Good article about Hardening MS-SQL Server http://www.sqlmag.com/project-plans/migrating-to-sql-server-2008-r2/detail/catpath/sql-server?topic=hardening+sql+server-135858 http://http.cdnlayer.com/itke/blogs.dir/113/files/2009/04/chapter-8-sql-server-2008-management-and-administration.pdf Thanks to Itamar Kalay (itamar@nasecurity.co.il)
When setting up SSL on ELB you may get an error “Error: Invalid Private Key” this happens because your SSL private key is in RSA format while ELB expects it in PEM format. All you need is to convert your existing key: openssl rsa -in my_ssl.key -outform PEM -out my_ssl.key.pem As always, Enjoy !
I’ve been asked many times, what do I need to prepare before setting up auto-scale. Here’s my short check-list for auto scale preps: Basic AMI with auto deploy script running at boot Metrics for up scaling and down scaling e.g.: Upscale at 90% CPU for 5 minutes Downscale at 50% CPU for 10 minutes Good …
There are cases when you need to get servers information from EC2 API, for an example get the list of server that started by a specific Auto-Scale group. I have created a little tool that dig into EC2 API and gives you back filtered information, here’s the usage response: Usage ./ec2-ctl.sh -a get_pub_dns|get_id|get_status|get_type|get_name|get_pub_ip|get_priv_ip [-t <tag_name> …
Very often we want to extend the net-snmp agent with our private data, net-snmp provides a very simple method to pass certain OID ranges to an external script. snmpd.conf example rocommunity public # send all Emind Enterprise ID requests to the subagent pass .1.3.6.1.4.1.39731 /usr/local/emind/snmp-subagent/snmp_subagent.sh When a request will arrive to any OID behind .1.3.6.1.4.1.39731 …
The following steps are for configuring openvpn to use active directory as authentication server: Install openvpn and openvpn-auth-ldap using yum Install openvpn-auth-ldap using yum Use the following example of server configuration file /etc/openvpn/roadwarrior-ac.conf. Change IP addresses, port and pools for the new system need port 1195 dev tun mode server tls-server ca keys/ca.crt cert keys/server.crt …
F5 LTM Generic SNMP monitor The following is a little generic snmp component to health monitor servers under LTM. Hope you’ll enjoy it, Comments are welcome. The following is a little script that should be used as an external monitor. It performs snmpget requests on the node and evaluate the response, based on that returns …
The following is a URL handling iRule that is kind of generic where the mapping between the URL and the nodes is done externally through the Data Group List for safe maintenance during operation. The code is also published on F5 Dev Central at: https://devcentral.f5.com/Wiki/iRules.URL_Based_redirection_iRule.ashx iRule code: when HTTP_REQUEST { # You need to set a …