Linux

64K

Solutions

32K

Contributors

Linux is a UNIX-like open source operating system with hundreds of distinct distributions, including: Fedora, openSUSE, Ubuntu, Debian, Slackware, Gentoo, CentOS, and Arch Linux. Linux is generally associated with web and database servers, but has become popular in many niche industries and applications.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello ,

When we add this rules for forwarded traffic it is dropping all packets as they are invalid. There is no notrack rule on the server, why does it see the forwarded traffic as it is invalid ?


#-A FORWARD -p tcp -m conntrack --ctstate INVALID -j DROP
#-A FORWARD -p tcp ! --syn -m conntrack --ctstate NEW -j DROP

Open in new window

0
Tutorial: Introduction to Managing a Linux Server
Tutorial: Introduction to Managing a Linux Server

In this tutorial on systemd, we will explore:
-OS/Distro Adoption
-chkconfig and Other Legacy Commands
-Summary and Key Commands

Hello ,

We are facing with some kind of an attack as given below  also i have attached the pcap file ,

important thing is that  ;
  1. IP addresses spoofed with our country's ISP ip addresses
  2. TTL has been spoofed also and the TTL values are in the range of the ip address owners - you should find and edit the same ddos on github with name VSE
  3. Data is a copy of real packet used on this protocol for counter strike
  4. Destination port is also counter's port
  5. checksums are correctly generated

how should i block this kind of attack without blocking the real users ?



Protokol :17  Source IP :85.104.15.177  Source Port :58061  Destination IP :213.238.166.2  Destination Port :27015  TTL :108  Paket Boyutu :51  Checksum :9777  Data :FFFFFFFF71636F6E6E6563743078304135423333304500  
Protokol :17  Source IP :95.13.27.190  Source Port :55271  Destination IP :213.238.166.2  Destination Port :27015  TTL :111  Paket Boyutu :51  Checksum :64648  Data :FFFFFFFF71636F6E6E6563743078303044414236313000  
Protokol :17  Source IP :88.238.142.125  Source Port :55150  Destination IP :213.238.166.2  Destination Port :27015  TTL :105  Paket Boyutu :51  Checksum :37970  Data :FFFFFFFF71636F6E6E6563743078304138383935423800  
Protokol :17  Source IP :85.103.139.224  Source Port :52054  Destination IP :213.238.166.2  Destination Port :27015  TTL :108  Paket Boyutu :51  Checksum :49529  Data 

Open in new window

0
Hello ,

Is there any possible way to drop bogus packets as seem below .

for this packets ; packet payload is smaller then the length of the packet

 Screen-Shot-2017-08-23-at-22.22.46.png
0
execute multiple sql queries and populate in multiple files using linux shell script .eg 1st query populate into 1stcsv similar to 2nd query populate to 2nd csv.

Or

export multiple csv files from multiple sql queries in shell script.
0
Hello there,

How can I get the current average cpu usage of a Linux computer?

I know this is a tricky question because of multi-core CPUs but I would like to be able to understand the "average" cpu load in a specific moment in time.

Thanks for your help!
0
Addition of native Linux support in windows is really amazing..
4
 
LVL 7

Expert Comment

by:Brian Matis
Yeah, I'm really liking the much more open direction that Microsoft has been taking of late. Very different from the old Microsoft, and a very welcome change!
0
What is the way to write an asterisc in the Linux Nano Editor?

I need to write this in the cron.php file:

* * * * * cd /opt/bitnami/apps/espocrm/htdocs; /opt/bitnami/apps/espocrm/htdocs -f cron.php > /dev/null 2>&1

When I start writing with the asterisc Nano ask me if I want to write the file

Luis R
0
Hello ,

We are facing with an issue as given below. Our X520 dual card is always giving this error. we tryed 2 different card with their own SPF+ but the issue is still going on .


this is our setup.sh for interfaces :
modprobe ixgbe allow_unsupported_sfp=1,1 FdirPballoc=3,3 MQ=1,1 RSS=0,0  mtu=1522 num_rx_slots=32768
ethtool -K p1p2 tso off
ethtool -K p1p2 gro off
ethtool -K p1p2 lro off
ethtool -K p1p2 gso off
ethtool -K p1p2 rx off
ethtool -K p1p2 tx off
ethtool -K p1p2 sg off
ethtool -K p1p2 rxvlan off
ethtool -K p1p2 txvlan off
ethtool -N p1p2 rx-flow-hash udp4 sdfn
ethtool -N p1p2 rx-flow-hash udp6 sdfn
ethtool -n p1p2 rx-flow-hash udp6
ethtool -n p1p2 rx-flow-hash udp4
ethtool -C p1p2 rx-usecs 1000
ethtool -C p1p2 adaptive-rx off
ethtool -K p1p2 ntuple on
ethtool -K p1p2 ntuple on


/sbin/ifconfig p1p2 txqueuelen 10000
sudo ethtool -A p1p2 rx off tx off  
ethtool -L p1p2 combined 63
ethtool -N p1p2 rx-flow-hash udp4 sdfn
ethtool -K p1p2 tso off gro off lro off gso off rx off tx off sg off rxvlan off txvlan off rx-vlan-filter off
ethtool -C p1p2 rx-usecs 100 



/sbin/ifconfig p1p1 txqueuelen 10000
sudo ethtool -A p1p1 rx off tx off
ethtool -L p1p1 combined 63
ethtool -N p1p1 rx-flow-hash udp4 sdfn
ethtool -K p1p1 tso off gro off lro off gso off rx off tx off sg off rxvlan off txvlan off rx-vlan-filter off
ethtool -C p1p1 rx-usecs 100

ethtool -s p1p2 advertise 0x1000 
ethtool -s p1p1 advertise 0x1000

Open in new window



IMG_5320.JPG

Open in new window

0
I have VirtuaBox running on top of Win7 64bit.  I have a Red Hat 7.2 Linux version running.  I have another virtual machines (VM) running Win7 with WireShark.  I have been having using getting the ports open on Red Hat.

I have turned off firewalld, but iptables is running.  In iptables -L, unders FORWARD (Chain), it has a REJECT rules.  WireShark is reporting this when my Windows app tries to connect to Linux.  It is a port unreachable, I have opened all the ports I need in iptables.  When I delete that rule using iptables --delete FORWARD line_number, it deletes.  I save it, but on reboot it puts it back.  This is getting annoying.  

Can someone help me?  Why is Red Hat changing iptables upon reboot?  I have been stuck on this for 2 weeks messing with this and it is about to make me pull my hair out.

Thanks...
0
please replay answer ASAP
0
Visualize your virtual and backup environments
LVL 1
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Hello ,

Is there any way to check the netfilter queue is full ? how much cpu does it eating ?

Thank you
0
Have multiple VMworkstation VM's one of which I need to connect an Android device to. Need to setup  DNS with pfSense or mint to control .local request. Need to be able to hit my.test.local which is one of my servers on my network 10.8.x.x. Everything reading is telling me how to make them see www.xxx.com. Need to stay local and resolve this address.
0
Hi Experts,

I am trying to do automate New Disk addition, It will scan and check for new disk name and creates New PV.

Issue with script is , while i am trying to use this script its takes already partitioned old disk and partitioning... How to avoid that ... I am in learning stage of bash script... Help much appreciated

#!/bin/bash
# fix-rh-newdisk
ADDVG=$1 
[ -z "$ADDVG" ] && ADDVG=system 

OSVER=$(uname -r | grep -q '\.el6' >/dev/null && echo '6' || echo '5') # get OS verstion

  rm -f /etc/lvm/cache/.cache;   /mnt/install/rh-misc-packages/rescan-scsi-bus.sh >/dev/null 2>&1

# If there is any stdout then the disk is in use; if there is any stderr then 'failed to stat() /dev/sd?'
  FFREE_OUT=/tmp/$$
  FFREE=; for D in {b..i}; do
    kpartx -l /dev/sd${D} >$FFREE_OUT 2>/dev/null; RC=$?;
    [ $RC -gt 0 ] && break       # don't want to include the disk as a possible if failed to stat
    [ -s $FFREE_OUT ] && continue   # the disk is in-use
    FFREE=${D}; break
  done;
  rm -f $FFREE_OUT
  # double-check there is no problem with using /dev/sd${FFREE} like the disk is already partitioned
  if [ -z "$( kpartx -l /dev/sd${FFREE} )" ]; then
       echo Disk $FFREE is available
   else
       echo No disk is available in /dev/sd{b..i}
       FFREE=;
  fi;
  echo FFREE=$FFREE >/tmp/newdisk.rc
  . /tmp/newdisk.rc
export FFREE

  [ -z "$FFREE" ] && exit

  parted -s /dev/sd${FFREE} mklabel gpt ; RC_1=$?
  PARTED_OPT=""; [ "$OSVER" -eq "6" ] && PARTED_OPT="--align 

Open in new window

0
I've included an image, in hopes all this makes sense.

I have a router/modem to AT&T, connected to a switch for a network.

sometimes AT&T goes out.  All other internet in our area would not work either, with the exception of a Cell's WIFI hotpsot.

I have a Fedora 26 Linux laptop, with wireless (wlo1) and ethernet (eno1)

I want to connect the laptop to the hotspot, have the laptop communicate with DHCP to the switch, just like it was a router. HELP!

I have installed dhcp-server on laptop. I've included an image for example.
dhcp-problem.jpg
0
I will be grateful if you can help me again as I am stucked with a linux issue.
I have installed Centos from BIOS.
I have 3 partitions on my laptop namely:
  1) for storing windows 7 (64 bit)  
  2)personal files
  3) to store centos (80GB allocated)
Installation of Centos has been successful. However, on the boot screen, there are only 2 options available namely:
1) Centos Linux
2) Centos Linux Rescue
There is no sight of my existing OS (Windows 7 64bit) on the boot menu.

I have tried to live boot in Ubuntu to know if my windows file and so on is there, and It is all there.
I think the problem is that the boot menu has crashed. I have tried that code: yum install grub-customizer but it returns an error message: could not retrieve mirrorlist http://mirrorlist.centos.org/.............and that continues
I have only the terminal and no GUI! I think while installing the default installation (minimal install) has remain selected.
Can someone please help me as I am really stucked and I don't have great knowledge of linux system?
Thank you in anticipation.

Regards,
Farhaan
0
Hello,

I have a basic question regarding puppet.  Where does puppet master store the information regarding each host?
0
What are the ways to get RHEL patches ?

1. Doing 'yum' to pull down directly from RHN support
2. My Unix admin told me he could download via Tcp443 all the rpm packages
    for RHEL 7 patches (to a development server in DMZ) & then do 'yum'
    against these RPMs : is this true?
    Then he can scp/sftp these RPMs internally to other RHEL (or share out via
    NFS) servers to update patches to the other servers.
3. Set up a Satellite server : there's cost to this.  Is Satellite servers hosted in
     DMZ as a practice
4. Any other methods?

Which of the above are more secure?  We prefer not to let all servers directly
'yum' to RHN support due to security & bandwidth concerns
0
hi,

now following this :

https://www.digitalocean.com/community/tutorials/how-to-set-up-mysql-master-master-replication

to setup my first master master replication using MySQL 5.7.19 and when I do this steps:

"The following command will output a few pieces of important information, which we will need to make note of:

show master status; "

the returns in my linux box is empty, NOT sth like:

+------------------+----------+--------------+------------------+
| File             | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+------------------+----------+--------------+------------------+
| mysql-bin.000001 |      107 | example      |                  |
+------------------+----------+--------------+------------------+
1 row in set (0.00 sec)

this means I can't keep going and held there because of this, any reason ?

my.cnf say:

server-id               = 1
log_bin                 = /var/log/mysql/mysql-bin.log
binlog_do_db            = sample

after I start the MySQL and go to the path /var/log/, I don't see a mysql folder there, is it a Hints?
0
I have installed a software in AWS which is using Ubuntu.
I am using SSH.
I need to download a file (error_log) to my local computer.
I am using the user and web address I use with SSH
I use the SCP command and tried different ways and always says: "Permission denied (publickey)"
I've used these:
  • scp bitnami@ec2-34-226-245-205.compute-1.amazonaws.com:error_log . (This is the AWS address)
  • scp bitnami@34.226.245.205 :error_log . (This is the AWS address)
  • scp bitnami@ip-172-31-34-134:error_log .  (this is the web address that appear in SSH
bitnami is the user

My Questions:
Which web address I have to use after "@"
Do I have to detail all the path?


Please advise what to do.

Thanks

Luis R
0
Automating Terraform w Jenkins & AWS CodeCommit
Automating Terraform w Jenkins & AWS CodeCommit

How to configure Jenkins and CodeCommit to allow users to easily create and destroy infrastructure using Terraform code.

OS : Linux release 7
Recently we have installed some Oracle software on server.
This Dev server, out of total 20GB, it is taking around 10GB for swap as below.
                    total         used
Swap:          9207        9205


free -m shows presently 500 MB memory is free in OS.
Shall we go for Mem Upgrade or  Any alternate fix required to resolve this issue.

please advise
0
How can we allow mails from only TLDs (.com, .biz, .co, .us, .in..) in postfix  rest of the domains should be blocked.
Please let me know the process.

Thanks
0
Hi Friends,
I have a motherboard with Hardware RAID (Megaraid) in my server,
I installed StorCli for management it in Centos 7 ,
so, when i get disk properties from Storcli, it show wwn for disk,
next, i create disk as JBOD for Show in centos,
when i list my disk as:
ls -l /dev/disk/by-id/

it dont show same WWN in Output StorCli,

can you help me for relation between WWN in output StorCli and in output OS , please?

Thanks for your helps,
0
We currently use OpenVPN, as well as L2TP over IPSec VPN on our Linux servers (CentOS 6.x mostly). Both VPN servers are running properly. However, while each of the physical servers have several IPs assigned to them, the VPN is always able to run on one IP address only.

What we need:

A user connects to our server (either via OpenVPN or via L2TP over IPsec VPN), the server picks a random server IP address instead of just one for all users.

Basically, what we need is a server side IP address rotation for the VPN.
0
Hi,

I have user called xyz under that folder there is folder call test under that there is folder called abc, def, hij etc

i want to search to search in all above folders and subfolders for a particular keyword say " nullpointerexception " how t do that .
please advise
0
SIPp is a free SIP traffic generating tool for Linux.
http://sipp.sourceforge.net/

SIPp user manual says you can install SIPp under CYGWIN on windows. However I am not experienced  with compiling applications to run under Linux and need help getting SIPp up and running under CYGWIN on a windows10 machine.

I have successfully installed CGYWIN and included the following packages (all successfully)
gcc-core
gcc-g++
gcc
libncurses
make

After the CGYWIN install, I put C:/cygwin64/bin in the win10 systems’ environment variable PATH – so far all ok and CGYWIN seems to be working fine.

In addition, the SIPp install instructions state:

Warning
SIPp compiles under CYGWIN on Windows, provided that you installed IPv6 extension for CYGWIN (http://win6.jp/Cygwin/), as well as libncurses and (optionally OpenSSL and WinPcap). SCTP is not currently supported.


QUESTION 1 -  Do you know what this is???    IPv6 extension for CYGWIN http://win6.jp/Cygwin/ 
is it a CYGWIN package, and entire install version??
What/how do I need to do to check/install?

QUESTION 2 – Nothing happens when I try to run “autoreconf -ivf” ...but this might have to do with Question 1 not being addressed yet.

 /cygdrive/c/Backup/tools/SIPp/3.3
$ autoreconf -ivf
-bash: autoreconf: command not found


+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
FROM DOC


Installing SIPp
•      On Linux, SIPp is provided in the form of source code. You will need to…
0

Linux

64K

Solutions

32K

Contributors

Linux is a UNIX-like open source operating system with hundreds of distinct distributions, including: Fedora, openSUSE, Ubuntu, Debian, Slackware, Gentoo, CentOS, and Arch Linux. Linux is generally associated with web and database servers, but has become popular in many niche industries and applications.