The Datacenter as a Computer
January 12, 2012 by Jaryd Malbin
Published in 2009 and authored by Google engineers Luiz André Barroso and Urs Hölzle "The Datacenter as a Computer" dives into the minds of two pivotal engineers who have helped Google build their legendary datacenters.
“These new large data centers are quite different from traditional hosting facilities of earlier times,” Barroso and Hölzle wrote. “Large portions of the hardware and software resources in these facilities must work in concert to efficiently deliver good levels of internet service performance, something that can only be achieved by a holistic approach to their design and deployment. In other words, we must treat the data center itself as one massive warehouse-scale computer.” (Google’s Data Center Engineer Shares Secrets of ‘Warehouse’ Computing)
Read more:
- Google Research: Luiz André Barroso, Urs Hölzle
- Barroso.org: http://www.barroso.org/
CentOS/RHEL Essential Reading
January 9, 2012 by Jaryd Malbin
With every major release Redhat releases comprehensive documentation detailing their latest software offering. I consider the following two guides to be essential reading for any security-minded administrator.
"RHEL 6 - Security Guide" covers basic hardening practices ranging from physical (hard) security to configuration tweaks. This guide touches briefly upon SELinux. SELinux was originally developed by the United States National Security Agency and stands for Security Enhanced Linux. It comprises a set of kernel modifications and userland tools to provide more fine-grained access controls and security modules.
For a more comprehensive guide to configuring and managing a SELinux enforcing environment refer to "RHEL6 - SELinux".
OpenVPN on CentOS6
15th December, 2011 by Jaryd Malbin
This article will walk you through installing and configuring OpenVPN on CentOS6. This assumes you have a fair command of the linux shell. If not, you should be ready to google for clarification.
Hardened CentOS6 LEMP on Linode
11th December, 2011 by Jaryd Malbin
This is a multi-part article on installing and configuring a hardened LEMP server on the Linode cloud. LEMP refers to a server running Linux, nginx (enginx x), MySQL, and PHP.
This guide assumes the reader has familiarity with the Linux shell, or is not afraid of diving right in. You will need a Linode account. Note: This guide will probably work fine (with minor tweaks) for a CentOS6 build on other platforms as well.
- Step 1: Preliminary Setup
- Step 2: Grsecurity
- Step 3: SSHD
- Step 4: nginx
- Step 5: PHP
- Step 6: IPTables
- Step 7: MySQL