Allan Feid

I haven't had much time to continue work on FreePanel, but the Perl modules I've written have proven to be useful in cluster management. Take a look at the following diagram as an example scenario:

There's two key points to take away from that diagram.

• physical servers are load balanced using a single VIP (Virtual IP)
• the servers share access to a single storage mount

So I've been working on a setup for virtualization, where currently I'm using one large iSCSI target from an OpenSolaris machine. It occurred to me that there is a downside to this. I cannot use zfs snapshots for individual machines and backups/restores will be more difficult. I also did not want to be hassled with having to connect the iscsi targets using iscsiadm every time I spin up a new VM.

I use iSCSI from a giant ZFS storage pool in order to setup virtual machines. There's a couple advantages to this, as you get the power of ZFS snapshots and the ability to grow your virtual machine's disks fairly easily. To make administrating things a bit easier, I use one large iSCSI target and put LVM on top of this. So really this article will apply to anyone that wants to use logical volumes for their disks, which is much preferred over using files.

I'm going to be describing this process using Fedora, but any Linux that is using iscsiadm should use the same sort of configurations. To start off make sure you have the proper packages installed.

If you've already got an OpenSolaris based NFS server, you may be interested in serving iSCSI targets. For me, this is incredibly useful with the right network configurations and a machine running KVM based virtual machines.

When picking out a solution for your central file server, there is of course many options. None of them quite stack up to the ease of administration and redundancy, out of the box, as OpenSolaris and ZFS provide. With ZFS you can build cheap storage arrays with disks of varying size and different levels of redundancy. For this setup I'm going to go with a basic raidz configuration using 4x 1TB SATA drives.

What's been keeping me busy? Well I've been working for a managed hosting company (DataPipe) and that has been the biggest source of time suck for me. Outside of that I've been working on some Perl modules to make administrating load balanced servers as easy as possible. For now, read the source if you want to know more:

FreePanel

I wrote a function that writes packets to the wire. It takes the source IP, destination IP, and destination port. The fucntion, writePackets(), uses the libnet headers. On ArchLinux these can be installed with pacman -Sy libnet. I was inspired to write this because I am in the process of reading Hacking: The art of exploitation by Jon Erickson. It covers a lot of the basics of reading assembly as well as some often over looked programing flaws that lead to buffer overflows.

To crack a zip file password there are many tools out there. Since I'm primarily using Linux I went with a quick Google search and came across fcrackzip. This is a free program that allows for both dictionary and brute force cracking of zip file passwords. It is not difficult to use and offers a wide range of options.

Everyday, life gets easier for script kiddies. These days everything is pretty much automated. I came across the db_autopwn feature of the Metasploit Framework a few semesters ago and I think it's definitely something that security professionals should know about and administrators should use as a quick way to find holes in their network. Try it now before someone else on the Internet does.