Featured »

January 27, 2019 – 5:29 pm

For some reason I haven’t used zip much on Linux, sticking to the standard tar/gzip combo. But zip seems to be a viable alternative. While not as space-efficient, it is definitely faster; syntax is simple; …

Read the full story »
Networking

Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.

Applications

Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.

Data

Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.

Monitoring

Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Archive by Category

Articles in Networking

Inventory Network Services with Nmap

January 14, 2019 – 4:32 pm
dg7fhku552hsa11yayxb6voyf3i

With the growing number of network-enabled devices in your home, meaningful security becomes elusive. The first step to addressing the situation is knowing what you have. A few examples below use the nmap utility to scan your local network and detect active devices and services.

Verify Network Port Access

August 8, 2018 – 4:15 pm
q5yhi1e570yliip0lf9srnrm6jh

There are several tools you can use to verify access to a remote network port: nc, tcping, telnet. Unfortunately, nc from the netcat package has been replaced by the one from nmap, which lacks the -z option, making …

Detect SSL Certificate Injection

February 21, 2018 – 3:05 pm
spy

When the SSL Digital Certificate is intercepted and replaced by a device between your browser and the Web site, we call it certificate injection. This method is more commonly used not by hackers, but by …

Extracting Email Addresses from TCP Streams

December 5, 2017 – 7:06 pm
shell

Here’s a quick example of using tshark to extract email addresses from TCP streams. Let’s say some application on your server is sending emails and you want to find out who is receiving those emails.

Occupy Subnet

December 1, 2017 – 2:15 pm
DSC_6214 copy copy

The script below (tested on RHEL 7) will use arp-scan to identify unused IPs on your subnet and configure virtual interfaces attached to your primary NIC to take over every available IP. 

Using IPTables to Allow Access to Private Networks

June 22, 2017 – 9:46 am
network_cable_01

Below is a quick example of how to use iptables to allow port access for all types of private networks. In this case we’re allowing access to ports 10000 and 20000, commonly used by webmin and usermin.

Sun T-Series ILOM and Solaris 11 Network Configuration

February 20, 2017 – 11:16 am
HP-Greets-IBM-2

Just some quick notes on setting up Oracle Sun T-series server ILOM and network aggregation with LACP. I don’t get to do this very often, so every time it’s a struggle to remember, with much …

Verify Network Port Access

December 27, 2016 – 1:06 pm
shell_0006

There are several tools you can use to verify access to a remote network port: nc, tcping, telnet. Unfortunately, nc from the netcat package has been replaced by the one from nmap, which lacks the -z option, making …

Tracking Emails in Postfix Logs

October 27, 2016 – 6:02 pm
postfix_logo

Depending on your Postfix configuration, the same email may cycle through the postfix queue several times, changing it’s queue ID and making it difficult to track. For example, if you have Amavis configured for spam and …

Socket Statistics ss Command

July 11, 2016 – 8:10 pm
network_005

This is a small collection of useful ss (written by Alexey Kuznetsov of the Russian Nuclear Research Institute) syntax examples that go beyond the basics covered by other sources. Here’s one I use often: it shows established connections to …

Fixing NIC Name in Cloned VMWare Linux Machines

June 28, 2016 – 12:32 pm
network switch

A suspected bug with certain versions of VMware ESX causes cloned Linux VMs to obtain a sequentially-number NIC. For example, if the parent VM had eth0, the clone will have eth1, and the clone of …

Show NIC Bandwidth Utilization

January 15, 2016 – 12:43 am
network switch

Just a quick script that will measure bandwidth utilization in KB/s for all NICs on your server over the specified period of time. You can call the script with an optional time wait parameter in seconds.

Tracking Network Connections Over Time

January 13, 2016 – 3:31 pm
network_cable_01

Firewall changes, datacenter migrations, application re-hostings, server decommissions are just some of the activities where having a record of network connections over time can help avoid confusion and unplanned downtime. To capture all network connections, …

Linux CLI Network Speed Test

September 1, 2015 – 12:36 am
network switch

The speedtest.net is probably one of the more popular bandwidth testing utilities, Unfortunately, this and many other similar tools require a Web browser with late-version Flash or Java support, which can be problematic on Unix …

Find Available IP Addresses

June 18, 2015 – 10:58 am
shell_0005

After a while, available IP addresses on the subnet may become hard to come by. Whatever spreadsheet you used to track IP allocations is likely out of date. Here’s a simple script that will scan …

Practical TShark Capture Filters

June 12, 2015 – 9:30 am
ethernet cables

The tshark is the command-line interface for Wireshark – a popular open-source network packet analyzer. A seemingly infinite variety of options make tshark an unlikely choice for casual use. Nevertheless, the power of CLI justifies the extra …

Detecting Synology NAS with nmap

May 29, 2015 – 3:07 pm
computer_security_it_privacy_0002

Just a quick note for myself on how to find Synology NAS servers on the network without having to use the bulky Windows utility that ships with these systems.

Fail2ban Whitelist IPs

December 2, 2014 – 9:16 pm
OLYMPUS DIGITAL CAMERA

Fail2ban is an excellent security tool that will do a good job safeguarding your server. However, using fail2ban you may run into two issues: friendly fire and inability to permanently ban hostile networks. I already …

Identifying Available IPs on the Network

December 2, 2014 – 2:31 pm
ping_pong-wallpaper-960x600

At some point available IPs on your network may become few and hard to come by. Documentation becomes outdated and does not accurately reflect which IPs are still in use. A good starting point would …

Permanently Ban IP with Fail2Ban

June 9, 2014 – 12:12 am
video security camera

If you’re not familiar with Fail2Ban: it’s a log analysis tool that detects failed login attempts for your SSH, FTP, etc services and uses IPTools firewall to temporarily drop connection requests from the offending IP addresses. …

Configure Anonymous FTP on Solaris 10

August 25, 2013 – 2:30 pm
logo_sun

Below are basic steps for configuring anonymous FTP service on Solaris 10. Use with caution.

Enable Basic FTP Server on Solaris 10

August 22, 2013 – 2:22 pm
solaris-logo

Here are a few simple steps to enable a basic FTP server on Solaris 10.