DoS Detect and Block
netstat -antlp | grep :80 | grep -v TIME_WAIT | awk '{print $5}' | awk -F : '{print $1}' | sort | uniq -c | sort -n | tail -n15
Large number of these connections from numerous sources are indicative of a denial of service attack. To remedy this, the following will place all sources identified into your software firewall:
for i in `netstat -antlp | grep :80 | grep -v TIME_WAIT | awk '{print $5}' | awk -F : '{print $1}' | sort | uniq -c | sort -n | tail -n15 | awk '{print $2}'` ; do iptables -A INPUT -s $i -j DROP ; done
Plesk Mail reciept
This command syntax evaluates the Plesk maillogs and gives an account of the domains recieveing the most mail
cat /usr/local/psa/var/log/maillog | grep -o 'to=.*@.*' | sed 's/to=.*@//' | sort | uniq -c | sort -rn | head
Software RAID
Establishing software RAID is done through the use of ‘mdadm’ via the CLI
mdadm -C ‘RAID dev’ -l ‘level’ -n ’#of disks/partitions’
Here is an example designating device /dev/md0 set to RAID 1 amongst the partitions /dev/sda5 and /dev/sda6mdadm --create /dev/md0 -l 1 -n 2 /dev/sda5 /dev/sda6
once done you can check the status in real time with
cat /proc/mdstat
[root@server1]# cat /proc/mdstat%
personalities : {raid1} md0 : active raid1
Once the RAID is active, it requires a file system and label. Create a file system and label on the new container with the following syntax
[root@server1]#mke2fs -j /dev/md0 -L raid1
Next, get the device mounted and available upon the next server reboot with
[root@server1]_tail -i /etc/mtab >> /etc/fstab
This will add to the /etc/fstab file or manually edit /etc/fstab with something similar to
/dev/md0 /mnt ext3 rw 0 0
The following command sequence using ‘mdadm’ fails drive in the array-
mdadm /dev/md0 -f /dev/sda5
removes failed drive
[root@server1]#mdadm /dev/md0 -r /dev/sda5
re adds failed drive
mdadm /dev/md0 -a /dev/sda5
mdadm—detail
FDISK RAID example
fdisk /dev/sda n
create extended
select all sizes n
once the partitions are written, ‘partprobe’
(ex. device creation in /dev/) mknod sda6 b 8 6
mdadm _X
DONT forget to issue ‘partprobe’ after fdisk
mdadm -C /dev/md1 -l 5 -n 3 -x 1 /dev/sda{7.8.9.10}
n is the number of components -x spare components
then fail a drive with
mdadm /dev/md1 -f /dev/sda7watch -i /cat/proc/mdstat to see the failure
Quota Primer
Enabling file system quotas can be completed in a few steps.
| 1. | add to /etc/fstab usrquota or grpquota |
After the changes to fstab, you will have to remount the partition
| 2. | mount -o remount / |
Next generate the quota files
| 3. | quotacheck -cg / -compile a database of usage statistics on the FS for users, -u can also be used for users |
Turn quota on
| 4. | quotaon / (quota on -ap show all status on) |
Use ‘repquota’ to review a report of usage
| 5. | repquota -a all partitions’ -ag for group |
| 6. | edquota ‘user’ |
soft limit governs grace period hard limit is a strict policy
edquota -t this will permit you to modify the block and inode grace period for soft limits (typically one block is one kilobyte)
Shell Enviornment
This table represents the order in which shell attributes are inherited
| /etc/skel | default template for a new added users home directory |
| /etc/profile | sets environmental variables used by all users |
| /etc/profile.d | contains scripts specific to certain RPMS |
| /etc/bashrc | contains global aliass and system settings |
| ~/.bash_profile | contains user environement settings and can be set to auto start programs at login |
| ~/.bashrc | contains user aliases and functions |