Configure NTP on solaris
edit /etc/inet/ntp.server and put entry with server details
server external-time-server-a
server external-time-server-b
server external-time-server-c
To activate the ntp server try the following command:
# svcadm enable svc:/network/ntp:default
After that check if the service is running:
# svcs -a | grep ntp
# ps -ef | grep ntp
Monday, March 29, 2010
Wednesday, March 24, 2010
free memory drop_caches
free memory drop_caches
Writing to this will cause the kernel to drop clean caches, dentries and inodes from memory, causing that memory to become free.
To free pagecache:
echo 1 > /proc/sys/vm/drop_caches
To free dentries and inodes:
echo 2 > /proc/sys/vm/drop_caches
To free pagecache, dentries and inodes:
echo 3 > /proc/sys/vm/drop_caches
As this is a non-destructive operation, and dirty objects are not freeable, the user should run "sync" first in order to make sure all cached objects are freed.
This tunable was added in 2.6.16.
Writing to this will cause the kernel to drop clean caches, dentries and inodes from memory, causing that memory to become free.
To free pagecache:
echo 1 > /proc/sys/vm/drop_caches
To free dentries and inodes:
echo 2 > /proc/sys/vm/drop_caches
To free pagecache, dentries and inodes:
echo 3 > /proc/sys/vm/drop_caches
As this is a non-destructive operation, and dirty objects are not freeable, the user should run "sync" first in order to make sure all cached objects are freed.
This tunable was added in 2.6.16.
Cycwin Installation and console access
click on setup.exe
Choose Install from Internet
Choose the defaults for this step (select Root Install Directory)
Choose the Local Package Directory (default should be the right one)
Choose Direct connection
choose http://mirrors.rcn.net
In the select packages Window ...scroll down to find +x11 and click on Default to
see package list
Choose X-start-menu-icons: Start menu icons for Cygwin/X Programs
proceed to install
============================================
run cygwin on client computer and type
startx on first popup window
type following on 2 pop up window prompt
xhost +
run following command on source servers where you want to bring display from.
export DISPLAY=172.16.134.177:0.0 (this is your client machine ip)
echo $DISPLAY
type /usr/openwin/bin/xclock this will bring up clock on client machine -- for test)
Choose Install from Internet
Choose the defaults for this step (select Root Install Directory)
Choose the Local Package Directory (default should be the right one)
Choose Direct connection
choose http://mirrors.rcn.net
In the select packages Window ...scroll down to find +x11 and click on Default to
see package list
Choose X-start-menu-icons: Start menu icons for Cygwin/X Programs
proceed to install
============================================
run cygwin on client computer and type
startx on first popup window
type following on 2 pop up window prompt
xhost +
run following command on source servers where you want to bring display from.
export DISPLAY=172.16.134.177:0.0 (this is your client machine ip)
echo $DISPLAY
type /usr/openwin/bin/xclock this will bring up clock on client machine -- for test)
Add SWAP Space to Linux
Procedure to add a swap file
You need to use dd command to create swapfile. Next you need to use mkswap command to set up a Linux swap area on a device or in a file.
a) Login as the root user
b) Type following command to create 512MB swap file (1024 * 512MB = 524288 block size):
# dd if=/dev/zero of=/swapfile1 bs=1024 count=524288
c) Set up a Linux swap area:
# mkswap /swapfile1
d) Activate /swapfile1 swap space immediately:
# swapon /swapfile1
e) To activate /swapfile1 after Linux system reboot, add entry to /etc/fstab file. Open this file using text editor such as vi:
# vi /etc/fstab
Append following line:
/swapfile1 swap swap defaults 0 0
So next time Linux comes up after reboot, it enables the new swap file for you automatically.
g) How do I verify swap is activated or not?
Simply use free command:
$ free -m
a) Login as the root user
b) Type following command to create 512MB swap file (1024 * 512MB = 524288 block size):
# dd if=/dev/zero of=/swapfile1 bs=1024 count=524288
c) Set up a Linux swap area:
# mkswap /swapfile1
d) Activate /swapfile1 swap space immediately:
# swapon /swapfile1
e) To activate /swapfile1 after Linux system reboot, add entry to /etc/fstab file. Open this file using text editor such as vi:
# vi /etc/fstab
Append following line:
/swapfile1 swap swap defaults 0 0
So next time Linux comes up after reboot, it enables the new swap file for you automatically.
g) How do I verify swap is activated or not?
Simply use free command:
$ free -m
To reset the ColdFusion Administrator password,
To reset the ColdFusion Administrator password, please follow these steps:
Connect to the server using Remote Desktop Connection.
Navigate to the neo-security.xml file located in the ColdFusion /lib/ directory, for example c:\coldfusion8\lib\neo-security.xml
Open the file for editing.
Find the section for admin.security.enabled:
Change the value from true to false:
Save and exit the file.
Restart the ColdFusion service.
In a browser, load the ColdFusion Administrator.
Expand Security and select CF Admin Password.
Check Use a ColdFusion Administration password.
Enter the new password and click Submit Changes.
Note: You may need to edit the neo-security.xml file again and set the boolean value back to true and reset the ColdFusion service.
Use Full URLS....
http://www.hostmysite.com/support/cfusion/resetcoldfusionadministratorpassword/
http://www.tek-tips.com/faqs.cfm?fid=3731
Navigate to the neo-security.xml file located in the ColdFusion /lib/ directory, for example c:\coldfusion8\lib\neo-security.xml
Open the file for editing.
Find the section for admin.security.enabled:
Change the value from true to false:
Save and exit the file.
Restart the ColdFusion service.
In a browser, load the ColdFusion Administrator.
Expand Security and select CF Admin Password.
Check Use a ColdFusion Administration password.
Enter the new password and click Submit Changes.
Note: You may need to edit the neo-security.xml file again and set the boolean value back to true and reset the ColdFusion service.
Use Full URLS....
http://www.hostmysite.com/support/cfusion/resetcoldfusionadministratorpassword/
http://www.tek-tips.com/faqs.cfm?fid=3731
Tuesday, March 23, 2010
How to find out which process is listening upon a port
When we covered port scanning a short while ago we discovered how to tell which ports had processes listening upon them, via port scanning. What we didn't do was learn how to tell which processes were associated with each open port.
Often you'll know which applications are going to be using a particular port, because it's the standard one, or because you know you set it up.
For example when you see something listening upon port 25 you tend to expect it to be a mailserver, and similarly if you find something listening on port 80 you'll not be suprised to discover it's a webserver.
Sometimes though these assumptions can be mistaken, and other times you'll discover an open port which you simply don't recognise. If you're examing a machine you're not sure you trust fully it's worth checking exactly which processes are really running.
As we noted in the the introduction to port scanning with nmap you can lookup which service uses any of the "standard" ports by referring to the file /etc/services.
For example we can open that file in our favourite editor, or pager, and see that port 43/tcp is associated with "whois", and that port 53 is associated with DNS.
These don't help you much if you have a service which has had it's default port changed - something some people suggest you do as a means of increasing security. (Personally I believe such misdirection is misguided at best, and counter-productive at worst).
What you really need to do is to lookup the process which is currently bound to the given network port. Thankfully this is a simple job with use of the lsof package.
If you have the Apache webserver running on port 80 that will provide a suitable test candidate. If not you can choose another port you know is in use.
To discover the process name, ID (pid), and other details you need to run:
lsof -i :port So to see which process is listening upon port 80 we can run:
root@mystery:~# lsof -i :80 This gives us the following output:
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
apache2 10437 root 3u IPv6 22890556 TCP *:www (LISTEN)
apache2 10438 www-data 3u IPv6 22890556 TCP *:www (LISTEN)
apache2 10439 www-data 3u IPv6 22890556 TCP *:www (LISTEN)
apache2 10440 www-data 3u IPv6 22890556 TCP *:www (LISTEN)
apache2 10441 www-data 3u IPv6 22890556 TCP *:www (LISTEN)
apache2 10442 www-data 3u IPv6 22890556 TCP *:www (LISTEN)
apache2 25966 www-data 3u IPv6 22890556 TCP *:www (LISTEN)
apache2 25968 www-data 3u IPv6 22890556 TCP *:www (LISTEN)
Here you can see the command running (apache2), the username it is running as www-data, and some other details.
Similarly we can see which process is bound to port 22:
root@mystery:~# lsof -i :22
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
sshd 8936 root 3u IPv6 12161280 TCP *:ssh (LISTEN)
To see all the ports open for listening upon the current host you can use another command netstat (contained in the net-tools package):
root@mystery:~# netstat -a |grep LISTEN |grep -v unix
tcp 0 0 *:2049 *:* LISTEN
tcp 0 0 *:743 *:* LISTEN
tcp 0 0 localhost.localdo:mysql *:* LISTEN
tcp 0 0 *:5900 *:* LISTEN
tcp 0 0 localhost.locald:sunrpc *:* LISTEN
tcp 0 0 *:8888 *:* LISTEN
tcp 0 0 localhost.localdom:smtp *:* LISTEN
tcp6 0 0 *:www *:* LISTEN
tcp6 0 0 *:distcc *:* LISTEN
tcp6 0 0 *:ssh *:* LISTEN
Here you can see that there are processes listening upon ports 2049, 743, 5900, and several others.
(The second grep we used above was to ignore Unix domain sockets).
If you're curious to see which programs and services are used in those sockets you can look them up as we've already shown:
root@mystery:~# lsof -i :8888
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
gnump3d 25834 gnump3d 3u IPv4 61035200 TCP *:8888 (LISTEN)
This tells us that the process bound to port 8888 is the gnump3d MP3 streamer.
Port 2049 and 743 are both associated with NFS. The rest can be tracked down in a similar manner. (You'll notice that some ports actually have their service names printed next to them, such as the smtp entry for port 25).
lsof is a very powerful tool which can be used for lots of jobs. If you're unfamiliar with it I recommend reading the manpage via:
man lsof
Wednesday, March 17, 2010
Subscribe to:
Posts (Atom)
