MySQLTuner

Changing my ssh port from the default port (22) has been one of my standard processes for quite some time when I build new servers or virtual machines. However, I see arguments crop up regularly about it (like this reddit thread or this other one). ... [More] Before I go any further, let’s settle the “security through [...]Changing your ssh server’s port from the default: Is it worth it? is a post from: Major Hayden's blog. Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution. [Less]

A coworker heard me grumbling about Linux system administration standards and recommended that I review the CIS Security Benchmarks. After downloading the Red Hat Enterprise Linux 6 security benchmark PDF, I quickly started to see the value of the ... [More] document. Some of the standards were the installation defaults, some were often forgotten settings, and some [...]Automate CentOS 6 deployments with CIS Security Benchmarks already applied is a post from: Major Hayden's blog. Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution. [Less]

The wheel group exists for a critical purpose and Wikipedia has a concise definition: In computing, the term wheel refers to a user account with a wheel bit, a system setting that provides additional special system privileges that empower a user to ... [More] execute restricted commands that ordinary user accounts cannot access. The term is derived [...]Limit access to the su command is a post from: Major Hayden's blog. Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution. [Less]

This article appeared in SC Magazine and I’ve posted it here as well. For those of you who were left wanting more from my previous SELinux post, this should help. If it doesn’t help, leave a comment. ;) The push to cloud transforms the way we apply ... [More] information security principles to systems and applications. Perimeters [...]Reprint: Stop Disabling SELinux! is a post from: Major Hayden's blog. Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution. [Less]

After many discussions with fellow Linux users, I’ve come to realize that most seem to disable SELinux rather than understand why it’s denying access. In an effort to turn the tide, I’ve created a new site as a public service to SELinux cowards ... [More] everywhere: stopdisablingselinux.com. Here are some relatively useful SELinux posts from the blog: [...]Seriously, stop disabling SELinux is a post from: Major Hayden's blog. Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution. [Less]

I’m in the process of moving back to a postfix/dovecot setup for hosting my own mail and I wanted a way to remove the more sensitive email headers that are normally generated when I send mail. My goal is to hide the originating IP address of my mail ... [More] as well as my mail client type [...]Remove sensitive information from email headers with postfix is a post from: Major Hayden's Racker Hacker blog. Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution. [Less]

Fedora 17 DRBD users should see version 8.4.2 of the DRBD client tools make it into stable repositories soon. This fixes a bug caused when the kernel version was bumped to 3.8 and the kernel module no longer matched the tools. It’s the same problem ... [More] that recently cropped up on Fedora 18. drbd 8.4.2 for [...]drbd 8.4.2 for Fedora 17 is a post from: Major Hayden's Racker Hacker blog. Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution. [Less]

The latest versions of virt-manager don’t release the mouse pointer when you’re doing X forwarding to a machine running OS X. This can lead to a rather frustrating user experience since your mouse pointer is totally stuck in the window. Although this ... [More] didn’t affect me with CentOS 6 hosts, Fedora 18 hosts were a problem. [...]virt-manager won’t release the mouse when using ssh forwarding from OS X is a post from: Major Hayden's Racker Hacker blog. Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution. [Less]

I dragged out an old Aopen MP57-D tonight that was just sitting in the closet and decided to load up kvm on Fedora 18. I soon found myself staring at a very brief error message upon bootup: kvm: disabled by bios After a reboot, the BIOS screen was up ... [More] and I saw that Virtualization and [...]Late night virtualization frustration with kvm is a post from: Major Hayden's Racker Hacker blog. Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution. [Less]

It’s no secret that Google Reader is a popular way to keep up with your RSS feeds, but it’s getting shelved later this year. Most folks suggested Feedly as a replacement but I found the UI quite clunky in a browser and on Android devices. Then ... [More] someone suggested Tiny Tiny RSS. I couldn’t learn more [...]Survive the Google Reader exodus with Tiny Tiny RSS is a post from: Major Hayden's Racker Hacker blog. Thanks for following the blog via the RSS feed. Please don't copy my posts or quote portions of them without attribution. [Less]