Use the following iptables command to rate limit connections per IP. This is useful for preventing a DDoS attack on DNS servers. However, for DDoS protection for your DNS servers, you should be hosting DNS with the big cloud providers like Cloudflare, or running dnsdist in front of your authoritive servers.
Category: Linux
Enable older SSH key exchange methods
Insert the following in /etc/ssh/ssh_config. It will enable most algorithms that older devices may need. Information below is for further reference. The previous code block should take care of most ciphers that most people will ever need. Keyword, “most”. When connecting via SSH to older systems who do not support newer ciphers, you will sometimes…
Yarn Repository Expire Key Error
When using yarn through the apt repo, the key might expire, giving you the following error when updating apt. Issue the following command to update the key and then update the repository.
Create a .pfx/.p12 Certificate File Using OpenSSL
Source: https://www.ssl.com/how-to/create-a-pfx-p12-certificate-file-using-openssl/ The PKCS#12 or PFX format is a binary format for storing the server certificate, any intermediatecertificates, and the private key into a single encryptable file. PFX files are usually found with theextensions .pfx and .p12. PFX files are typically used on Windows and macOS machines to import andexport certificates and private keys. Requirements…
DB_VERSION_MISMATCH error when updating AlmaLinux 8 / RHEL 8 / Rocky Linux
When trying to update the operating system, you might receive an error similar to the following … This can be fixed with the following command to remove the existing database …
Disable the floppy drive module in Linux(Ubuntu)
Sometimes Linux will mistakenly detect a floppy device and create a reference to it because your system does not actually have a floppy drive and you will see errors on the login screen that look similar to blk_update_request: I/O error, dev fd0, sector 0. I find this frequently happens on a VMWare VM. This doesn’t…
Generate Certificate Signing Request (CSR) in Linux
Replace domain with your domain. domain.csr is what is used by your certificate authority togenerate your certificate. domain.key will be used by your web server in conjunction with yourcertificate.
Fix software updates in Cockpit in Ubuntu 20.04
Software updates on the Ubuntu system will fail because Cockpit on Ubuntu doesn’t detect a networkconnection. To fix this, you must use NetworkManager instead of the default networkd. You need to be root or sudo root for all these commands. Edit your netplan file in /etc/netplanand add the following two lines under network:. Remember that…
Install syslinux on Windows Server 2019 WDS
Once Windows Deployment Services is installed and running, locate the folder where WDS is installed.My install is in D:\RemoteInstall. Rename pxeboot.n12 in D:\RemoteInstall\Boot\x64 to pxeboot.0. Rename abortpxe.com in D:\RemoteInstall\Boot\x86 to abortpxe.0. Download syslinux. I used version 5.04. Your mileage may vary with other versions. From the syslinux archive, extract core\pxelinux.0, com32\menu\vesamenu.c32, com32\modules\chain.c32, memdisk\memdisk to D:\RemoteInstall\Boot\x86…
PXE Config examples
I’ve set up a local http web server. You can use another web server mirror if you want.