Author: Grzegorz Juszczak

Cloud Computing

Install OpenStack Juno on CentOS 7 / RHEL 7

Apr 20, 2015 by Grzegorz Juszczak 21 Comments , , , , , , , , ,

openstack
OpenStack is a free and open source cloud computing platform developed as a joint project of Rackspace Hosting and NASA. Users primarily deploy it as an Infrastructure as a Service (IaaS) solution. OpenStack cloud consists of many well know technologies like: Linux KVM, LVM, iSCSI, MariaDB (MySQL), RabbitMQ or Python Django.

OpenStack architecture overview:

  1. Horizon: web browser user interface (dashboard) based on Python Django for creating and managing instances (virtual machines)
  2. Keystone: authentication and authorization framework
  3. Neutron: network connectivity as a service
  4. Cinder: persistent block storage for instances based on LVM
  5. Nova: instances management system based on Linux KVM
  6. Glance: registry for instance images
  7. Swift: file storage for cloud
  8. Ceilometer: metering engine for collecting billable data and analysis.
  9. Heat: orchestration service for template-based instance deployment

In this tutorial we will install OpenStack Juno release from RDO repository on two nodes (controller node & compute node) based on CentOS 7 / RHEL 7.

Environment used:
public network (Floating IP network): 192.168.2.0/24
internal network: no IP space, physical connection only (eth1)
public controller IP: 192.168.2.4 (eth0)
public compute IP: 192.168.2.5 (eth0)
openstack_diagram
Read More

Linux, Security

Detect SSH Brute Force Attack and Locate Attacker

Feb 19, 2015 by Grzegorz Juszczak 2 Comments , , , ,

Brute Force Attack consists of systematically checking all possible passwords until the correct one is found. If the host is exposed directly to the Internet (WAN) and SSH service is running on the host, it becomes a subject of constant brute force attacks performed by automated scripts like hydra.

To detect SSH brute force attempts on systems running systemd service manager (CentOS7/Fedora21/RHEL7), you can use journalctl command with parameters:
Read More