How to install MongoDB Community Edition on Ubuntu Server 18.04

MongoDB is one of the most popular NoSQL database management systems. It is known for it’s simplicity, wide adoption and high scalability. That is why in this article we’ll show you the basics of installing a Mongo server on your cloud machine.

Installing Mongo on Ubuntu has some prerequisites. The packages available in the Ubuntu repositories are very outdated. So you’ll first need to add the official MongoDB repositories. Read More

How to create a temporary file in Linux shell

Sometime you just need to quickly put down something in a temporary file. And as easy as it seems to just type in some file name like ‘test’, ‘test1’ and so on, this soon becomes wasteful and impractical.

In this article we’ll show you a bit more professional and programmable way to create temporary files in Linux usin ‘mktemp’. Read More

How to find Java version in Linux

In the recent years Java is one of the most popular technologies including in the world of Web. In this article we’ll start with something fairly simple – how to check which is the currently installed version of Java in a Linux environment.

If you have either the JRE (Java Runtime Environment) or the JDK (Java Development Kit) you will have the java command present. Read More

How to setup a logical volume with LVM on Ubuntu Server Linux

Logical Volume Manager or LVM is great tool for managing your scalable cloud storage. It’s simple yet powerful. You can use it to setup a single volume like we’ll show you in this article, but you can also make far more complex structure combining multiple storage drives, adding redundancy or just scaling out your storage on the fly.

In this tutorial we’ll start with an easy setup. We’ll create a single logical volume from one physical drive – /dev/sdb.

Let’s start by creating an LVM physical volume from /dev/sdb:

pvcreate /dev/sdb

Using the physical volume we’ll create the volume group data01. Although it currently consists of only one physical volume, physical groups let us easily add more drives on a later stage and expand the logical volume.

vgcreate data01 /dev/sdb

And the third and final step creating the logical volume data-vol01. We create it using 100% of the space available in the volume group data01.

lvcreate -l 100%FREE -n data-vol1 data01 /dev/sdb

Once we have a logical volume it’s just a step before we can start keeping data on it, so let’s add an file system and mount it in the /media directory just to check it:

mkfs.ext4 /dev/data01/data-vol1

mount /dev/data01/data-vol1 /media

This simple LVM setup shows that it’s quick and easy to start managing your additional storage drives. By adding more storage to your servers LVM will be one of your best friends to manage and keep your data. Keep an eye on CloudBalkan Blog for more articles related to LVM.

Linux Kernel networking vulnerability allowing potential DoS

A severe vulnerability in the Linux and Unix networking stack has been identified in the last few days. The vulnerability described in CVE-2018–5390 (for Linux) and CVE-2018-6922 (for FreeBSD) allows a potential risk of relatively easy exploitable denial of service attack on an affected machine. The main source of the concern is the wide spread of this issue including plenty of Linux distributions, FreeBSD and some proprietary network equipment operating systems all running the affected Linux Kernels 4.9+ or having the networking code back ported.

The vulnerability is not a complex one. Introduced in Linux Kernel 4.9, it is related to the algorithm that processes the “out of order packages” in TCP connections. That algorithm is responsible to allow the receiving and rearrangement of TCP packets with non sequential numbers in the case of network issues. The problem with the algorithm which brings the potential vulnerability is that it is very resource expensive. According to the report and the calculations just a few thousand out of order packets even from the same source are enough to cause denial of service.

The good news is that some of the most widely spread server distros might not be affected and also the vulnerability still doesn’t have a proof-of-concept exploit So although it’s reported as a severe, this is still not a global issue and patches are already available.

The list of the affected, unaffected and patched distributions constantly updates:

Ubuntu 16.04 and older – Unaffected – Kernel 4.4 is before affected 4.9+

Ubuntu 18.04 – Affected – Patch available through APT

Fedora- Affected

FreeBSD – Affected

OpenSUSE – Unconfirmed

CentOS – Unconfirmed

Mikrotik RouterOS 6.42.6 is now available on CloudBalkan

Mikrotik released a new hotfix version of RouterOS related to the recent security vulnerabilities affecting Mikrotik based routers. Most of the security issues were related to Mikrotik proprietary management interface used by the Winbox tool ( port 8291 ) and led to the build up of a large botnet of infected, insecure routers.

The new version 6.42.6 is so far claimed to be free of the exploited vulnerabilities and provides some more cloud related improvements as well:

What’s new in 6.42.6 (2018-Jul-06 11:56):

  • chr – added checksum offload support for Hyper-V installations;
  • chr – added large send offload support for Hyper-V installations;
  • chr – added multiqueue support on Xen installations;
  • chr – added support for multiqueue feature on “virtio-net”;
  • chr – added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
  • chr – by default enable link state tracking for virtual drivers with “/interface ethernet disable-running-check=no”;
  • chr – do not show IRQ entries from removed devices;
  • chr – fixed interface name assign process when running CHR on Hyper-V;
  • chr – fixed interface name order when “virtio-net is not being used on KVM installations;
  • chr – fixed MTU changing process when running CHR on Hyper-V
  • chr – fixed NIC hotplug for “virtio-net”;
  • chr – improved balooning process;
  • chr – improved boot time for Hyper-V installations;
  • chr – provide part of network interface GUID at the beginning of “bindstr2” value when running CHR on Hyper-V;
  • chr – reduced RAM memory required per interface;

Mikrotik RouterOS 6.42.6 is now available on CloudBalkan Cloud Routers

Mikrotik RouterOS security vulnerability reported in versions before 6.42

Mikrotik RouterOS has been a target for a decent amount of attack in last few months and this hasn’t stopped yet. Yesterday Mikrotik reported another security vulnerability resulting in remote access, infection and deploying a botnet code on infected devices. It is so far claimed to be a vulnerability in the Winbox (port 8291) interface although it is not confirmed that the issue limits only to this. Read More