Here’s a nifty little trick with vimdiff, say you want to compare the output of to commands. You can do so with a little redirections:

# vimdiff <(cat /etc/passwd) <(cat /etc/shadow)

I know this is silly since you can simply vimdiff the files directly without the redirects. But say you want to compare who is currently logged in with who was last 10 people logged in.

# vimdiff <(who) <(last|head)


Note: the space between th ‘)’ and the ‘<’ is required.

Comments No Comments »

This is a quick setup of MySQL replication, but only works if both server are new builds with no dataset

On the master:

1. Put the following in my.cnf in the [mysqld] section:


2. Run the following one-liner:

# /etc/init.d/mysqld restart; mysql -e “GRANT REPLICATION SLAVE ON *.* TO ‘$user’@'$slave_ip_addr’ IDENTIFIED BY ‘$password’;”; mysql -e “RESET MASTER;”

On the slave:

1. Put the follwing in my.cnf in the [mysqld] section:


2. Run the follwoing one-liner:

/etc/init.d mysqld restart; mysql -e “CHANGE MASTER TO MASTER_HOST=’$master_ip_addr’, MASTER_USER=’$user’, MASTER_PASSWORD=’$password’, MASTER_LOG_FILE=’master-bin.000001′, MASTER_LOG_POS=98;”; mysql -e “START SLAVE;”

Comments No Comments »

Often times when being hit by a plethora of connections, it is good to tally them all up and see if there is a specific locale that may be of questionable origin.

netstat -an | grep “ESTABLISHED” |awk ‘{print $5}’ |cut -d “:” -f1 |sort |uniq -c |sort -n

Comments 2 Comments »

Post Office Protocol (POP) is one of the protocols used to retrieve mail from an email server. The term is generally used that email is ‘popped’ of the server and stored on the client. The most commonly used version is POP3.

Further Reading:

Comments No Comments »

1. Download the latest version of cacti from the dag repository.

# wget

2. install cacti

# rpm -Uvh cacti-0.8.7g-2.el5.rf.noarch.rpm(this will restart the apache process)

3. Create the MySQL database:

# mysql
mysql> create database cactidb
mysql> GRANT ALL ON cactidb.* TO cactiadmin@localhost IDENTIFIED BY ‘$PASSWORD’;
mysql> flush privileges;

4. Import the default cacti database:

# mysql cactidb < /var/www/cacti/cacti.sql

5. Edit include/config.php and specify the database type, name, host, user and password for your Cacti configuration.

# vi /var/www/cacti/include/config.php
$database_type = “mysql”;$database_default = “cactidb”;$database_hostname = “localhost”;$database_username = “cactiadmin”;$database_password = “$PASSWORD”;$database_port = “3306″;

6. Set the appropriate permissions on cacti’s directories for graph/log generation. You should execute these commands from inside cacti’s directory to change the permissions.

# chown -R cacti /var/www/cacti/rra/ /var/www/cacti/log

7. Update snmpd.conf to allow cacti to pull info and restart snmpd

# vi /etc/snmp/snmpd.conf
view    systemview    included   .    systemview    included   .    systemview    included   .1
#/etc/init.d/snmpd restart

8. Update cacti vhost to allow IP addresses and reload apache.

# vi /etc/httpd/conf.d/cacti.conf

Allow from $YOUR_IP

# /etc/init.d/httpd reload

9. Add a line to your /etc/crontab file similar to:

# crontab -e
*/5 * * * * cacti php /var/www/cacti/poller.php > /dev/null 2>&1

10. Finish the configuration

Default pageclick next
Ensure “new install” is next
All the defaults should be green. If there are a bunch of read, ensure that it is looking in the right place for the files.Click Next
Login with admin admin and set the password to ‘$PASSWORD’

Comments No Comments »

Nifty little one liners to find who’s running that problematic cronjob:

for user in $(cut -f1 -d: /etc/passwd); do crontab -u $user -l; done

Comments 1 Comment »

Contrary to popular media, the CSI has been around for nearly forty years. Their focus is computer and network security, not creating hokey computer references to catch criminals.

Further reading:

Comments No Comments »

User said they changed clients and now saw UIDs in place of usernames. At first I thought it was a client issue, as it turns out, it is a client issue on how it’s requesting data. Unfortunately, the client was not smart enough to know the syntax was wrong with the new command set. proftpd has a setting to disable the list of modes it supports, so the client establishes the connection with the older command set. Here is the information on the switch.


Syntax: FactsAdvertise on|off
Default: FactsAdvertise on
Context: server config, ,
Module: mod_facts
Compatibility: 1.3.2rc2 and later
The FactsAdvertise directive is used to control whether the mod_facts module advertises its MLST support via the FEAT command.

By default, the mod_facts module will list MLST in the FEAT response. FTP clients use this to determine whether to use the newer MLSD/MLST commands, or the older LIST/NLST commands. Some FTP clients, though, will attempt to use the newer commands just as if they were equivalent to the older commands, including supporting glob/wildcard characters. Section 2.2.2 of RFC3659 explicitly states that wildcard characters are not supported in the MLSD and MLST commands. Thus, to prevent problems when using such FTP clients with proftpd, you can disable the advertising of support for those commands using e.g. the following in your proftpd.conf:

FactsAdvertise off

Comments No Comments »

Shows the controls, indicators, and connectors located on the system’s back panel.

1 center PCI riser (slot 1) 2 left PCI riser (slot 2) 3 left PCI riser (slot 3)
4 power supplies (2) 5 system identification button 6 system status indicator
7 system status indicator connector 8 NIC2 connector 9 NIC1 connector
10 USB connectors (2) 11 video connector 12 serial connector
13 remote access controller (optional)


Comments No Comments »

I have seen many pages illustrating how to cause a kernel panic. Some have some short (relative to others) programs to do this. Honestly you can cause a kernel panic with the magic sysrq commands. For those that missed my earlier article, you can find it at Magic Sysrq.

In this situation, we will need to enable the sysrq:

echo 1 > /proc/sys/kernel/sysrq

Then issue the kernel panic.

echo c > /proc/sysrq-trigger

This causes a kexec reboot with a crashdump. If you have more information on this process, please let me know.

Comments No Comments »