IT Monitoring with Nagios
Nagios is a great success story of OpenSource software. A monitoring system build with a core set of features, a fast and responsive web interface and a simple API to create custom plugins in whatever language prefered is blowing away the commercial competition.
A few years ago I started publishing Nagios how-to articles on my homepage, and when traffic increased and the content grew too much, I finally decided it's time to move it into it's own dedicated website. Please follow the link to nagios.frank4dd.com and update your bookmarks.
Embedded System Design
I have been working with embedded systems from Rabbit Semiconductor. Despite the *funny* name, Rabbit systems are easy to develop for due to their C-compiler implementation and outstanding systems documentation. Available at a low price and with networking features up-to-date, Rabbit boards are a joy to work with, inspiring me to write a library for accessing parallel-port LCD displays.
- How to connect a HD44780 compatible LCD display to a Rabbit RCM3720 [read article]
- How to connect a HD44780 compatible LCD display to a Rabbit RCM4010 [read article]
Remote VPN Networks
When I managed our suppliers remote network support connections, development of complex VPN, firewall and NAT setups were required. Centralized VPN concentrators plus small site-to-site VPN devices of mixed origins had to be supported and configuration knowledge to be exchanged. The most common VPN devices were Cisco's smallest PIX 501 and Cisco 831 together with Linux.
- Setting up a 3DES VPN between Linux FreeSwan and a Cisco PIX 501 together with source or destination network address translation [read article]
- Setting up a 3DES VPN between Linux FreeSwan and a Cisco 831 router together with source or destination network address translation [read article]
- Setting up 256bit AES encryption between Linux OpenSwan and Cisco Pix 501 [read article]
Database Howto's
Modern business software applications use a Relational Database Management System (RDBMS) as their backend data store. Relational databases are optimized for fast transactional operations and they allow to build comprehensive data views by querying organised data (data-warehouse). Below are some tips about how to access them.
- How to install and use Oracle JDBC drivers (using standard Java path) [read article]
- How to install and use MySQL JDBC drivers (using the standard Java path) [read article]
- How to install and use Microsoft JDBC drivers (using the standard Java path) [read article]
- How to install and use IBM DB2 JDBC drivers ( using the standard Java path) [read article]
- How to learn Oracle 10g on Linux (PDF format, German version only) [read article]
- How to install the Oracle InstantClient with libsqlora8 [read article]
- How to connect to Oracle using libsqlora ('C' example) [read article]
- How to create a Oracle 9i OCI/SQLplus InstantClient [read article]
- useful Oracle SQL queries and examples [read article]
- Oracle 9i SQL introduction [read article]
- How to get RRD datasource descriptions [read article]
Apache and related Web Howto's
There is no way around the world's number one webserver. Although not the fastest, it is a stable and versatile platform. First released in 1995, it quickly became a longtime success story of open source software. Below are some How-to's I needed to remember and found it worth to write them down.
- Setting up web authentication with Apache, LDAP and Active Directory [read article]
- Monitoring Apache session load with Nagios through mod_status [read article]
- Increasing Webalizer's monthly stats image size to 18 months [read article]
- Automatic proxy cluster control script for Linux ipvsadm failover [show code]
- How to compile and install Apache 1.3 with LDAP, SSL and Radius support [read article]
- Top Ten Steps to secure Apache under Linux [read article]
OpenSSL Howto's
The de-facto standard implementation of SSL is OpenSSL. Matured over the past years, It is the base for security layer implementations in communications software. Handling is non-trivial, and in the earlier days documentation was sparse.
- WebCert certificate verification and analysis tool Test your certificates
- Example certificates for verification and testing Test your Applications
- How to analyze packets in a SSL encrypted network connection [read article]
- How to use stunnel to provide SSL encryption support for a webserver [read article]
- How to generate S/MIME certificates with WebCert [read article]
The OpenSSL Manuals
- The OpenSSL manual pages for the commandline tools [search manuals]
- The OpenSSL manual pages for the libssl API [search manuals]
- The OpenSSL manual pages for the libcrypto API [search manuals]
OpenSSL API Examples
- How to load and display a SSL private key using OpenSSL libraries in 'C' [read article]
- How to create a PKCS12 cert bundle in 'C' for use with Windows S/MIME [read article]
- How to validate a X509 certificate against a CA cert or chain in 'C' [read article]
- How to extract public key data from a X509 digital certificate in 'C' [read article]
- How to extract the serial number from a X509 digital certificate in 'C' [read article]
- How to extract the signature data from a X509 digital certificate in 'C' [read article]
- How to generate the fingerprint hash of a X509 digital certificate in 'C' [read article]
- How to load a list of certificates, and display various subject data in 'C' [read article]
- How to extract certificate extensions from a X509 digital certificate in 'C' [read article]
- How to make a basic SSL/TLS connection and get the servers certificate in 'C' [read article]
- How to create/set the ASN1 date and time for X509 digital certificates in 'C' [read article]
- How to create a new CSR request from a existing X509 digital certificate in 'C' [read article]
- How to add extra/missing OID's to OpenSSL's internal NID table structure in 'C' [read article]
Solaris Howto's
SUN's Solaris operating system had been around since the early 90-ties when it proved to be a very solid OS for running the upcoming Internet services 24x7. It's popularity waned with the success of Linux and the shift from using reliable brand systems to clustered, cheap Intel hardware that could soon match SUN's Sparc CPU performance.
- How to configure runtime linking in Solaris 8 (Sun Document ID: 3057) [read article]
- Handy howto's for filesystem maintenance on SUN Solaris [read article]
- Solaris Jumpstart setup examples [read article]
- Adding disks and configuring a mirror with Solstice Disksuite [read article]
Base64 Howto's
Base64 converts data reliably into a ASCII string. First used for encoding binary attachments to e-mails, the MIME content transfer encoding allowed binary data to be transferred over media that could only handle text. There, Base64 ensures the data stays intact without modification during transport. Apart from e-mail, Base64 is now commonly used in a variety of applications.
- The Base64 encoding/decoding process - How to encode binary data into printable format [read article]
- How to encode and decode a string with base64 in 'C' [show code]
- How to encode and decode a string with base64 in Perl [show code]
- How to encode and decode a string with base64 in bash [show code]
- How to encode and decode a string with base64 in Java [show code]
- How to encode and decode a string with base64 in PHP [show code]
- How to encode and decode a string with base64 in VBS [show code]
- How to encode and decode a string with base64 in Javascript [show code]
Various Howto's
Below are how-to's that did not generate a separate category. Many are Linux-related, but there are also the networks subnet cheat sheets, how many files can be in a directory, or how to work with pointers in Perl.
- How to archive the Linux Configuration to remote storage [view script]
- How to create a history and index page for HTML reports [view script]
- How to tunnel IMAP or POP3 through a SSH gateway [read article]
- Local copy: Handy one-Liners for SED (by Eric Pement) [read here]
- How to use curl and urlencode to send data to a Web CGI pgpkey-upload.c v1.0
Security and Audit-related Howto's:
- Online password generator for random passwords Javascript pwgen by KATO Kazuyoshi
- How to identify server console systems with default logins [read article]
- Sharing the Root in UNIX: The "bad", the "not-so-good", and the "OK" way [read article]
- Verifying users in Active Directory Part 1 - Leverage common LDAP access to gather useful data [read article]
- Verifying users in Active Directory Part 2 - Windows tools and VBS script analyze domain accounts [read article]
Programming-related Howto's:
- AJAX by Example (1), a basic code example[view code]
- AJAX by Example (2), a updated, basic code example [view code]
- How to access hash and array pointers in Perl [view script]
- IPv4 Subnets in a table - The Class-'B' Subnet Cheat Sheet [show here]
- IPv4 Subnets in a table - The Class-'C' Subnet Cheat Sheet [show here]
- The Nessus client-server communication protocol NTP v1.2 [get article]
- How many files can be in a directory? [read article]
- How to recover a Linux file after 'rm' [read article]
- How to download files from a webserver using VBS scripting [view code]
- How to upload files to a webserver from Windows (webdav + https + basic auth) [view code]
- ad_ldaptest.c - connect to a Active Directory LDAP server with 'C' [view code]
- ad_ldaptest.java - connect to a Active Directory LDAP server with Java [view code]
- DecryptFile.vbs - How to decrypt PGP files on Windows systems [view code]
- How to send text, HTML and MIME multi-part e-mails from Perl [read article]