In order to change the exim interface IP, do the following :
-SSH to your server and edit the file – /etc/mailips : This file controls the IP address from which each domains are allowed to send the mails. If the file is not present, create it. Open the file for editing using your preferred text editor. You will need to configure this file in the following way:
*: 192.168.0.1 (<- desired IP )
^ the option * denotes the entire list of domains in the server. If you require just one domain to send from a different IP, specify the domain there instead of ‘*’
– Disable the following from WHM
From WHM »Service Configuration »Exim Configuration Manager>> Domain and IPs>> Send mail from account’s dedicated IP address "on"
– Enable this option,
Reference /etc/mailips for outgoing SMTP connections.
With the recent upgrade of WHM/cPanel, the users get the ability to upgrade their MySQL server to 5.6.x ( x > 6 ).
However, when this upgrade is done, lot of server owners are seeing memory drainage issues. An idle MySQL server tends to consume around 50% of your RAM, which is a very serious concern. I had to upgrade a personal server of mine and faced serious issues with memory drainage. A more dig on this issue, highlighted a change brought around in the latest versions of MySQL with the parameter ‘performance_schema‘.
Starting from MySQL 5.6.6, this parameter performance_schema is enabled by default and it consumes the server memory even at an idle state.Performance Schema automatically sizes the values of several of its parameters at server start-up if they are not set explicitly, which causes the memory usage to spike up.
The workaround for this issue is to disable performance_schema. This can be done by adding the following value to the configuration file – my.cnf
performance_schema = 0
Add this line and restart MySQL server. Things should be fine from now 🙂
Note : When you try to upgrade MySQL to 5.6.x, from a VPS with 1GB of RAM provisioned you will need to edit the config file and pass the keyword to disable performance_schema ( Yes, before the upgrade ). If not, there are chances for your upgrade to fail partly, due to MySQL upgrade script installing MySQL server components each and it gets killed due to over-usage of RAM as performance_schema is enabled by default.
Just like the DDoS is hitting web-servers and DNS servers, it has started hitting the ntpd servers which are left open.
The Network Time Protocol, or NTP, syncs time between machines on the network, and runs over port 123 UDP. It’s typically
configured once by network administrators and often is not updated.
Recently there is a major jump in attacks via the protocol. Attackers appear to be employing NTP for DDoSing similar to the way DNS is being abused in such attacks. They transmit small spoofed packets requesting a large amount of data sent to the DDoS target’s IP address.
It’s all about abusing the so-called “monlist” command
in an older version of NTP. Monlist returns a list of the last 600 hosts that have connected to the server.
To check if your ntp service is open/vulnerable :
# ntpdc -c monlist IP ( See if it returns the list of hosts,
if it does, it is vulnerable )
To get around this,
# The easiest way to update to NTP version 4.2.7, which removes the monlist command entirely.
# If upgrading is not an option, you can start the NTP daemon with noquery enabled in the NTP conf file. This will disable access to mode 6 and 7 query packets (which includes monlist).
Add the below lines to /etc/ntp.conf :
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
If monolist query is disabled,
# ntpdc -n -c monlist IP should return,
xx.xx.xx.xx: timed out, nothing received
***Request timed out
VMware and its associated virtualization is something which you hear a lot these days, especially if you are dealing with IT in some or the other way.
Well, what exactly is this? Lets have a look at it.
As you might be aware of, there are 2 types of virtualization.
– The type 1 is the one where the program (lets call it the hypervisor) which provides the virtualization power is seen as directly interacting with the underlying hardware without the help of any OS.
– On the other hand, the type 2 hypervisor is the one which emulates virtualization by being able to create virtual machines with the help of an OS which would communicate with the underlying hardware.
Have a look at this picture and get the concept into your head.
So, what type of virtualization does VMware offer ? Well the answer is that it provides both, type 1 as well as type 2 virtualization.
The software’s like VMware workstation, VMware player etc comes under the category of type 2 virtualization, where you would require an OS to build other virtual machines.
You can install it for free and give it a try. Check this.
However, this technology is not the one which is widespreadly used in the IT industry these days. When it comes to the name VMware in a production environment, it refers to Type 1 hypervisor.
This is where the terms like vSphere, vCenter, ESXi and so on comes into play.
As I indicated, type1 hypervisor does not require an additional OS to communicate with the underlying hardware. The hypervisor used here is called as ESXi. So you can think of ESXi as something like an OS developed by VMware to enable it for the communication with the
underlying hardware and perform many many functions.
So if you got a server ready for virtualization, you would first install the ESXi on it.
If you have a piece of server ready for testing, give it a try from here.
You have some evaluation period of 60 days from VMware. I first tired it on my laptop – Thinkpad t510 😀 ( Be careful, the installation of ESXi will erase the entire hard-disk, if you do not have a secondary one ).
Once ESXi is installed, your box becomes one without an OS and you will need another machine to connect/configure it.
Coming to all those in a while..
So, once the installation is complete, your server ( ESXi host ) is ready for use. But you wont be able to manage this server without the use of another system. Here is where you are going to familiarize with the word -vSphere Client.
vSphere client allows administrators to connect to these ESXi servers and create/access/manage virtual machines. vSphere client once installed on any client machine, is used to connect to ESXi server and do management tasks. Once you setup your ESXi server, you have the option to assign it an IP address. It would be using this IP, you will connect to it, from a vSphere client.
But wait, you cant do each and everything using a vSphere client alone. Here is where the term vCenter comes into play. vCenter is a server which is installed on a Windows VM (mostly ) running on top of the ESXi host. Using the vSphere client, you can either access the ESXi host directly or access the vCenter server running on top it. The real advantage of using VMware in a production environment is due to its special features like vMotion, HA, DRS etc.
To perform those , you need a vCenter. Yea, you guessed right 😀
You have to buy vCenter license separately !
vCenter server is a must in a large environment where there are many ESXi servers and hundreds of virtual machines. If you just had vSphere client, you would need to manage each ESXi separately, that too without the enterprise features which I mentioned earlier. If you have a vCenter, you can manage all the ESXi hosts in your environemtn, using this powerpacker.
So what is this vSphere all about ? That is the name given to all these components, the ESXi, vSphere client, vCenter !