Featured »

August 18, 2018 – 4:20 pm

In his new book “The Future of Work: Robotics, AI, and Automation”1, Darrell West of the Brookings Institution makes some very extravagant predictions. Here’s a short but entirely sufficient summary from the book’s presentation by …

Read the full story »
Networking

Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.

Applications

Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.

Data

Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.

Monitoring

Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Archive by Category

Articles in Networking

Verify Network Port Access

August 8, 2018 – 4:15 pm
q5yhi1e570yliip0lf9srnrm6jh

There are several tools you can use to verify access to a remote network port: nc, tcping, telnet. Unfortunately, nc from the netcat package has been replaced by the one from nmap, which lacks the -z option, making …

Detect SSL Certificate Injection

February 21, 2018 – 3:05 pm
spy

When the SSL Digital Certificate is intercepted and replaced by a device between your browser and the Web site, we call it certificate injection. This method is more commonly used not by hackers, but by …

Extracting Email Addresses from TCP Streams

December 5, 2017 – 7:06 pm
shell

Here’s a quick example of using tshark to extract email addresses from TCP streams. Let’s say some application on your server is sending emails and you want to find out who is receiving those emails.

Occupy Subnet

December 1, 2017 – 2:15 pm
DSC_6214 copy copy

The script below (tested on RHEL 7) will use arp-scan to identify unused IPs on your subnet and configure virtual interfaces attached to your primary NIC to take over every available IP. 

Using IPTables to Allow Access to Private Networks

June 22, 2017 – 9:46 am
network_cable_01

Below is a quick example of how to use iptables to allow port access for all types of private networks. In this case we’re allowing access to ports 10000 and 20000, commonly used by webmin and usermin.

Sun T-Series ILOM and Solaris 11 Network Configuration

February 20, 2017 – 11:16 am
HP-Greets-IBM-2

Just some quick notes on setting up Oracle Sun T-series server ILOM and network aggregation with LACP. I don’t get to do this very often, so every time it’s a struggle to remember, with much …

Verify Network Port Access

December 27, 2016 – 1:06 pm
shell_0006

There are several tools you can use to verify access to a remote network port: nc, tcping, telnet. Unfortunately, nc from the netcat package has been replaced by the one from nmap, which lacks the -z option, making …

Tracking Emails in Postfix Logs

October 27, 2016 – 6:02 pm
postfix_logo

Depending on your Postfix configuration, the same email may cycle through the postfix queue several times, changing it’s queue ID and making it difficult to track. For example, if you have Amavis configured for spam and …

Socket Statistics ss Command

July 11, 2016 – 8:10 pm
network_005

This is a small collection of useful ss (written by Alexey Kuznetsov of the Russian Nuclear Research Institute) syntax examples that go beyond the basics covered by other sources. Here’s one I use often: it shows established connections to …

Fixing NIC Name in Cloned VMWare Linux Machines

June 28, 2016 – 12:32 pm
network switch

A suspected bug with certain versions of VMware ESX causes cloned Linux VMs to obtain a sequentially-number NIC. For example, if the parent VM had eth0, the clone will have eth1, and the clone of …

Show NIC Bandwidth Utilization

January 15, 2016 – 12:43 am
network switch

Just a quick script that will measure bandwidth utilization in KB/s for all NICs on your server over the specified period of time. You can call the script with an optional time wait parameter in seconds.

Tracking Network Connections Over Time

January 13, 2016 – 3:31 pm
network_cable_01

Firewall changes, datacenter migrations, application re-hostings, server decommissions are just some of the activities where having a record of network connections over time can help avoid confusion and unplanned downtime. To capture all network connections, …

Linux CLI Network Speed Test

September 1, 2015 – 12:36 am
network switch

The speedtest.net is probably one of the more popular bandwidth testing utilities, Unfortunately, this and many other similar tools require a Web browser with late-version Flash or Java support, which can be problematic on Unix …

Find Available IP Addresses

June 18, 2015 – 10:58 am
shell_0005

After a while, available IP addresses on the subnet may become hard to come by. Whatever spreadsheet you used to track IP allocations is likely out of date. Here’s a simple script that will scan …

Practical TShark Capture Filters

June 12, 2015 – 9:30 am
ethernet cables

The tshark is the command-line interface for Wireshark – a popular open-source network packet analyzer. A seemingly infinite variety of options make tshark an unlikely choice for casual use. Nevertheless, the power of CLI justifies the extra …

Detecting Synology NAS with nmap

May 29, 2015 – 3:07 pm
computer_security_it_privacy_0002

Just a quick note for myself on how to find Synology NAS servers on the network without having to use the bulky Windows utility that ships with these systems.

Fail2ban Whitelist IPs

December 2, 2014 – 9:16 pm
OLYMPUS DIGITAL CAMERA

Fail2ban is an excellent security tool that will do a good job safeguarding your server. However, using fail2ban you may run into two issues: friendly fire and inability to permanently ban hostile networks. I already …

Identifying Available IPs on the Network

December 2, 2014 – 2:31 pm
ping_pong-wallpaper-960x600

At some point available IPs on your network may become few and hard to come by. Documentation becomes outdated and does not accurately reflect which IPs are still in use. A good starting point would …

Permanently Ban IP with Fail2Ban

June 9, 2014 – 12:12 am
video security camera

If you’re not familiar with Fail2Ban: it’s a log analysis tool that detects failed login attempts for your SSH, FTP, etc services and uses IPTools firewall to temporarily drop connection requests from the offending IP addresses. …

Configure Anonymous FTP on Solaris 10

August 25, 2013 – 2:30 pm
logo_sun

Below are basic steps for configuring anonymous FTP service on Solaris 10. Use with caution.

Enable Basic FTP Server on Solaris 10

August 22, 2013 – 2:22 pm
solaris-logo

Here are a few simple steps to enable a basic FTP server on Solaris 10.

Simple Network Discovery

August 21, 2013 – 11:38 am
1139316_45970912

The bash script below will scan the specified IP range and use dig and nmap to try to determine the fully-qualified domain name, type and the operating environment of any device that responds to network …