Featured »

August 18, 2018 – 4:20 pm

In his new book “The Future of Work: Robotics, AI, and Automation”1, Darrell West of the Brookings Institution makes some very extravagant predictions. Here’s a short but entirely sufficient summary from the book’s presentation by …

Read the full story »

Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.


Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.


Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.


Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Archive by Category

Articles in Networking

Verify Network Port Access

August 8, 2018 – 4:15 pm

There are several tools you can use to verify access to a remote network port: nc, tcping, telnet. Unfortunately, nc from the netcat package has been replaced by the one from nmap, which lacks the -z option, making …

Detect SSL Certificate Injection

February 21, 2018 – 3:05 pm

When the SSL Digital Certificate is intercepted and replaced by a device between your browser and the Web site, we call it certificate injection. This method is more commonly used not by hackers, but by …

Extracting Email Addresses from TCP Streams

December 5, 2017 – 7:06 pm

Here’s a quick example of using tshark to extract email addresses from TCP streams. Let’s say some application on your server is sending emails and you want to find out who is receiving those emails.

Occupy Subnet

December 1, 2017 – 2:15 pm
DSC_6214 copy copy

The script below (tested on RHEL 7) will use arp-scan to identify unused IPs on your subnet and configure virtual interfaces attached to your primary NIC to take over every available IP. 

Using IPTables to Allow Access to Private Networks

June 22, 2017 – 9:46 am

Below is a quick example of how to use iptables to allow port access for all types of private networks. In this case we’re allowing access to ports 10000 and 20000, commonly used by webmin and usermin.

Sun T-Series ILOM and Solaris 11 Network Configuration

February 20, 2017 – 11:16 am

Just some quick notes on setting up Oracle Sun T-series server ILOM and network aggregation with LACP. I don’t get to do this very often, so every time it’s a struggle to remember, with much …

Verify Network Port Access

December 27, 2016 – 1:06 pm

There are several tools you can use to verify access to a remote network port: nc, tcping, telnet. Unfortunately, nc from the netcat package has been replaced by the one from nmap, which lacks the -z option, making …

Tracking Emails in Postfix Logs

October 27, 2016 – 6:02 pm

Depending on your Postfix configuration, the same email may cycle through the postfix queue several times, changing it’s queue ID and making it difficult to track. For example, if you have Amavis configured for spam and …

Socket Statistics ss Command

July 11, 2016 – 8:10 pm

This is a small collection of useful ss (written by Alexey Kuznetsov of the Russian Nuclear Research Institute) syntax examples that go beyond the basics covered by other sources. Here’s one I use often: it shows established connections to …

Fixing NIC Name in Cloned VMWare Linux Machines

June 28, 2016 – 12:32 pm
network switch

A suspected bug with certain versions of VMware ESX causes cloned Linux VMs to obtain a sequentially-number NIC. For example, if the parent VM had eth0, the clone will have eth1, and the clone of …

Show NIC Bandwidth Utilization

January 15, 2016 – 12:43 am
network switch

Just a quick script that will measure bandwidth utilization in KB/s for all NICs on your server over the specified period of time. You can call the script with an optional time wait parameter in seconds.

Tracking Network Connections Over Time

January 13, 2016 – 3:31 pm

Firewall changes, datacenter migrations, application re-hostings, server decommissions are just some of the activities where having a record of network connections over time can help avoid confusion and unplanned downtime. To capture all network connections, …

Linux CLI Network Speed Test

September 1, 2015 – 12:36 am
network switch

The speedtest.net is probably one of the more popular bandwidth testing utilities, Unfortunately, this and many other similar tools require a Web browser with late-version Flash or Java support, which can be problematic on Unix …

Find Available IP Addresses

June 18, 2015 – 10:58 am

After a while, available IP addresses on the subnet may become hard to come by. Whatever spreadsheet you used to track IP allocations is likely out of date. Here’s a simple script that will scan …

Practical TShark Capture Filters

June 12, 2015 – 9:30 am
ethernet cables

The tshark is the command-line interface for Wireshark – a popular open-source network packet analyzer. A seemingly infinite variety of options make tshark an unlikely choice for casual use. Nevertheless, the power of CLI justifies the extra …

Detecting Synology NAS with nmap

May 29, 2015 – 3:07 pm

Just a quick note for myself on how to find Synology NAS servers on the network without having to use the bulky Windows utility that ships with these systems.

Fail2ban Whitelist IPs

December 2, 2014 – 9:16 pm

Fail2ban is an excellent security tool that will do a good job safeguarding your server. However, using fail2ban you may run into two issues: friendly fire and inability to permanently ban hostile networks. I already …

Identifying Available IPs on the Network

December 2, 2014 – 2:31 pm

At some point available IPs on your network may become few and hard to come by. Documentation becomes outdated and does not accurately reflect which IPs are still in use. A good starting point would …

Permanently Ban IP with Fail2Ban

June 9, 2014 – 12:12 am
video security camera

If you’re not familiar with Fail2Ban: it’s a log analysis tool that detects failed login attempts for your SSH, FTP, etc services and uses IPTools firewall to temporarily drop connection requests from the offending IP addresses. …

Configure Anonymous FTP on Solaris 10

August 25, 2013 – 2:30 pm

Below are basic steps for configuring anonymous FTP service on Solaris 10. Use with caution.

Enable Basic FTP Server on Solaris 10

August 22, 2013 – 2:22 pm

Here are a few simple steps to enable a basic FTP server on Solaris 10.

Simple Network Discovery

August 21, 2013 – 11:38 am

The bash script below will scan the specified IP range and use dig and nmap to try to determine the fully-qualified domain name, type and the operating environment of any device that responds to network …