2019/05/25 Posted in LINUX

Requirements kernel version 4.9 or higher.

List all available tcp_congestion_control

# grep TCP_CONG /boot/config-$(uname -r)
CONFIG_TCP_CONG_ADVANCED=y
CONFIG_TCP_CONG_BIC=m
CONFIG_TCP_CONG_CUBIC=y
CONFIG_TCP_CONG_WESTWOOD=m
CONFIG_TCP_CONG_HTCP=m
CONFIG_TCP_CONG_HSTCP=m
CONFIG_TCP_CONG_HYBLA=m
CONFIG_TCP_CONG_VEGAS=m
CONFIG_TCP_CONG_NV=m
CONFIG_TCP_CONG_SCALABLE=m
CONFIG_TCP_CONG_LP=m
CONFIG_TCP_CONG_VENO=m
CONFIG_TCP_CONG_YEAH=m
CONFIG_TCP_CONG_ILLINOIS=m
CONFIG_TCP_CONG_DCTCP=m
CONFIG_TCP_CONG_CDG=m
CONFIG_TCP_CONG_BBR=m
CONFIG_DEFAULT_TCP_CONG="cubic"

Sample add the options below at the end of the file.

nano /etc/sysctl.conf

net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_notsent_lowat = 16384
net.ipv4.tcp_fin_timeout = 10
net.ipv4.tcp_low_latency =1
net.ipv4.conf.all.arp_filter = 1
net.ipv4.tcp_mtu_probing=1
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_tw_reuse = 1

“Multiple Interfaces on Same Ethernet Broadcast Network
——————————————————
Due to the default ARP behavior on Linux, it is not possible to have one system on two IP networks in the same Ethernet broadcast domain (non-partitioned switch) behave as expected. All Ethernet interfaces will respond to IP traffic for any IP address assigned to the system. This results in unbalanced receive traffic. If you have multiple interfaces in a server, either turn on ARP filtering by entering: echo 1 > /proc/sys/net/ipv4/conf/all/arp_filter

This only works if your kernel’s version is higher than 2.4.5. NOTE: This setting is not saved across reboots. The configuration change can be
made permanent by adding the following line to the file /etc/sysctl.conf: net.ipv4.conf.all.arp_filter = 1

Another alternative is to install the interfaces in separate broadcast domains (either in different switches or in a switch partitioned to VLANs).”

  GNU nano 4.2                   /etc/sysctl.conf                               
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_notsent_lowat = 16384
net.ipv4.tcp_fin_timeout = 10
net.ipv4.tcp_low_latency =1
### more
#net.ipv4.conf.all.arp_filter = 1
#net.ipv4.tcp_mtu_probing=1
#net.ipv4.tcp_fastopen = 3
#net.ipv4.tcp_tw_reuse = 1

Save and rebot or sysctl –system check

# sysctl -p
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_notsent_lowat = 16384
net.ipv4.tcp_fin_timeout = 10
net.ipv4.tcp_low_latency =1

# cat /proc/sys/net/ipv4/tcp_congestion_control
bbr

Test on my own machine speedtest :)

2019/05/12 Posted in LINUX

MONITOR YOUR NETWORK WITH EtherApe

EtherApe
[terminal user=”stretch” computer=”debian”]
$ sudo apt-get install
…
[/terminal]

MISSING PACKAGE

[terminal user=”stretch” computer=”debian”]
$ sudo apt-get install libcanberra-gtk-module
…
[/terminal]

START WITHOUT ERROR MESSAGE

[terminal user=”stretch” computer=”debian”]
$ sudo etherape
…
[/terminal]

2019/05/09 Posted in LINUX

Install the Apache Web Server on Debian

• https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-debian-9
• https://fideloper.com/user-group-permissions-chmod-apache

DEBIAN PERFORMANCE TUNING

• https://wiki.mikejung.biz/Ubuntu_Performance_Tuning
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html-single/performance_tuning_guide/index
• https://www.speedguide.net/articles/ssd-linux-tweaks-3897
• https://wiki.debian.org/SSDOptimization#Low-Latency_IO-Scheduler
• https://docs.oracle.com/cd/E93554_01/E48380/html/apas02.html
• http://www.brendangregg.com/blog/2015-03-03/performance-tuning-linux-instances-on-ec2.html
• https://cromwell-intl.com/open-source/performance-tuning/disks.html

2019/03/14 Posted in SECURITY

HUNGARY – Top – Local infections IN THE LAST MONTH

2019/03/14 Posted in SECURITY

2018/10/06 Posted in BLOG

Content Blocker Of

Enable experimental functions

2018/09/25 Posted in BLOG

Crash Reporter has three modes of operations:

• Basic — The default mode. Only application crashes are reported, and the dialog does not contain any debugging information.
• Developer — In addition to application crashes, crashes are also displayed for background and system processes.
• Server — The default for macOS Server systems. No crash reports are shown to the user (though they are still logged).
• None — Disables the dialog prompt. Crash reports are neither displayed nor logged.

OnyX

• macOS Sierra: Analitikai információk megosztása az Apple-lel
• List of macOS components

2018/09/02 Posted in BLOG

Alapértelmezetten támogatott de nincs engedélyezve.
Pedig minden előnye mellett min. 3x gyorsabban töltődnek be az oldalak.

Leggyakoribb méréseim szerint:
Normál TLS1.1 vagy TLS 1.2 oldalletöltése 1.5 – 1.8s
TLS 1.3 használatával 330 ms
Lol!

Bekapcsolása terminálban:

sudo defaults write /Library/Preferences/com.apple.networkd tcp_connect_enable_tls13 1

Teszt: SSL/TLS Capabilities of Your Browser

• https://www.agnosticdev.com/blog-entry/network-security/tls-13-better-faster-stronger
• https://cyberwarzone.com/enable-tls-1-3-on-macos-via-your-terminal/
• https://kinsta.com/blog/tls-1-3/
• https://www.queryxchange.com/q/2_1217220/how-do-i-enable-tls-1-3-in-ios-and-macos/
• https://superuser.com/questions/1217220/how-do-i-enable-tls-1-3-in-ios-and-macos/1217221#1217221

2018/05/23 Posted in WP

2018/05/17 Posted in LINUX

Virtualbox 5.2.12 telepítése után azt tapasztalhatjuk, hogy bármely Linux disztribúció telepítése után fekete képernyő fogad a rendszer indítása helyett. Ennek oka, a hiányzó csomagok amik nem teleülnek fel a rendszerrel. Tehát első körben alapértelmezett beállításokkal telepítsük fel a vendég operációs rendszert.

Ha elindul a Live média kiadása után, akkor ellenőrizzük a 3D támogatást!

/usr/lib/nux/unity_support_test -p

• • sudo apt update && sudo apt dist-upgrade
  • sudo apt install build-essential module-assistant dkms
  • sudo m-a prepare

Kimenete:

Telepítsük a VirtualBox Guest Additions-t.