If you nead, automated certificate expiration checks on CentOS Linux

One important part of using SSL is to keep track of expiration dates on certificates. Most client software will rightfully refuse to connect to a server that presents an expired certificate, resulting in interrupted services. For CentOS and other RHEL based distributions, the crypto-utils package contains a very useful utility called certwatch, which can be used to detect whether a certificate will expire in the near future. (more…)

Read More

Updated PowerShell script to loop through files for printing.

After finishing my script from the previous post I thought there has to be a better way to write this and reduce the lines of code. Not that 5 separate lines is a lot. But, if the list of items to print grew larger say to 15 documents, and was in different subdirectories then it might get complicated. So, I set about trying to find a way to use the ForEach-Object cmd. After some trial and error I have come up with this.

$Directory = “\\SVR1\DATA\Reports\Trading\”

Get-ChildItem -path $Directory -recurse -include *.pdf | ForEach-Object {Start-Process -FilePath $_.fullname -Verb Print -PassThru | %{sleep 10;$_} | kill }

(more…)

Read More

PowerShell comparison operators -eq, -lt, -gt, -contains, -like, -match

If you are used to operators such as > or < or =, you have to do some rethinking. As with batch scripts, PowerShell uses abbreviations of the corresponding English words. -eq Equal -ne Not equal -lt Less than -le Less than or equal -gt Greater than -ge Greater than or equal You don’t need an if statement to test the result of a comparison operation. Without the if statement, the output of the comparison is, simply, TRUE or FALSE. (more…)

Read More

Postfix dkim and spf filtering

Installing OpenDKIM:
yum install opendkim

Create private and public key:

mkdir /etc/opendkim/keys/myhostname.lt
/usr/sbin/opendkim-genkey -D /etc/opendkim/keys/myhostname.lt/ -d myhostname.lt -s default
chown -R root:opendkim /etc/opendkim/keys/myhostname.lt
chmod 640 /etc/opendkim/keys/myhostname.lt/default.private
chmod 644 /etc/opendkim/keys/myhostname.lt/default.txt

(more…)

Read More

Setting static IP in CentOS 7 Minimal Installation

In order to set the network adapter and get get CentOS to communicate on the network the Ethernet adapter will need to be configured. In this lesson I will set a static IP address for the network adapter. To view a list of your network adapters use the command ip addr.

The configuration file for the network adapter should be located at /etc/sysconfig/network-scripts/ifcfg-enp0s3. With the minimal installation of CentOS there are not many options available to configure the network adapter. One option is to use the vi editor or nano to configure ifcfg-enp0s3. Another option is to use the nmtui utility to edit the network adapter. (more…)

Read More

Prevent DOS with iptables

Of course there are several types of DOS attacks , in this post I will demonstrating the use if iptables to limit the traffic on port 80.

The goal is to keep your web server “responsive” to legitimate traffic, but to throttle back on excessive (potential DOS) traffic.

In this demonstration iptables is configured :

  1. The default policy is ACCEPT (to prevent lockout in the event of flushing the rules with iptables -F).
  2. “Legitimate” traffic is then allowed. In this example I am allowing traffic only on port 80.
  3. All other traffic is then blocked at the end of the INPUT chain (the final rule in the INPUT chain is to DROP all traffic).

(more…)

Read More