soundtraining.net website links
Thursday, December 24, 2009
The Story of the PING Utility
Monday, December 21, 2009
Dealing with a simple DOS attack
It's been an interesting past few days. Sometimes I feel like I'm living in a Rube Goldberg contraption! One of our servers got hit with a DOS attack last Friday night. It wasn't too bad and I was able to use several commands to figure out what was happening and deal with it. I thought I'd share them with you:
- I first used "netstat -lan grep -c :80" to check the number of connections to port 80. It was about three times normal.
- I then used "netstat -atun awk '{print $5}' cut -d: -f1 sed -e '/^$/d' sort uniq -c sort -n" to identify which IP addresses had the most connections open. I found a large number of connections from three unique IP addresses.
- I then created static blackhole routes for those three IP addresses to block the source of the attack and my server was back up. Here's the command: "ip route add blackhole w.x.y.z/32" (where w.x.y.z is the address I wanted to block and /32 is the mask)
I'm not including explanations of all the options here. Use man, info, or Google to look 'em up.
This is not a permanent solution and it won't work for a Distributed DOS attack, but it did allow my server to begin answering HTTP requests again. A more permanent solution (perhaps it would be better described as a "less temporary" solution, since there probably is no permanent solution other than disconnecting from the Internet) will be to create a set of firewall rules to identify an attack (say, an accelerated number of connection requests within a set time frame) and drop the packets from that source. There is a fair amount of complexity involved in getting it right, but I'll blog on it and let you know what I find.
Thursday, December 10, 2009
Installing Gnome or KDE after initial setup
I've seen a lot of forum posts with questions about installing desktop managers such as Gnome and KDE after you perform the initial installation of Linux. Many of the issues seem to be related to installing the desktop environment without installing the X server. The thing to remember is that X provides the foundation for graphics in Linux/Unix. If you don't have X, you don't have graphics, so you have to install X before you can use the desktop environment. If you don't, you'll get errors such as "no server "X" in PATH" or "xinit: Server error"
Here's how to do it (two steps) on Red Hat-based systems (Red Hat, Fedora, CentOS):
- $ su -
- # yum groupinstall "X Window System"
- # yum groupinstall "GNOME Desktop Environment" or
- # yum groupinstall "KDE (K Desktop Environment)"
Presumably, it's similar on Debian systems, but you would use apt-get instead of yum.
If you want to go crazy with graphics, install beryl as well. Falco Timme as an excellent tutorial (all of his tutorials are excellent) at HowToForge.com.