Linux Harbour

To redirect all pages of a old web site to a main page of new web site, we can work with mod_rewrite on apache web server as the following.

RewriteEngine on
RewriteRule ^.*$ http://www.newwebsite.com/ [R=301,L]

Or, we can modify above RewriteRule as the following, users will be redirected to same path on new web site.

RewriteEngine on
RewriteRule ^.*$ http://www.newwebsite.com/$1 [R=301,L]

To create a encrypted key,

# mkdir /etc/key
# dd if=/dev/random of=/etc/key/usbbackup-key bs=1 count=256
# chmod 600 /etc/key/usbbackup-key

To load necessary encryption Linux kernel modules,

# modprobe dm-crypt
# modprobe sha256
# modprobe aes

and add the following lines at /etc/modprobe.d/aliases to load above modules at system startup.

alias sha256 sha256_generic
alias aes aes_generic

Creaation of encrypted file system with cryptsetup

# cryptsetup --verbose --cipher=aes-cbc-essiv:sha256 --key-size=256 luksFormat /dev/sdf1 /etc/key/usbbackup-key
# cryptsetup --key-file=/etc/key/usbbackup-key luksOpen /dev/sdf1 cryptousb
# mke2fs -j -O dir_index,filetype,sparse_super /dev/mapper/cryptousb

An alternative command to make a ext3 filesystem with largefile support.
# mke2fs -j -T largefile -L "usbbackup" /dev/mapper/cryptousb 

Add passphrase access to encrypted partition in case partition which holding the key becomes unusable. Otherwise data will be inaccessible.
# cryptsetup --key-file=/etc/key/usbbackup-key luksAddKey /dev/sdf1

DDoS (Distributed Denial of Service) attack is a nightmare of system admins. It makes your internet services or systems are out of service at the end by producing a lot of service requests.

Apache module mod_evasive

mod_evasive is a good Apache module to provide some protection to Apache servers from DDoS attacks. It becomes a package in main section of Debian repos from Lenny.

Installation of mod_evasive on Lenny

To install mod_evasive for Apache 2 on Debian Lenny, simply run aptitude install as following.

# aptitude install libapache2-mod-evasive

During package installation, Apache service will be restarted on your system, and mod_evasive is already enabled.

You may add additional parameters for mod_evasive, edit /etc/apache2/mods-available/mod-evasive.load file, and add the following lines.

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 100
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 600
</IfModule>
 

Debian GNU/Linux 5.0 (Lenny) becomes stable version on Valentine Day. We upgraded old stable 4.0 Etch server remotely and successfully.

Summary of upgrading procedures:

1. Update list of apt sources to Lenny release.
2. Use aptitude to update local list of available packages.
3. Use aptitude to upgrade apt, dpkg and aptitude first.
4. Use UUID insteads of old IDE device names to identify root filesystem for grub and filesystem table.
5. Use aptitude to do full upgrade.
6. Reboot the system.
7. Use aptitude to do package upgrades if any.

Apache web server is a long-time leader in web server market share. According netcraft survey in January 2009, its market share is slightly increasing by 1% last month in current global financial problem.