Tag Archives: Unix

Linux_Logo_Photos

Test firewall with netcat

Overview

“The nc (or netcat) utility is used for just about anything under the sun involving TCP, UDP, or UNIX-domain sockets.
It can open TCP connections, send UDP packets, listen on arbitrary TCP and UDP ports, do port scanning, and deal with both IPv4 and IPv6. Unlike telnet nc scripts nicely, and separates error messages onto standard error instead of sending them to standard output, as telnet does with some.” (NetCat Manual)

You can use netcat to listen on any available port and connect to it from a remote client, this way you can test that the firewall actually allows you to pass.

netcat installation

On CentOS you just need to use:

yum install nc -y

Test firewall with netcat

netcat server

Run netcat server on port 12345:

nc -v -l 12345

You should receive a blank line.
During connection you will see “Connection from 10.0.0.2 port 6666 [tcp/ircu-2] accepted” and whatever you write on the server will appear on the client.

netcat client

Connect to port 12345 on a remote server 10.0.0.1:

nc 10.0.0.1 12345

You should receive a blank line and whatever you write on the client will appear on the server.

netcat man page

Enjoy!

Linux_Logo_Photos

chmod suid sgid sticky bit

Overview

Linux chmod has a few options that can make your life a lot easier when managing a shared storage.
The most needed are chmod suid sgid sticky bit.
Also the impact of each one is different between files and folders.

chmod suid sgid sticky bit

SetUID and SetGID

SUID (SetUID) and SGID (SetGID) has different affects when used on files or on folders.

suid and sgid on files

When suid is set on an executable that means the file will run with the owner user permissions when run by a different user.
When used you will have the letter ‘S’ specified in the files permissions.
When you will have a lower-case ‘s’ that means it hides the permission ‘x’ of user so it means ‘t+x”

Apply SUID on ‘run.sh’:

chmod u+s run.sh

Apply SUID with 777:

chmod 4777 run.sh

Output SUID with 777:

-rwsrwxrwx.

Output SUID with 677:

drwSrwxrwx.

When sgid is set on an executable that means the file will run with the owner groups permissions when run by a different user.
When used you will have the letter ‘S’ specified in the files permissions.
When you will have a lower-case ‘s’ that means it hides the permission ‘x’ of group so it means ‘t+x”

Apply SGID on ‘run.sh’:

chmod g+s run.sh

Apply SGID with 777:

chmod 2777 run.sh

Output SGID with 777:

-rwxrwsrwx.

Output SGID with 767:

drwxrwSrwx.

suid and sgid on folders

suid and sgid on folders means inherit permissions for newly created files.
sgid will set the owner group permission of all new files the same as folders owner group.

Linux ignores the suid permission on folders.

Sticky-Bit

“When the sticky bit is set, only the item’s owner, the directory’s owner, or the superuser can rename or delete files.” (Wikipedia)

Sticky_bit is mostly applied to folders, it has a few uses on files but that not in the scope of this tutorial.

When used you will have the letter ‘T’ specified in the folders permissions.
When you will have a lower-case ‘t’ that means it hides the permission ‘x’ of others so it means ‘t+x”

Output sticky bit with 777:

drwxrwxrwt.

Output sticky bit with 776:

drwxrwxrwT.

Apply sticky bit to ‘/folder’:

chmod +t /folder

Apply sticky bit with 777:

chmod 1777 /folder

Enjoy!

bash

tr vs sed – String manipulation commands in Linux/Unix

Overview

tr and sed are very powerful stream and character manipulation commands, Each has its own advantage with string manipulation.
tr vs sed - String manipulation commands in Linux/Unix
 

tr vs sed usage and examples

Replace “hi” with “bye”

echo "hi hi" | sed 's/hi/bye/g'
output: bye bye

echo "hi hi" | tr 'hi' 'bye'
output: by by

While sed can replace strings tr can only replace characters,
so with complete string replacement sed is the way to go.
 
Replace “good” with “bad”
echo "good good" | sed 's/good/bad/g'
output: bad bad

echo "good good" | tr 'good' 'bad'
output: bddd bddd

tr is more like a mapping command, it’s like a set of rules:
The char “g=b”, the char “o=a”,”o=d” the last one will be the active one “o=d”.
 
Change ‘ ‘ to a new line:
echo "line1 line2" | tr ' ' '\n'
output:
line1
line1

echo "line1 line2" |sed -e 's/\s\s*/\n/g'
output:
line1
line1

 
As you can see tr is a lot easier for this job.
 
 
Enjoy.
bash

Linux fg bg commands usage and examples

Overview

Linux fg bg commands usage and examples using CTRL-Z and jobs command.
Move a process between background and foreground modes with paused and running states.

Usage and examples

Pause a process

When running a process you can use CTRL-Z to pause the process and free the current shell instance:
Linux fg bg commands ctrl-z-stop

Linux jobs command

To view the stopped jobs use the jobs command:

jobs

You should receive something like this (Job number, Status, Command):
[1]+  Stopped                 ls --color=auto -l --color=auto -lla -R /

Run a process in the background

You can start a process in the background from the start using an ‘&’ mark at the end of the command:

cp /source /destination &

linux fg bg commands

To move a job to the foreground execution (for example job 1):

fg 1

To move a job to the background execution (for example job 1):
bg 1

Kill paused jobs

To kill a paused job you can use the kill command followed by the job number (for example job 1):

kill %1

Enjoy

configure apache

Apache VPS Optimization

Apache VPS Optimization – Memory Usage Tuning

I’ve recently had the need to optimize my VPS plan so it won’t consume that much memory.
The main culprit was Apache with more then a few processes using over 50MB.

Continue reading

bash

Load Balancing SSH Connections using Pen on CentOS Linux

Overview

Load Balancing SSH Connections using Pen, a load balancer for “simple” tcp based protocols such as http or smtp.
It allows several servers to appear as one to the outside and automatically detects servers that are down and distributes clients among the available servers. This gives high availability and scalable performance.

Continue reading

bash

Load balancing Remote Desktop Services using Pen

Overview

Load balancing Remote Desktop Services using Pen, a load balancer for “simple” tcp based protocols such as http or smtp.
It allows several servers to appear as one to the outside and automatically detects servers that are down and distributes clients among the available servers. This gives high availability and scalable performance.

Continue reading

netapp

Move Volume to another Aggregate on NetAPP OnTAP 8

Overview

In this tutorial we will be using NetAPP FAS3210 to demonstrate How to Move Volume to another Aggregate on NetAPP OnTAP 8.

Continue reading

PuTTY

PuTTY Configuration Tips with SSH Connection

Overview

You can find here a few PuTTY Configuration Tips that will save you a lot of time using SSH.
PuTTY is a free and open source terminal emulator application.

Continue reading

PuTTY

Remote Desktop over SSH using PuTTY

Overview

Connecting to a SSH server as a gateway and not directly to a Remote Desktop PC is a safer way to connect and add another layer of encryption without losing performance,
this way you can connect to any client behind a firewall as long as you have port 22 open to your SSH server.
Using Windows Remote Desktop over SSH connection is a very simple task to perform using PuTTY.

tunnel-overview

Continue reading

bitvise

Remote Desktop over SSH using Tunnelier

Overview

Bitvise Tunnelier makes it easier to Use Windows Remote Desktop over SSH connection.
Connecting to a Secure Shell server as a gateway and not directly to a windows PC, is a safer way to connect and add another layer of encryption.
This way you can connect to any client behind a firewall as long as you have port 22 open to your SSH server.

Continue reading

crontab

Schedule tasks on Linux using Cron

Overview

Cron is the time-based job scheduler in Unix-like computer operating systems.
Cron enables users to schedule jobs (commands or shell scripts) to run periodically at certain times or dates.
It is commonly used to automate system maintenance or administration, though its general-purpose nature means that it can be used for other purposes.

using Cron

Continue reading