of DECNET.
16. NTP service: Your router can become a time server, perhaps not needed.
17. SNMP: If you don't use SNMP, I'd suggest to disable/block it.
18. DNS: Routers can perform DNS lookups, if you don't use this i'd disable it.

Is there anything else that you miss in this list? please let me know!

Good luck securing your routers!