Use PAM to force users for new password May 23, 2012
Posted by networknuts in linux training in india, Red Hat, rhce, rhce training, RHCSS.Tags: alok srivastava, best linux training, force new password linux, force password use, linux hacks, linux tips, linux training, networknuts, redhat delhi, redhat india, redhat training, rhce exam, rhce training delhi, rhcss exam, rhcss training delhi, securing linux, using new password, using pam
add a comment
If you want to force users not to use the earlier used password again. You can take the help of PAM.
Just edit the file “/etc/pam.d/system-auth” and append the word “remember=10” in the password sufficient line. In this case I am telling the PAM to remember last 10 used passwords. So the users will be forced to use new passwords.
Here is the screenshot of the job executed on my machine.
Using PAM to force new passwords
I deserve “like”, “comments” and “share” for all the photo-editing job that I had done. 
You can also view this post on Network NUTS Facebook Page.
Video on “Log & Lock using IPTables” May 21, 2012
Posted by networknuts in Indian Certified Networking Institute, Indian Networking Institute, linux training in india, Red Hat, rhce, rhce training, RHCSS.Tags: alok srivastava, free linux videos, free redhat videos, iptables configuration, linux hacks, linux videos, log iptables, networknuts, redhat delhi, redhat india, redhat linux training, redhat training, redhat videos, rhce exam, rhce training, rhce training delhi, rhcss training, rhcss training india
add a comment
IPTables to limit number of simultaneous connections May 13, 2012
Posted by networknuts in Red Hat, rhce, rhce training, RHCSS.Tags: alok srivastava, connlimit, iptables, limit connections, networknuts, rhce, rhce exam, rhce training, rhcss exam, rhcss training
add a comment
Forget Monday Blues !!!
Read a small tip about limiting number of simultaneous connections from a host to a particular service.
We can use IPTables to limit number of simultaneous connections from a host thus reducing unnecessary load on the server.
Here in this example I am limiting number of simultaneous connections to 1 on my server, using IPTables.
iptables -A INPUT -p tcp –syn –dport 22 -m connlimit –connlimit-above 1 -j REJECT
Do remember to save iptables.
Now if someone tries to establish more than 1 ssh connections to my server, he will be refused.
Below is a systematic screenshot from my machine. To make things clearer to you.
You can see that after applying iptables, the first ssh connection from the host legacy is allowed to server named linuxstorage.. but as he tries to make another connection, he is refused.
Say Thanks to iptables, and do “like” it.
Do “like” Network NUTS Facebook Page.
IPTables to limit number of simultaneous connections
Detailed statistics from iptables May 10, 2012
Posted by networknuts in linux training in india, Red Hat, rhce, rhce training, RHCSS.Tags: alok srivastava, best training institute, iptables, iptables -v, networknuts, rhce exam, rhce training, rhcss exam, rhcss training
add a comment
Once you had configured “iptables”. Like you have learned in your RHCE level training.
You might want to check how much traffic is coming for each rule.
You can use “iptables -L -n -v” command to see the detailed packet transmission statistics.
where:
-n – is used for no name resolution.
-v – is used for getting detailed information. This option shows the interface name, the rule option, and the TOS masks. The packet and byte counters are also listed.
Below is the screenshot of my machine. (not much traffic statistics though)
PS: You can also view this post on Network NUTS Facebook Page.
Detailed statistics from iptables command
Inserting rules in IPTables May 9, 2012
Posted by networknuts in linux training in india, Red Hat, rhce, rhce training, RHCSS.Tags: alok srivastava, best linux training, configuring iptables, inserting rules in iptables, linux training delhi, networknuts, redhat delhi, redhat training delhi, rhce certification, rhce exam, rhce training, rhcss certification, rhcss training
add a comment
A very small tip regarding IPTables. Those who had attended RHCE Training or cleared RHCE Certification knows what is IPTables.
I hope you all know what IPTables is and the difference between APPEND and INSERT rules in IPTables.
IPTables always scan the rules from top to bottom. And if the match is found in a rule then rest of the rules in the chain are ignored.
So sometimes it might happen, that you want to INSERT a rule at a specific position to make sense. So here is how to do it.
First check the line number where you want to insert the rule by giving -
iptables -L -n –line-number
Then insert the rule at the desired position using the command, here I want to insert some rule at position number 2 -
iptables -I INPUT 2 -s 192.168.0.13 -j REJECT
You can then confirm again by issuing -
iptables -L -n –line-number
Here is the explained screenshot from my machine.
“Like” if you like it.
Inserting rules in IPTables by Network NUTS
Feedback from Network NUTS student. May 8, 2012
Posted by networknuts in linux training in india, Red Hat, rhce, rhce training, RHCSS.Tags: best linux training, networknuts, networknuts feedback, redhat delhi, redhat india, rhce exam, rhce training, rhcss exam, rhcss training
add a comment
Thanks a ton Ravindra for your valuable and lovely feedback on your Red Hat Linux Training with us.
God Bless You.
Feedback from Network NUTS Student
lsof to view running services and ports May 7, 2012
Posted by networknuts in linux training in india, Red Hat, rhce, rhce training, RHCSS.Tags: alok srivastava, best linux training institute, linux delhi, linux training, lsof, networknuts, port scanning linux, redhat linux, redhat training, rhce exam, rhce training, rhcss exam, rhcss training
add a comment
Now you want to know what services are running on the Linux server and on which ports. You have netstat coming as the first choice of command for this job. Good !!
But you can also use “lsof” command for the purpose.
lsof -Pnl +M -i4
for checking IPv4 ports, and
lsof -Pnl +M -i6
for checking IPv6 ports
Here:
-P – will stop the conversion of port numbers to port names for network files. This will make lsof run a little faster.
-n – will stop conversion of network numbers to host names for network files. Useful where host name lookup is not working properly.
-l – will stop conversion of user ID numbers to login names.
+M – reports portmapper registrations for local TCP and UDP ports.
-i4 – IPv4 listing only
-i6 – IPv6 listing only
You can use the lsof command without -Pnl and +M option to see the difference in the output.
Here is a sample output from my system.
lsof to view running services and ports
Monitor Linux Server Bandwidth using iftop May 6, 2012
Posted by networknuts in linux training in india, Red Hat, rhce, rhce training, RHCSS.Tags: alok srivastava, best linux training, iftop, linux hacks, linux tips, monitoring bandwidth, networknuts, redhat delhi, redhat india, redhat training, rhce exam, rhce training, rhcss exam, rhcss training
add a comment
There is a very simple yet effective tool – iftop. Which can be used to monitor the current bandwidth consumption on your linux servers.
iftop displays a table of current bandwidth usage by pairs of hosts. Its a perfect tool to check for remote Linux server over ssh session.
Remember this tool is not a part of standard RHCE Training.
Ubuntu users can simple give the command -
sudo apt-get install iftop
to install the tool.
RHEL users can use the soureforge or the given link to download the package and start using -http://pkgs.org/centos-5-rhel-5/epel-x86_64/iftop-1.0-0.1.pre2.el5.x86_64.rpm.html
You can simple give the command:
iftop -i eth0
to let it start work for you. But its always recommended to use some filters with iftop for better results. Like:
1. iftop -f icmp
2. iftop -F 192.168.0.0/24
Again I recommend going through the man pages of iftop for better usage.
Here is a screen shot of iftop in action from my machine, here I had used the command – iftop -i wlan0
monitor linux server bandwidth using iftop
Limit number of cpu cores to be activated May 3, 2012
Posted by networknuts in linux training in india, Red Hat, rhce, rhce training, RHCSS.Tags: alok srivastava, best linux training india, limit number of cpu cores in linux, linux delhi, linux training delhi, maxcpus, networknuts, redhat certification, redhat delhi, redhat training, rhce exam, rhce training, rhcss exam, rhcss training
add a comment
Lets suppose you would like to restrict number of CPU to be activated on your linux machine for some software licensing issues under Linux kernel 2.6.x.
Practically this is useful to test different software performances and configurations. Even some commercial software like ERP software or Oracle are licenced per CPU. In that case if I will be using all the cpu’s that are in my machine, its going to cost be earth. Like I have Intel i7 processor in my laptop, so that means 8 cpu cores. And if I am planning to deploy oracle on this machine, then I need to buy licence for 8 cores. Which I might not need, and further the cost will shoot upwards like a Virender Sehwag sixers.
There is a parameter maxcpus, which can be a life saver. Using maxcpus, you can limit the number of CPUs activated in SMP mode.
All you need to do is to just modify your /boot/grub/grub.conf file and pass maxcpus=X (here X is the number of cpu cores you want to get activated) to kernel. It specify maximum number of processors that an SMP Linux kernel should make use of.
Below is the screen shots from my virtual machines, very carefully combined into one single picture for easy understanding. (I deserve “like” at least for the copy paste thing in this pic).
Enjoy learning with Network NUTS.
-Alok
maxcpus kernel parameter to limit number of cpu cores to be activated
Feeback Network NUTS Training May 2, 2012
Posted by networknuts in linux training in india, Red Hat, rhce, rhce training, RHCSS.Tags: alok srivastava, best linux training institute, feedback networknuts, linux delhi, networknuts, redhat training, rhce exam, rhce training delhi
add a comment
Congrats to Mr. Jitendra for clearing his RHCE Certification and for his lovely words and feedback.
Network NUTS Feedback
