Nothing. You should have zero public DNS entries for a domain purchased for private or internal use.
A really quick review of the Meizu EP52 earphones I use for the gym.
These are all my 3D prints. 3D Printing is the process where a digital design is turned into a solid three-dimensional (3D) physical object by laying a material, such as plastic, layer by layer together. There are a lot of creative and awesome uses for it, just about anything you can think of creating.
I’m not into writing a buying guides, LappyList is probably the best place to find a laptop if you want something that would probably do the job pretty well. This is based off my own research I have done in preparation to replace my slowly dying (but strong) 5-year-old Lenovo X220. These laptops are what I would probably end up purchasing.
I drive a lot for work. To work and from work. The most handy thing I have on my drive is my phone running my GPS to let me know the fastest way there. There are a lot of apps out there though and I can’t stand it knowing there might be a better one out there. The only way to find out the best one, is to try them all.
For my job and as a system admin, I’m expected to provide quick fixes and know the solution to every single problem that my users face. That is why I need a tool that just works wherever I bring it and that tool is my USB drive. It can rescue systems from death, scan for viruses, partition drives, install Linux or Windows but best of all it’s on a light and speedy portable SSD!
autofs is a program for automatically mounting directories on an as-needed basis. Auto-mounts are mounted only as they are accessed, and are unmounted after a period of inactivity. Mounting a remote share through fstab remains mounted unless you unmount it. Automounting NFS/Samba shares conserves bandwidth and offers better overall performance compared to static mounts through fstab. Furthermore fstab might cause problems if the remote share becomes unavailable, resulting in stale mounts. For example, the file server you are connecting to might crash or the network might go down.
WordPress caching is the fastest way to improve website performance. Caching WordPress reduces server load by reducing the number of requests per page. For every single user that visits your site, data is retrieved from MySQL, processed with PHP and then displayed as HTML. This is a draining process if several hundred users at on your site at once. Caching saves the webpage into files which it shows visitors instead, not requiring MySQL or PHP which reduces load time significantly.
Home is an application I developed last year (Nov-Dec) while learning the MEAN (MongoDB, Express, Angular and NodeJS) stack. It’s a homepage status monitor, more or less a glorified bookmark/favourites tool with the ability to scan if ports are open or closed on a host.
You don’t need to be an IT nerd to start and manage a website – at least not when using IBM Bluemix. Bluemix takes the worry out of setting up a website. It’s a lot of work configuring a web server, opening network ports and dealing with your home Internet’s upload speed. It’s also most likely against the conditions of your Internet Service Provider to allow hosting at any of their residential plans. Bluemix can host your website though.
I’m migrating from Ubuntu to CentOS as my main Linux distro. Literally every virtual machine (VM) I’ve set up so far runs Ubuntu’s latest and greatest LTS (14.04 Trusty Tahr) so I won’t be manually setting them all up again, only every VM I set up from this point onward. There’s a couple of reasons for the change.
I love nginx. I love how its lightweight, does what it does well and is extremely fast. Nginx has the ability to perform server blocks (virtual hosts in Apache) which is great, though causes problems when having to forward IP addresses within its proxy headers. There is a solution.
Now that 2014 is almost over and its time to wrap up the year, there are a few plans I have in mind for the year ahead. Now they might be ideas and plans I’ve had for 2014 that I never got around to but some are goals that I would’ve had to wait until the technology matured a lot more.
Why send data over plain text when you can encrypt it as well! SSL/TLS doesn’t have to cost anything - it certainly doesn’t cost me anything. Certificate Authorities supply ’trusted’ certificates but we can generate our own ‘untrusted’ certificates, and well who doesn’t trust themselves right?!
I expose a few of my web services over the Internet like SABnzbd, CouchPotato and NZBDrone (now known as Sonarr). Whilst they all have HTTP authentication, they don’t support multiple users. LDAP or Active Directory holds multiple user accounts, for authentication purpose. So putting two and two together, kvspb has made a NGINX LDAP module which authenticates users against your LDAP or Active Directory servers when they visit specific web pages.
NZBmegasearcH is a great program. It aggregates all the sites I regularly visit to find an NZB to just one place. CouchPotato and SickBeard can also retrieve results from it instead of querying multiple locations for updates. One thing it doesn’t do well is being compatible with reverse proxy which 0byte admits. But that doesn’t mean its impossible!
WiFi is so important in the household with the emergence of portable devices. Pretty much everyone that comes over my place, young or old, will want to connect to it for some YouTube (young) and Viber (old). Because my network is segregated into various VLANs, they must be directed and placed correctly into the right network. This is how I made my network work with WiFi and VLANs.
pfSense, the great software that it already is, can get even better with ‘packages’ (plugin, extension etc. whatever you want to call it) available straight from the Package Manager menu. pfSense packages include diagnostics, increased network management capabilities, enhanced security or to extend pfSense’s range of services. Here are the pfSense packages that I use personally plus some highly recommended ones as well!
Network Time Protocol (NTP) is a networking protocol for time and date synchronisation between computers. By default, Windows 7 provides five servers (default being time.windows.com) to synchronise with. Time varies based on network latency however with tens of milliseconds over the Internet and almost one millisecond on LAN. Having a NTP server also reduces the amount of calls to the Internet made by hosts and achieves a better system time for all computers that rely on performance, integration and timeliness. Luckily a NTP server is very easy to build on Linux.
A Captive Portal is a special webpage users see before using the Internet. It will intercept network packets and when users try to access a webpage it prompt them to login. My personal captive portal utilises pfSense’s own Captive Portal features to authenticate users before they begin using the Internet.
VLANs are a great way to separate components of your network and to protect important infrastructure from being messed around by others. By default, traffic between VLANs are blocked by the invisible ‘block everything’ rule at the bottom of the rules list. Sometimes you want a VLAN where users can just browse the Internet and nothing else. You can also setup rules so that you can access everything but no one can access you. VLAN rules are easy. pfSense makes them even easier.
My current set-up has pfSense vitualised on an all-in-one ESXi host providing networking to my entire infrastructure. This infrastructure is both virtual and physical and therefore denying guest access to them is very important so that not anyone can just type an IP address into their browser and begin changing settings.
I like quiet (slow) fans. I like Supermicro’s X10SL7 motherboard. I like how I get email notifications from the IPMI when something is wrong. I do not like how I get warnings because the IPMI fan threshold is 900 RPM. The bad thing is this is not directly configurable through the IPMI user interface or client. That’s where we need IPMITOOL tool to let us lower this annoying little warning.
RAID 10 is great as a highly reliable storage array for your personal files. The ZFS file-system is capable of protecting your data against corruption, but not against hardware failures. ZFS however implements RAID-Z (RAID 5, 6 and 7) to ensure redundancy across multiple drives. RAID 10 (1+0 or mirror + stripe) is not offered as a choice in ZFS but can be easily done manually for a similar effect. This guide will be focused on nappit but can be modified for whichever ZFS platform you are using.
In the weekly update, I bring you what I’ve been doing throughout Monday to Sunday in regards to technology, computers and more with links to tutorials and guides. You will also find what I’m currently interested in for the following weeks. If something doesn’t have a link, I may cover it myself in the future because I couldn’t find much about it online.
pfSense is an open source firewall/router based on FreeBSD. It is more than just however, with the ability to be a DNS, VPN, IDS/IPS, DHCP, NTP and cache (using Squid). Why would you dedicate a full system to pfSense when it can easily run as a virtual machine to provide networking to your entire infrastructure. This guide will walk you through replacing your current router with pfSense and how to install pfSense on ESXi.
Since the start of the year I’ve been working as a Technical Consultant at IBM. It’s been a great experience, putting a lot of knowledge into practice with enterprise-grade hardware and software. The infrastructure at work is as you would expect with a lot of services and applications that are well thought out and easily to use. I wanted to learn a lot more about all the stuff at work so I came up with the idea to build my own ESXi whitebox at home (we use VMware at work) to do some self-learning and have fun while doing it. Having a ‘homelab’ would give me the opportunity to learn a lot more about the stuff I love. This is the build.