Disabling the Chinese CNNIC Root CA Certificate on Firefox/IE.

Wow, i haven't updated this blog in a while so here's a new browser security tip.

Seeing that Mozilla has accepted the China Internet Network Information Center as a trusted CA root, that got me a little worried since i use firefox as my main web browser. I took the following steps to disable the CINNIC root CA.

For firefox

Select "Tools", then "Options".

Click "Advanced", "Encryption" and "View Certificates".

Scroll down to "CNNIC" and select the "CNNIC Root" certificate.

Finally click "Edit", uncheck "This certificate can identify web sites" and press OK on all open windows.

Now even if the root certs are updated, that cert remains untrusted.

For Internet explorer

select "Tools", "Internet Options", "Content", "Certificates", "Trusted Root Certification Authorities", select the certificate you want, then click "Advanced", uncheck the "Server Authentication" role and then click "Ok", "Close", and "OK" again to finally make your change stick.

This is a precaution i took  against any possible man-in-the middle attack originating from china. Hope this was informative :)

Top open source firewalls

Here's a list of the top 5 open source firewalls for residential or commercial use.

http://blog.taragana.com/index.php/archive/top-5-open-source-firewall/

G4TV - LIVE at E3 2009

Watch live video from g4tv_e3 on Justin.tv

Live from Microsoft E3's special Conference!!

http://live.gizmodo.com/

How to speed up raid1 resync .

Just echo large numbers into both min and max resync speed proc entries:

/proc/sys/dev/raid/spped_limit_max and speed_limit_min

e.g. as root do:

 echo 200000 > /proc/sys/dev/raid/speed_limit_max
echo 200000 > /proc/sys/dev/raid/speed_limit_min

And watch the speed fly up till it maxes out your hardware. (-:

The above will set both speeds to 200MiB/s which ought to be more than

your devices can do...


from linux kernel mailing list

written by Anton Altaparmakov

Finding Remote Network File Systems

Using a Network Files System (NFS) is a common method for sharing drive space on UNIX-like systems such as Linux.

Although relatively easy to configure, it's also easy to forget the NFS mounts of several systems on a large network.

Here's an easy remedy:

If you know the hostname of a remote system, use the command

"showmount -e hostname"

to list the NFS mounts available from that machine

Installing ehcp (Easy Hosting Control Panel) On Any Debian Or Apt-Get Based Distro, Including Ubuntu

In this tutorial I will show you howto install ehcp on any debian based distro, or any distro that has apt-get support.
ehcp stands for Easy Hosting Control Panel. It may be used by anyone wanting to host multiple domains in his dedicated/vps server. It is a hosting control panel under development.

Open a console, and become superuser by su or sudo bash,

Then, issue following commands to download ehcp and install it:

wget http://www.ehcp.net/download
tar -zxvf ehcp_latest.tgz
cd ehcp
./install.sh

You will be asked a few questions, such as your server IP, your hostname,installation script will detect your IP, if it can, enter your IP, if it is not detected, or if your are behind a gateway, such as an ADSL modem.
While installing, you will be asked for your MySQL password. If it is empty, or if you installed MySQL the first time, just press enter; if it is not empty, enter your pass when prompted.
The installer asks you some questions, such as your desired password for admin password, ehcp mysql user password. you can choose any password for them. But make sure that mysql root password is is correct for your server. if you dont have mysql installed before, then ehcp will take care of that..
Installation mainly uses apt-get to install components, and makes any additional settings that are needed. At the end, you will be provided with the ehcp login page in your Firefox window, if you are on your local machine, otherwise, you need to connect to your new webserver by entering the IP address of you server, such as: http://yourip/vhosts/ehcp
Your default admin username: adminDefault admin pass: 1234
You may change your admin pass after the first login.

You may find more information on www.ehcp.net or http://www.ubuntuforums.org/forumdisplay.php?f=180.