SlideShare a Scribd company logo

Your Inner Sysadmin - LonestarPHP 2015

Chris Tankersley
Chris Tankersley

One thing that most programmers do not take the time to understand is the servers that their application lives on. Most know a smattering of Apache configs, PHP configs, and basic information about the OS. This talk will deal with looking at tools that can help you quickly set up a server and how it can help you be a better developer. We'll look at tools like puppet for server management, OSSEC for log management, different command line tools, and nagios/monit for system monitoring.

Software
1 of 53
Download to read offline
Your Inner Sysadmin Chris  Tankersley   @dragonmantank   LonestarPHP  2015   LonestarPHP  2015   1  
Who Am I •  PHP  Programmer  for  over  10  years   •  Sysadmin/DevOps  for  around  8  years   •  Using  Linux  for  more  than  15  years   •  hFps://github.com/dragonmantank   LonestarPHP  2015   2  
Here Be Dragons LonestarPHP  2015   3  
Traditional Lamp Stack LonestarPHP  2015   4  
Our Players LonestarPHP  2015   5  
And of course… LonestarPHP  2015   6  
The Server •         /bin  -­‐  EssenPal  user  executable  files   •         /boot  -­‐  Stuff  that  makes  the  OS  boot  up!   •         /dev  -­‐  Special  device  stuff  you  probably  won't  touch   •         /etc  -­‐  ConfiguraPon  files   •         /home  -­‐  User  home  directories   •         /sbin  -­‐  System  binaries   •         /usr  -­‐  MulP-­‐user  apps  and  uPliPes   •         /var  -­‐  Data  usually  lives  here   LonestarPHP  2015   7  
Installing Software •  Compile  soXware  from  scratch   •  Use  the  package  manager  (yum/apt)   LonestarPHP  2015   8  
Learn to love the Command Line LonestarPHP  2015   9  
Learn a CLI text editor •  vi/vim   •  emacs   •  nano   LonestarPHP  2015   10  
Authentication and Authorization LonestarPHP  2015   11  
SSH Keys •  SSH  generally  uses  a  Username/Password   •  SSH  Keys  pass  a  public  key  to  the  server   •  Can  use  a  single  key  for  mulPple  machines,  or  mulPple  keys  for   mulPple  machines   •  More  secure  since  ‘passwords’  cannot  be  stolen   LonestarPHP  2015   12  
sudo You  can  give  admin  access  to  users  (or  groups  of  users)  without  giving   them  root.     LonestarPHP  2015   13   #  Add  sudo  access  to  a  single  user  to  run  as  root   dragonmantank  ALL=(ALL)  ALL     #  Add  sudo  access  to  a  full  group   %admin  ALL=(ALL)  ALL   You  can  even  restrict  what  commands  the  users  can  run     #  Restrict  web  developers  to  only  restart  Apache  and  MySQL   %webdevs  192.168.1.0/255.255.225.0=(root)  NOPASSWD:/usr/sbin/service  apache2   restart,  /usr/sbin/service  mysql  restart  
Jailing Users Keeps  people  from  geang  to  things  they  shouldn't.  Protects  the  users   from  themselves.     LonestarPHP  2015   14  
Jailed Shells Gives  users  a  full  shell  but  not  the  enPre  file  system.  You  can  pick  and   choose  what  programs  the  user  can  have  access  too.  Jailkit  makes  this   incredibly  easy  to  set  up.   LonestarPHP  2015   15  
Jailed SFTP Locks  the  user  to  a  specific  base  path,  but  doesn’t  give  them  a  shell,   much  like  FTP.  You  get  the  security  of  SSH  though!  It  does  require  a   system  user  however.   LonestarPHP  2015   16  
Jailing SFTP #  In  /etc/ssh/sshd_config   Subsystem  ftp  sftp-­‐internal     #  At  the  bottom  of  the  file   Match  User  jailedsftp          ChrootDirectory  /some/path          AllowTCPForwarding  no          X11Forwarding  no          ForceCommand  sftp-­‐internal   LonestarPHP  2015   17  
Docker LonestarPHP  2015   18   If  you  do  it  the  non-­‐Docker  way  
Scripting Languages LonestarPHP  2015   19  
Bash Most  servers  use  bash  as  the  default  shell.  Most  shells  understand   bash's  syntax.  If  you  find  yourself  running  the  same  commands  over   and  over,  throw  it  in  a  bash  script.   LonestarPHP  2015   20  
Python Ships  with  most  distros.  Great  for   when  you  need  more  power  than   what  bash  has.   LonestarPHP  2015   21  
PHP! Leverage  your  PHP  skills  to  write  shell  scripts.     •  Symfony  Console  Component   •  Aura  CLI   LonestarPHP  2015   22  
Locking Down your Code LonestarPHP  2015   23  
Running Apache as a different user MPM-­‐ITK   LonestarPHP  2015   24   MOD_RUID2   <IfModule  mpm_itk_module>          AssignUserId  [user]  [group]   </IfModule>   RMode  config   RUidGid  myuser  mygroup   RDocumentChRoot  /var/www/vhosts/domain.com/   www/public  
PHP-FPM user  =  myuser   group  =  mygroup   chroot  =  /path/to/my/chroot   LonestarPHP  2015   25  
Logs LonestarPHP  2015   26  
Logrotate Rotates  logs  out  for  organizaPon  (or  other  purposes)   LonestarPHP  2015   27   weekly   rotate  4   create   include  /etc/logrotate.d   /var/log/wtmp  {          monthly          minsize  1M          create  0664  root  utmp          rotate  1   }  
Logwatch Script  that  runs  every  so  oXen  and  scans  a  bunch  of  logs  so  you  get  a   preFy  e-­‐mail  with  a  summary  of  events   LonestarPHP  2015   28   -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  httpd  Begin  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐      0.17  MB  transferred  in  792  responses    (1xx  0,  2xx  786,  3xx  0,  4xx  6,  5xx  0)          199  Content  pages  (0.09  MB),          593  Other  (0.09  MB)      Requests  with  error  response  codes          400  Bad  Request                /w00tw00t.at.ISC.SANS.DFind:):  1  Time(s)          404  Not  Found                /MyAdmin/scripts/setup.php:  1  Time(s)                /phpmyadmin/scripts/setup.php:  1  Time(s)                /w00tw00t.at.blackhats.romanian.anti-­‐sec:):  1  Time(s)                /webdav/:  2  Time(s)      -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  httpd  End  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐    
OSSEC Actually  a  Host  Intrusion  DetecPon  system,  but  it  does  this  by  watching   logs.  Will  alert  you  immediately  to  problems,  and  even  shut  down  the   aFacks.   LonestarPHP  2015   29   OSSEC  HIDS  Notification.   2012  Oct  24  11:38:10     Received  From:  maple-­‐>/var/log/auth.log   Rule:  5712  fired  (level  10)  -­‐>  "SSHD  brute  force  trying  to  get  access  to  the  system."   Portion  of  the  log(s):     Oct  24  11:38:09  maple  sshd[1062]:  Failed  password  for  invalid  user  alias  from   199.167.138.44  port  59988  ssh2   Oct  24  11:38:07  maple  sshd[1062]:  Invalid  user  alias  from  199.167.138.44   Oct  24  11:38:06  maple  sshd[1059]:  Failed  password  for  invalid  user  recruit  from   199.167.138.44  port  59884  ssh2  
Preventing Intruders LonestarPHP  2015   30  
hosts.deny and hosts.allow Set  of  files  to  allow  or  deny  access  to  the  machine  or  certain  apps/ ports  on  the  machine     LonestarPHP  2015   31  
IPTables A  firewall  that  is  generally  available  on  Linux  machines  that  can  be   configured  many  different  ways  to  allow  or  block  or  mangle  traffic     LonestarPHP  2015   32  
OSSEC IDS  that  was  logs  and  will  use  hosts.deny  and  iptables  to  block  stuff   automaPcally  for  you!     LonestarPHP  2015   33  
Configuration Management LonestarPHP  2015   34  
What is Configuration Management? Process  by  which  you  figure  out  what  goes  on  your  servers,  how  you   want  them  set  up,  and  keeping  track  of  that  informaPon.  Files  are   usually  stored  in  source  control  on  one  server  and  pushed  to  clients.     LonestarPHP  2015   35  
Why do you need it? •  Ever  needed  to  keep  track  of  when  files  get  changed?   •  Ever  needed  to  roll  back  a  change?   •  Ever  needed  to  push  the  same  change  to  a  bunch  of  servers   •  Ever  needed  to  set  up  a  server  exactly  the  same  way  as  another   server?   LonestarPHP  2015   36  
General CM Workflow LonestarPHP  2015   37   Write  a  Manifest  file   Client  checks  and  compiles   the  manifests   Client  makes  changes   based  on  manifests  
Ansible •  hFps://serversforhackers.com/geang-­‐started-­‐with-­‐ansible/   LonestarPHP  2015   38  
Puppet •  hFp://www.erikaheidi.com/page/vagrant   LonestarPHP  2015   39  
Server Monitoring LonestarPHP  2015   40  
Quick Poll •  Who  here  knows  that  their  server  is  up  right  now?   •  Are  all  of  the  required  services  running?   •  Are  there  enough  resources  currently  available?   LonestarPHP  2015   41  
Service Monitoring with Monit LonestarPHP  2015   42  
Host Monitoring with Icinga LonestarPHP  2015   43  
Software Tools LonestarPHP  2015   44  
tmux/screen Command  line  mulPplexer   LonestarPHP  2015   45  
tail Look  at  the  newest  entries  in  a  log,  or  even  watch  log  files  as  they  are   generated   LonestarPHP  2015   46  
curl Command  line  program  for  transferring  data  via  a  URL   LonestarPHP  2015   47  
iftop Displays  a  breakdown  of  bandwidth  usage  by  host     LonestarPHP  2015   48  
htop Slightly  beFer  interface  for  checking  memory  and  CPU  usage   LonestarPHP  2015   49  
tcpdump Allows  you  to  view  and  record  data  transmiFed  over  the  network.   Couple  this  with  wireshark  and  you  can  inspect  the  packets!     LonestarPHP  2015   50  
Servers for Hackers Chris  Fidao   @fideloper   hFp://serversforhackers.com   LonestarPHP  2015   51  
Questions? LonestarPHP  2015   52  
Thank You! http://ctankersley.com chris@ctankersley.com @dragonmantank https://joind.in/13537 LonestarPHP  2015   53  

Recommended

Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)Chris Tankersley
 
High performance content hosting
High performance content hosting High performance content hosting
High performance content hosting Aleksey Korzun
 
Deployment of WebObjects applications on CentOS Linux
Deployment of WebObjects applications on CentOS LinuxDeployment of WebObjects applications on CentOS Linux
Deployment of WebObjects applications on CentOS LinuxWO Community
 
How lve stats2 works for you and your customers
How lve stats2 works for you and your customersHow lve stats2 works for you and your customers
How lve stats2 works for you and your customersCloudLinux
 
OTRS
OTRSOTRS
OTRSMuhammad Qazi
 
Free ipa installation and cluster configuration, freeipa client connection
Free ipa installation and cluster configuration, freeipa client connectionFree ipa installation and cluster configuration, freeipa client connection
Free ipa installation and cluster configuration, freeipa client connectionRustam Sariyev
 
5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Mano5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Manovideos
 
6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of servers6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of serversvideos
 

Recommended

Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)Chris Tankersley
 
High performance content hosting
High performance content hosting High performance content hosting
High performance content hosting Aleksey Korzun
 
Deployment of WebObjects applications on CentOS Linux
Deployment of WebObjects applications on CentOS LinuxDeployment of WebObjects applications on CentOS Linux
Deployment of WebObjects applications on CentOS LinuxWO Community
 
How lve stats2 works for you and your customers
How lve stats2 works for you and your customersHow lve stats2 works for you and your customers
How lve stats2 works for you and your customersCloudLinux
 
OTRS
OTRSOTRS
OTRSMuhammad Qazi
 
Free ipa installation and cluster configuration, freeipa client connection
Free ipa installation and cluster configuration, freeipa client connectionFree ipa installation and cluster configuration, freeipa client connection
Free ipa installation and cluster configuration, freeipa client connectionRustam Sariyev
 
5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Mano5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Manovideos
 
6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of servers6. hands on - open mano demonstration in remote pool of servers
6. hands on - open mano demonstration in remote pool of serversvideos
 
Linux Hardening - nullhyd
Linux Hardening - nullhydLinux Hardening - nullhyd
Linux Hardening - nullhydn|u - The Open Security Community
 
Red Hat Certified Engineer (RHCE) EX294 Exam Questions
Red Hat Certified Engineer (RHCE) EX294 Exam QuestionsRed Hat Certified Engineer (RHCE) EX294 Exam Questions
Red Hat Certified Engineer (RHCE) EX294 Exam QuestionsStudy Material
 
Hardening Linux and introducing Securix Linux
Hardening Linux and introducing Securix LinuxHardening Linux and introducing Securix Linux
Hardening Linux and introducing Securix LinuxSecurity Session
 
Linux Crash Dump Capture and Analysis
Linux Crash Dump Capture and AnalysisLinux Crash Dump Capture and Analysis
Linux Crash Dump Capture and AnalysisPaul V. Novarese
 
J Ruby On Rails Presentation
J Ruby On Rails PresentationJ Ruby On Rails Presentation
J Ruby On Rails Presentationrailsconf
 
제3회난공불락 오픈소스 인프라세미나 - lustre
제3회난공불락 오픈소스 인프라세미나 - lustre제3회난공불락 오픈소스 인프라세미나 - lustre
제3회난공불락 오픈소스 인프라세미나 - lustreTommy Lee
 
9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_training9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_trainingvideos
 
SaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltStack
 
Software management in linux
Software management in linuxSoftware management in linux
Software management in linuxnejadmand
 
Snort296x centos6x 2
Snort296x centos6x 2Snort296x centos6x 2
Snort296x centos6x 2Trinh Tuan
 
RPM: Speed up your deploy
RPM: Speed up your deployRPM: Speed up your deploy
RPM: Speed up your deployfcrippa
 
Free radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleFree radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleChanaka Lasantha
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...SaltStack
 
Bundling Packages and Deploying Applications with RPM
Bundling Packages and Deploying Applications with RPMBundling Packages and Deploying Applications with RPM
Bundling Packages and Deploying Applications with RPMAlexander Shopov
 
"Relax and Recover", an Open Source mksysb for Linux on Power
"Relax and Recover", an Open Source mksysb for Linux on Power"Relax and Recover", an Open Source mksysb for Linux on Power
"Relax and Recover", an Open Source mksysb for Linux on PowerSebastien Chabrolles
 
Relax-and-Recover Automated Testing
Relax-and-Recover Automated TestingRelax-and-Recover Automated Testing
Relax-and-Recover Automated TestingGratien D'haese
 
Install and Configure Ubuntu for Hadoop Installation for beginners
Install and Configure Ubuntu for Hadoop Installation for beginners Install and Configure Ubuntu for Hadoop Installation for beginners
Install and Configure Ubuntu for Hadoop Installation for beginners Shilpa Hemaraj
 
Perfect Linux Desktop - OpenSuSE 12.2
Perfect Linux Desktop - OpenSuSE 12.2Perfect Linux Desktop - OpenSuSE 12.2
Perfect Linux Desktop - OpenSuSE 12.2Davor Guttierrez
 
Software Packaging with RPM
Software Packaging with RPMSoftware Packaging with RPM
Software Packaging with RPMSchalk Cronjé
 
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios
 
Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015Chris Tankersley
 
Securing Your Webserver By Pradeep Sharma
Securing Your Webserver By Pradeep SharmaSecuring Your Webserver By Pradeep Sharma
Securing Your Webserver By Pradeep SharmaOSSCube
 

More Related Content

What's hot

Red Hat Certified Engineer (RHCE) EX294 Exam Questions
Red Hat Certified Engineer (RHCE) EX294 Exam QuestionsRed Hat Certified Engineer (RHCE) EX294 Exam Questions
Red Hat Certified Engineer (RHCE) EX294 Exam QuestionsStudy Material
 
Hardening Linux and introducing Securix Linux
Hardening Linux and introducing Securix LinuxHardening Linux and introducing Securix Linux
Hardening Linux and introducing Securix LinuxSecurity Session
 
Linux Crash Dump Capture and Analysis
Linux Crash Dump Capture and AnalysisLinux Crash Dump Capture and Analysis
Linux Crash Dump Capture and AnalysisPaul V. Novarese
 
J Ruby On Rails Presentation
J Ruby On Rails PresentationJ Ruby On Rails Presentation
J Ruby On Rails Presentationrailsconf
 
제3회난공불락 오픈소스 인프라세미나 - lustre
제3회난공불락 오픈소스 인프라세미나 - lustre제3회난공불락 오픈소스 인프라세미나 - lustre
제3회난공불락 오픈소스 인프라세미나 - lustreTommy Lee
 
9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_training9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_trainingvideos
 
SaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltStack
 
Software management in linux
Software management in linuxSoftware management in linux
Software management in linuxnejadmand
 
Snort296x centos6x 2
Snort296x centos6x 2Snort296x centos6x 2
Snort296x centos6x 2Trinh Tuan
 
RPM: Speed up your deploy
RPM: Speed up your deployRPM: Speed up your deploy
RPM: Speed up your deployfcrippa
 
Free radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleFree radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleChanaka Lasantha
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...SaltStack
 
Bundling Packages and Deploying Applications with RPM
Bundling Packages and Deploying Applications with RPMBundling Packages and Deploying Applications with RPM
Bundling Packages and Deploying Applications with RPMAlexander Shopov
 
"Relax and Recover", an Open Source mksysb for Linux on Power
"Relax and Recover", an Open Source mksysb for Linux on Power"Relax and Recover", an Open Source mksysb for Linux on Power
"Relax and Recover", an Open Source mksysb for Linux on PowerSebastien Chabrolles
 
Relax-and-Recover Automated Testing
Relax-and-Recover Automated TestingRelax-and-Recover Automated Testing
Relax-and-Recover Automated TestingGratien D'haese
 
Install and Configure Ubuntu for Hadoop Installation for beginners
Install and Configure Ubuntu for Hadoop Installation for beginners Install and Configure Ubuntu for Hadoop Installation for beginners
Install and Configure Ubuntu for Hadoop Installation for beginners Shilpa Hemaraj
 
Perfect Linux Desktop - OpenSuSE 12.2
Perfect Linux Desktop - OpenSuSE 12.2Perfect Linux Desktop - OpenSuSE 12.2
Perfect Linux Desktop - OpenSuSE 12.2Davor Guttierrez
 
Software Packaging with RPM
Software Packaging with RPMSoftware Packaging with RPM
Software Packaging with RPMSchalk Cronjé
 
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios
 

What's hot (20)

Linux Hardening - nullhyd
Linux Hardening - nullhydLinux Hardening - nullhyd
Linux Hardening - nullhyd
 
Red Hat Certified Engineer (RHCE) EX294 Exam Questions
Red Hat Certified Engineer (RHCE) EX294 Exam QuestionsRed Hat Certified Engineer (RHCE) EX294 Exam Questions
Red Hat Certified Engineer (RHCE) EX294 Exam Questions
 
Hardening Linux and introducing Securix Linux
Hardening Linux and introducing Securix LinuxHardening Linux and introducing Securix Linux
Hardening Linux and introducing Securix Linux
 
Linux Crash Dump Capture and Analysis
Linux Crash Dump Capture and AnalysisLinux Crash Dump Capture and Analysis
Linux Crash Dump Capture and Analysis
 
J Ruby On Rails Presentation
J Ruby On Rails PresentationJ Ruby On Rails Presentation
J Ruby On Rails Presentation
 
제3회난공불락 오픈소스 인프라세미나 - lustre
제3회난공불락 오픈소스 인프라세미나 - lustre제3회난공불락 오픈소스 인프라세미나 - lustre
제3회난공불락 오픈소스 인프라세미나 - lustre
 
9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_training9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_training
 
SaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
SaltConf14 - Ben Cane - Using SaltStack in High Availability Environments
 
Software management in linux
Software management in linuxSoftware management in linux
Software management in linux
 
Snort296x centos6x 2
Snort296x centos6x 2Snort296x centos6x 2
Snort296x centos6x 2
 
RPM: Speed up your deploy
RPM: Speed up your deployRPM: Speed up your deploy
RPM: Speed up your deploy
 
Free radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleFree radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmaple
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
 
Bundling Packages and Deploying Applications with RPM
Bundling Packages and Deploying Applications with RPMBundling Packages and Deploying Applications with RPM
Bundling Packages and Deploying Applications with RPM
 
"Relax and Recover", an Open Source mksysb for Linux on Power
"Relax and Recover", an Open Source mksysb for Linux on Power"Relax and Recover", an Open Source mksysb for Linux on Power
"Relax and Recover", an Open Source mksysb for Linux on Power
 
Relax-and-Recover Automated Testing
Relax-and-Recover Automated TestingRelax-and-Recover Automated Testing
Relax-and-Recover Automated Testing
 
Install and Configure Ubuntu for Hadoop Installation for beginners
Install and Configure Ubuntu for Hadoop Installation for beginners Install and Configure Ubuntu for Hadoop Installation for beginners
Install and Configure Ubuntu for Hadoop Installation for beginners
 
Perfect Linux Desktop - OpenSuSE 12.2
Perfect Linux Desktop - OpenSuSE 12.2Perfect Linux Desktop - OpenSuSE 12.2
Perfect Linux Desktop - OpenSuSE 12.2
 
Software Packaging with RPM
Software Packaging with RPMSoftware Packaging with RPM
Software Packaging with RPM
 
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
 

Similar to Your Inner Sysadmin - LonestarPHP 2015

Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015Chris Tankersley
 
Securing Your Webserver By Pradeep Sharma
Securing Your Webserver By Pradeep SharmaSecuring Your Webserver By Pradeep Sharma
Securing Your Webserver By Pradeep SharmaOSSCube
 
Install MariaDB on IBM i - Tips, troubleshooting, and more
Install MariaDB on IBM i - Tips, troubleshooting, and moreInstall MariaDB on IBM i - Tips, troubleshooting, and more
Install MariaDB on IBM i - Tips, troubleshooting, and moreRod Flohr
 
Metasploit For Beginners
Metasploit For BeginnersMetasploit For Beginners
Metasploit For BeginnersRamnath Shenoy
 
Supercharging your PHP pages with mod_lsapi in CloudLinux OS
Supercharging your PHP pages with mod_lsapi in CloudLinux OSSupercharging your PHP pages with mod_lsapi in CloudLinux OS
Supercharging your PHP pages with mod_lsapi in CloudLinux OSCloudLinux
 
No locked doors, no windows barred: hacking OpenAM infrastructure
No locked doors, no windows barred: hacking OpenAM infrastructureNo locked doors, no windows barred: hacking OpenAM infrastructure
No locked doors, no windows barred: hacking OpenAM infrastructureAndrew Petukhov
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guideCraig Cannon
 
Read-only rootfs: theory and practice
Read-only rootfs: theory and practiceRead-only rootfs: theory and practice
Read-only rootfs: theory and practiceChris Simmonds
 
Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)Amin Astaneh
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy Systemadrian_nye
 
php & performance
php & performance php & performance
php & performancesimon8410
 
Automating Post Exploitation with PowerShell
Automating Post Exploitation with PowerShellAutomating Post Exploitation with PowerShell
Automating Post Exploitation with PowerShellEnclaveSecurity
 
4. open mano set up and usage
4. open mano set up and usage4. open mano set up and usage
4. open mano set up and usagevideos
 
Securing Your Web Server
Securing Your Web ServerSecuring Your Web Server
Securing Your Web Servermanugoel2003
 
PHP & Performance
PHP & PerformancePHP & Performance
PHP & Performance毅 吕
 
PHP Installed on IBM i - the Nickel Tour
PHP Installed on IBM i - the Nickel TourPHP Installed on IBM i - the Nickel Tour
PHP Installed on IBM i - the Nickel TourRod Flohr
 
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios
 
A3Sec Advanced Deployment System
A3Sec Advanced Deployment SystemA3Sec Advanced Deployment System
A3Sec Advanced Deployment Systema3sec
 
Salt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environmentsSalt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environmentsBenjamin Cane
 

Similar to Your Inner Sysadmin - LonestarPHP 2015 (20)

Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015
 
Securing Your Webserver By Pradeep Sharma
Securing Your Webserver By Pradeep SharmaSecuring Your Webserver By Pradeep Sharma
Securing Your Webserver By Pradeep Sharma
 
Ansible - A 'crowd' introduction
Ansible - A 'crowd' introductionAnsible - A 'crowd' introduction
Ansible - A 'crowd' introduction
 
Install MariaDB on IBM i - Tips, troubleshooting, and more
Install MariaDB on IBM i - Tips, troubleshooting, and moreInstall MariaDB on IBM i - Tips, troubleshooting, and more
Install MariaDB on IBM i - Tips, troubleshooting, and more
 
Metasploit For Beginners
Metasploit For BeginnersMetasploit For Beginners
Metasploit For Beginners
 
Supercharging your PHP pages with mod_lsapi in CloudLinux OS
Supercharging your PHP pages with mod_lsapi in CloudLinux OSSupercharging your PHP pages with mod_lsapi in CloudLinux OS
Supercharging your PHP pages with mod_lsapi in CloudLinux OS
 
No locked doors, no windows barred: hacking OpenAM infrastructure
No locked doors, no windows barred: hacking OpenAM infrastructureNo locked doors, no windows barred: hacking OpenAM infrastructure
No locked doors, no windows barred: hacking OpenAM infrastructure
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guide
 
Read-only rootfs: theory and practice
Read-only rootfs: theory and practiceRead-only rootfs: theory and practice
Read-only rootfs: theory and practice
 
Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)Linux Server Deep Dives (DrupalCon Amsterdam)
Linux Server Deep Dives (DrupalCon Amsterdam)
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy System
 
php & performance
php & performance php & performance
php & performance
 
Automating Post Exploitation with PowerShell
Automating Post Exploitation with PowerShellAutomating Post Exploitation with PowerShell
Automating Post Exploitation with PowerShell
 
4. open mano set up and usage
4. open mano set up and usage4. open mano set up and usage
4. open mano set up and usage
 
Securing Your Web Server
Securing Your Web ServerSecuring Your Web Server
Securing Your Web Server
 
PHP & Performance
PHP & PerformancePHP & Performance
PHP & Performance
 
PHP Installed on IBM i - the Nickel Tour
PHP Installed on IBM i - the Nickel TourPHP Installed on IBM i - the Nickel Tour
PHP Installed on IBM i - the Nickel Tour
 
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
 
A3Sec Advanced Deployment System
A3Sec Advanced Deployment SystemA3Sec Advanced Deployment System
A3Sec Advanced Deployment System
 
Salt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environmentsSalt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environments
 

More from Chris Tankersley

Docker is Dead: Long Live Containers
Docker is Dead: Long Live ContainersDocker is Dead: Long Live Containers
Docker is Dead: Long Live ContainersChris Tankersley
 
Bend time to your will with git
Bend time to your will with gitBend time to your will with git
Bend time to your will with gitChris Tankersley
 
Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Chris Tankersley
 
Dead Simple APIs with OpenAPI
Dead Simple APIs with OpenAPIDead Simple APIs with OpenAPI
Dead Simple APIs with OpenAPIChris Tankersley
 
Killer Docker Workflows for Development
Killer Docker Workflows for DevelopmentKiller Docker Workflows for Development
Killer Docker Workflows for DevelopmentChris Tankersley
 
Docker for Developers - PHP Detroit 2018
Docker for Developers - PHP Detroit 2018Docker for Developers - PHP Detroit 2018
Docker for Developers - PHP Detroit 2018Chris Tankersley
 
BASHing at the CLI - Midwest PHP 2018
BASHing at the CLI - Midwest PHP 2018BASHing at the CLI - Midwest PHP 2018
BASHing at the CLI - Midwest PHP 2018Chris Tankersley
 
You Were Lied To About Optimization
You Were Lied To About OptimizationYou Were Lied To About Optimization
You Were Lied To About OptimizationChris Tankersley
 
Docker for PHP Developers - php[world] 2017
Docker for PHP Developers - php[world] 2017Docker for PHP Developers - php[world] 2017
Docker for PHP Developers - php[world] 2017Chris Tankersley
 
Docker for PHP Developers - Madison PHP 2017
Docker for PHP Developers - Madison PHP 2017Docker for PHP Developers - Madison PHP 2017
Docker for PHP Developers - Madison PHP 2017Chris Tankersley
 
Docker for Developers - php[tek] 2017
Docker for Developers - php[tek] 2017Docker for Developers - php[tek] 2017
Docker for Developers - php[tek] 2017Chris Tankersley
 
Why Docker? Dayton PHP, April 2017
Why Docker? Dayton PHP, April 2017Why Docker? Dayton PHP, April 2017
Why Docker? Dayton PHP, April 2017Chris Tankersley
 
OOP Is More Then Cars and Dogs - Midwest PHP 2017
OOP Is More Then Cars and Dogs - Midwest PHP 2017OOP Is More Then Cars and Dogs - Midwest PHP 2017
OOP Is More Then Cars and Dogs - Midwest PHP 2017Chris Tankersley
 
From Docker to Production - SunshinePHP 2017
From Docker to Production - SunshinePHP 2017From Docker to Production - SunshinePHP 2017
From Docker to Production - SunshinePHP 2017Chris Tankersley
 
Docker for Developers - Sunshine PHP
Docker for Developers - Sunshine PHPDocker for Developers - Sunshine PHP
Docker for Developers - Sunshine PHPChris Tankersley
 
Coming to Terms with OOP In Drupal - php[world] 2016
Coming to Terms with OOP In Drupal - php[world] 2016Coming to Terms with OOP In Drupal - php[world] 2016
Coming to Terms with OOP In Drupal - php[world] 2016Chris Tankersley
 
How We Got Here: A Brief History of Open Source
How We Got Here: A Brief History of Open SourceHow We Got Here: A Brief History of Open Source
How We Got Here: A Brief History of Open SourceChris Tankersley
 

More from Chris Tankersley (20)

Docker is Dead: Long Live Containers
Docker is Dead: Long Live ContainersDocker is Dead: Long Live Containers
Docker is Dead: Long Live Containers
 
Bend time to your will with git
Bend time to your will with gitBend time to your will with git
Bend time to your will with git
 
Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)
 
Dead Simple APIs with OpenAPI
Dead Simple APIs with OpenAPIDead Simple APIs with OpenAPI
Dead Simple APIs with OpenAPI
 
Killer Docker Workflows for Development
Killer Docker Workflows for DevelopmentKiller Docker Workflows for Development
Killer Docker Workflows for Development
 
You Got Async in my PHP!
You Got Async in my PHP!You Got Async in my PHP!
You Got Async in my PHP!
 
Docker for Developers - PHP Detroit 2018
Docker for Developers - PHP Detroit 2018Docker for Developers - PHP Detroit 2018
Docker for Developers - PHP Detroit 2018
 
Docker for Developers
Docker for DevelopersDocker for Developers
Docker for Developers
 
They are Watching You
They are Watching YouThey are Watching You
They are Watching You
 
BASHing at the CLI - Midwest PHP 2018
BASHing at the CLI - Midwest PHP 2018BASHing at the CLI - Midwest PHP 2018
BASHing at the CLI - Midwest PHP 2018
 
You Were Lied To About Optimization
You Were Lied To About OptimizationYou Were Lied To About Optimization
You Were Lied To About Optimization
 
Docker for PHP Developers - php[world] 2017
Docker for PHP Developers - php[world] 2017Docker for PHP Developers - php[world] 2017
Docker for PHP Developers - php[world] 2017
 
Docker for PHP Developers - Madison PHP 2017
Docker for PHP Developers - Madison PHP 2017Docker for PHP Developers - Madison PHP 2017
Docker for PHP Developers - Madison PHP 2017
 
Docker for Developers - php[tek] 2017
Docker for Developers - php[tek] 2017Docker for Developers - php[tek] 2017
Docker for Developers - php[tek] 2017
 
Why Docker? Dayton PHP, April 2017
Why Docker? Dayton PHP, April 2017Why Docker? Dayton PHP, April 2017
Why Docker? Dayton PHP, April 2017
 
OOP Is More Then Cars and Dogs - Midwest PHP 2017
OOP Is More Then Cars and Dogs - Midwest PHP 2017OOP Is More Then Cars and Dogs - Midwest PHP 2017
OOP Is More Then Cars and Dogs - Midwest PHP 2017
 
From Docker to Production - SunshinePHP 2017
From Docker to Production - SunshinePHP 2017From Docker to Production - SunshinePHP 2017
From Docker to Production - SunshinePHP 2017
 
Docker for Developers - Sunshine PHP
Docker for Developers - Sunshine PHPDocker for Developers - Sunshine PHP
Docker for Developers - Sunshine PHP
 
Coming to Terms with OOP In Drupal - php[world] 2016
Coming to Terms with OOP In Drupal - php[world] 2016Coming to Terms with OOP In Drupal - php[world] 2016
Coming to Terms with OOP In Drupal - php[world] 2016
 
How We Got Here: A Brief History of Open Source
How We Got Here: A Brief History of Open SourceHow We Got Here: A Brief History of Open Source
How We Got Here: A Brief History of Open Source
 

Recently uploaded

Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsSafe Software
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxRTS corp
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorTier1 app
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogueitservices996
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonApplitools
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesKrzysztofKkol1
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...OnePlan Solutions
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slidesvaideheekore1
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfkalichargn70th171
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITmanoharjgpsolutions
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfRTS corp
 
Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024Anthony Dahanne
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZABSYZ Inc
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLionel Briand
 

Recently uploaded (20)

Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryError
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogue
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slides
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh IT
 
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdfEnhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
Enhancing Supply Chain Visibility with Cargo Cloud Solutions.pdf
 
Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZ
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
 

Your Inner Sysadmin - LonestarPHP 2015

  • 1. Your Inner Sysadmin Chris  Tankersley   @dragonmantank   LonestarPHP  2015   LonestarPHP  2015   1  
  • 2. Who Am I •  PHP  Programmer  for  over  10  years   •  Sysadmin/DevOps  for  around  8  years   •  Using  Linux  for  more  than  15  years   •  hFps://github.com/dragonmantank   LonestarPHP  2015   2  
  • 7. The Server •         /bin  -­‐  EssenPal  user  executable  files   •         /boot  -­‐  Stuff  that  makes  the  OS  boot  up!   •         /dev  -­‐  Special  device  stuff  you  probably  won't  touch   •         /etc  -­‐  ConfiguraPon  files   •         /home  -­‐  User  home  directories   •         /sbin  -­‐  System  binaries   •         /usr  -­‐  MulP-­‐user  apps  and  uPliPes   •         /var  -­‐  Data  usually  lives  here   LonestarPHP  2015   7  
  • 8. Installing Software •  Compile  soXware  from  scratch   •  Use  the  package  manager  (yum/apt)   LonestarPHP  2015   8  
  • 9. Learn to love the Command Line LonestarPHP  2015   9  
  • 10. Learn a CLI text editor •  vi/vim   •  emacs   •  nano   LonestarPHP  2015   10  
  • 12. SSH Keys •  SSH  generally  uses  a  Username/Password   •  SSH  Keys  pass  a  public  key  to  the  server   •  Can  use  a  single  key  for  mulPple  machines,  or  mulPple  keys  for   mulPple  machines   •  More  secure  since  ‘passwords’  cannot  be  stolen   LonestarPHP  2015   12  
  • 13. sudo You  can  give  admin  access  to  users  (or  groups  of  users)  without  giving   them  root.     LonestarPHP  2015   13   #  Add  sudo  access  to  a  single  user  to  run  as  root   dragonmantank  ALL=(ALL)  ALL     #  Add  sudo  access  to  a  full  group   %admin  ALL=(ALL)  ALL   You  can  even  restrict  what  commands  the  users  can  run     #  Restrict  web  developers  to  only  restart  Apache  and  MySQL   %webdevs  192.168.1.0/255.255.225.0=(root)  NOPASSWD:/usr/sbin/service  apache2   restart,  /usr/sbin/service  mysql  restart  
  • 14. Jailing Users Keeps  people  from  geang  to  things  they  shouldn't.  Protects  the  users   from  themselves.     LonestarPHP  2015   14  
  • 15. Jailed Shells Gives  users  a  full  shell  but  not  the  enPre  file  system.  You  can  pick  and   choose  what  programs  the  user  can  have  access  too.  Jailkit  makes  this   incredibly  easy  to  set  up.   LonestarPHP  2015   15  
  • 16. Jailed SFTP Locks  the  user  to  a  specific  base  path,  but  doesn’t  give  them  a  shell,   much  like  FTP.  You  get  the  security  of  SSH  though!  It  does  require  a   system  user  however.   LonestarPHP  2015   16  
  • 17. Jailing SFTP #  In  /etc/ssh/sshd_config   Subsystem  ftp  sftp-­‐internal     #  At  the  bottom  of  the  file   Match  User  jailedsftp          ChrootDirectory  /some/path          AllowTCPForwarding  no          X11Forwarding  no          ForceCommand  sftp-­‐internal   LonestarPHP  2015   17  
  • 18. Docker LonestarPHP  2015   18   If  you  do  it  the  non-­‐Docker  way  
  • 20. Bash Most  servers  use  bash  as  the  default  shell.  Most  shells  understand   bash's  syntax.  If  you  find  yourself  running  the  same  commands  over   and  over,  throw  it  in  a  bash  script.   LonestarPHP  2015   20  
  • 21. Python Ships  with  most  distros.  Great  for   when  you  need  more  power  than   what  bash  has.   LonestarPHP  2015   21  
  • 22. PHP! Leverage  your  PHP  skills  to  write  shell  scripts.     •  Symfony  Console  Component   •  Aura  CLI   LonestarPHP  2015   22  
  • 23. Locking Down your Code LonestarPHP  2015   23  
  • 24. Running Apache as a different user MPM-­‐ITK   LonestarPHP  2015   24   MOD_RUID2   <IfModule  mpm_itk_module>          AssignUserId  [user]  [group]   </IfModule>   RMode  config   RUidGid  myuser  mygroup   RDocumentChRoot  /var/www/vhosts/domain.com/   www/public  
  • 25. PHP-FPM user  =  myuser   group  =  mygroup   chroot  =  /path/to/my/chroot   LonestarPHP  2015   25  
  • 27. Logrotate Rotates  logs  out  for  organizaPon  (or  other  purposes)   LonestarPHP  2015   27   weekly   rotate  4   create   include  /etc/logrotate.d   /var/log/wtmp  {          monthly          minsize  1M          create  0664  root  utmp          rotate  1   }  
  • 28. Logwatch Script  that  runs  every  so  oXen  and  scans  a  bunch  of  logs  so  you  get  a   preFy  e-­‐mail  with  a  summary  of  events   LonestarPHP  2015   28   -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  httpd  Begin  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐      0.17  MB  transferred  in  792  responses    (1xx  0,  2xx  786,  3xx  0,  4xx  6,  5xx  0)          199  Content  pages  (0.09  MB),          593  Other  (0.09  MB)      Requests  with  error  response  codes          400  Bad  Request                /w00tw00t.at.ISC.SANS.DFind:):  1  Time(s)          404  Not  Found                /MyAdmin/scripts/setup.php:  1  Time(s)                /phpmyadmin/scripts/setup.php:  1  Time(s)                /w00tw00t.at.blackhats.romanian.anti-­‐sec:):  1  Time(s)                /webdav/:  2  Time(s)      -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  httpd  End  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐    
  • 29. OSSEC Actually  a  Host  Intrusion  DetecPon  system,  but  it  does  this  by  watching   logs.  Will  alert  you  immediately  to  problems,  and  even  shut  down  the   aFacks.   LonestarPHP  2015   29   OSSEC  HIDS  Notification.   2012  Oct  24  11:38:10     Received  From:  maple-­‐>/var/log/auth.log   Rule:  5712  fired  (level  10)  -­‐>  "SSHD  brute  force  trying  to  get  access  to  the  system."   Portion  of  the  log(s):     Oct  24  11:38:09  maple  sshd[1062]:  Failed  password  for  invalid  user  alias  from   199.167.138.44  port  59988  ssh2   Oct  24  11:38:07  maple  sshd[1062]:  Invalid  user  alias  from  199.167.138.44   Oct  24  11:38:06  maple  sshd[1059]:  Failed  password  for  invalid  user  recruit  from   199.167.138.44  port  59884  ssh2  
  • 31. hosts.deny and hosts.allow Set  of  files  to  allow  or  deny  access  to  the  machine  or  certain  apps/ ports  on  the  machine     LonestarPHP  2015   31  
  • 32. IPTables A  firewall  that  is  generally  available  on  Linux  machines  that  can  be   configured  many  different  ways  to  allow  or  block  or  mangle  traffic     LonestarPHP  2015   32  
  • 33. OSSEC IDS  that  was  logs  and  will  use  hosts.deny  and  iptables  to  block  stuff   automaPcally  for  you!     LonestarPHP  2015   33  
  • 35. What is Configuration Management? Process  by  which  you  figure  out  what  goes  on  your  servers,  how  you   want  them  set  up,  and  keeping  track  of  that  informaPon.  Files  are   usually  stored  in  source  control  on  one  server  and  pushed  to  clients.     LonestarPHP  2015   35  
  • 36. Why do you need it? •  Ever  needed  to  keep  track  of  when  files  get  changed?   •  Ever  needed  to  roll  back  a  change?   •  Ever  needed  to  push  the  same  change  to  a  bunch  of  servers   •  Ever  needed  to  set  up  a  server  exactly  the  same  way  as  another   server?   LonestarPHP  2015   36  
  • 37. General CM Workflow LonestarPHP  2015   37   Write  a  Manifest  file   Client  checks  and  compiles   the  manifests   Client  makes  changes   based  on  manifests  
  • 41. Quick Poll •  Who  here  knows  that  their  server  is  up  right  now?   •  Are  all  of  the  required  services  running?   •  Are  there  enough  resources  currently  available?   LonestarPHP  2015   41  
  • 42. Service Monitoring with Monit LonestarPHP  2015   42  
  • 43. Host Monitoring with Icinga LonestarPHP  2015   43  
  • 45. tmux/screen Command  line  mulPplexer   LonestarPHP  2015   45  
  • 46. tail Look  at  the  newest  entries  in  a  log,  or  even  watch  log  files  as  they  are   generated   LonestarPHP  2015   46  
  • 47. curl Command  line  program  for  transferring  data  via  a  URL   LonestarPHP  2015   47  
  • 48. iftop Displays  a  breakdown  of  bandwidth  usage  by  host     LonestarPHP  2015   48  
  • 49. htop Slightly  beFer  interface  for  checking  memory  and  CPU  usage   LonestarPHP  2015   49  
  • 50. tcpdump Allows  you  to  view  and  record  data  transmiFed  over  the  network.   Couple  this  with  wireshark  and  you  can  inspect  the  packets!     LonestarPHP  2015   50  
  • 51. Servers for Hackers Chris  Fidao   @fideloper   hFp://serversforhackers.com   LonestarPHP  2015   51