News, views, and rants (March 2007 Archive)

[ /home ] [ /etc/motd ] [ /bin ] [ /etc ] [ /var ] [ /sbin ]
[ /usr/bin/find ] [ Members ]

Are you looking for Current News?

Have you arrived via a search engine after searching for /etc/motd? If so, head over to /etc where there is information about adding colour to your /etc/motd file!

• 18/03/07 - I have been applying a steady stream of bugfixes and updates to seccheck, and the latest version is now 0.7.2. This is largely thanks to feedback received after the tool was listed on SunFreeware.
  
  Two new articles have been added. Using smrsh introduces the SendMail Restricted SHell, showing how to pipe mail messages safely to programs and scripts. Keeping an eye on troublesome users details a solution for monitoring malicious users and logging all session data (i.e. input and output).
  
  I have uploaded ten scripts in tonights update. The first two are for querying multiple nameservers for the same information. serial_check.sh checks zone serials across multiple nameservers. test_ns.sh allows you to query multiple nameservers for specific records. The next pair of scripts were developed to monitor a troublesome disk over time on a Solaris box, and mail the results of the check if any changes occur. check_iostat.sh performs the checks, and mail_iostat.sh mails the results if any changes occur.
  
  config_backup.sh backups configuration files from multiple servers using scp. rndc_reloader.sh is designed to be scheduled from cron to perform an rndc reload on all zones within a specific view and is useful for load balanced DNS servers where notifies do not reach all members of the DNS pool.
  
  purge_mailq.sh will remove double-bounced messages from sendmails mail queue. sshall.sh allows you to ssh into multple servers and execute the same command on each. multitop.sh ssh's into a group of servers (supports Solaris (if top is installed) and Linux) and display the "top" process running on each (in terms of CPU utilisation), whilst continually updating in-place using tput.
  
  The final script is logrevolver.sh, a log rotation script, capable of rotating and compressing logs with gzip or bzip2 - schedule via cron.
  
  I have also uploaded 23 new tips and tricks to the Tips and Tricks area. This is turning out to be a huge update! The tips are:
  
  
  • Using zdump to dump time zone data
  • Killing processes en-masse
  • Count Total RSS for a Set of Processes
  • Reset ALOM Password on T2000
  • Login Limits with pam_limits
  • Cron access in Gentoo Linux
  • Using xargs on strange quoted filenames
  • Initial smpatch configuration
  • dladm - checking link status
  • Checking that a module is correctly installed
  • bash array notes
  • Sleep for less than one second
  • Replacing a digital certificate in a Java keystore
  • Configuring catalog tape on command line
  • Unfreezing NetBackup Media
  • View domains that we accept mail for
  • Using regular expressions with locate
  • Sending HTML mail from the command line
  • Find which Perl modules are used
  • SSH Publickey authentication failing
  • Finding which ports a process is listening on
  • Find minfree value for a filesystem
  • Display specific line from a group of files
  
  
  A few other scripts have had minor bugfixes applied, and a few other small housekeeping tasks have been performed on the site.
  
  
• 02/03/07 - Let's start tonights update with some new scripts. Three new BIGIP related scripts have been added. The first, pool.sh allows for remote administration of pool members by enabling and disabling sessions to them via SSH. For those of you who don't know, the BIGIP is a (Linux-based - used to be BSD-based) network appliance by F5 Networks that provides local traffic management, a.k.a. "load-balancing".
  
  Next, poolstats.sh is a full featured script that will perform checks on the status of members within the BIGIP, and optionally perform HTTP status checks on members too (relevant for http-based pools).
  
  poolstats.sh can also output (with it's -n option) in a format that can be used by my check_pool.sh Nagios plugin. This plugin is useful for pools where you have high levels of redundancy, i.e. you want to be warned if two out of ten nodes are down, and sent a critical notification if, say, half of your nodes are down. This is designed for checking HTTP based pools only, as it will alert firstly if nodes are down, but additionally if nodes are up but returning non-200 HTTP status codes.
  
  All of these BIGIP-related scripts are extremely detailed and feature-rich. About the only thing they won't do is make coffee.....
  
  The next script, daily_backup_report.sh is a daily backup report for Veritas Netbackup, and reports on backup status, data written and transfer rates, media status and errors. Schedule it via cron and send it to your managers to keep them happy. Send it to /dev/null if your backups are failing ;-)
  
  Fed up with the crappy web analysis tools that my remote hosting provider provides, I decided to whip up a quick script to grab the two pieces of information I really care about - the top N referrers, and top N most popular Google search terms - directly from the Apache access_log. I plan to add more functionality to check_access_log.sh when time permits. You'll need to modify it slightly as it's tailored for zazzybob.com.
  
  I've uploaded a new project - seccheck. seccheck is a modular (and hence highly extendable) set of security checking scripts for the Solaris 10 platform. These scripts will produce a highly detailed report, together with recommendations on how to fix security issues.
  
  Finally, I've added a couple of tips for good measure. Checking web links with curl shows how to grab the HTTP status codes for a set of links with a simple script. Admin server dies with NumberFormatException helps out those of us unfortunate enough to have to administer BEA Weblogic, and the Admin server bails out with a Java stacktrace when you try to start it.

News Archives

2007	2006	2005	2004
October 2007 - No news Septemeber 2007 - No news August 2007 July 2007 June 2007 - No news May 2007 April 2007 March 2007 February 2007 January 2007	December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 - No news February 2006 January 2006	December 2005 November 2005 October 2005 September 2005 August 2005 - No news July 2005 June 2005 May 2005 April 2005 - No news March 2005 February 2005 January 2005	December 2004 November 2004 October 2004 September 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004