Tutorial, Internet, Hardware, Software, Os, Linux, Android, Security, Mikrotik

30 September, 2009

Authors: Andreas 'GlaDiaC' Schneider, Leon "kommerck" "leadazide" Freitag, Severin 'gripir' Friede
Keywords: Steam Linux, CS Linux, CSS Linux, HL2 Linux, Steam Wine, CSS Wine, CS Wine, HL2 Wine
Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike2.5 License.
The obvious disclaimer: This HOWTO comes with no explicit or implicit warranty whatsoever. Use at your own risk!

Table of Contents

  1. Preface
  2. Preparations
  3. Installation
  4. Login
  5. Command Line Options
  6. Troubleshooting
  7. Credits

1. Preface

Counter-Strike:Source Linux
Half Life 2 and Counter Strike are two of the most popular First Person Shooters available. These games are available for Windows PCs in first place. A growing number of people uses Linux as their major operating system and does not want to renounce their favored games.
This HOWTO should make it possibly for anybody to get Steam working with Wine.
Please follow every step just as it is described here, unless you're asked to skip some steps.

2. Preparations

2.1. Downloading Wine binaries

Download the latest Wine from
http://www.winehq.org/site/download
(http://www.winehq.org/site/download-deb for Ubuntu/Debian)
or use your distribution-specific packaging tool to install Wine. For example, Debian and Ubuntu users may just use apt-get install wine after adding Wine repositories (s. above)
Wine versions 0.9.7 to 0.9.10 have an OpenGL regression which may cause bad performance in Half-Life 1 based games. Use the newest version instead (0.9.11 or newer).
Now run wine without any parameters. When wine is run for the first time, it creates all necessary directories, including your fake C: drive, which is per default located in ~/.wine/drive_c.

2.2. Compiling Wine from CVS

Instead of using binaries, you may compile the latest source yourself. You may use WineCVS to compile Wine from CVS.
http://winecvs.linux-gamers.net/
Needed apps, packages, libraries:
wget, fontconfig, freetype2, freetype2-devel, bison, flex, libjpeg, libjpeg-devel, libpng, libpng-devel, zlib, zlib-devel, xorg-x11-devel (resp. XFree86-devel), Mesa (resp. xorg-x11-Mesa, XFree86-Mesa), Mesa-devel (resp. xorg-x11-Mesa-devel, XFree86-Mesa-devel), freeglut, freeglut-devel Debian or Ubuntu users can just use:
apt-get install cvs build-essential bison flex-old libasound2-dev x-window-system-dev libpng12-dev libjpeg62-dev libfreetype6-dev libxrender-dev libttf2 libttf-dev msttcorefonts libfontconfig1-dev
Change to the location where the WineCVS.sh is lying and start it with:
sh WineCVS.sh
The script downloads with wget a archiv defaults.tar.gz with the need install scripts. After that you should see its installation menu.
Select a profile ... follow the steps...

... done!
Compilation and installation successful.

2.3. Downloading Microsoft core fonts

Steam requires the tahoma.ttf font. It is NOT included in the Microsoft core fonts package, so you have to get it separately.
For example, google for "filetype:ttf inurl:tahoma", download it and put it into your ~/.wine/drive_c/windows/fonts directory.

3. Installation and Login


3.1 Steam

Simply change to the directory where you downloaded SteamInstall.exe and type
wine SteamInstall.exe
If you downloaded the MSI version of Steam installer, type wine msiexec /i SteamInstall.msi
The install should go fine, and after it's completed and wasted your time "updating" steam (it generated strangely small amounts of network traffic) Steam will launch. Create an account or log in, then add Counter Strike to your list of games.
Steam may crash when updating at 27%. If it does so, follow the instructions described here.

3.2 Half-Life 2

Half-Life2 Linux

3.2.1. Installing Half-Life 2 from the CD

Just type wine msiexec /i /path/to/HL2/steam.msi and Half-Life 2 will be installed.

4. Login

Start steam by just typing wine Steam.exe after you changed to the directory you installed Steam. Once you are sure that there're no troubles with Steam and it runs fine, start it like that:
WINEDEBUG="fixme-all" wine Steam
This suppresses all FIXME's Wine is trying to print while in normal mode. Steam and Steam games run this way faster (especially Half-Life 2 and its mods).
With latest Wine and Steam you should actually be able to type your login data into steam. If you can't type in your login, just right-click on the Login edit control in the Steam button and then left-click on it again to make the menu disappear. Voila! You can type your login now.

5. Command Line Options


For a while now, Half-Life has depended on the Steam platform to operate (and HL2 has always depended on this, especially if you didn't buy the CD edition).
The old "hl.exe -game XXXXXXX" behaviour is no longer appropriate, as all valve-sanctioned mods are now executed with "Steam.exe -applaunch NN".
Half-Life Mods:
cstrike - applaunch 10
tfc - applaunch 20
dod - applaunch 30
dmc - applaunch 40
op4 - applaunch 50
ricochet - applaunch 60
valve - applaunch 70
czero - applaunch 80
Half-Life 2 Mods:
cstrike - applaunch 240
dod - applaunch 300
hl2mp - applaunch 320
Similar to the way you can add command variables to the Steam Launch Options, you can also add them to a Half Life 2 startup script.
#!/bin/bash
WINEDEBUG=fixme-all wine C:/Program\ Files/Steam/Steam.exe -fullscreen \
    -width 1024 -height 768 -applaunch 220 \
    -heapsize 512000 +map_background none "$@"
The above command line will launch Half Life 2 (-applaunch 220) with a memory allocation of around 500MB (-heapsize 512000), and Half Life 2 will start without a 3D background on the main menu (+map_background none). You can add as many variables as you want :)

Command Line Commands

-heapsize [Kilobytes]: This command tells Half Life 2 to allocate more RAM to the game system heap, where it can be accessed by the game to improve performance by storing more game information in RAM and hence reducing loading pauses. The default heapsize is 64MB, however you can safely allocate around 128MB (i.e. -heapsize 128000) for most systems. You can use higher values if you have more RAM, but I don't recommend exceeding half your physical RAM (e.g. for 1GB RAM, set heapsize of 512000).
-console: Speeds up the loading of Half Life 2 at startup by not loading up the background 3D graphics on the main menu and instead loading up a blurry background picture and the Half Life 2 console open. Note you can close this console using the '~' key.
-width [pixels] -height [pixels]: Using these two commands you can set a custom resolution in Pixel Width x Pixel Height (e.g. -width 640 height 480 starts HL2 with 640x480 resolution). Make sure you choose a resolution supported by your monitor and with the correct ratio of width to height (usually 4:3).
-dxlevel [version]: Using this command allows you to force Half Life into only using the specified DirectX version for shaders. For example, use -dxlevel 70 to force Hardware DirectX7.0 level support for shaders. This means a reduction in image quality but an increase in performance. Other values include -dxlevel 80 -dxlevel 81 and -dxlevel90. Note that this only works if you choose a DirectX version which is lower than the current one supported by your graphics card. See the Hardware DirectX Version option under the In-Game settings for more details.
-refresh [Hz]: Specifies the refresh rate the game will use upon loading. This is normally not required as your system should already use the optimal refresh rate at your chosen resolution. However if this is not the case you can force it to a specific refresh rate (e.g. -rate 85). Make absolutely certain that the rate you are trying to apply does not exceed your monitor's capabilities otherwise you may damage your monitor - especially if you change resolutions and forget to change this option.
-novid: Disables the intro video so that Half-Life 2 loads a bit faster.

7. Troubleshooting

Q: When I minimize Steam, my X crashes! I've to reboot/do Ctrl-Alt-Bksp. etc.
Don't minimize Steam. Close it instead, and if you wish to open some window again, use the system tray icon (in Wine-Systray for some desktop environments) to restore the window you want. This is a known bug in Wine versions prior to 0.9.31.
This bug has been fixed in Wine 0.9.31 and newer, so if you are using the latest Wine version (the one you should use anyway), you can safely minimize Steam.

Q: When I start a game Steam is staying on top of the game window!
Start the game and then close Steam windows when you see the "Preparing to launch ..." window.
Q: Steam runs fine but the game freezes on start.
Try setting the OSS sound driver in winecfg.
Q: Steam and games run fine, but the sound lags behind! I am already using the OSS driver!
First, make sure that none of the sound daemons like artsd or esd are running. If this still doesn't help, try setting the Hardware Acceleration setting to Emulation in winecfg.
Q: I'm on Ubuntu Breezy, SuSE 10.0 or another older distro with a kernel 2.6.14 or older. Steam randomly freezes.
Use uname -r to check your kernel version. If it's older than 2.6.15, upgrade to kernel 2.6.15 or newer.
Q: Steam crashes at 26% of the update with a "Sharing violation"

Run the following command in the console (substitute the path to steam executables with your path)
  • wine SteamTmp.exe SelfUpdate "C:\Program Files\Steam\Steam.exe" 14
Q: When I try to run Steam following message appears:
  • Steam.exe (main exception): Cannot open blob archive file: CMultiFieldBlob(mem-mapped file): Failed to MapViewOfFile
Sadly, ntfs-3g and/or Wine are currently unable to work with a NTFS-based installation of Steam, so you must move your Steam to another filesystem.

7. Credits

Special thanks to Roderick Colenbrander, Vitaliy Margolen
http://www.frankscorner.org/
http://www.winehq.org/
Read also: Steam Wine AppDB entry
http://appdb.winehq.org/appview.php?versionId=1554
Valve Developer Wiki entry
http://developer.valvesoftware.com/wiki/Steam_under_Linux

29 September, 2009

Membuat postingan di blog umumnya dilakukan langsung melalui dashboard blog, namun sayangnya dengan cara tersebut membuat postingan tak tersimpan dalam folder arsip data file kita.
Ada cara lain yang bisa dilakukan untuk mengatasinya tanpa harus melakukan copy paste, caranya yaitu dengan melakukan remote publishing. Cukup anda membuat postingan dengan OpenOffice.org 3.1 Word Processor, setelah selesai langsung publish ke blog anda.
Anda bisa menyimpan terlebih dulu postingan anda dalam arsip file data anda sebelum publish, atau dapat pula menyimpannya setelah publish. Selanjutnya anda tinggal mengeditnya melalui dashboard blog untuk menambahkan tag dan kategori.
Mengingat fasilitas tersebut tidak disertakan dalam bundling resmi OpenOffice.org, maka sebelum memulainya terlebih dulu anda harus menambahkan extension Sun Weblog Publisher kedalam Word Processor.
Adapun langkah-langkahnya adalah sebagai berikut :
  • Buka Word Processor, Goto Applications > Office > OpenOffice.org Word Processor. Biarkan jendela “Word Processor” tetap terbuka. Goto Tools > Extension Manager.
Mahendra-WP1
  • Klik Get more extensions online di sisi kiri bawah jendela. Biarkan jendela Extension Manager tetap terbuka.
Mahendra-WP2
  • Isi kotak search dengan Sun Weblog Publisher, lalu klik search.
Mahendra-WP3
  • Klik Sun Weblog Publisher.
Mahendra-WP4
  • Klik Get it.
Mahendra-WP5
  • Save File di Desktop.
Mahendra-WP6
  • Tunggu proses download selesai.
Mahendra-WP7
  • Kembali ke jendela Extension Manager yang telah terbuka di langkah (2). Lalu klik Add.
Mahendra-WP8
  • Goto Desktop > sun-weblog-publisher.oxt lalu double klik.
Mahendra-WP9
  • Scroll Down, klik Accept.
Mahendra-WP10
  • Tunggu sampai proses selesai.
Mahendra-WP11
  • Klik Close untuk mengakhiri proses plugin extension.
Mahendra-WP12
  • Setelah selesai dengan langkah-langkah tersebut di atas, maka kemudian lakukan sinkronisasi antara Word Processor dengan dashboard blog. Kembali ke jendela Word Processor yang telah terbuka di langkah (1) dan anda akan melihat icon toolbar baru.
Mahendra-WP13
  • Goto Tools > Options.
Mahendra-WP14
  • Goto > Internet > Weblog.
Mahendra-WP15
  • Klik Add.
Mahendra-WP16
  • Atur settingan Type, Server URL, User name, Password. Jangan lupa klik Remember password sebelum klik OK.
Mahendra-WP17
  • Tunggu proses sinkronisasi selesai, lalu klik OK.
Mahendra-WP18
  • Langkah terakhir adalah melakukan setting pada dashboard Wordpress. Goto Setting > Writing. Klik enable pada box Remote Publishing untuk Atom Publishing Protocol dan XML-RPC.
Mahendra-WP19
  • Proses telah selesai, silakan untuk memulai membuat postingan kemudian publish dengan mengklik To Weblog. Proses File > Save postingan ke dalam folder arsip data file anda bisa dilakukan baik sebelum maupun setelah publish.
Selamat mencoba… ;)
Update 11 Agustus 2009,by pradnaspot
Begitu Kang Mahendra memakai Sun Weblog Publisher, saya langsung ngiri dan budhall nyoba di OpenOffice Word Processor-Linux Mint Gloria.
Tapi, begitu proses instalasi add-on Weblog Publisher ini timbul masalah :
could not create java implementation loader
Di situsnya OpenOffice sendiri banyak yang menanyakan ini, tapi belum ada jawaban yang memuaskan. Akhirnya aku pending dulu, karena ada acara Wisata Blogger Wonosobo 2009 dan juga Seminar Linux for Education 2009, masalah ini  terbengkalai.
Baru setelah ada postingan ini, saya coba cari dan nemu solusinya di forum open-office. There is :
1. Masih di OO Writer (word processor)
2. Klik Tab Tools=>Option
Toos_option
3. Di setting Openoffice.org=>klik Java. Tunggu beberapa saat sampai kotak Vendor | Version |Features  terisi :
* Pastikan kotak Use Java runtime Environment tercentang
** Klik bulatan di sebelah JRE yang muncul di kotak tadi (di tempat saya, Sun Microsystem ver. 1.6.0_14)
java_option
4. Kembali ke Tab Tools=>Extension Manager, klik add=>isi dengan add on Sun Weblog Publisher yang telah diunduh tadi.
5. Lanjutkan langkah-langkah seperti yang ditulis Kang Mahendra di atas.
Catatan : setelah selesai semua, sebaiknya OO Writer di tutup (close) dulu, baru dibuka lagi dan siap dijalankan.
Demikian.
Update 13 Agustus 2009, by mahendrattunggadewa
Jika setelah anda melakukan publish dengan mengklik icon To Weblog kemudian anda melihat window box kecil muncul bertuliskan “An Error occured when posting to weblog server. Check the server configuration and access permissions”, anda tak perlu merasa bahwa proses publish gagal.
Mahendra-WP20
Lakukan pengecekan lebih dulu ke Dashboard > Posts > Edit, anda akan melihat postingan anda sudah terposting dalam bentuk draft.
sumber  http://solvewithit.com/2009/08/10/how-to-post-using-remote-publishing-openoffice-org-3-1-word-processor-on-wordpress/

Blogged with the Flock Browser

Sebetulnya tulisan ini sudah banyak yang mbahas. Tapi karena akhir-akhir ini lagi banyak kebutuhan install CCL, aku tuliskan di blog ku ini, biar praktis. Untuk referensi aku pake blognya Om Iman Hermawan, yang merombak CCL ke bahasa Indonesia. Untuk CCL-nya dapat dari sini
Langsung hajar aja.
Pada Client & Server jalankan perintah berikut:
$ sudo apt-get install sqlite3 libsqlite3-dev
$ sudo apt-get install libfox-1.6-0
$ sudo apt-get install libglib2.0-dev
$ sudo apt-get install libssl-dev
Billing Server
Letakkan file di folder home:
libccls_0.7.1-2_i386.deb
cclfox_0.7.1-2_i386.deb

Install :
$ sudo dpkg -i libccls_0.7.1-2_i386.deb
$ sudo dpkg -i cclfox_0.7.1-2_i386.deb

Coba jalankan dengan perintah:
cclfox -nossl
Edit /etc/ld.so.conf :
$ gksudo gedit /etc/ld.so.conf
dan tambahkan baris-baris berikut :
/usr/lib
/usr/local/lib

Lalu jalankan perintah :
$ sudo ldconfig
Billing Client
Letakkan file ini ke home folder:
libcclc_0.7.1-2_i386.deb
cclcfox_0.7.1-2_i386.deb
Install:
$ sudo dpkg -i libcclc_0.7.1-2_i386.deb
$ sudo dpkg -i cclcfox_0.7.1-2_i386.deb

Edit /etc/ld.so.conf :
$ gksudo gedit /etc/ld.so.conf
dan tambahkan baris-baris berikut :
/usr/lib
/usr/local/lib

Lalu jalankan perintah :
$ sudo ldconfig
Coba dengan perintah:
cclcfox -host 192.168.0.1 -name Komputer1 -nossl
Agar billing ccl klien langsung mengunci desktop (Lock Screen) saat komputer dihidupkan.
  1. Download certificate CA.pem dan cert.pem
  2. Buat folder di /home/Server/.cclfox untuk server dan /home/User1/.cclcfox untuk client. Tempatkan kedua file tersebut (CA.pem dan cert.pem) di /home/Server/.cclfox untuk server dan /home/User1/.cclcfox untuk client.
  3. Coba jalankan perintah seperti di bawah ini
cclcfox -host 192.168.0.254 -name WS1
Agar billing klien dan server bisa dijalankan saat startup atau saat komputer dihidupkan
  1. Klik System > Preferences > Sessions > Startup programs
  2. Klik Add untuk menambah Startup Programs
  3. Untuk Server
    Name: Billing CCL Server
    Command: cclfox
  4. Untuk Client
    Name: Billing CCL Klien
    Command: cclcfox -host 192.168.0.1 -name Komputer1
  5. Tekan tombol Close
Mengganti background lock screen di CCL Klien
  1. Buat wallpaper yang Anda diinginkan dengan nama file lockpix.gif
  2. Masukan wallpaper tadi ke /home/WS1/.cclcfox
  3. Selesai
NB (nambah) : Server= Nama komputer monitor billing & User1=Nama komputer klien
Update 1 April 2009 (maab,maab baru nyadar…*worship*)
Untuk mematikan dan me-reboot client dari billing server, dijalankan perintah di terminal :
sudo chmod -cv 7755 /sbin/shutdown
sudo chmod -cv 7755 /sbin/reboot

Demikian
sumber  http://solvewithit.com/2008/07/24/install-billing-ccl-di-ubuntu/

Blogged with the Flock Browser
I can call my self a semi-geek as I use almost 6 browser on my machine at the same time. Flock
happens to be the second choice after Firefox. I use flock because it’s
not just a browser but it’s also a platform to unleash your social
media needs. You can configure it with facebook, twitter and feeds to
name a few. Let’s see how we can install flock on Ubuntu (jaunty
jackalope).

You can do it in many ways but the easiest way is using a .deb file.

1. Download the flock .deb file from here.

2. All that is left now is double click the downloaded deb file (flock_2.5-1%7Egetdeb1_i386.deb) to install flock 2.5 on Ubuntu.

flockdeb

flock2

3. Once you have installed the browser you can find it under Application > Internet > Flock

flock Menu

You may choose to drag and drop it on your panel to make it easier to use.
sumber http://linuxhub.net/2009/07/installing-flock-the-social-browser-on-ubuntu-jaunty-jackalope-how-to/
Blogged with the Flock Browser
Flock is a web browser that specializes in providing social networking and other Web 2.0 features built into its interface. The browser is built on Mozilla’s Firefox codebase.

Flock Features
Flock 1.1 integrates social networking and media services including Facebook, YouTube, Twitter, Flickr, Blogger, Gmail, Yahoo Mail, etc.[3] When logging into any of the supported social services, Flock automatically activates these services within its features
  • Flock can indicate when friends have updated their profile, uploaded photos or other items.
  • Flock has internal features that allow sharing of text, links, photos and videos.
  • Flock has its own “media bar” allowing preview of online videos and photos, and subscription to photo and video feeds.
  • Flock’s Feed Reader organizes Atom and RSS feeds.
  • Flock’s Blog Editor allows direct posting into a designated blog, along with being a blog reader.
  • Flock’s web mail component allows users to check web-based mail without going to the site, compose new messages, and drag and drop pictures and videos from the mediabar or webclipboard into a new email messege.
  • Flock also allows for third-party add-ons, including a number of Firefox extensions.
Note:- This source list will install some packages from third party source list so it might break your system
Install Flock web browser in Ubuntu Hardy
First you need to edit the /etc/apt/sources.list file
sudo gedit /etc/apt/sources.list
add the following lines
deb http://www.salatti.net/repo/ hardy-salatti main contrib non-free
deb-src http://www.salatti.net/repo/ hardy-salatti main contrib non-free
save and exit the file.
Update the sourcelist using the following command
sudo aptitude update
And install Flock using the following command
sudo aptitude install flock
Using Flock
If you want to open flock browser go to Applications—>Internet—>Flock

When you open first time you should see similar to the following screen select your option and click on next

Flock web browser in action

Flock web browser version details

Why bother?

Tuesday, September 29, 2009 0 Comments
Why do you need to learn the command line
anyway? Well, let me tell you a story. Not long ago
we had a problem where I used to work. There was a shared
drive on one of our file servers that kept getting
full. I won't mention that this legacy operating
system did not support user quotas; that's another
story. But the server kept getting full and
stopping people from working. One of the software
engineers in our company spent the better part of a
day writing a C++ program that would look through the
directories of all the users and add up the space they were
using and make a listing of the results. Since I was
forced to use the legacy OS while I was on the job,
I installed a version of
the bash shell that works on it.
When I heard
about the problem, I realized I could do all the
work this engineer had done with this single
line:

du -s * | sort -nr > $HOME/space_report.txt

Graphical user interfaces (GUIs) are helpful for
many tasks, but they are not good for all tasks. I
have long felt that most computers today do not
use electricity. They instead seem to be powered by the
"pumping" motion of the mouse! Computers were
supposed to free us from manual labor, but how many
times have you performed some task you felt sure
the computer should be able to do? You ended up
doing the work by tediously working the mouse.
Pointing and clicking, pointing and clicking.

I once heard an author remark that when you are
a child you use a computer by looking at the
pictures. When you grow up, you learn to read and
write. Welcome to Computer Literacy 101. Now let's
get to work.

Contents



  1. What is "the shell"?



    1. What's an
      xterm, gnome-terminal, konsole,
      etc.?
    2. Starting
      a Terminal
    3. Testing
      the Keyboard
    4. Using the
      Mouse


  2. Navigation


    1. File System
      Organization
    2. pwd
    3. cd


  3. Looking Around


    1. ls
    2. less
    3. file


  4. A Guided Tour


    1. /
    2. /boot
    3. /etc
    4. /bin,
      /usr/bin
    5. /sbin,
      /usr/sbin
    6. /usr
    7. /usr/local
    8. /var
    9. /lib
    10. /home
    11. /root
    12. /tmp
    13. /dev
    14. /proc
    15. /mnt


  5. Manipulating Files


    1. Wildcards
    2. cp
    3. mv
    4. rm
    5. mkdir


  6. I/O Redirection


    1. Standard
      Output
    2. Standard
      Input
    3. Pipes
    4. Filters



  7. Permissions


    1. File
      permissions
    2. chmod
    3. Directory
      permissions
    4. Becoming the
      superuser for a short while
    5. Changing
      file ownership
    6. Changing
      group ownership



  8. Job Control


    1. A practical
      example
    2. Putting a
      program in the background
    3. Listing
      your processes
    4. Killing a
      process
    5. A
      little more about kill

    Bersumber Dari

Slackware 13.0 Download
Slackware version 13.0 has been released and available for download from the official project website. This release brings with it many major changes since Slackware 12.2, including a completely reworked collection of X packages (a configuration file for X is no longer needed in most cases), major upgrades to the desktop environments (KDE version 4.2.4 and Xfce version 4.6.1), a new .txz package format with much better compression, and other upgrades all around -- to the development system, network services, libraries, and major applications like Firefox and Thunderbird. Also, this is the first release of Slackware with native support for the 64-bit x86_64 architecture!

From the announcement page:
Slackware uses the 2.6.29.6 kernel bringing you advanced performance features such as journaling filesystems, SCSI and ATA RAID volume support, SATA support, Software RAID, LVM (the Logical Volume Manager), and encrypted filesystems. Kernel support for X DRI (the Direct Rendering Interface) brings high-speed hardware accelerated 3D graphics to Linux.
Fig.01: Slackware 13.0 Desktop (credit wikipedia)
Fig.01: Slackware 13.0 Desktop (credit wikipedia)

Slackware v13.0 Download

Grab it from the following links via BitTorrent. Use the .asc files here to verify your ISO images are authentic.

Source code mirros

  1. Mirror # 1
  2. Offical FTP site
  3. List of mirror websites
Bersumber dari ini
OpenSSH is the implementation of the SSH protocol. OpenSSH is recommended for remote login, making backups, remote file transfer via scp or sftp, and much more. SSH is perfect to keep confidentiality and integrity for data exchanged between two networks and systems. However, the main advantage is server authentication, through the use of public key cryptography. From time to time there are rumors about OpenSSH zero day exploit. Here are a few things you need to tweak in order to improve OpenSSH server security.

Default Config Files and SSH Port

  • /etc/ssh/sshd_config - OpenSSH server configuration file.
  • /etc/ssh/ssh_config - OpenSSH client configuration file.
  • ~/.ssh/ - Users ssh configuration directory.
  • ~/.ssh/authorized_keys or ~/.ssh/authorized_keys - Lists the public keys (RSA or DSA) that can be used to log into the user’s account
  • /etc/nologin - If this file exists, sshd refuses to let anyone except root log in.
  • /etc/hosts.allow and /etc/hosts.deny : Access controls lists that should be enforced by tcp-wrappers are defined here.
  • SSH default port : TCP 22
SSH Session in Action
SSH Session in Action

#1: Disable OpenSSH Server

Workstations and laptop can work without OpenSSH server. If you need not to provide the remote login and file transfer capabilities of SSH, disable and remove the SSHD server. CentOS / RHEL / Fedora Linux user can disable and remove openssh-server with yum command:

# chkconfig sshd off
# yum erase openssh-server

Debian / Ubuntu Linux user can disable and remove the same with apt-get command:
# apt-get remove openssh-server
You may need to update your iptables script to remove ssh exception rule. Under CentOS / RHEL / Fedora edit the files /etc/sysconfig/iptables and /etc/sysconfig/ip6tables. Once done restart iptables service:

# service iptables restart
# service ip6tables restart

#2: Only Use SSH Protocol 2

SSH protocol version 1 (SSH-1) has man-in-the-middle attacks problems and security vulnerabilities. SSH-1 is obsolete and should be avoided at all cost. Open sshd_config file and make sure the following line exists:
Protocol 2

#3: Limit Users' SSH Access

By default all systems user can login via SSH using their password or public key. Sometime you create UNIX / Linux user account for ftp or email purpose. However, those user can login to system using ssh. They will have full access to system tools including compilers and scripting languages such as Perl, Python which can open network ports and do many other fancy things. One of my client has really outdated php script and an attacker was able to create a new account on the system via a php script. However, attacker failed to get into box via ssh because it wasn't in AllowUsers.
Only allow root, vivek and jerry user to use the system via SSH, add the following to sshd_config:
AllowUsers root vivek jerry
Alternatively, you can allow all users to login via SSH but deny only a few users, with the following line:
DenyUsers saroj anjali foo
You can also configure Linux PAM allows or deny login via the sshd server. You can allow list of group name to access or deny access to the ssh.

#4: Configure Idle Log Out Timeout Interval

User can login to server via ssh and you can set an idel timeout interval to avoid unattended ssh session. Open sshd_config and make sure following values are configured:
ClientAliveInterval 300
ClientAliveCountMax 0
You are setting an idle timeout interval in seconds (300 secs = 5 minutes). After this interval has passed, the idle user will be automatically kicked out (read as logged out). 

#5: Disable .rhosts Files
Don't read the user's ~/.rhosts and ~/.shosts files. Update sshd_config with the following settings:
IgnoreRhosts yes
SSH can emulate the behavior of the obsolete rsh command, just disable insecure access via RSH.

#6: Disable Host-Based Authentication

To disable host-based authentication, update sshd_config with the following option:
HostbasedAuthentication no

#7: Disable root Login via SSH

There is no need to login as root via ssh over a network. Normal users can use su or sudo (recommended) to gain root level access. This also make sure you get full auditing information about who ran privileged commands on the system via sudo. To disable root login via SSH, update sshd_config with the following line:
PermitRootLogin no
However, bob made excellent point:
Saying "don't login as root" is horseshit. It stems from the days when people sniffed the first packets of sessions so logging in as yourself and su-ing decreased the chance an attacker would see the root pw, and decreast the chance you got spoofed as to your telnet host target, You'd get your password spoofed but not root's pw. Gimme a break. this is 2005 - We have ssh, used properly it's secure. used improperly none of this 1989 will make a damn bit of difference. -Bob

#8: Enable a Warning Banner

Set a warning banner by updating sshd_config with the following line:
Banner /etc/issue
Sample /etc/issue file:
----------------------------------------------------------------------------------------------
You are accessing a XYZ Government (XYZG) Information System (IS) that is provided for authorized use only.
By using this IS (which includes any device attached to this IS), you consent to the following conditions:
+ The XYZG routinely intercepts and monitors communications on this IS for purposes including, but not limited to,
penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
interception, and search, and may be disclosed or used for any XYZG authorized purpose.
+ At any time, the XYZG may inspect and seize data stored on this IS. + Communications using, or data stored on, this IS are not private, are subject to routine monitoring,
+ Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching
+ This IS includes security measures (e.g., authentication and access controls) to protect XYZG interests--not for your personal benefit or privacy. or monitoring of the content of privileged communications, or work product, related to personal representation
----------------------------------------------------------------------------------------------
or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work
product are private and confidential. See User Agreement for details.
Above is standard sample, consult your legal team for exact user agreement and legal notice details.

#8: Firewall SSH Port # 22

You need to firewall ssh port # 22 by updating iptables or pf firewall configurations. Usually, OpenSSH server must only accept connections from your LAN or other remote WAN sites only.

Netfilter (Iptables) Configuration

Update /etc/sysconfig/iptables (Redhat and friends specific file) to accept connection only from 192.168.1.0/24 and 202.54.1.5/29, enter:
-A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -s 202.54.1.5/29 -m state --state NEW -p tcp --dport 22 -j ACCEPT
If you've dual stacked sshd with IPv6, edit /etc/sysconfig/ip6tables (Redhat and friends specific file), enter:
-A RH-Firewall-1-INPUT -s ipv6network::/ipv6mask -m tcp -p tcp --dport 22 -j ACCEPT
Replace ipv6network::/ipv6mask with actual IPv6 ranges.

*BSD PF Firewall Configuration

If you are using PF firewall update /etc/pf.conf as follows:
pass in on $ext_if inet proto tcp from {192.168.1.0/24, 202.54.1.5/29} to $ssh_server_ip port ssh flags S/SA synproxy state

#9: Change SSH Port and Limit IP Binding

By default SSH listen to all available interfaces and IP address on the system. Limit ssh port binding and change ssh port (by default brute forcing scripts only try to connects to port # 22). To bind to 192.168.1.5 and 202.54.1.5 IPs and to port 300, add or correct the following line:
Port 300
ListenAddress 192.168.1.5
ListenAddress 202.54.1.5
A better approach to use proactive approaches scripts such as fail2ban or denyhosts (see below).

#10: Use Strong SSH Passwords and Passphrase

It cannot be stressed enough how important it is to use strong user passwords and passphrase for your keys. Brute force attack works because you use dictionary based passwords. You can force users to avoid passwords against a dictionary attack and use john the ripper tool to find out existing weak passwords. Here is a sample random password generator (put in your ~/.bashrc):
genpasswd() {
local l=$1
[ "$l" == "" ] && l=20
tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs
}
Run it:
genpasswd 16
Output:
uw8CnDVMwC6vOKgW

#11: Use Public Key Based Authentication

Use public/private key pair with password protection for the private key. See how to use RSA and DSA key based authentication. Never ever use passphrase free key (passphrase key less) login.

#12: Use Keychain Based Authentication

keychain is a special bash script designed to make key-based authentication incredibly convenient and flexible. It offers various security benefits over passphrase-free keys. See how to setup and use keychain software.

#13: Chroot SSHD (Lock Down Users To Their Home Directories)

By default users are allowed to browse the server directories such as /etc/, /bin and so on. You can protect ssh, using os based chroot or use special tools such as rssh. With the release of OpenSSH 4.8p1 or 4.9p1, you no longer have to rely on third-party hacks such as rssh or complicated chroot(1) setups to lock users to their home directories. 

#14: Use TCP Wrappers

TCP Wrapper is a host-based Networking ACL system, used to filter network access to Internet. OpenSSH does supports TCP wrappers. Just update your /etc/hosts.allow file as follows to allow SSH only from 192.168.1.2 172.16.23.12 :
sshd : 192.168.1.2 172.16.23.12 
See this FAQ about setting and using TCP wrappers under Linux / Mac OS X and UNIX like operating systems.

#15: Disable Empty Passwords

You need to explicitly disallow remote login from accounts with empty passwords, update sshd_config with the following line:
PermitEmptyPasswords no

#16: Thwart SSH Crackers (Brute Force Attack)

Brute force is a method of defeating a cryptographic scheme by trying a large number of possibilities using a single or distributed computer network. To prevents brute force attacks against SSH, use the following softwares:
  • DenyHosts is a Python based security tool for SSH servers. It is intended to prevent brute force attacks on SSH servers by monitoring invalid login attempts in the authentication log and blocking the originating IP addresses.
  • Explains how to setup DenyHosts under RHEL / Fedora and CentOS Linux.
  • Fail2ban is a similar program that prevents brute force attacks against SSH.
  • security/sshguard-pf protect hosts from brute force attacks against ssh and other services using pf.
  • security/sshguard-ipfw protect hosts from brute force attacks against ssh and other services using ipfw.
  • security/sshguard-ipfilter protect hosts from brute force attacks against ssh and other services using ipfilter.
  • security/sshblock block abusive SSH login attempts.
  • security/sshit checks for SSH/FTP bruteforce and blocks given IPs.
  • BlockHosts Automatic blocking of abusive IP hosts.
  • Blacklist Get rid of those bruteforce attempts.
  • Brute Force Detection A modular shell script for parsing application logs and checking for authentication failures. It does this using a rules system where application specific options are stored including regular expressions for each unique auth format.
  • IPQ BDB filter May be considered as a fail2ban lite.

#17: Rate-limit Incoming Port # 22 Connections

Both netfilter and pf provides rate-limit option to perform simple throttling on incoming connections on port # 22.

Iptables Example

The following example will drop incoming connections which make more than 5 connection attempts upon port 22 within 60 seconds:
#!/bin/bash
inet_if=eth1
ssh_port=22
$IPT -I INPUT -p tcp --dport ${ssh_port} -i ${inet_if} -m state --state NEW -m recent --set
$IPT -I INPUT -p tcp --dport ${ssh_port} -i ${inet_if} -m state --state NEW -m recent --update --seconds 60 --hitcount 5 -j DROP
 
Call above script from your iptables scripts. Another config option:
$IPT -A INPUT -i ${inet_if} -p tcp --dport ${ssh_port} -m state --state NEW -m limit --limit 3/min --limit-burst 3 -j ACCEPT
$IPT -A INPUT -i ${inet_if} -p tcp --dport ${ssh_port} -m state --state ESTABLISHED -j ACCEPT
$IPT -A OUTPUT -o ${inet_if} -p tcp --sport ${ssh_port} -m state --state ESTABLISHED -j ACCEPT
# another one line example
# $IPT -A INPUT -i ${inet_if} -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 22 -m limit --limit 5/minute --limit-burst 5-j ACCEPT
See iptables man page for more details.

*BSD PF Example

The following will limits the maximum number of connections per source to 20 and rate limit the number of connections to 15 in a 5 second span. If anyone breaks our rules add them to our abusive_ips table and block them for making any further connections. Finally, flush keyword kills all states created by the matching rule which originate from the host which exceeds these limits.
sshd_server_ip="202.54.1.5"
table persist
block in quick from
pass in on $ext_if proto tcp to $sshd_server_ip port ssh flags S/SA keep state (max-src-conn 20, max-src-conn-rate 15/5, overload flush)

#18: Use Port Knocking

Port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s). A sample port Knocking example for ssh using iptables:
$IPT -N stage1
$IPT -A stage1 -m recent --remove --name knock
$IPT -A stage1 -p tcp --dport 3456 -m recent --set --name knock2
 
$IPT -N stage2
$IPT -A stage2 -m recent --remove --name knock2
$IPT -A stage2 -p tcp --dport 2345 -m recent --set --name heaven
 
$IPT -N door
$IPT -A door -m recent --rcheck --seconds 5 --name knock2 -j stage2
$IPT -A door -m recent --rcheck --seconds 5 --name knock -j stage1
$IPT -A door -p tcp --dport 1234 -m recent --set --name knock
 
$IPT -A INPUT -m --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A INPUT -p tcp --dport 22 -m recent --rcheck --seconds 5 --name heaven -j ACCEPT
$IPT -A INPUT -p tcp --syn -j doo
  • fwknop is an implementation that combines port knocking and passive OS fingerprinting.
  • Multiple-port knocking Netfilter/IPtables only implementation.

#19: Use Log Analyzer

Read your logs using logwatch or logcheck. These tools make your log reading life easier. It will go through your logs for a given period of time and make a report in the areas that you wish with the detail that you wish. Make sure LogLevel is set to INFO or DEBUG in sshd_config:
LogLevel INFO

#20: Patch OpenSSH and Operating Systems

It is recommended that you use tools such as yum, apt-get, freebsd-update and others to keep systems up to date with the latest security patches.

Other Options

To hide openssh version, you need to update source code and compile openssh again. Make sure following options are enabled in sshd_config:
# Turn on privilege separation
UsePrivilegeSeparation yes
# Prevent the use of insecure home directory and key file permissions
StrictModes yes # Turn on reverse name checking VerifyReverseMapping yes
# Specifies whether password authentication is allowed. The default is yes.
# Do you need port forwarding? AllowTcpForwarding no X11Forwarding no
PasswordAuthentication no
Verify your sshd_config file before restarting / reloading changes:
# /usr/sbin/sshd -t
Tighter SSH security with two-factor or three-factor (or more) authentication.

References:

  1. The official OpenSSH project.
  2. Forum thread: Failed SSH login attempts and how to avoid brute ssh attacks
  3. man pages sshd_config, ssh_config, tcpd, yum, and apt-get.
If you have a technique or handy software not mentioned here, please share in the comments below to help your fellow readers keep their openssh based server secure.
Download PDF version (193K).
Edited by Vivek Gite @ Jul 26, 9:51.
Need to monitor Linux server performance? Try these built-in command and a few add-on tools. Most Linux distributions are equipped with tons of monitoring. These tools provide metrics which can be used to get information about system activities. You can use these tools to find the possible causes of a performance problem. The commands discussed below are some of the most basic commands when it comes to system analysis and debugging server issues such as:
  1. Finding out bottlenecks.
  2. Disk (storage) bottlenecks.
  3. CPU and memory bottlenecks.
  4. Network bottlenecks.
#1: top - Process Activity Command

The top program provides a dynamic real-time view of a running system i.e. actual process activity. By default, it displays the most CPU-intensive tasks running on the server and updates the list every five seconds.

Fig.01: Linux top command

Fig.01: Linux top command

Commonly Used Hot Keys

The top command provides several useful hot keys:

t Displays summary information off and on.
m Displays memory information off and on.
A Sorts the display by top consumers of various system resources. Useful for quick identification of performance-hungry tasks on a system.
f Enters an interactive configuration screen for top. Helpful for setting up top for a specific task.
o Enables you to interactively select the ordering within top.
r Issues renice command.
k Issues kill command.
z Turn on or off color/mono

#2: vmstat - System Activity, Hardware and System Information

The command vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity.
# vmstat 3
Sample Outputs:
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
 0  0      0 2540988 522188 5130400    0    0     2    32    4    2  4  1 96  0  0
 1  0      0 2540988 522188 5130400    0    0     0   720 1199  665  1  0 99  0  0
 0  0      0 2540956 522188 5130400    0    0     0     0 1151 1569  4  1 95  0  0
 0  0      0 2540956 522188 5130500    0    0     0     6 1117  439  1  0 99  0  0
 0  0      0 2540940 522188 5130512    0    0     0   536 1189  932  1  0 98  0  0
 0  0      0 2538444 522188 5130588    0    0     0     0 1187 1417  4  1 96  0  0
 0  0      0 2490060 522188 5130640    0    0     0    18 1253 1123  5  1 94  0  0

Display Memory Utilization Slabinfo

# vmstat -m

Get Information About Active / Inactive Memory Pages

# vmstat -a

#3: w - find Out Who Is Logged on And What They Are Doing

w command displays information about the users currently on the machine, and their processes.
# w username
# w vivek

Sample Outputs:
17:58:47 up 5 days, 20:28,  2 users,  load average: 0.36, 0.26, 0.24
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    10.1.3.145       14:55    5.00s  0.04s  0.02s vim /etc/resolv.conf
root     pts/1    10.1.3.145       17:43    0.00s  0.03s  0.00s w

#4: uptime - Tell How Long The System Has Been Running

The uptime command can be used to see how long the server has been running. The current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.
# uptime
Output:
18:02:41 up 41 days, 23:42,  1 user,  load average: 0.00, 0.00, 0.00
1 can be considered as optimal load value. The load can change from system to system. For a single CPU system 1 - 3 and SMP systems 6-10 load value might be acceptable.

#5: ps - Displays The Processes

ps command will report a snapshot of the current processes. To select all processes use the -A or -e option:
# ps -A
Sample Outputs:
PID TTY          TIME CMD
    1 ?        00:00:02 init
    2 ?        00:00:02 migration/0
    3 ?        00:00:01 ksoftirqd/0
    4 ?        00:00:00 watchdog/0
    5 ?        00:00:00 migration/1
    6 ?        00:00:15 ksoftirqd/1
....
.....
 4881 ?        00:53:28 java
 4885 tty1     00:00:00 mingetty
 4886 tty2     00:00:00 mingetty
 4887 tty3     00:00:00 mingetty
 4888 tty4     00:00:00 mingetty
 4891 tty5     00:00:00 mingetty
 4892 tty6     00:00:00 mingetty
 4893 ttyS1    00:00:00 agetty
12853 ?        00:00:00 cifsoplockd
12854 ?        00:00:00 cifsdnotifyd
14231 ?        00:10:34 lighttpd
14232 ?        00:00:00 php-cgi
54981 pts/0    00:00:00 vim
55465 ?        00:00:00 php-cgi
55546 ?        00:00:00 bind9-snmp-stat
55704 pts/1    00:00:00 ps
ps is just like top but provides more information.

Show Long Format Output

# ps -Al
To turn on extra full mode (it will show command line arguments passed to process):
# ps -AlF

To See Threads ( LWP and NLWP)

# ps -AlFH

To See Threads After Processes

# ps -AlLm

Print All Process On The Server

# ps ax
# ps axu

Print A Process Tree

# ps -ejH
# ps axjf
# pstree

Print Security Information

# ps -eo euser,ruser,suser,fuser,f,comm,label
# ps axZ
# ps -eM

See Every Process Running As User Vivek

# ps -U vivek -u vivek u

Set Output In a User-Defined Format

# ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
# ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm
# ps -eopid,tt,user,fname,tmout,f,wchan

Display Only The Process IDs of Lighttpd

# ps -C lighttpd -o pid=
OR
# pgrep lighttpd
OR
# pgrep -u vivek php-cgi

Display The Name of PID 55977

# ps -p 55977 -o comm=

Find Out The Top 10 Memory Consuming Process

# ps -auxf | sort -nr -k 4 | head -10

Find Out top 10 CPU Consuming Process

# ps -auxf | sort -nr -k 3 | head -10

#6: free - Memory Usage

The command free displays the total amount of free and used physical and swap memory in the system, as well as the buffers used by the kernel.
# free
Sample Output:
total       used       free     shared    buffers     cached
Mem:      12302896    9739664    2563232          0     523124    5154740
-/+ buffers/cache:    4061800    8241096
Swap:      1052248          0    1052248

#7: iostat - Average CPU Load, Disk Activity

The command iostat report Central Processing Unit (CPU) statistics and input/output statistics for devices, partitions and network filesystems (NFS).
# iostat
Sample Outputs:
Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in)  06/26/2009

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           3.50    0.09    0.51    0.03    0.00   95.86

Device:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn
sda              22.04        31.88       512.03   16193351  260102868
sda1              0.00         0.00         0.00       2166        180
sda2             22.04        31.87       512.03   16189010  260102688
sda3              0.00         0.00         0.00       1615          0


#8: sar - Collect and Report System Activity

The sar command is used to collect, report, and save system activity information. To see network counter, enter:
# sar -n DEV | more
To display the network counters from the 24th:
# sar -n DEV -f /var/log/sa/sa24 | more
You can also display real time usage using sar:
# sar 4 5
Sample Outputs:
Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in)   06/26/2009

06:45:12 PM       CPU     %user     %nice   %system   %iowait    %steal     %idle
06:45:16 PM       all      2.00      0.00      0.22      0.00      0.00     97.78
06:45:20 PM       all      2.07      0.00      0.38      0.03      0.00     97.52
06:45:24 PM       all      0.94      0.00      0.28      0.00      0.00     98.78
06:45:28 PM       all      1.56      0.00      0.22      0.00      0.00     98.22
06:45:32 PM       all      3.53      0.00      0.25      0.03      0.00     96.19
Average:          all      2.02      0.00      0.27      0.01      0.00     97.70

#9: mpstat - Multiprocessor Usage

The mpstat command displays activities for each available processor, processor 0 being the first one. mpstat -P ALL to display average CPU utilization per processor:
# mpstat -P ALL
Sample Output:
Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in)   06/26/2009

06:48:11 PM  CPU   %user   %nice    %sys %iowait    %irq   %soft  %steal   %idle    intr/s
06:48:11 PM  all    3.50    0.09    0.34    0.03    0.01    0.17    0.00   95.86   1218.04
06:48:11 PM    0    3.44    0.08    0.31    0.02    0.00    0.12    0.00   96.04   1000.31
06:48:11 PM    1    3.10    0.08    0.32    0.09    0.02    0.11    0.00   96.28     34.93
06:48:11 PM    2    4.16    0.11    0.36    0.02    0.00    0.11    0.00   95.25      0.00
06:48:11 PM    3    3.77    0.11    0.38    0.03    0.01    0.24    0.00   95.46     44.80
06:48:11 PM    4    2.96    0.07    0.29    0.04    0.02    0.10    0.00   96.52     25.91
06:48:11 PM    5    3.26    0.08    0.28    0.03    0.01    0.10    0.00   96.23     14.98
06:48:11 PM    6    4.00    0.10    0.34    0.01    0.00    0.13    0.00   95.42      3.75
06:48:11 PM    7    3.30    0.11    0.39    0.03    0.01    0.46    0.00   95.69     76.89

#10: pmap - Process Memory Usage

The command pmap report memory map of a process. Use this command to find out causes of memory bottlenecks.
# pmap -d PID
To display process memory information for pid # 47394, enter:
# pmap -d 47394
Sample Outputs:
47394:   /usr/bin/php-cgi
Address           Kbytes Mode  Offset           Device    Mapping
0000000000400000    2584 r-x-- 0000000000000000 008:00002 php-cgi
0000000000886000     140 rw--- 0000000000286000 008:00002 php-cgi
00000000008a9000      52 rw--- 00000000008a9000 000:00000   [ anon ]
0000000000aa8000      76 rw--- 00000000002a8000 008:00002 php-cgi
000000000f678000    1980 rw--- 000000000f678000 000:00000   [ anon ]
000000314a600000     112 r-x-- 0000000000000000 008:00002 ld-2.5.so
000000314a81b000       4 r---- 000000000001b000 008:00002 ld-2.5.so
000000314a81c000       4 rw--- 000000000001c000 008:00002 ld-2.5.so
000000314aa00000    1328 r-x-- 0000000000000000 008:00002 libc-2.5.so
000000314ab4c000    2048 ----- 000000000014c000 008:00002 libc-2.5.so
.....
......
..
00002af8d48fd000       4 rw--- 0000000000006000 008:00002 xsl.so
00002af8d490c000      40 r-x-- 0000000000000000 008:00002 libnss_files-2.5.so
00002af8d4916000    2044 ----- 000000000000a000 008:00002 libnss_files-2.5.so
00002af8d4b15000       4 r---- 0000000000009000 008:00002 libnss_files-2.5.so
00002af8d4b16000       4 rw--- 000000000000a000 008:00002 libnss_files-2.5.so
00002af8d4b17000  768000 rw-s- 0000000000000000 000:00009 zero (deleted)
00007fffc95fe000      84 rw--- 00007ffffffea000 000:00000   [ stack ]
ffffffffff600000    8192 ----- 0000000000000000 000:00000   [ anon ]
mapped: 933712K    writeable/private: 4304K    shared: 768000K
The last line is very important:
  • mapped: 933712K total amount of memory mapped to files
  • writeable/private: 4304K the amount of private address space
  • shared: 768000K the amount of address space this process is sharing with others

#11 and #12: netstat and ss - Network Statistics

The command netstat displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. ss command is used to dump socket statistics. It allows showing information similar to netstat. See the following resources about ss and netstat commands:

#13: iptraf - Real-time Network Statistics

The iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others. It can provide the following info in easy to read format:
  • Network traffic statistics by TCP connection
  • IP traffic statistics by network interface
  • Network traffic statistics by protocol
  • Network traffic statistics by TCP/UDP port and by packet size
  • Network traffic statistics by Layer2 address
Fig.02: General interface statistics: IP traffic statistics by network interface
Fig.02: General interface statistics: IP traffic statistics by network interface
Fig.03 Network traffic statistics by TCP connection
Fig.03 Network traffic statistics by TCP connection

#14: tcpdump - Detailed Network Traffic Analysis

The tcpdump is simple command that dump traffic on a network. However, you need good understanding of TCP/IP protocol to utilize this tool. For.e.g to display traffic info about DNS, enter:
# tcpdump -i eth1 'udp port 53'
To display all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not, for example, SYN and FIN packets and ACK-only packets, enter:
# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
To display all FTP session to 202.54.1.5, enter:
# tcpdump -i eth1 'dst 202.54.1.5 and (port 21 or 20'
To display all HTTP session to 192.168.1.5:
# tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'
Use wireshark to view detailed information about files, enter:
# tcpdump -n -i eth1 -s 0 -w output.txt src or dst port 80

#15: strace - System Calls

Trace system calls and signals. This is useful for debugging webserver and other server problems. See how to use to trace the process and see What it is doing.

#16: /Proc file system - Various Kernel Statistics

/proc file system provides detailed information about various hardware devices and other Linux kernel information. See Linux kernel /proc documentations for further details. Common /proc examples:

# cat /proc/cpuinfo
# cat /proc/meminfo
# cat /proc/zoneinfo
# cat /proc/mounts


17#: Nagios - Server And Network Monitoring

Nagios is a popular open source computer system and network monitoring application software. You can easily monitor all your hosts, network equipment and services. It can send alert when things go wrong and again when they get better. FAN is "Fully Automated Nagios". FAN goals are to provide a Nagios installation including most tools provided by the Nagios Community. FAN provides a CDRom image in the standard ISO format, making it easy to easilly install a Nagios server. Added to this, a wide bunch of tools are including to the distribution, in order to improve the user experience around Nagios.

18#: Cacti - Web-based Monitoring Tool

Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. It can provide data about network, CPU, memory, logged in users, Apache, DNS servers and much more. 

#19: KDE System Guard - Real-time Systems Reporting and Graphing

KSysguard is a network enabled task and system monitor application for KDE desktop. This tool can be run over ssh session. It provides lots of features such as a client/server architecture that enables monitoring of local and remote hosts. The graphical front end uses so-called sensors to retrieve the information it displays. A sensor can return simple values or more complex information like tables. For each type of information, one or more displays are provided. Displays are organized in worksheets that can be saved and loaded independently from each other. So, KSysguard is not only a simple task manager but also a very powerful tool to control large server farms.

Fig.05 KDE System Guard
Fig.05 KDE System Guard {Image credit: Wikipedia}
See the KSysguard handbook for detailed usage.

#20: Gnome System Monitor - Real-time Systems Reporting and Graphing

The System Monitor application enables you to display basic system information and monitor system processes, usage of system resources, and file systems. You can also use System Monitor to modify the behavior of your system. Although not as powerful as the KDE System Guard, it provides the basic information which may be useful for new users:
  • Displays various basic information about the computer's hardware and software.
  • Linux Kernel version
  • GNOME version
  • Hardware
  • Installed memory
  • Processors and speeds
  • System Status
  • Currently available disk space
  • Processes
  • Memory and swap space
  • Network usage
  • File Systems
  • Lists all mounted filesystems along with basic information about each.
Fig.06 The Gnome System Monitor application
Fig.06 The Gnome System Monitor application

Bounce: Additional Tools

A few more tools:
  • nmap - scan your server for open ports.
  • lsof - list open files, network connections and much more.
  • ntop web based tool - ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
  • Conky - Another good monitoring tool for the X Window System. It is highly configurable and is able to monitor many system variables including the status of the CPU, memory, swap space, disk storage, temperatures, processes, network interfaces, battery power, system messages, e-mail inboxes etc.
  • GKrellM - It can be used to monitor the status of CPUs, main memory, hard disks, network interfaces, local and remote mailboxes, and many other things.
  • vnstat - vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network traffic for the selected interface(s).
  • htop - htop is an enhanced version of top, the interactive process viewer, which can display the list of processes in a tree form.
  • mtr - mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.
Did I miss something? Please add your favorite system motoring tool in the comments.
Download pdf version (489K)