This entry explains the user] of the lsof command which stands for, List of Open Files...this can be really useful if you would like to see what files are currently running for the instance of a particular user.
When running lsof it is always a good idea to specify what you are actually looking for, simply running lsof will give you a slew of data much of it will not be useful to you, especially if you are trying to stop a command that is you to properly administer your linux system.
If you can remember I created an entry called Lost Disk Space on Linux Due to Stop Command. In which I was backing up some critical web dev files, not realizing that I was going to be running out of disk. Take a look at that entry, it gives resolution along with the proper use of the lsof command when things go wrong.
Here are a couple of lsof commands that you can use that will help you make heads or tales of what process is doing what, at what time, and at what location.
Well I hope this brief snippet of information shows you how useful the lsof command can be, if you have any commands that you would like to share, leave a comment below.
This short entry explains how to create a mount a disk partition in linux. I will show you how to mount a peripheral such as a USB stick, External Drive, or anything else that can be easily remove from your Linux machine. Let’s get started.
What you will need:
Specify a File System
In linux there are many types of file systems, but we will talk about. ext2, ext3, ext4. ext2 is the native file system on your linux machine, if you do not specify ext2 your linux system will default to this. ext3 is much like ext2, but that it allows journaling. Journaling does exactly that, it will log the commands and actions that you do. This will allow you recover a file / directory should it be accidently deleted. (this is in no way to be used as a backup utility) ext4 will allow you to create a file system that is up to: 32TB large and will support a file up to: 2TB big. So now that you no some of the differences, lets specify.
If you wish to unmount the device/peripheral from your linux system enter the following command.
Just a heads up that mounting a device in this manner will disconnect upon reboot...see my next post on how to prevent that from happening.
While trying to mkfs I received an error: Permission denied while trying to determine filesystem size.
This is a quick entry, I wanted to mount a device to my Linux system, but I received the error:
mkfs.ext3: Permission denied while trying to determine filesystem size
I was sure why this was outside of the obvious permission denied, but my focus was on the filesystem size part of this error. Why was it taking so long to determine the filesystem size I thought?
Well, it does NOT have to do with the file system size of the device, but it on the first two words of the error. Permission denied. I solved this problem by not being an end user with no permissions to the system, I became a super user by executing su -. I then tried my command again:
Make File System ext3 on Device
mkfs -t ext3 /dev/xvdj
Success! The out was:
My lesson learned here was not to assume always that you have access to everything. You are not always a super user and you should never run as root in production.
If you have never used Fail2Ban on your Linux distro. I would greatly recommended it, especially if you seeing a lot of traffic trying to brute force your standard SSH connection.
1. Do not SSH on port 22
2. Do not use root
3. Disable root
But this entry is not on good practices on SSH connections, but rather how to remove a ban that Fail2Ban may have done to block you, a client, or a connection that was not intended to be blocked.
Begin by doing the following:
1. iptables -L (Do you see your ip in this list?)
2. iptables -D fail2ban-ssh -s xxx.xxx.xxx.xxx -j DROP
3. Where you see xxx.xxx.xxx.xxx add the IP that is banned.
4. Now verify that your IP is no longer in the list: iptables -L
That's it! Your IP should now be removed! To prevent this from happening again, navigate to the follow path and add your IP address to the safe list:
1. cd /etc/fail2ban
2. vi fail.conf
3. Now locate: # "ignoreip" can be an IP address, a CIDR mask or a DNS host
4. Add your IP address to this list
5. Now save with a :x
I hope this helps you, if you have questions drop me a comment below.
This entry explains how to extract Adobe Flash PDF file to a common Adobe PDF file that does not have flash.
If you have come across this issues, it may be due to a notification that states that Adobe Flash is required to open this Adobe PDF file. Well naturally your thinking a potential virus or malware infection right? Well you should, but I won't get into that.
So if you do receive a message that states that you need to upgrade your version of Acrobat to view the Adobe Flash PDF I would like you to do the following steps, to avoid having to upgrade.
1. Begin by opening the Adobe PDF file.
2. Highlight ALL documents by pressing CTRL+A
3. Go to: File > Extract from Portfolio
4. Now fine a destination to save the files.
5. Once done, hit ok and the files will begin converting to PDF (with NO flash)
This will save you a call to your IT help desk, and prevent others from having to upgrade they're Acrobat / PDF Readers.
This afternoon I purchased myself a Cisco ASA 5505 (EOL) for my home network. My quest is to become a proficient system administrator, and perhaps one day a full stack admin...so I figured it would be a good idea to get some of the gear.
Now then, I have worked on the Cisco ASA 5510 & 5505, but the changes that I have made to it we're fairly easy to do. Open ports, edit ip addressing, and manage traffic But there is so much more to the ASA that I am interested in knowing so I figured I would jump in feet first by screwing up my own network and not someone elses. Here is a little background on the purchase.
Cisco ASA 5505-UL-BUN-K9 Security Plus Firewall Unlimited Users 25 SSL/IPSec VPN
Have one? Or have any suggestions for me? Leave me a comment.
This is a new type of entry, much like my Linux postings that I have recently been doing, but in these blogs I will be posting about things that made me uncomfortable, but I did them anyways. Success's & failures.
Well most of you know me as a web developer, but I do other things than web dev. In this past year I have taken myself outside of my comfort level and broaden my knowledge in other areas.
"If it scares you, you should probably do it."
This week I was asked to open a specific port on an Cisco ASA 5510, and also configure a Windows Server to adhere to that port on the ASA. I am unable to get into specifics but I can tell you that this was outside of my scope, but I welcomed it.
That day (Thursday) I successfully con figured the server to listen to the non-traditional port and also configured the router allow the broadcasting of it. After a reboot of the server and an outside internet connection I was able to establish a connection. SUCCESS!
The next day I received notice that certain users were not able to connect to certain shares on the server. To top it off one of them was in a upper level position. EEK!
After finding the issue, and finding the solution I relayed my concerns to my sysadmin and he was able to get the disk share re-established. At which point I simply remapped my end users on the client ends. (not all had to be remapped)
I guess in the end, the configuration issues that I made to the Cisco ASA 5510 (router) and the reboot of the server was not my doing, but the fact that I was able to get the connection re-established was.
I embrace change, tasks like this regurgitate me. In the mean time I plan on continuing my knowledge with the ASA and seek other tasks as received. It is in my hopes to one day be a full stack administrator, in the mean time...let's all get out of our comfort level, and do something that scares us.
If it scares you, you should probably do it.
Today I was mentioned on the Daily Tech News Show podcast for August 27, 2014. I submitted a press release regarding Seagate is now shipping an 8 TB 3.5-inch hard drive with a SATA 6 gigabit-per-second interface.
I really enjoy this show, and not all the links I submit to the show are read or mentioned, but I really enjoy sharing content with the masses as you know by all my entries.
...and yes Dan Patterson | danpatterson.com, you said my name correctly. Thanks!
Need to send traffic to your Apache Web Server, in hopes that you will not bring it down by HTTP or ICMP request? Well read on.
Well this is unique entry, recently a friend and I we're bench testing a couple servers on different nodes using the Apache Benchmark Tool. In our findings we noticed that 2 of the domains that we tested feel to they're knees due to memory issues. Now then, in no way do I condemn black hat conduct but sometimes the only way to protect your OWN servers is to use penetration testing tools to stress the server.
Now, there is a plethora of software that can do this locally on the server or for remote usage, but for this entry I will refrain from that.
I recommend that you take a look at my friends blog on how to protect yourself from an EVASION of traffic.
TRICK FOR APACHE2 AND MYSQL CRASHING ON HIGH LOAD / APACHE BENCHMARK
* thanks JV for the initial remote PT.
I receive a lot of PDF files in fact many more PDF files than word documents now a days. Now a day's being able to search a PDF file or perhaps a PDF file that was created into a doc file can same you time. Here are a few steps that you can do to OCR your PDF so that it can be easily searchable.
Now you should be able to do a CTRL+F to find words with in the document.
Useful Linux Links for 2014-08-22 - Below are links that I used in a given day that helped me with my goal in Linux System Administration.
This evening I gave Google Photo Sphere a try at the pool where I live. I also captured the court yard but figured the pool area would have a better view.
Google Photo Sphere is 360-degree panorama software that is available for Android and iOS, you can find the application in the respected app store. Personally I though the software was really nice and it was very easy to use, let's call the process "circling the dots". Simply rotate in a circle circling the dots, and then viola your done!
Just a reminder, stay away from tight quarters. Photo Sphere does a much better job in an open environment.
Useful Linux Links for 2014-08-20 - Below are links that I used used in a given day in helping me with my Linux System Administration.
This afternoon like many others in my Google+ Network we received our Google Domains Invitation from the Google Domains Team.
Though at the time I was happy and very interested in the program, I did notice that the price per domain would cost me an extra $2.00, now then an extra $2.00 may be nothing you say...but my partner and I have well over 20 or so domains. So I think for now we will stick to hover.com.
Here is the notice I received from Google Domains:
So there you have it, the interface when using the system is very simple and easy, but I am trying to find the added benefit to the service. I am very pleased with Hover and they're simple no BS domain name registration but I am not loyal to any domain name registration service. What are your thoughts?
This small list was originally created last week 2014-08-08, but I am barely getting to posting them. For those of you that use fail2ban being able to block an IP is easy, but unblocking can be a different matter if you have never done so before. If you have questions leave a comment.
This weekend if I have time I plan on hacking one of my 2 WeMo's. If you have never heard of a WeMo take a look here, it basically allows you to control your homes electronics by turning them off & on.
Useful Linux Links for 2014-08-08 - Below are links that I used used in a given day in helping me with my Linux System Administration.
Useful Linux Links for 2014-08-07 - Below are links that I used used in a given day in helping me with my Linux System Administration.
Below are the steps I took to troubleshoot my creation of the user: david and how I fixed the in ability to update the .ICEauthority file in /home/david/.ICEauthority
* Be sure you replace all instances with david with your username
Step by Step:
1. Begin by logging into root
2. Locate the home directory of the user that you wish fix. Example: cd /home/david
3. In some instances you may need to create the user directory as I had to. To do so, in the home directory type in mkdir david
4. Once the directory is created type in the following so that we can ensure that the user has ownership of the directory. chown david: david .ICEauthority
5. Logout as root
6. Login as your username