When it comes to tcpdump most admins fall into two categories; they either know tcpdump and all of its flags like the back of their hand, or they kind of know it but need to use a reference for anything outside of the basic usage. The reason for this is because tcpdump is a pretty advanced command and it is pretty easy to get into the depths of how networking works when using it.
Lately I've been working on a lot of automation and monitoring projects, a big part of these projects are taking existing scripts and modifying them to be useful for automation and monitoring tools. One thing I have noticed is sometimes scripts use exit codes and sometimes they don't. It seems like exit codes are easy for poeple to forget, but they are an incredibly important part of any script. Especially if that script is used for the command line.
When I was first got started with administrating Linux and Unix servers I was working in an environment where there were tons of adhoc scripts that other admins wrote. From time to time I would find myself troubleshooting why one of those scripts suddenly stopped working. Sometimes the scripts would be well written and easy to understand, other times they were clunky and confusing.
While troubleshooting the poorly written scripts was always a hassle at the time, it taught me an important lesson.
Before the advent of a distributed domain name system; networked computers used local files to map hostnames to IP addresses. On Unix systems this file was named /etc/hosts or “the hosts file”. In those days, networks were small and managing a file with a handful of hosts was easy. However as the networks grew so did the methods of mapping hostnames and IP addresses.
In modern days with the internet totaling at somewhere around 246 million domain names (as of 2012) the hosts file has been replaced with a more scalable distributed DNS service.
A few weeks back I wrote an article Getting started with SaltStack; that article covered Configuration and Package Automation with Saltstack. In Today's article I am going to cover SaltStack's Remote Execution abilities, a feature that I feel Saltstack has implemented better than other automation tools.
Running a command in a State If you remember from the previous article SaltStack's states are permanent configurations. Adding a command in a Salt state is used when you want to have a command that is run after provisioning a server, run every time Salt manages the state of the system or run when certain conditions are true.
Nice is a command in Unix and Linux operating systems that allows for the adjustment of the “Niceness” value of processes. Adjusting the “niceness” value of processes allows for setting an advised CPU priority that the kernel's scheduler will use to determine which processes get more or less CPU time. In Linux this niceness value can be ignored by the scheduler, however other Unix implementations can treat this differently.
Being able to adjust the niceness value comes in handy in two scenarios usually.
Normally on this blog I tend to write about more complicated tasks or fancy Linux tricks and completely overlook some of the most basic tasks that a SysAdmin needs to know. Today I have decided that I will make my blog a little more comprehensive and add some posts with some of the basics.
Along with this I will be starting a new category, called Sysadmin Basics and I will try to post an additional article each week that covers some of the more basic concepts and commands used by Linux and Unix Sysadmins.
Recently I was compiling a list of Linux commands that every sysadmin should know. One of the first commands that came to mind was nmap.
nmap is a powerful network scanner used to identify systems and services. nmap was originally developed with network security in mind, it is a tool that was designed to find vulnerabilities within a network. nmap is more than just a simple port scanner though, you can use nmap to find specific versions of services, certain OS types, or even find that pesky printer someone put on your network without telling you.
In a world where the Anonymous group is petitioning the US Government to make DDoS attacks a legal means of protest; For internet facing systems the threat of Denial of Service attacks are very real.
The cold harsh reality of DoS attacks are that there is no way to stop them. While there are services out there that are designed to take the brunt of the attack for you these costs a significant amount of money (update: CloudFlare seems pretty decent).
The cut command is a Unix/Linux tool used to literally cut text from files and output from other commands. With the cut command a user can take text and output only certain parts of the line.
In my opinion cut is the most under recognized and utilized command in Linux/Unix. This is mostly due to the fact that when most Sysadmins want to cut text from files or standard output many will reach for AWK.