Category: Administration / Server

GNU Linux -> undelete ext3 vs ext4
06.07.2017

Q0: Someone accidentally deleted files on an ext3 partition? Yes -> Q2: You have a working backup of some sort? No -> POWEROFF your PC / Laptop / Server IMMEDIATELY or remount the affected partition read only and get access to […]

06.07.2017

can be easily checked via: root@debian9:~# cat /proc/filesystems nodev sysfs nodev rootfs nodev ramfs nodev bdev nodev proc nodev cpuset nodev cgroup nodev cgroup2 nodev tmpfs nodev devtmpfs nodev debugfs nodev tracefs nodev securityfs nodev sockfs nodev bpf nodev pipefs […]

03.07.2017

strace from the strace.man.txt manpage. trace system calls and signals In the simplest case strace runs the specified command until it exits. It intercepts and records the system calls which are called by a process and the signals which are […]

centos redhat compiling the latest kernel
30.06.2017

this also worked under debian9 stretch… it now also works for Centos7/Redhat. in this example i try to compile the latest kernel from kernel.org on CentOS7 it compiles… and boots up… hit ESC or other keys to see the verbose […]

Linux Kernel – Security Updates
27.06.2017

latest kernel related security problems can be found here… -> https://tracker.debian.org/pkg/linux newsletter subsribe: https://tracker.debian.org/accounts/login/ also https://anonscm.debian.org/cgit/kernel/linux.git http://www.securityfocus.com/ http://www.securityfocus.com/cgi-bin/index.cgi?c=11&op=display_threads&ListID=1&limit=30&offset=0&date=2017-06-20&mode=threaded https://cve.mitre.org/index.html https://twitter.com/CVEnew/ https://wiki.debian.org/DebianKernel

27.06.2017

to be honest… i find all of those meassurement tools too complicated to install. they probably all have their validity – but why not simply do it like this: given that you have a webserver installed and the web-root is […]

akamai state of the internet quarterly report
23.06.2017

https://www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/ https://www.akamai.com/us/en/about/news/press/2017-press/akamai-releases-first-quarter-2017-state-of-the-internet-connectivity-report.jsp security Q1 2017: https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q1-2017-state-of-the-internet-security-report.pdf connectivity: Q4 2016 https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q4-2016-state-of-the-internet-connectivity-report.pdf https://www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/state-of-the-internet-connectivity-visualization.jsp

20.06.2017

per default debian is not configured to forward traffic. on server/router/gateway: ping yahoo.de; # make sure internet connection works ifconfig eth0:0 192.168.1.1 netmask 255.255.255.0 up; # add additional ip vim /etc/sysctl.conf # Uncomment the next line to enable packet forwarding […]

20.06.2017

with tcpdump you can monitor IP packages, UDP packages, ICMP (ping). zypper install tcpdump; # comes preinstalled in suse12 apt-get install tcpdump; # debian8 yum install tcpdump; # centos7 redhat tcpdump -i eth0 tcpdump -vnni eth0; # very verbose root@Debian8:~# […]

20.06.2017

show the ARP cache every network interface card (NIC)/LAN network card has a unique-as-possible vendor-asigned MAC address in the format 00:15:5d:00:07:08 this address is changeable like this: ip link set dev eth0 down; ip link set dev eth0 address 00:15:5d:00:07:09; […]

20.06.2017

simple but usefull – you have the ip address of an computer in your local LAN – but you don’t know it’s computername. for internet-usage the host command is usefull because it shows – if a website is reachable by […]

IPv4 CIDR Subnet Mask Notation
19.06.2017

IPv4 CIDR Subnet Mask Notation The CIDR number comes from the number of 1’s in the subnet mask when converted to binary. The common subnet mask 255.255.255.0 is 11111111.11111111.11111111.00000000 in binary. This adds up to 24 1’s, or /24 (pronounced […]

19.06.2017

https://www.ietf.org/rfc/rfc2460.txt (December 1998) Network Working Group, S. Deering (Cisco), R. Hinden (Nokia) https://en.wikipedia.org/wiki/IPv6 larger address space (128 bits, compared with 32 bits in IPv4, allowing 2^128 = 340.282.366.920.938.463.463.374.607.431.770.000.000 devices(addresses) to be registered, while IPv4 allowed only 2^32 = 4.294.967.296 devices […]

19.06.2017

IPv6: Goodbye to broadcast, say hello to Multicast » IPv6 while broadcast sends the traffic to all computers in the network – multicast follows a „subscribe to service“ model. broadcast -> a computer using ARP sends a packet to FF:FF:FF:FF:FF:FF […]

system logging – log files – rsyslog rsyslogd
12.06.2017

TOS-based systems (Atari ST) used a row of bombs to indicate a critical system error. Number of bombs displayed revealed information about the error. The error (also called an exception) is reported by the Motorola 68000 microprocessor. The very first […]

top10 most used mail servers – segfault exim4
10.06.2017

a hacked e-mail account is a catastrophe – look at Hillary. telnet dwaves.de 25; # a simple telnet tells you that this server is running Trying 78.46.249.71… Connected to dwaves.de. Escape character is ‚^]‘. 220 dwaves.de ESMTP Exim 4.XX_X Tue, […]

09.06.2017

in general programs = processes = tasks = job less is more (security) run as little software as you absolutely need – uninstall/disable all services you don’t need. less software = less lines of mistaken code = less security flaws. […]

08.06.2017

client /etc/ssh/ssh_config is for client side config – here you can for example enable StrictHostKeyChecking yes /etc/ssh/ssh_known_hosts similar to ~/.ssh/known_hosts it contains the system-wide-accepted public keys of other hosts. So if you have „StrictHostKeyChecking yes“ enabled, you could manually accept […]

cool stuff you can do with ssh
07.06.2017

i assume you have setup public-private-key-authentication and tested its workings. run local scripts remotely You can run local scripts remotely by executing bash on the remote system and feeding it your script ssh user@host ‚bash -s‘ < script.s sftp kick […]