Understanding TCP/IP and OSI Models will help you visualize how Network Protocols work together to establish Network connections among network devices and be able to exchange information. There are too many ways to understand TCP/IP and OSI Modules concept, the most known way is to compare or map the modules to Post Office’s departments since the Layers can be so similar to each other in terms of Routing, Packaging, and Processing functionalities. So, mapping how the the Post Office’...

I remember the first time asking myself, how the heck IP Packets flow across the network? Well, Understanding Packet Flow Across the Network Part1 and Part2 will show you a clear picture of how Routing and Forwarding decision is made inside a Network device. To explain how packets flow across Network Devices (internally or externally), imagine IP packet generator such HTTP request from Web Browser asking ccnahub.com’s Web Server for a Web Page. Below I will show you how PC1 requested a web...

Understanding Packet Flow Across the Network Part2 will complete the Packet’s flow process. Part1 showed you how PC1’s TCP/IP Stack requested a web page from ccnahub.com’s Web Server, hence generated one way Packets across the network. Part2 will show you how the web server received, processed, and responded back to PC1 with the web page in question, therefore, completed the HTTP request and generated the second round of IP Packets across the network. Web Server Responding to P...

Each language got it’s own grammar, rules, regulations, and standards, and Ethernet is no exception. Understanding Ethernet LAN Standards will introduce to the most famous language used at the media level. In order to deal with Ethernet language, you have to understand and grasp its standards. Standards can be speed, cables length, cable pinouts, cable type, cable category, protocols, and frame size are all the building blocks of Ethernet communication. It’s important to mention that...

Media Access Control meant to to be a Physical Hardware Address System used by Ethernet. Understanding Ethernet MAC Addresses will help you grasp how Ethernet transfer frames filled with packets across network devices using MAC Addresses format. So, if Network Layer package Packets using IP Addressing system which is a logical Addressing system, then Ethernet frames or load those packets using a physical Addressing system that meant on the hardware level. Each network device in this world get it...

The moment packets hit the Router’s internet Interface, they become at what is called WAN. Understanding WAN Technologies and why Networks were divided to Local Area Networks (LAN and Wide Area Network (WAN) will help you distinguish among what I call Packet Carriers Technologies which carry generated Packets among Network devices from hop to hop. WAN originally formed by Tele Providers, nowadays, provided by Internet Service Providers (ISP). Besides, WAN and LAN naming convention when use...

Understanding Data Link Layer Encapsulation will answer an important question: Why layer 2 uses different set of protocols for different type of cables to Encapsulate Frames? Well, nowadays, Ethernet cables (Copper or Fiber) and its Encapsulation protocol dominate both Network types – LAN and WAN. Having said this, each different WAN Technology such PPP, HDLC, Frame Relay, or E-MPLS uses it’s own way to encode bits electronically. Since the Electronic Encoding of bits in each WAN tec...

Just another New Type of lease line. Understanding EoMPLS WAN Technology will explain why the Ethernet almost dominated both networks types – LAN and WAN. Ethernet over Emulation Multi-Protocol Label Switching (EMPLS) responded to the exponential growth of the internet over the passed years, MPLS became the preferred backbone by ISP providers to provide your business/home with either Internet or Private virtual leased line. Ethernet as WAN Technology There is no doubt that Ethernet became ...

Understanding IP Routing Process Concept explains how Routing and Forwarding decision is made based on intelligent information. Network Layer is the decision makers when it comes to IP Packet Routing, Data Link Layer takes care of Frame Forwarding. When it comes to IP packet routing, action is based on IP Protocol, Network cost, Routing Table, Next Hop, cabling, and other factors. In case of Frame forwarding, action is based on encapsulation method, Layer 2 protocols, ARP and MAC, and other fact...

Understanding Web Browser DNS Lookup function will show you what’s happening behind the seen when PC1’s Web Browser request a web page from Remote Host such Web Server or Hosting Server. The key piece used to Resolve Human Names into matching IP addresses is is Domain Name System (DNS) or Nameservers. So, imagine that every time you want to search the Internet, you need to type google’s IP Address (173.194.43.9) instead of using google.com. Luckily, TCP/IP networking Model defi...

Understanding ARP Broadcast Message complete the process of how and why Mapping an IP address to MAC Address is crucial under Ethernet Networks. Address Resolution Protocol (ARP) used by Data Link Layer to provide two basic functions: 1) Resolve IPv4 or IPv6 addresses to MAC addresses, and 2) Maintain a Cache Table of MAC to IP addresses. To resolve Name to IP address DNS service is used, to resolve IP address to MAC Ethernet Address, ARP service is used. For Instance, if a shared NFS folder loc...

Understanding TCP and UDP Protocols help you understand Transport Layer Functions. Having said this, two major protocols located at Transport Layer. 1) Transmission Control Protocol (TCP) which it’s a Connection Oriented Protocol,  2) User Datagram Protocol (UDP) which is Connectionless Protocol. These protocols are the backbone of Segmentation process. TCP and UDP are the most famous protocols at Transport Layer, they determine the method how IP packets at the next Layer should be deliver...

Understanding TCP and UDP Multiplexing will answer the following question. How would a Hosting Server responds to Multiple requests generated from different clients requesting different web pages or services? Key points to remember that Transport Layer’s Segmentation based on Port numbers which are the mechanism used to accomplish multiple requests. And that’s how the Web Hosting Server can respond to million of web page requests from different Clients at the same time. Multiplexing ...

Server’s Applications (Services), PC’s Applications, and how they complete each other? Understanding Application Layer Services will help you grasp the features and functions located at Layer 7 of either Server or PC. Technically speaking and from Layer 7 perspective, Applications at OSI Module are called services, specific Rolls of those services are meant for Servers only. Server Operating System with proper Hardware configuration, is meant to run multiple Rolls or dedicated Roll. ...

Understanding Quality of Service Concept help you visualize how QoS used to prioritize Network Applications. Prioritizing certain traffic for delivery using Quality of Service, and how would you do this using UDP ports instead of TCP, will be discussed in details. UDP is used to deliver Real-time Applications such VoIP and IPTV, but UDP not like TCP, it lacks features such Error Recovery which needed by some Services and Application, however, UDP can be perfect choice for services that don’...

Understanding the Base Number Systems help you master topics such IPv4, IPv6, sub-netting, and everything in between. 10, 2, and 16 Base Number Systems are the main building blocks when it comes to Network and Storage topics. This article will show you how the Engineers decades ago used these fundamentals knowledge to invent IP Addressing Systems such IPv4 and IPv6. You will learn how IPv4 revolves around Binary Base 2 System, and how IPv6 Addressing revolves around Hexadecimal Base 16 System. H...

How to Convert Decimal to Binary and vise versa is crucial to master, such skills will give you the confidence when you deal with Network and Storage devices. Mastering Network topics such IP Addressing Subnetting, Speed measurements Megabits (Mb) and Gigabits (Gb), or even Storage measurements such MegaByte (MB), GigaByte (GB), and TeraByte (TB), requires you understand and master how to convert back and fourth between the 3 base numbers: 10, 2, and 16. Converting Decimal to Binary At first, it...

If you have mastered How to Convert Decimal to Binary, then How to Convert Decimal to Hexadecimal would be the logical next step to master. I’ll show you through examples how easy to convert from Decimal to Hexadecimal which based on easy 2 known methods. Once you master base 10 to base 2 and base 16 conversion, you will feel more confidence to move on to next articles, where this Binary to Decimal and Hexadecimal conversion take place. Converting Decimal to Hexadecimal E.g. Convert 212 D...

Did I mention that converting Binary to Decimal is more fun? Yes, How to Convert Binary to Decimal will show you in few easy steps what Binary to Decimal conversion is all about. As you probably already noticed, I have dedicated for each Base System 2 articles to cover all conversion scenario, therefore, I highly recommend you first read Base 10 System conversion article, before going through the Binary conversion to decimal or hexadecimal steps. Converting Binary to Decimal Converting binary t...

How to Convert Binary to Hexadecimal will show you how to to Master Binary to Hexadecimal conversion using easy steps. I will show you through examples how easy to do the conversion using two known methods. So, once you master the conversion, you will feel more confidence to move on to Hexadecimal conversion steps, it’s worth to mention conversion similarities sometimes among 10, 2, and 16 base systems which will make it easy to grasp and remember. Converting Binary to Hexadecimal E.g. Con...

How to Convert Hexadecimal to Decimal will show you the importance of Hex especially when it comes to understand how MAC and IPv6 Addressing System structured. Note that Ethernet MAC Addressing System which is 48bit Hexadecimal numbers, and IPv6 is 128bit Hexadecimal numbers Addressing System all based on Hex, hence, Hexadecimal conversion would be more fun! It’s interesting to know that Base 10 and 2 was not enough for the some computer needs, therefore, base 16 filled the gap. Converting...

How to Convert Hexadecimal to Binary will show you how easy to convert Hex to Binary, however, I recommend you read How to Convert Hexadecimal to Decimal first. This article will be the end of this section which I believe it was a lot of fun to know the ways of how you can convert back and fourth between Decimal, Binary, or Hexadecimal. Remember, Network and Storage devices depends heavily on Base number systems to express their values. Converting Hexadecimal to Binary E.g. convert F9 Hex to Bin...

Understanding IPv4 Addressing System History and creation, was one of the most interesting subject I worked on. Briefly, when the Government, Colleges, and Institutes needed a reliable way of computer communication among its agencies, Mathematicians and communication Engineers gathered together to come up with Addressing Systems based on Binary Base 2 System. I found it little bit hard to trace how and where the IP Address versions such 1,2,3, and finally 4 have been evolved using base 2 system....

As mentioned under Understanding IPv4 Addressing System, human prefer to deal with Decimal over Binary System. Understanding Class A Network IP Addresses explains why the previous article suggested to use 256 decimal to represent the Binary Network 0.0.0.0 (The ONE Big Pie) as base to divide, therefore, decimal 256 can be divided as needed. Let’s start the fun of reverse engineering to show you how decimal 256 was divided to form the Classful A Networks. Creating Class A Networks As menti...

Continue dividing, Understanding Class B Network IP Addresses will go through dividing the 128 remainder further to smaller Networks, which will lead to Classful B Networks, however, there will be another remainder as well to create Class C Networks. So, If you haven’t followed the process from the beginning, I recommend you read Understanding IP Addressing System Article first to link all dots together. Creating Class B Networks Dividing the remainder 128 by 2 will slice the rest of the P...

This article will finalize what I called the First Division of IPv4’s Space. Understanding Class C Network IP Addresses will show you how dividing 64 by 2 formed the last Unicast Classful C Networks. As mentioned in previous articles, there are Unicast, Multicast, and Broadcast IP Addresses. Class A, B, and C Networks’ addresses are considered Unicast, and Class D as Multicast Addresses. Creating Class C Networks As you probably guessed, dividing the remainder 64 by 2 will slice the ...

Understanding Classful Network Mask explains why every Network IP device must belong to a Network Address, and how every Network Address must have Netmask Address. Therefore, to communicate with ccnahub.com’s web server, PC1 or its Gateway must know the Web Server’s IP Address, Network Address, and the Netmask which will point to the Network Portion of the Web Server’s IP Address. Netmask Address After A, B, and C Classful Networks have been created from the One Big Pie of IPv4 Space, the ...

Why Understanding Classless Subnet Mask is a key stone? In my previous articles, I mentioned about how it all started with One Big IP Space, then how the Engineers divided the IP space to Classes A, B, C, D, and E. Besides, how the Engineers identified each Classful Network by setting for each Class what is called Network Mask or for short Netmask. Why I am repeating all this? Because Class A, B, and C default Masks (255.0.0.0, 255.255.0.0, 255.255.255.0) respectively were not an efficient appro...

Let’s dig into Understanding Classless Subnetting Concept. In my previous article Understanding Classless Subnet Mask, I have explained briefly why in the 90’s a new approach to distribute the IP Space Classless Subnet Masks was required to replace Classful Masks. In this article, I am going to dig deep into this approach for Subnetting (dividing) the Classful Networks into smaller Subnets. Subnetting Class A Networks As mentioned, Classful A Networks use 255.0.0.0 Netmask, but it can use...

Type 1 vs. 2 Hypervisor Virtualization Platform will help you decide which Platform is good for your needs. I will explain the major difference between both Virtualization Technologies, and how to decide based on your Application or lab needs. Briefly, there are too many reason to run virtualization platform, among them are: saving space and money, utilizing all hardware resources, agility, flexibility, easier to manage, scalability, centralized management, and much much more, the list can go on...

Cloud Platform vs Virtualization Platform, what are the major differences between both of them, and how they complete each other? I always like to break those 2 terms down, first to remind myself of the most fascinating technology man kind invented, second, it’s just so fun to explain it to others. Remember, that both technologies depend on each other to function. Besides, still too many IT guys mix it up and don’t have a clear understanding behind both concepts. Brief History of Clo...

Understating VPS Hosting versus Cloud Server Hosting comparison is important before building your Web Hosting Solution. As you probably know, there are 2 main Cloud services available: Public and Private Cloud. If you have type 1 Hypervisor infrastructure such VMware vSphere, Hyper-V, or Proxmox KVM running in house, then you can have your own Private Cloud Infrastructure. The public Cloud is almost the opposite, the hosting provider runs his own Private Cloud and sells it as portions to the Pub...

Cloud Network versus OpenVPN Network. Mainly will explains why you should have Secure Private Network when using either VPS or Cloud Nodes. If you signed up for Cloud Hosting, then out of the box you have isolated private and secure network with private IP Address Range to use between Cloud Servers you create. If you signed up for VPS Hosting, then you have to build your own Secure Private Network using OpenVPN in case you need to connect 2 or more VPS privately and securely together. Having sai...

Creating Linux VM Instance using VirtualBox will show you step by step how to create a VM using Hypervisor Type 2 Virtualization Platform such VirtualBox. The following slideshare should be suitable to create either Debian, Ubuntu, and CentOS Virtual Linux Hardware, meaning, you should select the appropriate Linux distribution during VM hardware creation. So, let’s create what is called Blank VM, meaning, assembling the hardware before the OS setup. Objectives: Creating Virtual VM Hardwar...

Creating Linux VM Instance using VMware will show you step by step how to create a VM using Hypervisor Type 2 Virtualization Platform such VMware Workstation. The following slideshare should be suitable to create either Debian, Ubuntu, and CentOS Virtual Linux Hardware, meaning, you should select the appropriate Linux distribution during VM hardware creation. So, let’s create what is called Blank VM, meaning, assembling the hardware before the OS setup. Objectives: Creating Virtual VM Har...

Using one of my favorite Linux distribution, I will show you how Installing Debian Linux OS Minimal Server is easy, simple, and most suitable setup for Web Hosting Solution. As you will see, each Linux distribution got its own way when it comes to install the OS. The following slideshows will show you how to install the latest version of Debian OS minimal Server down to three versions of the distribution. It’s highly recommended to use the server version over the Desktop version especially...

In order to implement configuration articles, I need root privileges access. Understanding Root Account Privileges Methods will prepare you with 3 different methods to gain root privileges when you need to configure your Linux system. It is crucial to understand all methods of root account privileges access, and the difference among them before start configuring your Linux VM or VPS. Objectives: 1. Understanding Root Privileges Methods 2. Setting or Changing Root Account Password 3. Allowing Roo...

Using one of my favorite Linux distribution, I will show you how Installing Ubuntu Linux OS Minimal Server is easy, simple, and most suitable setup for Web Hosting Solution. As you will see, each Linux distribution got its own way when it comes to install the OS. The following slideshows will show you how to install the latest version of Debian OS minimal Server down to three versions of the distribution. It’s highly recommended to use the server version over the Desktop version especially...

Creating and Adding Local Users to Sudoers List is highly crucial to master. Having said this, I will show you how to create and add Admin users to admin list called sudo Members List. Since the rest of the courses will be heavily based on such skills and fundamentals, it’s highly recommended to take your time and master the user and groups management side, especially when you need later on to add or remove Admin users from your Linux system. Objectives: 1. Creating Local Users for Admin P...

Using one of my favorite Linux distribution, I will show you how Installing CentOS Linux OS Minimal Server is easy, simple, and most suitable setup for Web Hosting Solution. As you will see, each Linux distribution got its own way when it comes to install the OS. The following slideshows will show you how to install the latest version of Debian OS minimal Server down to three versions of the distribution. It’s highly recommended to use the server version over the Desktop version especially...

Just like any other physical machine, Installing Linux Virtual Machine Guest Additions can be very helpful to get optimal performance from your VM. I will show you how to install Linux drivers for either VirtualBox or VMware Station VMs. Besides, if you are using ESXi, Proxmox, or even Hyper-V, the concept is the same, you need to load the ISO image file into the Virtual CD-ROM device, mount the ISO image, and install the drivers. You don’t need the following procedure if you are using Pub...

One of the coolest features in virtualization is Cloning Virtual Machines using VM Snapshot. The following slideshares will show you how easy and fast to create copies of your Linux VM. The idea is to save time and focus on Testing or production. I am going to use Snapshot V1 using Linked Cloned Technology. Snapshot V1 can carry the Basic OS Setup, Basic Configuration, and the Latest Updates/Upgrades. You don’t need the following procedure if you are using Public VPS. Objectives: 1. Using ...

After Creating my VPS or VM, the first thing I would start with is to Configuring Local or Public DNS PTR Records. Since the rest of courses are focused on VPS, I will focus more on the Public DNS settings records, which might take some time to propagate. So, I always start by DNS settings first before system configuration. I will cover Local and Public DNS settings, especially VPS DNS settings needs which to create and set DNS PTR records, DNS A and AAAA records, and finally test and verify DNS...

Debian Based Hostname Plus Network Configuration will show you step by step how to set your Public VPS Network Configuration. The following procedures should be used as baseline across all Debian and Ubuntu base systems deployment when it comes to Network, DNS, and Hostname Settings. The Basic requirements in this article will include configuring, setting, and verifying a proper hostname, FQDN, Static IP, and hosts file to prepare your VPS for next and advanced configuration. Objectives: 1. Sett...

Red Hat Based Hostname Plus Network Configuration will show you step by step how to set your Public VPS Network Configuration. The following procedures should be used as baseline across all Red Hat and CentOS base systems deployment when it comes to Network, DNS, and Hostname Settings. The Basic requirements in this article will include configuring, setting, and verifying a proper hostname, FQDN, Static IP, and hosts file to prepare your VPS for next and advanced configuration. Objectives: 1. Se...

Red Hat Based Systems Network Manager Text UI will show you step by step how to set your Public VPS Network Configuration using menu driven tool called Text User Interface. However, I still recommend using nano editor since it will give you more control over the settings. Besides, I have included how to change your CentOS Machine IP settings using command line Interface. Bottom line you got 3 different ways to edit or change Network Settings: nano editor, Cli, and TUI. Objectives: 1. Configuring...

SSH-Keys are form of Multifactor authentication mechanism. Understanding SSH-Keys Based Authentication will prepare you to manage your VPS via SSH, and explains how using SSH-Keys can be the first layer of security against Password Brute Force attacks. So, Linux Admins can use OpenSSH for secure communication without SSH-Keys, and your communication will be always secure, however, it doesn’t mean that intruders won’t be able to Brute Force root password. Using SSH-keys, you won’...

Creating SSH-Keys using Putty Keys Generator is highly recommended before deploying your VPS instance, hence, SSH-Keys Authentication will be used instead of Password Authentication. SSH-Keys are part of the OpenSSH package which provides secure and encrypted communication between SSH Client (Admin Station) and the OpenSSH Server (VPS). SSH-Keys make it possible to have Multifactor Authentication mechanism between your Admin Station and your VPS. Objectives: Creating SSH-Keys using Puttygen Prer...

Look no further, I believe DigitalOcean and Vultr considered the Best VPS Infrastructure Out there. Creating Public VPS Droplet using DigitalOcean will show you step by step how to create a Public VPS using DigitalOcean. DigitalOcean call their VPS instances Droplets and Vultr call them VPS Instance. In the end of the day, VPS instance and Droplet refer to the same thing. Objectives: Creating DigitalOcean Droplet Using SSH-Keys Prerequisites: A. Basic Debian or Red Hat Linux Knowledge B. Login t...

Managing Linux VPS Instance via Putty SSH Client is the most known SSH client by Linux community. Putty is my favorite ssh client to manage my VPS, as if I am settings in front of my server. As you probably know, Secure Shell (SSH) is an encrypted version of Telnet Terminal. Meaning, the communication from end to end is encrypted, although the communication is encrypted, you still need SSH-Keys, hence, I will talk about Putty Agent and ssh-agent for saving SSH-keys Passphrase. Objectives: 1. Ver...

Managing Linux VPS Instance via WinSCP Client is very handy for Windows users. I will show you how to configure WinSCP, and take a quick look at Bitvise and Linux/UNIX ssh clients. At the end, I will rap it up with Security Best Practices before using SSH clients. So, why do you need different types of SSH clients? Most of the time it’s personal preference, and mainly it depends on the type of management station you are using, such Windows, MAC, or Linux. Objectives: 1. Connecting using Wi...

Creating SSH-Keys using Terminal Keys Generator is highly recommended before deploying your VPS instance, hence, SSH-Keys Authentication will be used instead of Password Authentication. SSH-Keys are part of the OpenSSH package which provides secure and encrypted communication between SSH Client (Admin Station) and the OpenSSH Server (VPS). SSH-Keys make it possible to have Multifactor Authentication mechanism between your Admin Station and your VPS. Objectives: Creating SSH-Keys using Linux Term...

Have you created a VPS without SSH-keys? No worries, Switching SSH Password to SSH-Keys Authentication can be accomplished using simple steps, and you should be able to SSH to your VPS using SSH-Keys Authentication instead of SSH Password Authentication. This article assumes that you have already created and prepared your SSH-Keys pair using either Putty, or Linux or UNIX Like ssh-client. Objectives: 1. Uploading Key’s Concept and Why Should be Uploaded to Your VPS 2. Uploading Public Key ...

Uploading Admins and Friends SSH-Keys to your VPS could be handy if one day 1) You have leased a VPS but the control panel doesn’t provide you creating VPS using SSH-Keys, 2) you need help fixing or configuring your Server, hence, you can ask a professional person or friend for Help. Finally, your VPS should accept ONLY SSH-Keys Authentication and refuse SSH Password Authentication. Objectives: 1. Understanding the Purpose Behind Adding Others Public Key 2. Assigning an Admin Account for O...

Uploading SSH Public Keys using VPS Panel would be the next logical step after creating your SSH-keys. As mentioned, the Public key is simply what it sounds, the Public Part of your SSH-keys Chain. Using a Public Key, you can be certain that Only and Only the other pair of the SSH-keys pair (which is the Private) is able to unlock access to the VPS for Management. Meaning, no matter how Publicly the Public Key is exposed, it’s useless without its pair – Private Key. It’s worth ...

It’s one of the coolest feature when you are using SSH-keys Base Authentication. SSH Hopping using SSH Agent Forwarding is a must skill and very time saver, especially if you have to create and manage Multiple VPS instances using SSH-keys. I assure you that SSH Agent Forwarding feature is a must when it comes to manage Multiple Servers. For only one VPS, you don’t need SSH Agent Forwarding. Objectives: 1. Understanding SSH Agent Forwarding Concept 2. Enabling SSH Agent Forwarding in ...

Deploying Public VPS Instance using Vultr Provider will show you step by step how to deploy a reliable, Fast, single Public VPS using Vultr VPS Provider. Vultr got it’s own touch, I liked their clean cut interface, you can upload your own ISO file to install your favorite Linux or Window distribution, you have the option to host your website on dedicated structure over Shared VPS structure, and my favorite feature is Distributed Denial of Server Protection (DDoS). Objectives: Deploying Vul...

By default, OpenSSH Server works out of the box, however, Securing and Hardening SSH Server Configuration using known security practices is highly recommended. Custom security configuration can start by Restricting Access to Specific SSH Groups or Users, Disabling SSH Password Authentication, Disabling root Account SSH Login, Disabling X11Forwarding, and much more. Objectives: 1. Restricting SSH Access to Specific Users 2. Restricting SSH Access to Specific Groups 3. Disabling SSH Password Authe...

Hopefully you won’t face critical errors when using SSH, however, things can go wrong sometimes. SSH Server and Client Most Known Error Messages will cover only the errors that I have faced so far while I was setting and testing my Web Hosting Server Solution. I will keep this article open in case I seen more new errors, please feel free to email me if you have faced different errors. Objectives: Troubleshoot Common SSH Server/Client Error Messages Prerequisites: A. Basic Debian or Red Hat...

Debian8 VPS Installing Required Packages for basic and advanced configuration. Such packages and will be needed through the rest of the configuration steps. Initially, you will install and configure MTA eMail services in order to receive emails and alerts notification while you are configuring your system. The required packages will include Development Tools and packages to prepare the VM or VPS for advanced HowTo configuration Articles. Besides, I will install updates, upgrades, NTP time server...

Debian7 VPS Installing Required Packages for basic and advanced configuration. Such packages and will be needed through the rest of the configuration steps. Initially, you will install and configure MTA eMail services in order to receive emails and alerts notification while you are configuring your system. The required packages will include Development Tools and packages to prepare the VM or VPS for advanced HowTo configuration Articles. Besides, I will install updates, upgrades, NTP time server...

Ubuntu16.04 VPS Installing Required Packages for basic and advanced configuration. Such packages and will be needed through the rest of the configuration steps. Initially, you will install and configure MTA eMail services in order to receive emails and alerts notification while you are configuring your system. The required packages will include Development Tools and packages to prepare the VM or VPS for advanced HowTo configuration Articles. Besides, I will install updates, upgrades, NTP time se...

Ubuntu14.04 VPS Installing Required Packages for basic and advanced configuration. Such packages and will be needed through the rest of the configuration steps. Initially, you will install and configure MTA eMail services in order to receive emails and alerts notification while you are configuring your system. The required packages will include Development Tools and packages to prepare the VM or VPS for advanced HowTo configuration Articles. Besides, I will install updates, upgrades, NTP time se...

Ubuntu12.04 VPS Installing Required Packages for basic and advanced configuration. Such packages and will be needed through the rest of the configuration steps. Initially, you will install and configure MTA eMail services in order to receive emails and alerts notification while you are configuring your system. The required packages will include Development Tools and packages to prepare the VM or VPS for advanced HowTo configuration Articles. Besides, I will install updates, upgrades, NTP time se...

CentOS7 VPS Installing Required Packages for basic and advanced configuration. Such packages and will be needed through the rest of the configuration steps. Initially, you will install and configure MTA eMail services in order to receive emails and alerts notification while you are configuring your system. The required packages will include Development Tools and packages to prepare the VM or VPS for advanced HowTo configuration Articles. Besides, I will install updates, upgrades, NTP time server...

CentOS6 VPS Installing Required Packages for basic and advanced configuration. Such packages and will be needed through the rest of the configuration steps. Initially, you will install and configure MTA eMail services in order to receive emails and alerts notification while you are configuring your system. The required packages will include Development Tools and packages to prepare the VM or VPS for advanced HowTo configuration Articles. Besides, I will install updates, upgrades, NTP time server...

Preparing Linux Script Startup Environment is a must step for various scripts I am going to build such Kernel rules, IPtables Modules, Optimization Rules and any other scripts that I might need to run at the startup. I have actually dedicated an article for that since it varies little bit between Debian and Red Hat Based system, and between the Oldest and New method when using Systemd. However, the concept still the same is to have a script get executed at the startup. Objectives: 1. Creating Ce...

Implementing Security measures will be a major part of my Web Hosting Solution. Applying Linux Kernel Hardening Rules will be Security Layer1 before IPtables Stateful Firewall. Briefly, hardening your VPS System and Network configuration is a must step. Linux Kernel is your Linux OS core, it manages all Hardware or Virtual components such CPU, Memory, Storage and Network Rules, hence, that’s your first place to start with. Objectives: 1. Understanding Linux Kernel Hardening 2. Applying Lin...

Applying System and Network Tuneup Rules is my favorite part. Tweaking and optimizing System and Network Kernel Rules to keep up with busy websites or VPS is very crucial. I will show you how to adjust most known areas that might create bottle necks if left as default values which is not suitable for a busy website or Web Hosting Solution. Besides, the rules will be applied using as script at the startup along the Kernel Hardening rules script. Objectives: 1. Understanding Linux Kernel and IPtab...

Implementing Stateful Firewall Using IPtables is the most known way to protect Linux systems. As you probably know, there are too many ways to apply IPtables Firewall Rules, my favorite is to use a bash Script. Below, I will show you how easy to apply Stateful Firewall on your VPS using well structured script especially crafted for Web Hosting Solution Servers; tested and verified to work on Single VPS. Objectives: 1. Preparing IPtables Firewall Environment 2. Applying IPtables Stateful Firewall...

Since Syslog and Messages files log random system events, hence, Redirecting IPtables Firewall Logging Location to its own file is better option. IPtables Logging redirection and Persistent rules would be the last thing to finalize IPtables Setup. Log rules will redirect IPtables default logging location from /var/log/syslog (Under Debian Based) and /var/log/messages (Under Red Hat Based) to it’s own logging file located at /var/log/iptables.log. Objectives: 1. Redirecting IPtables Logging...

This eye represents the Nmap Scanning tool. Testing IPtables using Nmap Scanning Tool is a crucial Audit after applying IPtables Firewall Script. Although I have applied complex IPtables rules, but running a Firewall without testing it’s rules, is like building a security cam system without testing it. Since the test is only for IPtables, the main focus will be only at Layer 3 and up to 4 of TCP/IP stack. Objectives: 1. Understanding Penetration Test Concept 2. Brief Introduction to Nmap S...

Logging and Trapping Port Scanning Tools is a must step after Port Scanning through Pen Testing was done successfully. The following Lab will go through how port scans are being logged and what are the the mechanisms used to Trap the attackers when they tend to use Information Gathering tools (Port scanning) such nmap. Besides, I will show you how to generate simple and useful IPtables reports for daily, weekly, or monthly use. Objectives: 1. Generating Invalid Packets Logging Reports 2. Generat...

Listing and Tracking Suspicious Bad IP Addresses can be very crucial if you suspect unreasonable consumed resources. Having said this, there are 2 known methods to list and track connected IP addresses to your VPS, in case you are suspecting hardware resources getting consumed for no reason. Besides, legitimate user’s IP address consumes reasonable portion of CPU and Memory, but bots most of the time act stupid, hence their activities can be so obvious. Objectives: 1. Listing Active IP Add...

Building Public and Private IPtables Blacklists is the simplest way to block few bad IP Addresses. I will show you how easy to build simple individual blacklists using IPtables Firewall chains. The Public IPtables Blacklists will be feed by the internet of different communities around the world to protect services such SSH, HTTP, Mail, FTP, and Applications like Wordpress, Joomla, and Drupal Platforms. Objectives: 1. Understanding Blacklists Concept 2. Building Simple Public IPv4 Blacklists 3. B...

Function as IPtables Blacklist, but it’s for White and Good IPs that you trust. Building Public and Private IPtables Whitelists is another crucial thing to allow a service such CDN cloudflare to proxy your website without IPtables blocking it. Public Whitelists will be feed by Internet source and Private Whitelist will be feed by you to allow free and specific access to services such SSH, HTTP, Mail, FTP, and so on. Objectives: 1. Building Simple Public IPv4 Whitelists 2. Building Simple P...

Wouldn’t be nice to combine the world’s Public Blacklists in one centralized database file? Building Public and Private IPset Blacklists will make this possible by taking the blacklist concept to the next level, and show you how to apply Multiple Blacklists effectively as one centralized database using IPset Module, hence, IPtables Firewall can efficiently block thousands or even millions of IP Addresses using light weight IPset database instead of IPtables Simple Lists loaded into R...

Since your VPS might communicate with third party services, Building Public and Private IPset Whitelists is crucial as well. This Lab will take Multiple Whitelists and combine them as one file, which makes whitelist as one centralized database using IPset Module. Trusted IP addresses will be collected from different Public Sources based on your selection using just one script to allow them unrestricted web access through IPtables Firewall rules. Objectives: 1. Understanding IPset Whitelists Conc...

Project name: How to Build Single or Multisite Wordpress Hosting Hub. To make the story short, I’ve started ccnahub.com on Shared Hosting Plan, however, few months later and after google indexed my articles, thousands of people are visiting ccnahub.com every month! Therefore, Shared Hosting Platform is not a long term solution for thousands of visitors. So, I have decided to design and build my own Wordpress Hosting Servers using VPS or Cloud Servers. My long term goal is to open 2 separat...