Archive for the tag 'implementation'

SBDavid
Feb 11th, 2011

Implementation and Execution of an installation script

Implementation and Execution of an installation script.

Script below is applicable in cases when Parallels Installer is previously uploaded to the target server and the execution bit is set in its permissions.

#!/bin/sh
SERVERS_LIST=”node1.example.com node2.example.com”
for current_server in $SERVERS_LIST; do
scp parallels_installer root@$current_server:
ssh -f root@$current_server “parallels_installer –source http://updates.example.com/ –target /tmp/panel –select-release-id PLESK_10_0_0 –install-component base –install-component postgresql –install-component asp –notify-email admin@domain-name.com”
done

To avoid being prompted for password each time you connect via SSH to the servers where the Panel should be installed, place your public key to the list of authorized keys of a user on whose behalf the script is run on each server.

Reference: http://parallels.com/

SBDavid
Oct 11th, 2009

Firewalls the core components of a network security implementation

Firewalls the core components of a network security implementation

Firewalls can be standalone hardware solutions, such as firewall appliances by Cisco, Nokia, and Sonicwall.
There are also proprietary software firewall solutions developed for home and business markets by vendors such as Checkpoint, McAfee, and Symantec.

Firewalls function:

NAT

Network Address Translation (NAT) places private IP subnetworks behind one or a small pool of public IP addresses, masquerading all requests to one source rather than several.

Packet Filter [iptables]

A packet filtering firewall reads each data packet that passes within and outside of a LAN. It can read and process packets by header information and filters the packet based on sets of programmable rules implemented by the firewall administrator.

The Linux kernel has built-in packet filtering functionality through the Netfilter kernel subsystem.

Proxy

A proxy machine acts as a buffer between malicious remote users and the internal network client machines.

Netfilter and iptables

The Linux kernel features a powerful networking subsystem called Netfilter. The Netfilter subsystem provides stateful or stateless packet filtering as well as NAT and IP masquerading services. Netfilter also has the ability to mangle IP header information for advanced routing and connection state management. Netfilter is controlled through the iptables utility.

Examples:

iptables - administration tools for packet filtering and NAT
shorewall - Shoreline Firewall, netfilter configurator - transitional package