Sometimes it becomes worthy and cozy to handle linux machines from windows. To get rid of such situation, we can configure packages in linux machines to allow remote desktop from windows machines like we connect windows machines from windows machines using a client named remote desktop or mstsc. XRDP is a cross platform to connect between windows machines and linux machines.
lets begin with the installation and configurations for xrdp.
1. Make sure necessary packages are installed.
Packages required are:
xrdp, tiger-vncserver, autoconf, automake, libtool, openssl-devel, pam-devel, libX11-devel, libXfixes-devel
[root@gyasu Downloads]# yum -y install tiger-vncserver, autoconf, automake, libtool, openssl-devel, pam-devel, libX11-devel, libXfixes-devel
2. Download and install core package xrdp from sourceforge.net or google. After download move to the download directory and untar the file.
[root@gyasu Downloads]# tar -zxvf xrdp-v0.6.1.tar.gz
[root@gyasu Downloads]# cd xrdp-v0-6.1
[root@gyasu xrdp-v0.6.1]# ./bootstrap
[root@gyasu xrdp-v0.6.1]# ./configure
[root@gyasu xrdp-v0.6.1]# make
[root@gyasu xrdp-v0.6.1]# make install
This way main installation finishes and the next part is user administration part.
3. Add users and groups
[root@gyasu xrdp-v0.6.1]# groupadd normal-users
[root@gyasu xrdp-v0.6.1]# groupadd admin-users
[root@gyasu xrdp-v0.6.1]# vi /etc/group
## And make the changes as belows to give access from windows machines
normal-users:x:501:gsuwal
admin-users:x:502:root
4. Assign user priveleges
[root@gyasu xrdp-v0.6.1]# su - gsuwal
[gsuwal@gyasu ~]$ vncpasswd
Password:
Verify:
[gsuwal@gyasu ~]$
Now return to the root user to modify vncserver settings
[gsuwal@gyasu ~]$ exit
logout
[root@gyasu xrdp-v0.6.1]#
[root@gyasu xrdp-v0.6.1]# vi /etc/sysconfig/vncservers
## make the following changes at the end of the file
vi /etc/sysconfig/vncservers
VNCSERVERS="1:gsuwal"
VNCSERVERARGS[1]="-geometry 1280x960 -depth 16"
## gsuwal is your desired username in linux used from windows machine to connect to linux machine
## geometry is the resolution and depth 16 is the connection bit
Now make sure the xrdp server runs automatically after each reboot by adding to local.repo
[root@gyasu xrdp-v0.6.1]# vi /etc/rc.local
## And append the service command, save and quit
/etc/xrdp/xrdp.sh start
Save everything, restart all the processes.
[root@gyasu xrdp-v0.6.1]# /etc/xrdp/xrdp.sh start
xrdp is already loaded
[root@gyasu xrdp-v0.6.1]# chkconfig vncserver start
[root@gyasu xrdp-v0.6.1]# service vncserver restart
Hence, we can easily connect to linux machines from windows machine successfully.
Note: tested successfully in centOS 6
vSphere Client Error parsing the server “SERVER IP” “clients.xml” file. Login will continue, contact your system administrator.
vSphere Client Error parsing the server “SERVER IP” “clients.xml” file. Login will continue, contact your system administrator.
SOLUTION
1. Download system.dll file from . This file is taken from older version of Microsoft .NET installation.
2. Copy this file to C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\lib
On 64 bit OS path would be: C:\Program Files (x86)\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\lib
If lib folder doesn't exist then create it.
3. Open file C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\VpxClient.exe.config in a text editor and just before last line </configuration> paste following code:
<runtime>
<developmentMode developerInstallation="true"/>
</runtime>
4. Control Panel > System > Advanced > Environment Variables
In System Variables click New and add following system variable:
Name: DEVPATH
Value: C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\lib
Remember that on 64 bit system instead of Program Files you have to use Program Files (x86)
5. Launch VMware vSphere Client again. This time it should run without any errors.
You are Done, cheers!!!
SOLUTION
1. Download system.dll file from . This file is taken from older version of Microsoft .NET installation.
2. Copy this file to C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\lib
On 64 bit OS path would be: C:\Program Files (x86)\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\lib
If lib folder doesn't exist then create it.
3. Open file C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\VpxClient.exe.config in a text editor and just before last line </configuration> paste following code:
<runtime>
<developmentMode developerInstallation="true"/>
</runtime>
4. Control Panel > System > Advanced > Environment Variables
In System Variables click New and add following system variable:
Name: DEVPATH
Value: C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\lib
Remember that on 64 bit system instead of Program Files you have to use Program Files (x86)
5. Launch VMware vSphere Client again. This time it should run without any errors.
You are Done, cheers!!!
How to use awk command in linux?
Here is the list of sed commands with examples
1. list content of file myfile
# [localhost@localhost ~] $ cat myfile
apple
orange
mango
banana
GUAVA
ra dish
pineapple
2. delete the first line of the file
# [localhost@localhost ~] $ sed '1d' myfile
orange
mango
banana
GUAVA
ra dish
pineapple
3. delete the third line of the file
# [localhost@localhost ~] $ sed '3d' myfile
apple
orange
banana
GUAVA
ra dish
pineapple
4. delete the last line of the file
# [localhost@localhost ~] $ sed '$d' myfile
apple
orange
mango
banana
GUAVA
ra dish
5. delete the 2nd and 4th line of the file
# [localhost@localhost ~] $ sed '2,4d' myfile
apple
banana
GUAVA
ra dish
pineapple
6. delete except the 2nd and 4th line of the file
# [localhost@localhost ~] $ sed '2,4!d' myfile
orange
mango
7. delete the 1st and last line of the file
# [localhost@localhost ~] $ sed '1d;$d' myfile
orange
mango
banana
GUAVA
ra dish
8. delete all lines beginning with character 'a'
# [localhost@localhost ~] $ sed '/^a/d' myfile
orange
mango
banana
GUAVA
ra dish
pineapple
9. delete all lines ending with character 'e'
# [localhost@localhost ~] $ sed '/e$/d' myfile
mango
banana
GUAVA
ra dish
10. delete all lines ending with either 'e' or 'E'
# [localhost@localhost ~] $ sed '/# [eE] $/d' myfile
mango
banana
GUAVA
ra dish
11. delete all the blank lines
# [localhost@localhost ~] $ sed '/^$/d' myfile
apple
orange
mango
banana
GUAVA
ra dish
pineapple
12. delete all lines which are entirely in UPPER CASE or CAPITAL LETTER
# [localhost@localhost ~] $ sed '/^# [A-Z]*$/d' myfile
apple
orange
mango
banana
ra dish
pineapple
13. delete all lines containing the pattern 'an'
# [localhost@localhost ~] $ sed '/an/d' myfile
apple
GUAVA
ra dish
pineapple
14. delete all lines not containing the pattern 'an'
# [localhost@localhost ~] $ sed '/an/!d' myfile
orange
mango
banana
15. delete all lines containing the pattern 'an' or 'le'
# [localhost@localhost ~] $ sed '/an\|le/d' myfile
GUAVA
ra dish
16. delete lines starting from 1st until meeting the PATTERN 'banana'
# [localhost@localhost ~] $ sed '1,/banana/d' myfile
GUAVA
ra dish
pineapple
17. delete lines meeting the PATTERN 'banana' till the LAST line
# [localhost@localhost ~] $ sed '/banana/,$d' myfile
apple
orange
mango
18. delete the last line only if it contains the PATTERN 'apple'
# [localhost@localhost ~] $ sed '${/apple/d;}' myfile
apple
orange
mango
banana
GUAVA
ra dish
1. list content of file myfile
# [localhost@localhost ~] $ cat myfile
apple
orange
mango
banana
GUAVA
ra dish
pineapple
2. delete the first line of the file
# [localhost@localhost ~] $ sed '1d' myfile
orange
mango
banana
GUAVA
ra dish
pineapple
3. delete the third line of the file
# [localhost@localhost ~] $ sed '3d' myfile
apple
orange
banana
GUAVA
ra dish
pineapple
4. delete the last line of the file
# [localhost@localhost ~] $ sed '$d' myfile
apple
orange
mango
banana
GUAVA
ra dish
5. delete the 2nd and 4th line of the file
# [localhost@localhost ~] $ sed '2,4d' myfile
apple
banana
GUAVA
ra dish
pineapple
6. delete except the 2nd and 4th line of the file
# [localhost@localhost ~] $ sed '2,4!d' myfile
orange
mango
7. delete the 1st and last line of the file
# [localhost@localhost ~] $ sed '1d;$d' myfile
orange
mango
banana
GUAVA
ra dish
8. delete all lines beginning with character 'a'
# [localhost@localhost ~] $ sed '/^a/d' myfile
orange
mango
banana
GUAVA
ra dish
pineapple
9. delete all lines ending with character 'e'
# [localhost@localhost ~] $ sed '/e$/d' myfile
mango
banana
GUAVA
ra dish
10. delete all lines ending with either 'e' or 'E'
# [localhost@localhost ~] $ sed '/# [eE] $/d' myfile
mango
banana
GUAVA
ra dish
11. delete all the blank lines
# [localhost@localhost ~] $ sed '/^$/d' myfile
apple
orange
mango
banana
GUAVA
ra dish
pineapple
12. delete all lines which are entirely in UPPER CASE or CAPITAL LETTER
# [localhost@localhost ~] $ sed '/^# [A-Z]*$/d' myfile
apple
orange
mango
banana
ra dish
pineapple
13. delete all lines containing the pattern 'an'
# [localhost@localhost ~] $ sed '/an/d' myfile
apple
GUAVA
ra dish
pineapple
14. delete all lines not containing the pattern 'an'
# [localhost@localhost ~] $ sed '/an/!d' myfile
orange
mango
banana
15. delete all lines containing the pattern 'an' or 'le'
# [localhost@localhost ~] $ sed '/an\|le/d' myfile
GUAVA
ra dish
16. delete lines starting from 1st until meeting the PATTERN 'banana'
# [localhost@localhost ~] $ sed '1,/banana/d' myfile
GUAVA
ra dish
pineapple
17. delete lines meeting the PATTERN 'banana' till the LAST line
# [localhost@localhost ~] $ sed '/banana/,$d' myfile
apple
orange
mango
18. delete the last line only if it contains the PATTERN 'apple'
# [localhost@localhost ~] $ sed '${/apple/d;}' myfile
apple
orange
mango
banana
GUAVA
ra dish
How to merge contents of 2 files using paste?
This is one of the best command that facilitates the system admin to perform his specific tasks. Below is the list with the examples showing the paste command.
[localhost@localhost ~]$ cat file1
apple
orange
mango
banana
[localhost@localhost ~]$ cat file2
coldplay
westlife
michael
sunibigyana
piyush
[localhost@localhost ~]$ paste -s file1
apple orange mango banana
[localhost@localhost ~]$ paste -d, -s file1
apple,orange,mango,banana
[localhost@localhost ~]$ paste - - < file1
apple orange
mango banana
[localhost@localhost ~]$ paste -d':' - - < file1
apple:orange
mango:banana
[localhost@localhost ~]$ paste - - - < file1
apple orange mango
banana
[localhost@localhost ~]$ paste -d ':,' - - - < file1
apple:orange,mango
banana:,
[localhost@localhost ~]$ cat file2
coldplay
westlife
michael
sunibigyana
piyush
[localhost@localhost ~]$ paste file1 file2
apple coldplay
orange westlife
mango michael
banana sunibigyana
piyush
[localhost@localhost ~]$ paste -d, file1 file2
apple,coldplay
orange,westlife
mango,michael
banana,sunibigyana
,piyush
[localhost@localhost ~]$ cat file2 | paste -d, file1 -
apple,coldplay
orange,westlife
mango,michael
banana,sunibigyana
,piyush
[localhost@localhost ~]$ cat file1 | paste -d, - file2
apple,coldplay
orange,westlife
mango,michael
banana,sunibigyana
,piyush
[localhost@localhost ~]$ cat file1 file2 | paste -d, - -
apple,orange
mango,banana
coldplay,westlife
michael,sunibigyana
piyush,
[localhost@localhost ~]$ paste -d'\n' file1 file2
apple
coldplay
orange
westlife
mango
michael
banana
sunibigyana
piyush
[localhost@localhost ~]$
[localhost@localhost ~]$ cat file1
apple
orange
mango
banana
[localhost@localhost ~]$ cat file2
coldplay
westlife
michael
sunibigyana
piyush
[localhost@localhost ~]$ paste -s file1
apple orange mango banana
[localhost@localhost ~]$ paste -d, -s file1
apple,orange,mango,banana
[localhost@localhost ~]$ paste - - < file1
apple orange
mango banana
[localhost@localhost ~]$ paste -d':' - - < file1
apple:orange
mango:banana
[localhost@localhost ~]$ paste - - - < file1
apple orange mango
banana
[localhost@localhost ~]$ paste -d ':,' - - - < file1
apple:orange,mango
banana:,
[localhost@localhost ~]$ cat file2
coldplay
westlife
michael
sunibigyana
piyush
[localhost@localhost ~]$ paste file1 file2
apple coldplay
orange westlife
mango michael
banana sunibigyana
piyush
[localhost@localhost ~]$ paste -d, file1 file2
apple,coldplay
orange,westlife
mango,michael
banana,sunibigyana
,piyush
[localhost@localhost ~]$ cat file2 | paste -d, file1 -
apple,coldplay
orange,westlife
mango,michael
banana,sunibigyana
,piyush
[localhost@localhost ~]$ cat file1 | paste -d, - file2
apple,coldplay
orange,westlife
mango,michael
banana,sunibigyana
,piyush
[localhost@localhost ~]$ cat file1 file2 | paste -d, - -
apple,orange
mango,banana
coldplay,westlife
michael,sunibigyana
piyush,
[localhost@localhost ~]$ paste -d'\n' file1 file2
apple
coldplay
orange
westlife
mango
michael
banana
sunibigyana
piyush
[localhost@localhost ~]$
How to install Observium in linux?
Observium is one of the best tool ever used by system network admin for monitoring everything about routers, switches and physical machines.
Please follow the following working steps to get Observium installed.
1. instal ncecessary packages
# yum install httpd php php-mysql php-gd php-snmp vixie-cron php-pear net-snmp net-snmp-utils graphviz subversion mysql-server mysql rrdtool fping ImageMagick jwhois nmap OpenIPMI-tools
2. install pear
# pear install Net_IPv6
# pear install Net_IPv4
3. # yum install libvirt
4. # mkdir /opt/observium
# cd /opt
5. # svn co http://www.observium.org/svn/observer/trunk observium
6. # cd observium
7. Create mysql username and password
# /usr/bin/mysqladmin -u root password 'passworD321'
mysql> create database observium;
Query OK, 1 row affected (0.00 sec)
mysql>grant all privileges on observium. * to 'observium'@'localhost' identified by 'passworD321';
Query OK, 0 rows affected (0.00 sec)
8. # cp config.php.default config.php
9. vi config.php and add the following part.
$config['fping'] = "/usr/sbin/fping";
# php includes/sql-schema/update.php
10. # mkdir graphs rrd
11. chown apache.apache graphs rrd
12. Allow in httpd
# vi /etc/httpd/conf.d/observium.conf
<VirtualHost *:80>
DocumentRoot /opt/observium/html/
ServerName observium.domain.com
CustomLog /opt/observium/logs/access_log combined
ErrorLog /opt/observium/logs/error_log
<Directory "/opt/observium/html/">
AllowOverride All
Options FollowSymLinks MultiViews
</Directory>
</VirtualHost>
13. Create logs directory for apache
# mkdir /opt/observium/logs
# chown apache.apache /opt/observium/logs
14. Add user, use level of 10 for admin
# cd /opt/observium
# ./adduser.php <user-name> <password> <level=10>
15. Add a first device to monitor:
# ./addhost.php <hostname> <community> v2c
16. Discover and add hosts
# ./discovery.php -h all
# ./poller.php -h all
17. Add to cronjobs
33 */6 * * * /opt/observium/discovery.php -h all >> /dev/null 2>&1
*/5 * * * * /opt/observium/discovery.php -h new >> /dev/null 2>&1
*/5 * * * * /opt/observium/poller.php -h all >> /dev/null 2>&1
and restart the cron
# /etc/init.d/cron reload
18. In case if server rebooted, add to startup
# chkconfig mysqld on
# chkconfig httpd on
Now check,on your browser as http://localhost/observium with the username and password we have created.
Thats All, Have Fun and Informative Monitoring
Please follow the following working steps to get Observium installed.
1. instal ncecessary packages
# yum install httpd php php-mysql php-gd php-snmp vixie-cron php-pear net-snmp net-snmp-utils graphviz subversion mysql-server mysql rrdtool fping ImageMagick jwhois nmap OpenIPMI-tools
2. install pear
# pear install Net_IPv6
# pear install Net_IPv4
3. # yum install libvirt
4. # mkdir /opt/observium
# cd /opt
5. # svn co http://www.observium.org/svn/observer/trunk observium
6. # cd observium
7. Create mysql username and password
# /usr/bin/mysqladmin -u root password 'passworD321'
mysql> create database observium;
Query OK, 1 row affected (0.00 sec)
mysql>grant all privileges on observium. * to 'observium'@'localhost' identified by 'passworD321';
Query OK, 0 rows affected (0.00 sec)
8. # cp config.php.default config.php
9. vi config.php and add the following part.
$config['fping'] = "/usr/sbin/fping";
# php includes/sql-schema/update.php
10. # mkdir graphs rrd
11. chown apache.apache graphs rrd
12. Allow in httpd
# vi /etc/httpd/conf.d/observium.conf
<VirtualHost *:80>
DocumentRoot /opt/observium/html/
ServerName observium.domain.com
CustomLog /opt/observium/logs/access_log combined
ErrorLog /opt/observium/logs/error_log
<Directory "/opt/observium/html/">
AllowOverride All
Options FollowSymLinks MultiViews
</Directory>
</VirtualHost>
13. Create logs directory for apache
# mkdir /opt/observium/logs
# chown apache.apache /opt/observium/logs
14. Add user, use level of 10 for admin
# cd /opt/observium
# ./adduser.php <user-name> <password> <level=10>
15. Add a first device to monitor:
# ./addhost.php <hostname> <community> v2c
16. Discover and add hosts
# ./discovery.php -h all
# ./poller.php -h all
17. Add to cronjobs
33 */6 * * * /opt/observium/discovery.php -h all >> /dev/null 2>&1
*/5 * * * * /opt/observium/discovery.php -h new >> /dev/null 2>&1
*/5 * * * * /opt/observium/poller.php -h all >> /dev/null 2>&1
and restart the cron
# /etc/init.d/cron reload
18. In case if server rebooted, add to startup
# chkconfig mysqld on
# chkconfig httpd on
Now check,on your browser as http://localhost/observium with the username and password we have created.
Thats All, Have Fun and Informative Monitoring
Monitoring User and Application Activity with psacct
Monitoring User and Application Activity with psacct
One of the big advantages of using psacct on your server is that it provides excellent logging for activities of applications and users. When you are running scripts one of the important aspects of that script is how much resources it may be using and are there any resource limitations that may exist with the application. In addition, there may be times when you run a script as a user. In other words, you create a user with specific rights, maybe even using visudo. You will likely use this to reduce the security risks of a user who must issue a command with root privileges.
Install Process Accounting
# yum install psacct
Start Process Accounting
# /etc/init.d/psacct start
Starting process accounting: [ OK ]
Connect Time
The connect time in hours is based on logins and logouts. The ac command provides a total.
# ac
total 1268.26
Accounting By Day
The system’s default login accounting file is /var/log/wtmp.
# ac -d
Oct 30 total 2.87
Oct 31 total 4.52
Nov 2 total 0.04
Nov 5 total 3.37
Nov 6 total 10.39
Nov 7 total 11.65
Nov 8 total 5.09
Nov 10 total 0.89
Nov 11 total 7.02
Nov 12 total 5.16
Nov 13 total 0.30
Nov 18 total 11.65
Nov 19 total 1.58
Nov 20 total 8.20
Nov 23 total 2.34
Nov 26 total 0.25
Nov 27 total 3.49
Dec 2 total 0.93
Today total 2.45
Time Totals for Users
# ac -p
yak 8.09
nagios 0.04
haywire 33.76
hatti 12.93
hacker 334.98
geddy 30.89
usayg 198.59
amar 0.12
langoor 13.82
aanta 18.00
nildana 105.30
batley 0.00
maka 7.94
hunter 85.02
gai 416.38
dhon 2.42
total 1268.27
Commands of Users
You can search out the commands of users with the lastcomm command which prints out the previously executed commands.
Process Flag Username Terminal Time
ping S dhon pts/3 0.00 secs Thu Nov 30 18:09
# lastcomm dhon
hostname dhon pts/1 0.00 secs Mon Dec 3 18:41
bash F dhon pts/1 0.00 secs Mon Dec 3 18:41
id dhon pts/1 0.00 secs Mon Dec 3 18:41
su S dhon __ 0.02 secs Mon Dec 3 10:58
bash X dhon __ 0.04 secs Mon Dec 3 10:58
sshd SF dhon __ 0.04 secs Mon Dec 3 10:58
Search Logs for Commands
Using the lastcomm command you will be able to view each use of an individual command.
# lastcomm grep
grep aanta pts/6 0.00 secs Thu Nov 30 13:28
grep aanta pts/6 0.00 secs Thu Nov 30 13:28
grep aanta pts/5 0.00 secs Thu Nov 30 12:57
grep aanta pts/5 0.00 secs Thu Nov 30 12:57
Print Summary
The sa command will print a summary of commands that were executed. It will also condense the information into a summary file called savacct which contains the number of times that the command was executed. The useracct file keeps a summary of the commands by user.
Output Fields
cpu - sum of system and user time in cpu minutes
re - actual time in minutes
k - cpu-time averaged core usage, in 1k units
k*sec - cpu storage integral (kilo-core seconds)
u - user cpu time in cpu minutes
s - system time in cpu minutes
# /usr/sbin/sa
Print User Information
Use the -u option to provide information on individual users.
# /usr/sbin/sa -u
root 0.00 cpu 598k mem accton
root 0.00 cpu 1081k mem initlog
root 0.00 cpu 920k mem initlog
root 0.00 cpu 1172k mem touch
root 0.00 cpu 1402k mem psacct
bomb 0.01 cpu 7282k mem kdeinit *
bomb 0.00 cpu 6232k mem gnome-panel *
bomb 0.02 cpu 4848k mem gnome-terminal
Display Number of Processes
An increase in these fields indicates a problem. This prints the number of processes and the number of CPU minutes. If these numbers continue to increase it is time to look into what is happening.
# /usr/sbin/sa -m
195 220.31re 0.09cp 2220k
aanta 65 198.37re 0.08cp 2135k
root 88 21.86re 0.00cp 1084k
postgres 40 0.09re 0.00cp 4879k
smmsp 2 0.00re 0.00cp 1827k
Display All Names
This option will show each of the programs on your server so you may evaluate, real time, memory usage and which programs are running.
# /usr/sbin/sa -a
221 83.36re 0.01cp 1414k
1 0.01re 0.00cp 1471k rpmq
7 0.33re 0.00cp 2465k sendmail*
1 40.78re 0.00cp 1844k sshd
37 0.00re 0.00cp 964k bash*
32 0.00re 0.00cp 604k tmpwatch
27 0.00re 0.00cp 4984k postmaster*
26 0.00re 0.00cp 1116k df
15 0.00re 0.00cp 959k id
11 0.00re 0.00cp 709k egrep
8 0.00re 0.00cp 636k sa
7 0.00re 0.00cp 817k grep
6 0.00re 0.00cp 562k ac
5 0.01re 0.00cp 789k awk
3 0.41re 0.00cp 1219k crond*
3 0.40re 0.00cp 674k run-parts
3 0.00re 0.00cp 774k dircolors
3 0.00re 0.00cp 673k consoletype
2 40.98re 0.00cp 1344k bash
2 0.14re 0.00cp 1628k sshd*
2 0.00re 0.00cp 914k logrotate
# /usr/sbin/sa -a It will sort the programs in percentage distributions.
How To Capture Packets with TCPDUMP?
See the list of interfaces on which tcpdump can listen
# /usr/sbin/tcpdump -D
Listen on any available interface
# /usr/sbin/tcpdump -i any
Verbose Mode
# /usr/sbin/tcpdump -v
# /usr/sbin/tcpdump -vv
# /usr/sbin/tcpdump -vvv
# /usr/sbin/tcpdump -q
Limit the capture to an number of packets N
# /usr/sbin/tcpdump -c N
Display IP addresses and port numbers when capturing packets
# /usr/sbin/tcpdump -n
Capture any packets where the destination host is 192.168.0.1, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst host 192.168.0.1
Capture any packets where the source host is 192.168.0.1, display IP addresses and port numbers
# /usr/sbin/tcpdump -n src host 192.168.0.1
Capture any packets where the source or destination host is 192.168.0.1, display IP addresses and port numbers
# /usr/sbin/tcpdump -n host 192.168.0.1
Capture any packets where the destination network is 192.168.10.0/24, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst net 192.168.10.0/24
Capture any packets where the source network is 192.168.10.0/24, display IP addresses and port numbers
# /usr/sbin/tcpdump -n src net 192.168.10.0/24
Capture any packets where the source or destination network is 192.168.10.0/24,display IP addresses and port numbers
# /usr/sbin/tcpdump -n net 192.168.10.0/24
Capture any packets where the destination port is 23, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst port 23
Capture any packets where the destination port is is between 1 and 1023 inclusive, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst portrange 1-1023
Capture only TCP packets where the destination port is is between 1 and 1023 inclusive,display IP addresses and port numbers
# /usr/sbin/tcpdump -n tcp dst portrange 1-1023
Capture only UDP packets where the destination port is is between 1 and 1023 inclusive, display IP addresses and port numbers
# /usr/sbin/tcpdump -n udp dst portrange 1-1023
Capture any packets with destination IP 192.168.0.1 and destination port 23,display IP addresses and port numbers
# /usr/sbin/tcpdump -n "dst host 192.168.0.1 and dst port 23"
Capture any packets with destination IP 192.168.0.1 and destination port 80 or 443,display IP addresses and port numbers
# /usr/sbin/tcpdump -n "dst host 192.168.0.1 and (dst port 80 or dst port 443)"
Capture any ICMP packets
# /usr/sbin/tcpdump -v icmp
Capture any ARP packets
# /usr/sbin/tcpdump -v arp
Capture either ICMP or ARP packets
# /usr/sbin/tcpdump -v "icmp or arp"
Capture any packets that are broadcast or multicast
# /usr/sbin/tcpdump -n "broadcast or multicast"
Capture 500 bytes of data for each packet rather than the default of 68 bytes
# /usr/sbin/tcpdump -s 500
Capture all bytes of data within the packet
# /usr/sbin/tcpdump -s 0
Monitor all packets on eth1 interface
# /usr/sbin/tcpdump -i eth1
Monitor all traffic on port 80 ( HTTP )
# /usr/sbin/tcpdump -i eth0 'port 80'
Monitor all traffic on port 25 ( SMTP )
# /usr/sbin/tcpdump -vv -x -X -s 1500 -i eth0 'port 25'
Capture only N number of packets using tcpdump -c
# /usr/sbin/tcpdump -c 2 -i eth0
Display Captured Packets in ASCII using tcpdump -A
# /usr/sbin/tcpdump -A -i eth0
Display Captured Packets in HEX and ASCII using tcpdump -XX
# /usr/sbin/tcpdump -XX -i eth0
Capture the packets and write into a file using tcpdump -w
# /usr/sbin/tcpdump -w data.pcap -i eth0
.pcap is extension
Reading the packets from a saved file using tcpdump -r
# /usr/sbin/tcpdump -tttt -r data.pcap
Capture packets with IP address using tcpdump -n
# /usr/sbin/tcpdump -n -i eth0
Capture packets with proper readable timestamp using tcpdump -tttt
# /usr/sbin/tcpdump -n -tttt -i eth0
Read packets longer than N bytes
# /usr/sbin/tcpdump -w data.pcap greater 1024
Read packets lesser than N bytes
# /usr/sbin/tcpdump -w data1024.pcap less 1024
Receive only the packets of a specific protocol type
# /usr/sbin/tcpdump -i eth0 arp
Receive packets flows on a particular port using tcpdump port
# /usr/sbin/tcpdump -i eth0 port 22
Capture packets for particular destination IP and Port
# /usr/sbin/tcpdump -w data.pcap -i eth0 dst 10.181.140.216 and port 22
Capture TCP communication packets between two hosts
# /usr/sbin/tcpdump -w data.pcap -i eth0 dst 16.181.170.246 and port 22
Tcpdump Filter Packets – Capture all the packets other than arp and rarp
# /usr/sbin/tcpdump -i eth0 not arp and not rarp
# /usr/sbin/tcpdump -D
Listen on any available interface
# /usr/sbin/tcpdump -i any
Verbose Mode
# /usr/sbin/tcpdump -v
# /usr/sbin/tcpdump -vv
# /usr/sbin/tcpdump -vvv
# /usr/sbin/tcpdump -q
Limit the capture to an number of packets N
# /usr/sbin/tcpdump -c N
Display IP addresses and port numbers when capturing packets
# /usr/sbin/tcpdump -n
Capture any packets where the destination host is 192.168.0.1, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst host 192.168.0.1
Capture any packets where the source host is 192.168.0.1, display IP addresses and port numbers
# /usr/sbin/tcpdump -n src host 192.168.0.1
Capture any packets where the source or destination host is 192.168.0.1, display IP addresses and port numbers
# /usr/sbin/tcpdump -n host 192.168.0.1
Capture any packets where the destination network is 192.168.10.0/24, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst net 192.168.10.0/24
Capture any packets where the source network is 192.168.10.0/24, display IP addresses and port numbers
# /usr/sbin/tcpdump -n src net 192.168.10.0/24
Capture any packets where the source or destination network is 192.168.10.0/24,display IP addresses and port numbers
# /usr/sbin/tcpdump -n net 192.168.10.0/24
Capture any packets where the destination port is 23, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst port 23
Capture any packets where the destination port is is between 1 and 1023 inclusive, display IP addresses and port numbers
# /usr/sbin/tcpdump -n dst portrange 1-1023
Capture only TCP packets where the destination port is is between 1 and 1023 inclusive,display IP addresses and port numbers
# /usr/sbin/tcpdump -n tcp dst portrange 1-1023
Capture only UDP packets where the destination port is is between 1 and 1023 inclusive, display IP addresses and port numbers
# /usr/sbin/tcpdump -n udp dst portrange 1-1023
Capture any packets with destination IP 192.168.0.1 and destination port 23,display IP addresses and port numbers
# /usr/sbin/tcpdump -n "dst host 192.168.0.1 and dst port 23"
Capture any packets with destination IP 192.168.0.1 and destination port 80 or 443,display IP addresses and port numbers
# /usr/sbin/tcpdump -n "dst host 192.168.0.1 and (dst port 80 or dst port 443)"
Capture any ICMP packets
# /usr/sbin/tcpdump -v icmp
Capture any ARP packets
# /usr/sbin/tcpdump -v arp
Capture either ICMP or ARP packets
# /usr/sbin/tcpdump -v "icmp or arp"
Capture any packets that are broadcast or multicast
# /usr/sbin/tcpdump -n "broadcast or multicast"
Capture 500 bytes of data for each packet rather than the default of 68 bytes
# /usr/sbin/tcpdump -s 500
Capture all bytes of data within the packet
# /usr/sbin/tcpdump -s 0
Monitor all packets on eth1 interface
# /usr/sbin/tcpdump -i eth1
Monitor all traffic on port 80 ( HTTP )
# /usr/sbin/tcpdump -i eth0 'port 80'
Monitor all traffic on port 25 ( SMTP )
# /usr/sbin/tcpdump -vv -x -X -s 1500 -i eth0 'port 25'
Capture only N number of packets using tcpdump -c
# /usr/sbin/tcpdump -c 2 -i eth0
Display Captured Packets in ASCII using tcpdump -A
# /usr/sbin/tcpdump -A -i eth0
Display Captured Packets in HEX and ASCII using tcpdump -XX
# /usr/sbin/tcpdump -XX -i eth0
Capture the packets and write into a file using tcpdump -w
# /usr/sbin/tcpdump -w data.pcap -i eth0
.pcap is extension
Reading the packets from a saved file using tcpdump -r
# /usr/sbin/tcpdump -tttt -r data.pcap
Capture packets with IP address using tcpdump -n
# /usr/sbin/tcpdump -n -i eth0
Capture packets with proper readable timestamp using tcpdump -tttt
# /usr/sbin/tcpdump -n -tttt -i eth0
Read packets longer than N bytes
# /usr/sbin/tcpdump -w data.pcap greater 1024
Read packets lesser than N bytes
# /usr/sbin/tcpdump -w data1024.pcap less 1024
Receive only the packets of a specific protocol type
# /usr/sbin/tcpdump -i eth0 arp
Receive packets flows on a particular port using tcpdump port
# /usr/sbin/tcpdump -i eth0 port 22
Capture packets for particular destination IP and Port
# /usr/sbin/tcpdump -w data.pcap -i eth0 dst 10.181.140.216 and port 22
Capture TCP communication packets between two hosts
# /usr/sbin/tcpdump -w data.pcap -i eth0 dst 16.181.170.246 and port 22
Tcpdump Filter Packets – Capture all the packets other than arp and rarp
# /usr/sbin/tcpdump -i eth0 not arp and not rarp
How to change the linux hostname?
# hostname
test.com
# hostname server.com
# hostname
server.com
# vi /etc/hostname
server.com
Now restart and see the changes.
How to change MySql root password?
For every database, you should set the root or sa passwords to something other than the default, unless you want to get hacked. For mysql, the system administrator user is called root. You will use the mysqladmin utility from a command line to set the new password.
Syntax:
# mysqladmin -u root password “new_password”
# mysqladmin -u root -h host_name password “new_password”
Example:
# mysqladmin -u root password Pa55w0rD
# mysqladmin -u root -h localhost password linuxgEEks
You need to restart the database server after this change
# /etc/init.d/mysql restart
Syntax:
# mysqladmin -u root password “new_password”
# mysqladmin -u root -h host_name password “new_password”
Example:
# mysqladmin -u root password Pa55w0rD
# mysqladmin -u root -h localhost password linuxgEEks
You need to restart the database server after this change
# /etc/init.d/mysql restart
How To Backup MySQL Database to a file?
Backing up your database is a very important system administration task, and should generally be run from a cron job at scheduled intervals. We will use the mysqldump utility included with mysql to dump the contents of the database to a text file that can be easily re-imported.
Syntax:
# mysqldump -h localhost -u root -pmypassword database_name > dumpfile_name.sql
Example:
# mysqldump -h localhost -u root -pPa55w0rD database110 > backup_file.sql
This will give you a text file containing all the commands required to re-create the database.
Syntax:
# mysqldump -h localhost -u root -pmypassword database_name > dumpfile_name.sql
Example:
# mysqldump -h localhost -u root -pPa55w0rD database110 > backup_file.sql
This will give you a text file containing all the commands required to re-create the database.
Subscribe to:
Posts (Atom)