Managing /etc with etckeeper and git
The following was done on Fedora 14. Keep in mind that the Etckeeper and git specific actions will be similar on whatever platform you’re on. Simply put, Etckeeper automatically revisions your /etc...
View ArticleSetting up sSMTP with GMail
Let me introduce you to the “extremely simple MTA to get mail off the system to a mailhub”. Particularly useful when you don’t want systems to have a full blown MTA installed. Such as Postfix, Exim or...
View ArticleClik here to view.
Guide and hardning tips for RHEL/CentOS 5 from NSA
As I was looking to see if NSA had updated their guides for RHEL 6 and it turns out they haven’t. I decided it would be a good idea to post about them to give them some better coverage. This is just a...
View ArticleRHEL/Centos 5 minimal installation
There’s no option during the CentOS 5 install, for a minimal installation. The purpose is quite simple, to keep the attack surface as small as possible. A minimal installation is performed by doing the...
View ArticleChanging the default PostgreSQL data folder (PGDATA)
Installing the PostgreSQL server on RHEL, CentOS, Scientific Linux or Fedora installs the PostgreSQL databases and configuration files in “/var/lib/pgsql/data”. This may or may not be desirable. Let’s...
View ArticleResetting the root/postgres password for PostgreSQL
The following is required to reset the root/postgres user password for PostgreSQL. The distribution used in my example is CentOS 5.5 and PostgreSQL 8.4. Note: By default there’s no password for the...
View ArticleView information about your BIOS from Linux using dmidecode
To get at this information we will use a utility called “dmidecode”. dmidecode is a tool for dumping a computer’s DMI (some say SMBIOS) table contents in a human-readable format. On CentOS/RHEL/Fedora...
View ArticleSelf-signed certificate for Apache
These instructions are distribution agnostic. However I used CentOS during my tests, so file paths will match that of CentOS, RHEL, Scientific Linux and Fedora. For any other distribution you’ll have...
View ArticleChange the default MySQL data directory with SELinux enabled
This is a short article that explains how you change the default MySQL data directory and adjust SELinux to account for the changes. The article assumes that you’re running either RHEL, CentOS,...
View ArticleChange the default SSH port and alter SELinux context to match
Security through obscurity is not something one would generally recommend. But to thwart the effort of automated scanners changing the default OpenSSH port will yield you less pain in every day life....
View Article
