Category Archives: freebsd

Server and Network Monitoring using MRTG – Part 1

This is the 1st series of articles highlighting the usage of MRTG for server and network monitoring.

In my previous article, I touched upon the basics of installing MRTG, Net-SNMP and used the cfgmaker tool to generate simple MRTG graphs. In this article, we further move on to the topic of creating MRTG graphs for a single Linux/Unix machine using only shell scripts.

The final goal or mission of these series of articles is to provide users concrete and professional examples of monitoring their servers and network devices using MRTG. In the end of these series of articles, we will round up and unite all these MRTG graphs to our web based network monitoring system called Nagios.

Continue reading

Advertisements

Effective User management under Linux/Unix

In this article, we look into the topic of managing our users on our local Linux/Unix box. As we know it, Linux/Unix is a multiuser environment, therefore, one of the main tasks of a system administrator is to create user accounts and provide a secure environment for users to do their work in.

Adding and removing users is still one of the most important task of a system administrator. Therefore, we as system administrators need a good understanding of how the Linux/Unix accounting system works in order to provide good network services to our users and clients.

Good account management is also the key determinant to system security. Infrequently used accounts are prime targets for crackers. So are accounts with weak passwords.

Continue reading

System integrity using Files, Permissions, Processes, Root and Sudo

To be a good in system administration, we have to understand the basics of files, processes and permissions of our Linux/Unix hosts. Therefore, in this article, we will cover the basic stuffs regarding files, processes, permissions, the SUPERUSER “root” account and the sudo program.

Every file and process on a Linux/Unix system is owned by a particular user account. Every file has both an owner and a group owner. What this means is that the owner of the file enjoys one special property that is not shared with everyone on the system. This property is the ability to modify the permissions of the file.

Other users on the system can’t access files belonging to others without the owner’s permission, so this restriction helps protect a user’s files against “malicious” users!

Continue reading

Configuring WCCP2 on a Cisco 3620/7206 router with Squid-2.6.18 running on FreeBSD-6.x

This How-To details the steps required to configure WCCP version 2 with a Cisco 3620 or 7206 router together with Squid-2.6.STABLE18 running on FreeBSD-6.2.

Cisco’s WCCP (Web Cache Control Protocol) version 2 is used for sending web requests from clients to 1 or more Squid proxy servers. WCCP feature allows us to redirect Web traffic to our proxy servers which in turn provides Web caching, filtering, or other services, thus reducing transmission costs and downloading time.

With WCCP, we can build a “cache cluster” for load balancing, scaling, and fault tolerance.

For example, in the case of 2 proxy severs, if 1 proxy server goes down, WCCP redirects clients requests to the 2nd working proxy server.

In the rare circumstance where both or all of your proxy servers should go down, WCCP will determine the dead proxy servers and will route clients web requests directly from your cisco router.

Note: Only Cisco IOS Release 12.1 and later releases allow the use of either Version 1 (WCCPv1) or Version 2 (WCCPv2) of the WCCP.

Continue reading

Enterprise FreeBSD/Linux Squid Proxy Server

Squid is the most popular high end web proxy used by both by small or big organizations and ISPs around the world. It improves web browsing performance and conserves bandwidth. It also has a very rich Access Control Lists (ACLs) which can be configured to act as superb filter and can also act as a firewall.

The Squid project, currently, is now being run entirely by volunteers. It has a small but very talented and professional group of developers. I request everybody using Squid to help this great project in their own respective ways. You can either participate directly in it’s development, or be a tester of it’s latest releases or you can simply submit articles.

Or best of all, if you have the resources, please donate to this great and wonderful project. Whatever you donate, no matter how much, will go towards it’s development and R&D which will benefit everybody and the internet community at large.

Please check the following URL for more details:

http://www.squid-cache.org/Intro/helping.dyn

This installation manual is for Squid-2.6.STABLE18 which is the latest as of today (23-Jan-2008). This How-To can be used either on Linux based Operating systems such as Debian and BSD based operating systems such as FreeBSD. For Solaris users, replace “make” with “gmake” and make sure that “/usr/sfw/bin” is in your PATH.

This guide below details the steps for creating a powerful Squid proxy server capable of serving thousands of users per second. Please refer to the graphs towards the end of this article for actual details.

Continue reading