Zulus Tips

It’s not a secret that POP3 (Post Office Protocol) is unsecure protocol. All data, including passwords (!) between POP3 server and PC is going in plain text. POP3, like some other protocols (telnet, ftp, etc) absolutely not resistant to sniffing attacks. Even if you sure that your network or PC is secure you can’t trust your ISP network, that potentially can be compromised. Below you can find how-to secure your POP3 server in few easy steps. This how-to is actual for people who can’t or don’t want to change their POP3 server software, but want be secure.

(more…)

Here is easy way to find all broken symlinks:


for i in `find / -type l`; do [ -e $i ] || echo $i is broken; done

Some time ago i have found very interesting patch for FreeBSD kernel. Patch was originally posted by Andre Oppermann in freebsd-current maillist. That patch allows dynamically change TCP send and receive buffer sizes. However Andre posed version only for FreeBSD CURRENT, so i have make note to try patch as soon as i have chance to install CURRENT. But today, my colleague told me that he found version for 6.x, and i have spent last few hours for patching & testing. As i wrote before, patch allows dynamically change TCP buffer size. Using that patch you can save a lot of kernel memory, because you don’t need to set big values for socket buffers. TCP session will start with a small buffer size and grow to match network conditions. Andre showed about 1000% better performance in his tests.
Below you can find my test results.

(more…)

Good news! FreeBSD 6.2 just released. I have a lot of systems with RELENG_6, FreeBSD RC1/RC2. I have use 6.2 in production last few months, and has only few problems with Broadcom NetXtreme II (bce) and DELL PERC 5.

Please note, RELENG_4 and RELENG_6_0 is near EOL now, so time for upgrade is come ;-)

Here is official announce:

(more…)

When hard drives in server are extremely overloaded, and a lot of different services (Web,FTP,Databases,etc) work simultaneously, it’s very hard to understand what service exactly cause such load.

Here is simple solution how to track per process IO system load:

(more…)

Since 5.3-Release, FreeBSD has gmirror utility, which allows you create software RAID1. So if you have some low-end server and you need some redundancy - gmirror is right choice.

RAID1 creation process is _very simple_ and completely described in gmirror(8) man page, but i will post small how-to here.

First of all you need check that you have two identical drives. Second drive may be bigger, but total array size = smaller drive size. You can create RAID1 using this command:

(more…)