I just love saying that... "Gluster Cluster". GlusterFS is a networked file system that can automatically provide redundancy and failover across multiple servers. Essentially it's RAID or mirroring for server storage. You don't want to use it for small files - like a web server - but for network storage in an enterprise environment.

Setting up Gluster is actually really simple. It has one requirement in Ubuntu which is that you install "nfs-common". I actually use Puppet to deploy the core GlusterFS system on servers and clients automatically.

Once a Gluster server cluster is running, a client mounts a share pretty much like any other network filesystem. The initial mount requires that the server in the mount command be available, but after the mount is made, that server could effectively go offline and data still be available to the clients through the other "bricks" in the file sharing system. A brick is a physical server that provides a GlusterFS share. It takes at least two bricks to provide a redundant Gluster filesystem.

Sure, there's a lot of tutorials out there for blocking SYN+FIN, christmas scans, etc.

But did you know that most of those won't help against a default nmap scan? Try it - block all the standard stealth scans, etc using something like the following:

$IPTABLES -A INPUT -p tcp --tcp-flags SYN,ACK SYN,ACK -m state --state NEW -j DROP
$IPTABLES -A INPUT -p tcp --tcp-flags ALL NONE -j DROP

$IPTABLES -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
$IPTABLES -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
$IPTABLES -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP

$IPTABLES -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
$IPTABLES -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
$IPTABLES -A INPUT -p tcp --tcp-flags ACK,PSH PSH -j DROP
$IPTABLES -A INPUT -p tcp --tcp-flags ACK,URG URG -j DROP

You'll find that a simple nmap scan is still able to list all the ports available on the machine. Not that I'm telling you to not use the above code, in fact it's a good first step.

If someone is trying to find all open ports on your server, think about what's happening. They are randomly going around poking it in various places saying "Hey, who's there?". They poke to the tune of hundreds or even thousands of probes per second.

If you run a wireless network and Linux, Kismet is a tool you must have.

More than just a wireless sniffer, Kismet will let you list all access points in range and what channel they are running on. That's great information to have when you're deciding what channel to set your wireless access point to.

Configuring Kismet may seem a bit confusing at first, but there's really only one line you need to change in /etc/kismet/kismet.conf

source=iwl4965,wlan0,iwl4965

That's driver,device,name - I believe the name is arbitrary and can be set to anything, but I set mine to the same as the driver.

This line sets the source for packets. I found the iwl4965 (my wireless card driver) through a couple of steps.

Using the following command:

dmesg | grep Wireless

I was able to determine that I was running the Intel 4965 wireless chipset. From there, I simply looked on the Kismet website to find that iwl4965 was the correct driver name. Note I did not find this information in my lsmod results.

After adding the appropriate line to the /etc/kismet/kismet.conf file, simply run:

sudo kismet

That will start both the server and client and log the client into the server. While running, I was unable to do normal wireless activity, and actually had to reboot or use the wireless button on my laptop to cycle the wireless state before the wireless would work properly again.

Once Kismet has started, press "q" to close the help screen, arrow down to any access point and press "i" to get more information about the network.

Check the channels of all the other access points in range and make sure your access point won't conflict. The only channels that don't overlap are 1, 6 and 11. In my case, my two neighbors are using 1 and 6 so I chose 11.

Kismet can do much more than this, and is a great analysis tool. It will track rogue MAC addresses that are probing your network, allow you to integrate with WEP security programs and much more.

I've confirmed that the new Wii is what is causing my Zoom X6 wireless router to lose all wireless functionality. We went all day without the Asus EEE PC even being turned on and the wireless router still died.

I've tried everything including a firmware upgrade on the router to no avail. Next step: disable the wireless in the router and get a secondary wireless access point.