Logging connections that hit rate-limit rules helps you identify brute force attempts and troubleshoot legitimate clients that are being blocked. The standard approach is to create a dedicated chain that logs packets before dropping them. Create a logging and drop chain First, create a custom chain to handle logging and dropping: iptables -N LOGNDROP iptables…
Rate-limiting SSH brute-force attempts is essential for any server exposed to the internet. Using iptables with the recent module, you can drop connections from IPs that exceed a threshold in a given time window—for example, blocking IPs that attempt more than 6 connections in 60 seconds. Using iptables The recent module tracks connection attempts by…
Making firewall rules persistent across system reboots is essential for any production Linux system. While the original iptables-persistent approach works, modern systems typically use ufw (Uncomplicated Firewall) or firewalld, but understanding the underlying iptables mechanism is still valuable for lower-level control. Using iptables-persistent The iptables-persistent package automatically saves and restores your firewall rules during boot….
When you run cat /etc/resolv.conf on a modern Linux system, you’ll often see nameserver 127.0.0.1 or 127.0.1.1 pointing to localhost. This doesn’t mean you’re actually using your ISP’s DNS directly — it usually means your system is running a local DNS stub resolver or caching service like systemd-resolved or dnsmasq. To find out which actual…
When you need to increase data redundancy or reduce storage overhead on a running HDFS cluster, you’ll often need to adjust the replication factor. Before making changes, understand that HDFS replication works differently than you might expect. How HDFS Replication Factor Works The replication factor in HDFS is determined at write time by the client,…
As nodes are added or removed from a Hadoop cluster, storage utilization becomes uneven across DataNodes. Some fill up while others remain mostly empty, leading to inefficient resource use and potential storage bottlenecks. HDFS provides the Balancer tool to redistribute blocks across DataNodes and even out disk usage. Understanding the Balancer The HDFS Balancer is…
When your host machine connects to the network via WiFi, giving QEMU guests network access requires a different approach than traditional bridged networking. Since wireless interfaces typically don’t support bridge mode, you’ll need to use NAT (Network Address Translation) or a tap device with masquerading. Understanding your options NAT mode is the simplest approach—the host…
Xen VMs sometimes log cryptic kernel messages about fragmentation that indicate a mismatch between the VM’s network driver and the host’s virtual interface settings: kernel netfront: Too many frags skb rides the rocket These errors occur when the guest kernel’s netfront driver tries to send packets with more fragments than the backend can handle, or…
HDFS uses the dfs.replication property in hdfs-site.xml to set a global default replication factor for all blocks. However, you can override this on a per-file or per-directory basis using the hdfs dfs -setrep command — useful for frequently accessed “hot” files that need higher availability. Basic syntax hdfs dfs -setrep [-R] [-w] <numReplicas> <path> Setting…
Understanding the difference between reliability, durability, and availability is critical when designing or operating distributed storage systems like HDFS, Ceph, or cloud object storage. These terms are often confused, but they address distinct concerns. Durability Durability answers: If the system fails completely, will my data survive? Durability is about persistence to non-volatile storage. Data is…
Linux Mint’s Driver Manager makes installing proprietary wireless drivers straightforward, but the process varies depending on your hardware and kernel version. For older HP Mini 110 netbooks with Broadcom BCM43xx chipsets, the bcmwl-kernel-source driver remains the most reliable option. Check Your Wireless Hardware First, identify your wireless adapter before installing drivers: lspci | grep -i…
The hostname identifies your system on the network. On Linux Mint, you can change it through the GUI or command line depending on your preference and situation. Using the GUI (Easiest Method) Open Settings from the application menu Go to Details or About Click the hostname field (you may need to click a pencil icon…
To set the number of mappers and reducers when submitting a Hadoop job, use the -D flag with the appropriate property names. The correct properties depend on your Hadoop version. Hadoop 2.x and Later (YARN) Use the modern property names: hadoop jar -Dmapreduce.job.maps=5 -Dmapreduce.job.reduces=2 yourapp.jar The older mapred.map.tasks and mapred.reduce.tasks properties are deprecated in Hadoop…
iOS 7.1.2 was released in 2014, and jailbreaking it today is neither practical nor recommended for active use. Why jailbreaking iOS 7.1.2 doesn’t make sense in 2026 Security vulnerabilities: iOS 7.1.2 reached end-of-life over a decade ago. It contains hundreds of unpatched security flaws that expose your device to malware, data theft, and network attacks….
SSH tunneling and port forwarding work well for specific traffic, but they don’t give you a full VPN-like experience where all system traffic routes through the remote server. If you need transparent, system-wide traffic redirection over SSH, you have several solid options depending on your platform. sshuttle on Linux and macOS sshuttle is the standard…
UDP packet loss on Linux commonly stems from undersized kernel buffers. When packets arrive faster than the application can process them, the kernel drops excess datagrams silently. Unlike TCP, UDP offers no retransmission, so these losses are permanent. Proper buffer tuning is essential for DNS servers, NTP, monitoring systems, video streaming, and any high-throughput UDP…
X11 forwarding lets you run Chrome on a remote host and display it on your local machine. It’s quick to set up for occasional use, but for regular work or modern Linux systems, you’ll want to know when to use alternatives. Basic X11 Forwarding The simplest approach uses SSH’s X11 forwarding: ssh -X username@remote_host google-chrome…
The replication factor determines how many copies of each data block HDFS maintains across your cluster. The default is 3, which provides adequate fault tolerance for most deployments by surviving both node and rack failures simultaneously. Setting Cluster-Wide Default Replication To set the default replication factor for all new files, add the dfs.replication property to…
Amazon S3 has a maximum object size of 5TB per object. This limit applies uniformly across all storage classes and regions — there are no exceptions or workarounds. Understanding the 5TB Ceiling The 5TB limit is a hard constraint at the API level. You cannot upload, copy, or restore an object larger than this. While…
When you need to reach a server through one or more intermediate hosts, you can establish a direct connection without manually chaining SSH sessions. This is essential for accessing internal servers that aren’t directly reachable from your workstation. The scenario laptop —-> proxy —-> server You want to connect to server.example.com through proxy.example.com as if…