Archive

Archives pour 11/2022

Collecting Ubuntu Linux System Information

30/11/2022 Aucun commentaire

Source: nixCraft

For new computer or Laptop or server, I need to collect the information about its hardware. This is also useful when you need to replace a disk or memory with a vendor. In order to replace hardware you need all information in advance. In this post, I’m going to list commands that you can use to collect the hardware information.

All of the following commands are tested on Ubuntu Linux LTS 14.04, but should work with any modern distro too such as Debian or Fedora Linux.

Lire la suite…

Categories: Système Tags: , ,

TCP SYN flood DOS attack with hping3

30/11/2022 Aucun commentaire

Hping

Wikipedia defines hping as :

hping is a free packet generator and analyzer for the TCP/IP protocol distributed by Salvatore Sanfilippo (also known as Antirez). Hping is one of the de facto tools for security auditing and testing of firewalls and networks, and was used to exploit the idle scan scanning technique (also invented by the hping author), and now implemented in the Nmap Security Scanner. The new version of hping, hping3, is scriptable using the Tcl language and implements an engine for string based, human readable description of TCP/IP packets, so that the programmer can write scripts related to low level TCP/IP packet manipulation and analysis in very short time.

On ubuntu hping can be installed from synaptic manager.

$ sudo apt-get install hping3

Syn flood

To send syn packets use the following command at terminal

$ sudo hping3 -i u1 -S -p 80 192.168.1.1

The above command would send TCP SYN packets to 192.168.1.1
sudo is necessary since the hping3 create raw packets for the task , for raw sockets/packets root privilege is necessary on Linux.

S – indicates SYN flag
p 80 – Target port 80
i u1 – Wait for 1 micro second between each packet

More options

Lire la suite…

Monitor your MySql replication database

29/11/2022 Aucun commentaire

how-to-monitor-mysql-replicationYou have configured your MySql replication, next step is to perform maintenance and monitor your replication. Percona Toolkit for MySQL is a collection of advanced command-line tools to perform a variety of MySQL server and system tasks.

The Percona Toolkit allows you to amongst many tasks to verify MySQL replication integrity, efficiently archive rows, find duplicate indexes, summarize MySQL servers, analyze queries from logs and tcpdump, collect vital system information when problems occur.

To get started you need to install Percona Toolkit, I’m using Ubuntu as an OS on my servers, installing the percona toolkit was straight forward

apt-get install percona-toolkit

To get a summary of your databases use the command – pt-mysql-summary

pt-mysql-summary --u=username --p=password

Next you would want to setup a heartbeat table in your database so you can Monitor MySQL replication delay – for that you will use the pt-heartbeat command.

pt-heartbeat -D wpslavedb --create-table --ask-pass --check --master-server-id 1

You can find the manual for the options here.

pt-heartbeat measures replication lag on a MySQL or PostgreSQL server. You can use it to update a master or monitor a replica. mk-heartbeat depends only on the heartbeat record being replicated to the slave, so it works regardless of the replication mechanism. It works at any depth in the replication hierarchy; for example, it will reliably report how far a slave lags its master’s master’s master.

Start daemonized process to update test.heartbeat table on master:

  pt-heartbeat -D wpslavedb --update -h master-server --daemonize --ask-pass

Monitor replication lag on slave:

  pt-heartbeat -D wpslavedb --monitor -h slave-server --ask-pass
  pt-heartbeat -D wpslavedb --monitor -h slave-server --dbi-driver Pg --ask-pass

Check slave lag once and exit (using optional DSN to specify slave host):

  pt-heartbeat -D wpslavedb --check h=slave-server --ask-pass

If the replication hierarchy is “master -> slave1 -> slave2” with corresponding server IDs 1, 2 and 3, you can:

  pt-heartbeat --daemonize -D wpslavedb --update -h master --ask-pass
  pt-heartbeat --daemonize -D wpslavedb --update -h slave1 --ask-pass

Then check (or monitor) the replication delay from master to slave2:

  pt-heartbeat -D wpslavedb --master-server-id 1 --check slave2 --ask-pass

Or check the replication delay from slave1 to slave2:

  pt-heartbeat -D wpslavedb --master-server-id 2 --check slave2 --ask-pass

if you developing and writing SQL statements, this command is very useful pt-query-digest – Analyze MySQL queries from logs, processlist, and tcpdump

  pt-query-digest slow.log    // requires you to have slow query logged enabled

There are other tools Percona Toolkit, these that I shown is what I find useful for my monitoring and maintenance.

If you want to find out the best MySQL configuration for your application, you can head over to Percona’s website they have a MySql wizards.

Source: torbjornzetterlund.com

Un cluster DRBD / MySQL avec Heartbeat sur Debian 7

29/11/2022 Aucun commentaire

Source: denisrosenkranz.com

Nous avons vu précédement comment mettre un place un Cluster Apache actif/passif avec DRBD et HeartBeat. Dans ce tutoriel nous allons voir comment faire la même chose mais avec MySQL.

La configuration de DRBD et de Heartbeat est la même que pour le tutoriel précédent.

Voilà ce que nous allons mettre en place

DRBDMySQL

Donc pour faire ce tutoriel suivez le tutoriel suivant jusqu’a « Installation d’apache« :

Un cluster DRBD/Apache avec Heartbeat sur Debian 7

Lire la suite…

How to Change Location of IPTables Logs

28/11/2022 Aucun commentaire

Logs are a very important aspect of any firewall. In IPTables, linux provides such functionality as logging, but by default the logs go to a file /var/log/syslog or /var/log/messages . Sometimes it can be hard to find the information you need, as logs from the entire system are also found there.

If you want to change the file where IPTables logs into, you must configure IPTables rules to display the log prefix, next thing is configure RsysLog to get this prefix and send this to a custom log file that contains only iptables log information.

  • Check if you have RsysLog installed and running
root@dbsysnet:/home/olivier# dpkg -l | grep rsyslog
ii  rsyslog                               8.32.0-1ubuntu4                                 amd64        reliable system and kernel logging daemon
Jul 20 17:59:56 dbsysnet systemd[1]: Starting System Logging Service...
Jul 20 17:59:56  systemd[1]: Started System Logging Service.
Jul 20 17:59:56  rsyslogd[813]: warning: ~ action is deprecated, consider using the 'stop' statement instead [v8.32.0 try http://www.
Jul 20 17:59:56  rsyslogd[813]: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.32.0]
Jul 20 17:59:56  rsyslogd[813]: rsyslogd's groupid changed to 106
Jul 20 17:59:56  rsyslogd[813]: rsyslogd's userid changed to 102
Jul 20 17:59:56  rsyslogd[813]:  [origin software="rsyslogd" swVersion="8.32.0" x-pid="813" x-info="http://www.rsyslog.com"] start
  • Configure your IPTABLES rules with --log-prefix
# iptables -A INPUT -p tcp --dport 22 --syn -j LOG --log-prefix "[IPTABLES]: "
  • Create configuration file for RsysLog
# touch /etc/rsyslog.d/10-iptables.conf
  • Open this file and paste below configuration and tne save file
:msg, contains, "[IPTABLES]: " -/var/log/firewall.log
& ~

Explanation:

First line check data log for word [IPTABLES] : and if the word is found it will be sent to the file /var/log/firewall.log

Second line is responsible for stopping the log processing and sending it to the standard location in this case /var/log/syslog or /var/log/messages

  • Restart RsysLog service
root@:/home/olivier# systemctl restart rsyslog

Lire la suite…

Categories: Réseau, Système Tags: , , ,