Linux Microsoft VMware

Wednesday, September 5, 2012

Basic of Shell Script


What Is a Shell?


Ø       The shell is a user program or it is an environment provided for user interaction.
Ø       It is a command language interpreter that executes commands read from the standard input device such as keyboard or from a file.
Ø       The shell gets started when you log in or open a console (terminal).
Ø       Quick and dirty way to execute utilities.
Ø       The shell is not part of system kernel, but uses the system kernel to execute programs, create files etc.
Ø       Several shells are available for Linux including:
Ø       BASH ( Bourne-Again SHell ) - Most common shell in Linux. It's Open Source.
Ø       CSH (C SHell) - The C shell's syntax and usage are very similar to the C programming language.
Ø       KSH (Korn SHell) - Created by David Korn at AT & T Bell Labs. The Korn Shell also was the base for the POSIX Shell standard specifications.
Ø       TCSH - It is an enhanced but completely compatible version of the Berkeley UNIX C shell (CSH).
Please note that each shell does the same job, but each understands different command syntax and provides different built-in functions. Under MS-DOS, the shell name is COMMAND.COM which is also used for the same purpose, but it is by far not as powerful as our Linux Shells are!

Posted by 0 comments
Read More

Linux log files location and how do I view logs files?


Q. I am new to Linux and I would like to know where are the log files located under Debian or Cento OS Linux server? How do I open or view log files?

Ans. Almost all logfiles are located under /var/log directory (and subdirectory). You can change to this directory using cd command but you need to be the root user. You can use less, more, cat or tail command to see the logs.

Go to /var/logs directory:

Posted by 0 comments
Read More

How do I rotate log files?


Q. How do I rotate log files under Linux operating system?

A. You need use tool called logrotate, which is designed to ease administration of systems that generate large numbers of log files. It allows automatic rotation, compression, removal, and mailing of log files.

Each log file may be handled daily, weekly, monthly, or when it grows too large. With this tool you keep logs longer with less disk space.

Default configuration file

The default configuration file is /etc/logrotate.conf:

Posted by 0 comments
Read More

Redhat Enterprise Linux 5 / CentOS 5 monitor and track TCP connections on the network


Q. How do I track and monitor connection for eth1 public network interface under Redhat Enterprise Linux (RHEL) 5 server?

Ans.You can use netstat command or tcptrack command. Both command can show established TCP connection and provides the ability to monitor the same.

Posted by 0 comments
Read More

BASIC LDAP CONFIGURATION For RHEL / Centos / Fedora


INTRO: LDAP stands for Lightweight Directory Access Protocol. It is used as centralized data (or Directory) server (not database server) for various purposes.

There is a difference between Directory server and a Database server.
In Directory server the data is read more frequently than it is written.
In Database server the data is written more frequently than it is read.

Here we shall see how LDAP is used for creating centralized users (Network users).
The Network Users can also be configured using NIS (Network Information Service).

SUPPORTIVE SERVICES:

Configuration of NFS is required at server and client end. NFS plays the backbone for LDAP as it provides the Directory throughout the network.

Without NFS configuration of LDAP does not work.

Posted by 0 comments
Read More

Monday, September 3, 2012

Linux: Iptables Examples For New SysAdmins Part -->3


Before see this post please read my previous post (Linux: Iptables Examples For New SysAdmins Part -->2)


#12: Log and Drop Packets

 

Type the following to log and block IP spoofing on public interface called eth1

# iptables -A INPUT -i eth1 -s 10.0.0.0/8 -j LOG --log-prefix "IP_SPOOF A:

# iptables -A INPUT -i eth1 -s 10.0.0.0/8 -j DROP

Posted by 0 comments
Read More

Linux: Iptables Examples For New SysAdmins Part -->2


Before see this post please read my previous post (Linux: Iptables Examples For New SysAdmins Part -->1)

#3: Delete Firewall Rules

To display line number along with other information for existing rules, enter:

# iptables -L INPUT  -n --line-numbers
# iptables -L OUTPUT -n --line-numbers
# iptables -L OUTPUT -n --line-numbers | less
# iptables -L OUTPUT -n --line-numbers | grep 192.0.43.10

Posted by 0 comments
Read More

Linux: Iptables Examples For New SysAdmins Part -->1


Linux comes with a host based firewall called Netfilter. According to the official project site:
netfilter is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the network stack.
This Linux based firewall is controlled by the program called iptables to handles filtering for IPv4, and ip6tables handles filtering for IPv6. I strongly recommend that you first read our quick tutorial thatexplains how to configure a host-based firewall called Netfilter (iptables) under CentOS / RHEL / Fedora / Redhat Enterprise Linux. This post list most common iptables solutions required by a new Linux user to secure his or her Linux operating system from intruders.

Posted by 0 comments
Read More

Redhat / CentOS Iptables Firewall Configuration


H
ow do I configure a host-based firewall called Netfilter (iptables) under CentOS / RHEL / Fedora / Redhat Enterprise Linux?
Icon reference for Firewall


Netfilter is a host-based firewall for Linux operating systems. It is included as part of the Linux distribution and it is activated by default. This firewall is controlled by the program called iptables. Netfilter filtering take place at the kernel level, before a program can even process the data from the network packet.

Posted by 0 comments
Read More

What is sysctl.conf in Linux


sysctl is an interface that allows you to make changes to a running Linux kernel. With /etc/sysctl.conf you can configure various Linux networking and system settings such as:
1.      Limit network-transmitted configuration for IPv4
2.      Limit network-transmitted configuration for IPv6
3.      Turn on execshield protection
4.      Prevent against the common 'syn flood attack'
5.      Turn on source IP address verification
6.      Prevents a cracker from using a spoofing attack against the IP address of the server.
7.      Logs several types of suspicious packets, such as spoofed packets, source-routed packets, and redirects.

sysctl command

The sysctl command is used to modify kernel parameters at runtime. /etc/sysctl.conf is a text file containing sysctl values to be read in and set by sysct at boot time. To view current values, enter:

# sysctl -a

# sysctl -A

# sysctl mib

# sysctl net.ipv4.conf.all.rp_filter

To load settings, enter:

# sysctl -p

Sample /etc/sysctl.conf

Edit /etc/sysctl.conf and update it as follows. The file is documented with comments. However, I recommend reading the official Linux kernel sysctl tuning help file (see below):
# The following is suitable for dedicated web server, mail, ftp server etc. 
# ---------------------------------------
# BOOLEAN Values:
# a) 0 (zero) - disabled / no / false
# b) Non zero - enabled / yes / true
# --------------------------------------
# Controls IP packet forwarding
net.ipv4.ip_forward = 0
 
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
 
# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0
 
# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0
 
# Controls whether core dumps will append the PID to the core filename
# Useful for debugging multi-threaded applications
kernel.core_uses_pid = 1
 
# Controls the use of TCP syncookies
#net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_synack_retries = 2
 
########## IPv4 networking start ##############
# Send redirects, if router, but this is just server
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
 
# Accept packets with SRR option? No
net.ipv4.conf.all.accept_source_route = 0
 
# Accept Redirects? No, this is not router
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0
 
# Log packets with impossible addresses to kernel log? yes
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.secure_redirects = 0
 
# Ignore all ICMP ECHO and TIMESTAMP requests sent to it via broadcast/multicast
net.ipv4.icmp_echo_ignore_broadcasts = 1
 
# Prevent against the common 'syn flood attack'
net.ipv4.tcp_syncookies = 1
 
# Enable source validation by reversed path, as specified in RFC1812
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
 
########## IPv6 networking start ##############
# Number of Router Solicitations to send until assuming no routers are present.
# This is host and not router
net.ipv6.conf.default.router_solicitations = 0
 
# Accept Router Preference in RA?
net.ipv6.conf.default.accept_ra_rtr_pref = 0
 
# Learn Prefix Information in Router Advertisement
net.ipv6.conf.default.accept_ra_pinfo = 0
 
# Setting controls whether the system will accept Hop Limit settings from a router advertisement
net.ipv6.conf.default.accept_ra_defrtr = 0
 
#router advertisements can cause the system to assign a global unicast address to an interface
net.ipv6.conf.default.autoconf = 0
 
#how many neighbor solicitations to send out per address?
net.ipv6.conf.default.dad_transmits = 0
 
# How many global unicast IPv6 addresses can be assigned to each interface?
net.ipv6.conf.default.max_addresses = 1
 
########## IPv6 networking ends ##############
 
#Enable ExecShield protection
kernel.exec-shield = 1
kernel.randomize_va_space = 1
 
# TCP and memory optimization 
# increase TCP max buffer size setable using setsockopt()
#net.ipv4.tcp_rmem = 4096 87380 8388608
#net.ipv4.tcp_wmem = 4096 87380 8388608
 
# increase Linux auto tuning TCP buffer limits
#net.core.rmem_max = 8388608
#net.core.wmem_max = 8388608
#net.core.netdev_max_backlog = 5000
#net.ipv4.tcp_window_scaling = 1
 
# increase system file descriptor limit    
fs.file-max = 65535
 
#Allow for more PIDs 
kernel.pid_max = 65536
 
#Increase system IP port limits
net.ipv4.ip_local_port_range = 2000 65000

Posted by 0 comments
Read More
Subscribe to: Posts (Atom)
Powered by Blogger.