AAA is a network protocol that define basically three functionality, Authentication, Authorization and Accounting. It’s very useful for distributed systems to need authenticate users to have access for a specific services. In this post We’ll configure FreeRadius as AAA server and configure a
Samba4 as AD domain controller on Centos 6
With the last version of samba 4 comes with Active directory logon and administration protocols, including typical active directory support and full interoperability with Microsoft Active Directory servers. This is possible with the combination of a LDAP directory, heimdal kerberos
Configuring Galera arbitrator
Galera arbitrator comes with the galera cluster and it’s a daemon to avoid an split brain situation for a mysql cluster typically configured with two nodes. An split brain in clustering is a situation where one node of a cluster is not
MySQL Multi Master replication with Galera
Galera is a synchronous multi-master cluster for MySQL/InnoDB databases. Some features and benefits of Galera are: Synchronous replication. Multi master topology. Read/Write to any cluster node. Automatic membership control. Data consistency between replica nodes. Read and write nodes scalability. Distributed
Making Iptables easier with Shorewall
Shorewall is an open source tool firewall to manage Linux built upon netfilter (iptables,ipchains) systems. It’s an abstraction layer to manage netfilter rules, easier than iptables based in configuration files. In this post I’ll show the basic implementation to begin
Mitigating a SYN Flood Attack
Before speak about syn flood and some possible mitigation for these attacks, we’ve to remember how works a TCP communication between the server and client. Basically a connection between two hosts (A and B) is composed by three steps: 1) Establishes a communication
HTTPS Load Balancer with HAProxy & Stunnel
HAProxy is a load balancer and proxying for TCP and HTTP based applications. This software is supported for very common Unix and Linux based systems, and works with multiple protocols. HAProxy is very common used as a frontend http servers
Sending log files to remote syslog server with rloggerd
These days I’m working with a small script written in Perl to send log files to a remote syslog server. The motivation to develop this script was principally to learning more about Perl and the needed to send log files
Configure OpenLDAP with SSL/TLS
To improve the security of the communication with the ldap servers, it’s very interesting to configure the protocol SSL/TLS to encrypt all the data across the network. This configuration requires a valid X.509 certificate signed by a CA (certified authority)
Multi-Master LDAP replication
It’s interesting when you would like to improve the reliability of our LDAP servers or simply the number of queries has increased considerably you need to increase the number of ldap servers to balance the query request to the different