LiveUSB Creator, it’s a wonderful thing. Connect a USB key, get the LiveUSB Creator on your PC (Windows or “Linux”), point it either to a local .iso file for a Fedora live CD or let it download the version you want for you, click go, and shazzam! (yes, “shazzam”) You’ve now got a bootable Fedora USB key. And if you gave it a block of persistent storage, you’ve got, well, persistent storage to use in this OS for data files etc.
- Arch
For anyone who’s had to cleanup some mail problems with Postfix configuration (or more often with other things, like anti-spam, tied in but not part of postfix), it may be common enough that a large spool of mail gets queued up and needs to be pushed out. The easy way to do this is to do either “postfix flush” or “postqueue -f” which basically force Postfix to re-process pending messages (actually “deferred” usually) and send them out.
However, if either the queue is huge, or you don’t really know if you have your problems resolved and want to try a few messages before unleashing the masses, I found it was not clear how this can be done. There is a straight-forward way to do this which is to put everything on hold using “postsuper -h ALL deferred”, and then un-hold whichever messages you do want processed with “postsuper -H
Tres handy
So we just had this little discussion on IRC and I figured I’d save it for posterity here:
[11:37:36] <toddz> to force a 'hard' reboot (if reboot is not working) - equivalent to pulling the power cable: [11:37:44] <toddz> echo 1 > /proc/sys/kernel/sysrq; echo b > /proc/sysrq-trigger [11:40:45] <toddz> come on dom, you know you want to try it. [11:41:21] <dante> heh [11:42:29] <dom> what's this do? what's this do? what's it do??? [11:43:13] <toddz> you tell us [11:47:09] <dom> yeah, that's awesome [11:47:24] <dom> it just tells BIOS to reboot [11:47:35] <dom> (or something like that anyhow) [11:47:58] <toddz> so, immediate reboot in other words? [11:47:58] <dom> system just goes *blip* and starts posting
So there you go. Want to reboot without waiting for all those nasty processes to finish or phyiscally pressing the power button? That’s your way out.
Thanks, toddz 
- Arch
Hardening a server takes two general activities: Reducing the number of services that can be attacked and protecting any services that are still required.
There are a lot of discussions on how to do this for various operating systems including RedHat Linux. RedHat’s Deployement Guide is a good resource.
The NSA also has documents on securing your operating system. However, they’re a little hard to get. I tried searching for RHEL5 on their site and had some difficulty access the documents in the search results:
Now it’s a little hard to access the documents on the NSA’s E drive, but I was able to eventually find them by getting in another way 
… Okay, I didn’t breakin to the NSA to get on their E drive, I found the page that actually good links: NSA/CSS Operating Systems.
There’s a longer document (about 170 pages) and also a short reference (2 pages) which gives lots of good things to secure.
There are a lot of other good resources Online as well, so I won’t ramble further. Just turn off anything you don’t need, update what you do need frequently, and secure your system with a firewall, and other security tools (PortSentry, fail2ban, DenyHosts, anti-virus software, rootkit detection, etc, etc, etc).
- Arch
Powered by WordPress