X over ssh: ssh -X hostname
Forward port over ssh:
ssh -f -N -L110:mailhost:110 -l user mailhost
ssh Tips
March 15, 2006
Leave a Comment » | 
General | 
Permalink
Posted by unixnotes
Monitoring Web Traffic in Real Time with httptop
March 15, 2006See who’s hitting your web server the hardest up to the second with httptop a Perl script from O’Reilley at http://www.oreillynet.com/pub/h/65#code
Leave a Comment » | 
Perl, monitor | 
Permalink
Posted by unixnotes
nmap Get remote system o/s and more
March 15, 2006To find out what type of machine a host is, type:
nmap -O host
Compare services on your server or subnet, run this at 2 different times and then diff the files -
nmap -sX 10.14.34.0/24 | egrep -v '^(Nmap|Starting)' > nmap.out.date
Leave a Comment » | 
General, security | 
Permalink
Posted by unixnotes
ntop Quickstart Guide
March 15, 2006To get ntop real-time network statsitics – Do the following as root:
groupadd ntop
useradd -c "ntop user" -d /usr/local/etc/ntop -s /bin/true -g ntop ntop
mkdir /usr/local/etc/ntop
(unpack and build ntop as per directions)
ntop -A -u ntop -P /usr/local/etc/ntop
ntop -u ntop -P /usr/local/etc/ntop -W4242 -d
Access it via port 3000 in your browser.
Find open ports and associated processes
March 15, 2006netstat -lnp (as root)
gives you PID for any port, then just type:
ps auwex |grep -w PID
Also, try lsof -p PID to get files and sockets.
Leave a Comment » | Hack | Permalink
Posted by unixnotes
Use watch for repeated commands
March 15, 2006Instead of constantly typing ‘ps -ef|grep yada’ over and over, use watch to highlight differences and tell you when the command finishes.
watch 'ps -ef|grep tar'
Leave a Comment » | General | Permalink
Posted by unixnotes
iptables tips & tricks
March 15, 2006iptables is a firewall app that can filter packets.
#Detect DoS attack by limiting to 12 connections/sec
iptables -t nat -N syn-flood
iptables -t nat -A syn-flood -m limit --limit=12/s --limit-burst 24 -j RETURN
iptables -t nat -A syn-flood -j DROP
iptables -t nat -A PREROUTING -i $EXT_IFACE -d $DEST_IP -p tcp --syn -j syn-flood
Note that $DEST_IP is ultimate requested IP of packet, and $EXT_IFACE is public interface of the firewall.
#Drop Xmas and NULL packets
iptables -t nat -A PREROUTING -p tcp --tcp-flags ALL ALL -j DROP
iptables -t nat -A PREROUTING -p tcp --tcp-flags ALL NONE -j DROP
2 Comments | security | Permalink
Posted by unixnotes
Incremental backups with rsync
March 15, 2006Create snapshots of file structure using script below (make_snapshot.sh)
#!/bin/bash
# ----------------------------------------------------------------------
# mikes handy rotating-filesystem-snapshot utility
# ----------------------------------------------------------------------
# RCS info: $Id: ch03.xml,v 1.4 2003/02/21 23:15:12 chodacki Exp $
# ----------------------------------------------------------------------
# this needs to be a lot more general, but the basic idea is it makes
# rotating backup-snapshots of /home whenever called
# ----------------------------------------------------------------------
# ------------- system commands used by this script --------------------
ID=/usr/bin/id;
ECHO=/bin/echo;
MOUNT=/bin/mount;
RM=/bin/rm;
MV=/bin/mv;
CP=/bin/cp;
TOUCH=/bin/touch;
RSYNC=/usr/bin/rsync;
Leave a Comment » | Script | Permalink
Posted by unixnotes
Content push and synchronization
March 15, 2006Push content from master to to multiple front/back-end servers
http://www.oreillynet.com/pub/h/41#code
script: balance-push.sh
source – O’Reilley Linux Server Hacks
Leave a Comment » | Script | Permalink
Posted by unixnotes
Use rsync over ssh
March 15, 2006Keep remote directories in sync is a good use for this. Below will synch remote host (source_host) directory with localhost /home/tom:
rsync -ave ssh [--delete] source_host:/home/mike/ /home/tom/
Use the –delete switch if you want to syncrhonize source deletes as well.
Leave a Comment » | Hack | Permalink
Posted by unixnotes
Backing up with tar over ssh
March 15, 2006Copy directory structure (e.g. apache) from one server to another:
cd /usr/local
tar zcf – apache/ | ssh remote_host “cd /usr/local; mv apache apache.bak; tar zpxvf -”
Leave a Comment » | Hack | Permalink
Posted by unixnotes
Linux hard disk performance tuning
March 15, 2006Check I/O speed with:
hdparm -tT /dev/hda
Check settings with:
hdparm /dev/hda
Turbo-performance like this (may cause system to hang!):
hdparm -c3 -m16 /dev/hda
Recheck performance to see difference.
Leave a Comment » | Hack | Permalink
Posted by unixnotes
Removing a user’s access (but not his files)
March 15, 2006#Lock acct
passwd -l user
#Move directory to avoid .ssh, .rhosts, etc
mv /home/user /home/user.removed
#Check for running jobs
ps awux | grep -i ^user
skill -KILL user
#Check for cron jobs
crontab -u user -e
#remove user from sudo users file if needed
Leave a Comment » | General | Permalink
Posted by unixnotes
pgrep and pkill
March 15, 2006If you want to find out the process IDs for all process names containing ‘httpd’ -
pgrep httpd
321
324
455
If you want to kill all httpd processes -
pkill httpd
Leave a Comment » | General | Permalink
Posted by unixnotes
/proc commands
March 15, 2006Find running kernel version:
cat /proc/version
How much RAM is installed:
ls -l /proc/kcore
Take file size and divide by 1024*1024
Leave a Comment » | General | Permalink
Posted by unixnotes
