Index

Numerics

2.4.9-e.27 kernel, 66

A

abstraction, printing, 355

access

crontab command, 320

performance, 131

accessing CPU utilization issues, 144–149

applying Oracle statspak, 149–151

benchmarking (bonnie++), 141, 144

determining I/O request sizes, 133

journaling to separate disks, 131–133

“No Space Left on Device” errors, 152–154

small block I/O transfers, 134–135, 138

tools, 154–155

tuning sector alignments, 139

restrictions, 388

TCP/IP physical network layers, 426

communicating at physical levels, 438–440

detecting links, 429–437

Ethernet frames, 440–442

links, 427, 429

X Window, 538

accounts

confirming, 496–501, 503–507

locking, 504

unlocking, 505

ACK (acknowledgement), 476

action field, 23

adapters, HBA, 161

adding

environment variables, 319

fields, 81

LUNs via PCI, 170–180

partition error messages, 197–198

PCI devices, 169

storage via PCMCIA/USB, 181–184

Address Resolution Protocol (ARP), 438, 443–445

addresses

CHS, 192–198

IP, 454–459

LBA, 192, 203–204

MAC, 438

VAS, 268

agents, forwarding, 401

aging passwords, 496–501, 503–507

aligning sectors, 139

allocation, memory, 85, 152–154

anacron, 329–331

application layer, TCP/IP, 492

applications

backups, 309–312

compression, 294

PAM, 510

arguments, 512

/etc/pam.conf, 513

/etc/pam.d, 512

functions, 511

/lib/security, 514

modules, 512

passwords, 522–525

resources, 515

shells, 521

troubleshooting, 516–521

threads, 258–266

tunnels, 402

xclock, 545

arguments

iostat command, 102–104

PAM, 512

SOCK, 99

ARP (Address Resolution Protocol), 438, 443–445

arrays, 112

at command, 332–334

atrun scripts, 333–334

attacks, 388

authentication

keys, 397–400

X Window, 544–545

Authorization, 512–514

auto-negotiation, 433–435

autoloaders, 290–293

B

backup

commands, 300

cpio, 303–305

dd, 306

dump, 305–306

mkisofs, 307

rsync, 307

tar, 300–302

hardware/software, determining, 309–312

incremental, 298

media, 285

autoloaders/tape libraries, 290–293

cleaning tapes, 297

compression, 294

controlling tape drives, 295–297

hard disks, 298

magnetic tape, 286–290

optical disks, 297

rewind/no-rewind devices, 294

partition tables/MBRs, 211–221

scope, 298–300

banners, printing, 355

bare metal recovery, 308

baselines, configuring, 131–133

bash shell, user profile files, 521

batch command, 333

batch mode, 87–89

benchmarking, 141, 144

Bidirectional Parallel Port (BPP), 369

binary values, converting, 187

BIOS, 2

GRUB, 2–15

initializing, 210

LILO, 15–17

mkbootdisk command, 20–21

bits, 186–189

blocking devices, 109–110

blocks

sizing, 114–121, 133

small I/O transfers, 134–138

blogger command, 33

bonnie++, 141, 144

boot floppies, 14–15, 20–21

boot.d directory, 27

booting

confirm mode, 37

drives, 223

emergency mode, 9

from floppy disks, 48

multiuser mode, 9

root filesystems, 42–48

single user mode, 9

bootloaders, 2

BIOs, 210

/boot under LVM control, 224–227

GRUB, 2–9, 11–15

LILO, 15–17

mkbootdisk command, 20–21

partition tables/MBRs, 205–210

BPP (Bidirectional Parallel Port), 369

breakpoints, printing, 381

broadcasts

ARP, 444

IP, 459

ping command, 463

bugs, PAM, 519–521

built-in cleaning, 297

bypassing devices, 110

bytes

calculating, 186–189

viewing, 208–210

C

caches

ARP, 445

arrays, 112

dentry, 234

inode, 234

calculations

bits/bytes, 186–189

octets, 455

carelessness (vulnerabilities), 388

central processing units. See CPUs

cfdisk, 214–215

chage command, 498–505

chkconfig command, 33

CHS (Cylinder, Head, Sector) partition layouts, 192–198

CIDR (Classless Inter-Domain Routing), 456

ckets, connecting, 478

classes

host vulnerabilities, 385

layouts, 457

printing, 354

Classless Inter-Domain Routing (CIDR), 456

cleaning tapes, 297

Clear Interrupt (CLI), 211

clear text data captured (vulnerabilities), 387

CLI (Clear Interrupt), 211

clients

NTP, 479–483

SSH, 395–402

X Window, 540

closed ports, 415

code, swapper, 73

command-line, editing GRUB, 11–12

commands

at, 332–334

backup, 300

cpio, 303–305

dd, 306

dump, 305–306

mkisofs, 307

rsync, 307

tar, 300–302

batch, 333

blogger, 33

chage, 498–505

chkconfig, 33

conntrack, 411

crontab, 316–323

cron daemons, 324–327

debugging output, 335–336

dd, 111–112, 133

dmesg, 232

errordump, 75

ethtool, 431

f, 81

fdisk, 109

find /boot/grub/stage1, 13

finger, 496–501, 503–507

free, 105

gzip, 294

initlog, 32

insmod lpfcdd, 245

iostat, 102–104, 112–114

iptables, 412

ksymoops, 71

lp, 347–349

lpsci, 235–244

ls, 256

lsof, 539

mkbootdisk, 20–21

mkxauth -c, 545

modinfo, 436

mt, 269

netstat, 415, 479, 486

nmap, 414–415

passwd, 498–505

ping, 444

broadcasts, 463

ICMP requests, 451

testing, 447

ps, 261–273

pwck, 507

raw, 109–110

recovery, 300

cpio, 303–305

dd, 306

dump, 305–306

mkisofs, 307

rsync, 307

tar, 300–302

root (hd0,0), 13

route, 440

rpm, 519

sar, 89

CPU statistics, 91–93

data collector, 89–90

disk I/O statistics, 94–95

measuring performance, 112–114

networking statistics, 95–99

setup (hd0), 13

spoolers, 347–349

sysctl, 53

tar, 294

top, 80–89

ulimit, 279

uname, 235–244

usermode, 498–505

vmstat, 99–101

xterm, 540

Common UNIX Printing System. See CUPS

components (X Window), 529

clients, 540

servers, 529–535, 537–540

compression, 294

configuration

auto-negotiation, 434

baselines, 131–133

files, 22–29

hangs, 37

iptables, 407–413

login, 507–510

OpenSSH, 391

partitions, 195–196

processes, 255–257

SAN, 160–161

via PCI, 170–180

via PCMCIA/USB, 181–184

kernel module, 162–170

SSH, 391

X Window, 531–540

confirm mode, 36

connections

printing, 360, 365–375

sockets, 478

SSH, 400–402

TCP, 476

TCP/IP physical network access layers, 426

testing, 394

conntrack command, 411

contention, 372, 376

controls

files, 371–372

mtx, 290

tape drives.mt, 295–297

converting binary values, 187

copy-on-write (COW) design, 255

core dumps, 275–284

corruption, password/shadow files, 506–507

COW (copy-on-write) design, 255

cpio command, 303–305

CPUs (central processing units)

statistics, 91–93

utilization, 144–149, 155

vmstat command, 99–101

CRC (cyclic redundancy check), 438

cron, 316–323

daemons, 324–327

kcron, 327–329

troubleshooting, 335–342

crontab command, 316–323

cron daemons, 324–327

output, 335–336

customizing top command, 85–87

cyclic redundancy check (CRC), 438

Cylinder, Head, Sector. See CHS

cylinders, 139

D

daemons

at, 333–334

cron, 316–327, 338–339

NTP, 480

sshd, 477

data circuit equipment (DCE), 360

data collectors, 89–90

data files, 372

data terminal equipment (DTE), 360

Dawes, David, 528

DBMS (database management system), 387

DCE (data circuit equipment), 360

dd command, 111–112, 133, 306

debugging output, 335–336

default_idel function, 58

defining partitions, 192–194

demiliterized zone. See DMZ networks

demonstrating failures, 214–215

dentry cache, 234

design. See configuration

desktop managers, X Window, 544

detecting

links, 429–437

similar devices (kernel module), 162

devices

blocking, 109–110

bypassing, 110

detecting, 162

drivers, 126–130

failures

identifying failed devices, 235–244

replacing, 245–252

searching for errors, 231–234

supported devices, 229–231

HID, 531

rewind/no-rewind, 294

Differentiated Services Code Point (DSCP), 450

directories

boot.d, 27

/etc/sysconfig, 35

rc scripts, 30–36

confirm mode, 36

startup, 37–41

rc.d, 28

spools, 355

disabling ICMP, 448

diskdump, 67

disks

I/O

multiple threads, 121–122

reducing strain, 122–125

statistics, 94–95

MBR, 189, 191

partitions, 186–191

journaling to, 131–133

sleep status, 251

display managers, X Window, 542–543

dmesg command, 232

DMZ (demilitarized zone) networks, 385

DNS (domain name service) slow lookups, 483–486

domain name service. See DNS

dot matrix printers, 358. See also printing

drivers

devices, 126–130

monitors, 66

mtx, 290

options, 437

versions, 166–170

viewing, 436

drives

tape, 295–297

used, 208–210

wrong order, scanning in, 223

DSCP (Differentiated Services Code Point), 450

DTE (data terminal equipment), 360

dual-display video cards, starting X Window servers, 546–548

dump command, 305–306

dumps

core, 275–284

obtaining, 67

DUP, 463

duplex, modifying interfaces, 431

E

ECP (Enhanced Capabilities Port), 369

editing

/etc/rc.d/rc.sysinit, 39

menus (GRUB), 6–7

EFI (Extensible Firmware Interface), 75

emergency mode, booting, 9

Emulex HBAs, 230. See also HBAs

Encapsulating Security Payload (ESP), 453

encryption

SSH, 390–391

troubleshooting, 395–402

Endian order, 187

Enhanced Capabilities Port (ECP), 369

Enhanced Parallel Port (EPP), 369

environments

variables, 319

X desktop managers, 544

EPP (Enhanced Parallel Port), 369

errordump command, 75

errors

devices, 231–234

init processes, 29

messages

GRUB, 7

partitions, 197–198

“No Space Left on Device”, 152–154

passwords, 401

ESP (Encapsulating Security Payload), 453

espionage (vulnerabilities), 388

/etc/crontab (Red Hat) file, 321

/etc/inittab file, 22–29

/etc/lilo.conf file options, 16

/etc/nologin file, 509–510

/etc/pam.conf file, 513

/etc/pam.d file, 512

/etc/pam.d files, missing preventing login, 518–519

/etc/passwd file, 496–501, 503–507

/etc/rc.d/rc.sysinit, editing, 39

/etc/security file, 508–509

/etc/shadow file, 496–501, 503–507

/etc/sysconfig directory, 35

/etc/toprc file, 86

Ethernet frames, 440–448

ethtool command, 431, 435

evaluating hangs, 282–284

exit( ) method, 258

exposures, 384, 387

extended partitions, 199–203

Extensible Firmware Interface (EFI), 75

F

f command, 81

failures

demonstrating, 214–215

devices

identifying failed devices, 235–244

replacing, 245–252

searching for errors, 231–234

supported devices, 229–231

ping command, 447

vgcreate, 224

FCP (Fibre Channel Protocol), 248

fdisk command, 109, 201–203

Fibre Channel Protocol (FCP), 248

fields

action, 23

FLAG, 451

Fragment offset, 451

processes, 85

run levels, 22

sar-d, 95

sar-n EDEV, 97

sar-n SOCK, 99

top command, 81

vmstat command, 100

File Transfer Protocol. See FTP

files

configuration, 391

control, 371–372

crontab, 320

data, 372

/etc/crontab, 321

/etc/inittab, 22–29

/etc/lilo.conf, 16

/etc/nologin, 509–510

/etc/pam.conf, 513

/etc/pam.d, 512, 518–519

/etc/passwd, 496–507

/etc/security, 508–509

/etc/shadow, 496–507

/etc/toprc, 86

/lib/security, 512–514

PPD, 346

user profile, 521

filesystems

overview of, 186–189

performance, 131

accessing CPU utilization issues, 144–149

applying Oracle statspak, 149–151

benchmarking (bonnie++), 141, 144

determining I/O request sizes, 133

journaling to separate disks, 131–133

“No Space Left on Device” errors, 152–154

small block I/O transfers, 134–138

tools, 154–155

tuning sector alignments, 139

root, 41–48

superblock recovery, 217–223

FILTER table, 407

filters, 355

find /boot/grub/stage1 command, 13

finger command, 496–501, 503–507

firewalls, IP, 466, 468

FLAG field, 451

floppy disks, booting from, 48

flow control, 474

footers, printing, 355

fork( ) system, 255

forwarding agents, 401

Fragment offset fields, 451

frames (Ethernet), 440–448

free command, 105

FTP (Files Transfer Protocol), 488–492

functions. See also commands

default_idle, 58

PAM, 511

panic_blink( ), 63

spoolers, 350, 353

G

gazip command, 294

GDB (GNU Project Debugger), 282–284

GNU Portable Threads (PTH), 259

graphics, printing, 356

GRUB (GRand Unified Bootloader), 2–15, 46–48

gzip process, 272–273

H

hacking, recovery after, 421

hangs

configuration, 37

cron jobs, 337–338

evaluating, 282–284

operating systems, 52

interruptible, 53–64

non-interruptible, 64–66

processes, 267–273

single user mode, 9

Web browsers, 271–272

hard disks, backup/recovery, 298

hardware

backups, 309–312

devices. See devices

machine checks, 74

non-interruptible hangs, 64, 66

TCP/IP physical network access layers, 426

X Window, 531–540

HBAs (host bus adapters), 67, 161, 230

headers

IP, 449

printing, 355

TCP, 473

UDP, 471

heavyweight process (HWP), 259

helical scans, 287

HID (Human Interface Devices), 531

high CPU utilization, 144–149

host bus adapters. See HBAs

hosts

open ports, 414

security, 383

key mismatches, 396

optimizing, 388

vulnerabilities, 384–387

unable to communicate, 460–466

human error (vulnerabilities), 388

Human Interface Devices (HID), 531

HWP (heavyweight process), 259

I

I/O

multipath, 126–130

performance, 107

applying raw command, 109–110

bypassing raw devices, 110

determining sequential speed, 111–112

LUNs, 108

measuring, 112–114

testing, 114–122, 124–130

PIO, 139

requests, 133

vmstat command, 99, 101

ICMP (Internet Control Message Protocol), 445–451

IDE (Intelligent/Integrated Drive Electronics), 186

incremental backups, 298

init processes, /etc/inittabl file, 22–29

initializing BIOS, bootloaders, 210

initlog command, 32

inkjet printers, 358

inode cache, 234

inserting. See adding

insmod lpfcdd command, 245

installing

GRUB, 46–48

patches, 74

X Window display managers, 543

Xwrapper, 530

Intelligent/Integrated Drive Electronics. See IDE

interfaces

auto-negotiation, 434

EFI, 75

hangs, 271–272

HID, 531

MII, 429

networks

detecting links, 429–437

troubleshooting, 427–429

shell, 7

speed, 431

Internet Control Message Protocol. See ICMP

Internet Printing Protocol. See IPP

interprocess communication (IPCS), 259

interruptible hangs, 53–64

iostat command, 102–104, 112–114

IP (Internet Protocol), 449–453

address models and routing, 454–459

firewalls, 466–468

ipcalc tool, 461

IPCS (interprocess communication), 259

IPP (Internet Printing Protocol), 377–378

iptables, 403–413, 466–468,

isag, 155

J

jobs

anacron, 329–331

at command, 332–334

cron

daemons, 324–327

kcron, 327, 329

managing, 316–323

troubleshooting, 335–342

printing, 354

journaling to separate disks, 131–133

K

kcron, 327, 329

kdeadmin package, 327

kernels

2.4.9-3.27, 66

bootloaders, 2

GRUB, 2–15

LILO, 15–17

mkbootdisk command, 20–21

device failures, 229–231

init processes, 22–29

interruptible hangs, 60–64

module, 161–170

signals, 276

threads, 260

VAS, 268

keys

authentication, 397–400

host security mismatches, 396

SSH, 53–64, 390

keywords

/etc/inttab file, 23

/etc/lilo.conf file, 16

respawn, 29

single, 36

Knoppix CD, 45

ksymoops command, 71

L

Lai, Glenn, 528

laser printers, 358

layers

OSI, 423, 425

performance

applying raw command, 109–110

bypassing raw devices, 110

determining sequential speed, 111–112

LUNs, 108

measuring, 112–114

testing, 114–122, 124–130

troubleshooting, 107

TCP/IP, 423–425

application layer, 492

communicating at physical levels, 438–440

Ethernet frames, 440–442

FTP slow down, 488–492

host miscommunications, 460–466

IP firewalls, 466–468

network, 443–453, 455–459

physical access, 426–437

slow DNS lookups, 483–486

synchronizing NTP, 479–483

transport layer, 468–479

UDP packet loss, 486–488

LBA (Logical Block Addressing), 192, 203–204

least significant bit (LSB), 187

/lib/security file, 512, 514

lightweight process (LWP), 254, 259

LILO (LInux LOader), 2, 15–17, 37

line printers, 358

linear recording methods, 287

LKCD (Linux Kernel Crash Dump), 67

LLC (Logical Link Control), 438

load balancing, multipath I/O, 126–130

loading. See bootloaders

local parallel printing, 369

local serial printing, 360–364

local USB printing, 365, 368

local vulnerabilities, 385

locking accounts, 504–505

Logical Block Addressing (LBA), 192, 203–204

Logical Link Control (LLC), 438

logical partitions, 199–203

Logical Unit Numbers. See LUNs

login, 495

accounts, 496–507

configuration, 507–510

PAM, 510

arguments, 512

/etc/pam.conf, 513

/etc/pam.d, 512

functions, 511

/lib/security, 514

modules, 512

resources, 515

troubleshooting, 516–521

passwords, 522–525

shells, 521

logs

cron, 340–341

interruptible hangs, 58–59

SSH, 395–402

lookups, slow DNS, 483–486

loss, UDP packets, 486–488

lost password, resetting, 45

lp commands, 347–349

lpsci command, 235–244

ls command, 256

LSB (least significant bit), 187

lsof command, 539

LUNs (Logical Unit Numbers), 108

limitations, 228

PCI, 170–180

LVM control, /boot under, 224–227

lvol, stripping, 122–125

LWP (lightweight process), 254, 259

M

MAC (Media Access Control) addresses, 438

machine checks (hardware), 74

Magic SysRq keystroke, 53–64

magnetic tape, 286–287, 290

maintenance, 509–510

management

/boot under LVM control, 224–227

cron jobs, 316–323

daemons, 324–327

kcron, 327–329

troubleshooting, 335–342

X Window

desktop managers, 544

display managers, 542–543

MANGLE tables, 407

mapping

ports, 394

/proc/ioports, 163–166

spoolers, 380

Massachusetts Institute of Technology (“Athena Project”), 527

Master Boot Record. See MBR

Matrox G400 dual head video cards, 531

Maximum Transaction Unit (MTU), 451

MBR (Master Boot Record), 2

backups, 211–223

bootloaders, 205–210

CHS addressing, 192–198

GRUB, 12–15

LBA, 203–204

location of, 189–191

logical/extended, 199–203

measurement, performance, 110–114

media, backup/recovery, 285–295

Media Access Control (MAC) addresses, 438

Media Independent Interface (MII), 429

memory

free command, 105

“No Space Left on Device” error, 152–154

top command, 85

vmstat command, 99–101

X Window video cards, 532

menus, GRUB, 3–7

messages

cron, 324

errors. See errors

ICMP, 445–448

SSH, 400

methods

exit( ), 258

linear recording, 287

wait( ), 258

MII (Media Independent Interface), 429

mii-tool, modifying interface speed, 431

mismatches, host key, 396

missing files, 20–21, 516–519

mkbootdisk command, 20–21

mkisofs command, 307

mkxauth –c command, 545

modes

batch, 87, 89

confirm, 36

emergency, 9

multiuser, 9, 26–28

single user, 9, 18

stacker, 291

modinfo command, 436

modules

kernel, 162–170

PAM, 512

validating, 519

monitoring

free command, 105

iostat command, 102–104

sar command, 89–99

top command, 80–87

vmstat command, 99, 101

monitors, updating drivers, 66

most significant bit (MSB), 187

mounting partitions, 216

MSB (most significant bit), 187

mt command, 269, 295–297

MTU (Maximum Transaction Unit), 451

mtx, 290

multipath I/O, 126–130

multiple OS panics, 67–71

multiple partitions, 201–203

multiple threads of I/O to disks, 121–122

multiuser mode, 9, 26–28

N

names, WWN, 129

namp command, 414

NAT (Network Address Translation), 406

netdump, 67

netfilter, system hardening, 403–410, 412–421

netstat command, 415, 479, 486

Network Time Protocol. See NTP

networks

DMZ, 385

interfaces, 429–437

OSI layers, 423–425

raw socket printing, 375–376

SAN, 159–170, 181–184

security, 383

statistics, 95- 99

TCP/IP, 423–425. See also TCP/IP

nmap command, 415

no-rewind devices, 294

non-interruptible hangs, 64–66

“No Space Left on Device” errors, 152–154

NTP (Network Time Protocol), 479–483

O

OCFS (Oracle Cluster File System), 139

octets, calculating, 455

one-to-one relationships, 258

Open Group, The, 528

open ports, scanning, 414

Open Shortest Path First (OSPF), 466

OpenSSH, 390–391

operating systems

bootloaders, 2

GRUB, 2–15

LILO, 15–17

mkbootdisk command, 20–21

hangs, 52

interruptible, 53–64

non-interruptible, 64–66

panics, 66–74

processes, 255–258

optical disks, backup/recovery, 297

optimization. See configuration

options

drivers, 436–437

/etc/lilo.conf file, 16

GRUB, 5

Oracle, applying statspak, 149–151

Oracle Cluster File System (OCFS), 139

ordering iptable rules, 420

OSI network layers, 423–425, 443

ARP/RARP, 443–445

firewalls, 466–468

FTP slow down, 488–492

host miscommunications, 460–466

ICMP, 445–448

IP, 449–459

slow DNS lookups, 483–486

synchronizing NTP, 479–483

transport layer, 468–479

UDP packet loss, 486–488

OSPF (Open Shortest Path First), 466

output

debugging, 335–336

top command, 81–85

P

packages

at, 332–334

kdeadmin, 327

packets, UDP, 486–488

Page Description Language. See PDL

PAL (Processor Abstraction Layer), 74

PAM, 510

arguments, 512

/etc/pam.conf, 513

/etc/pam.d, 512functions, 511

/lib/security, 514

modules, 512

resources, 515

troubleshooting, 516–521

panics (OS), 66–74

panic_blink( ) function, 63

parallel printing, local, 369

parameters, Magic SystRq keystroke, 54

parent process id (PPID), 22, 254

partitions

adding, 197–198

GRUB, 5

mounting, 216

overview of, 186–189

recovery, 212–215

tables, 199–211. See also tables

partx, 202

passwd command, 498–505

passwords

aging, 496–507

/etc/passwd file, 496–507

root, 45

SSH, 401

troubleshooting, 522–525

weak, 387

patches, installing, 74

PCI (Peripheral Component Interconnect)

cards, 71

devices, 169

LUNs, 170–180

PCMCIA, adding storage, 181–184

PDL (Page Description Language), 347–379

performance

filesystems, 131–139, 141–151

I/O, 107–117, 120–130

tools

free command, 105

iostat command, 102–104

sar command, 89–99

top command, 80–89

vmstat command, 99–101

Peripheral Component Interconnect. See PCI

permissions, /lib/security file, 514

physical attacks, 388

physical I/O (PIO), 139

physical network access layers. See access; networks

PID (process id), 22, 254

ping command, 444–451, 463

PIO (physical I/O), 139

ports. See also connections

closed, 415

mapping, 394

open, 414

PPID (parent process id), 22, 254

preventing login, 516–519

printing

connectivity, 360–370, 371–379

filters, 355

PDL, 379

spoolers, 345–356

troubleshooting, 380

types of printers, 358–360

private host keys, 390

private user keys, 390

process id (PID), 22, 254

processes

core dumps, 275–284

creating, 255–257

/etc/init, 22–29

free command, 105

gzip, 272–273

hangs, 267–273

high CPU utilization, 144

HWP, 259

interruptible hangs, 53–64

iostat command, 102–104

IPCS, 259

kill, 269

LWP, 254, 259

non-interruptible hangs, 64–66

PPID, 254

rc scripts, 30–41

sar command, 89–99

structures, 254–255

terminating, 258

top command, 80–87

vmstat command, 99, 101

Processor Abstraction Layer (PAL), 74

/proc/ioports, mapping, 163–166

profiles, user files, 521

protocols

ARP, 438, 443–445

FCP, 248

FTP, 488–492

ICMP, 445–448

IP, 449–459, 466–468

IPP, 377–378

NTP, 479–483

RARP, 443–445

RIP, 466

TCP, 468–479

UDP, 468–472, 479–488

ps command, 262–271

pstree hangs, 337–338

PTH (GNU Portable Threads), 259

public host keys, 390

public user keys, 390

PuTTY, 391

pwck command, 507

PZERO, 267

Q–R

QoS (Quality of Service), 450

queues, 118, 120, 354

RARP (Reverse ARP), 443–445

raster graphics, printing, 356

raw command, 109–110

raw network socket printing, 375–376

rc scripts, 30–41

rc.d directory, 28

recording linear methods, 287

recovery, 309–311

after being hacked, 421

bare metal, 308

commands, 300

cpio, 303, 305

dd, 306

dump, 305–306

mkisofs, 307

rsync, 307

tar, 300, 302

filesystems, 217–223

media, 285. See also media

partitions, 212–215

reducing disk I/O strain, 122–125

refused messages, SSH connections, 400

reinstalling

GRUB, 46–48

MBR with GRUB stage 1, 13

relationships

one-to-one, 258

processes, 255

threads, 258–266

remote printing, 369–375

Remote Procedure Calls (RPCs), 486

remote vulnerabilities, 385

replacing

failed devices, 245–252

PCI cards, 71

reporting, 290

requests

I/O, 133

ICMP, 448–451

Rescue CD, 42

resetting lost root passwords, 45

resources, PAM, 515

respawn keyword, 29

restoring superblocks, 221

restrictions

access, 388

crontab, 320

Reverse ARP. See RARP

reviewing bytes, 208, 210

rewind devices, 294

RIP (Routing Information Protocol), 466

Roell, Thomas, 528

root (hd0,0) command, 13

root filesystems, 41–48

root logins, limiting, 508–509

round robin (RR), 126

route command, 440

routing, 456–459

Routing Information Protocol (RIP), 466

RPCs (Remote Procedure Calls), 486

rpm command, 519

RR (round robin), 126

rsync command, 307

rules (iptables), 419–420

run levels field, 22

S

SAL (System Abstraction Layer), 74

SAN (storage area network), 159

configuration, 160–161

kernel module, 162–166

LUNs, 170–180

searching driver versions, 166–170

storage, 181–184

sar command, 89–99, 112–114

SASI (Shugart Associates System Interface), 186

saving

customization, 85–87

iptables, 413

scanning

drives in the wrong order, 223

open ports, 414

scope, backup, 298–300

SCP (secure copy), 390

scripts

atrun, 333–334

data collectors, 89–90

rc, 30–41

sendmail, 35

/usr/bin/run-parts, 322

SCSI (Small Computer Systems Interface), 186

searching

device errors, 231–234

hangs, 337–338

drivers, 166–170

second hard disks, booting from, 42

sector alignment, 139

secure copy (SCP), 390

Secure FTP (SFTP), 390

Secure Shell. See SSH

security

crontab, 320

firewalls, 466–468

/lib/security file, 514

networks, 383

prevention, 389

hardening (with netfilter/iptables), 403–414

SSH encryption, 390–402

system, 383–387

X Window, 538

sending signals, 276

sendmail script, 35

sequential speed, 111–112

serial printing, local, 360–364

servers

SAN, 181–184. See also SAN

terminal, 379

X Window, 529–531. See also X Window

services, rc scripts, 30–41

setup (hd0) command, 13

SFTP (Secure FTP), 390

sharing memory, 152–154

shells

environment variables, 319

interfaces, 7

troubleshooting, 521

Shugart Associates System Interface. See SASI

shutting down

iptables, viewing rules, 419

TCP connections, 476

signals, core dumps, 275–284

single keyword, 36

single partitions, 201–203

single user mode, 9, 18

sizing

blocks, 114–121, 133

requests, 133

sleep statement, 434

slow DNS lookups, 483–486

slow down, FTP, 488–492

small block I/O transfers, 134–138

Small Computer Systems Interface. See SCSI

SMP (Symmetric Multi-Processor), 259

social engineering attacks, 388

SOCK argument, 99

sockets, raw network printing, 375–376

software defects (vulnerabilities), 387

speed

auto-negotiation, 433

interfaces, 431

sequential, 111–112

spoofing, 387

spoolers, 345–356

SPP (Standard Parallel Port), 369

SSH (Secure Shell) encryption, 390–402

sshd daemon, 477

stacker mode, 291

stacks

interruptible hangs, 58–59

missing preventing login, 516–517

stage 1 files, reinstalling MBRwith GRUB, 13

Standard Parallel Port (SPP), 369

starting

kcron, 328

multiuser mode, 26–28

processes, 30–41

rc scripts, 37–41

X Window servers, 546–548

statements, sleep, 434

statistics

CPUs, 91–93

disk I/O, 94–95

networking, 95–99

Oracle statspak, 149–151

vmstat command, 99–101

statspak (Oracle), applying, 149–151

storage

crontab files, 320

devices, 110

PCMCIA/USB, 181–184

storage area network. See SAN

strain, reducing disk I/O, 122–125

stripping lvol, 122–125

superblock filesystem recovery, 217–223

supported device failures, 229–231

swapper code, 73

swaps

free command, 105

utilization, 155

Symmetric Multi-Processor (SMP), 259

synchronizing NTP, 479–483

sysctl command, 53

syslog, 234

System Abstraction Layer (SAL), 74

system security. See security

T

tables

FILTER, 407

MANGLE, 407

partitions, 211–217. See also partitions

tape

drives, 295–297, 309

libraries, 290–293

tar command, 294, 300–302

tasks, 255–258. See also processes

TCP (Transmission Control Protocol), 468–479

TCP/IP (Transmission Control Protocol/Internet Protocol), 423–425

application layer, 492

network layer, 443–453, 455–459

host miscommunications, 460–466

IP firewalls, 466–468

physical access layer, 426

communicating at physical levels, 438–440

detecting links, 429–437

Ethernet frames, 440–442

links, 427–429

transport layer, 468–479

FTP slow down, 488–492

slow DNS lookups, 483–486

synchronizing NTP, 479–483

UDP packet loss, 486–488

terminal servers, 379

terminating processes, 258

testing

connections, 394

performance, 114–122, 124–130

ping command, 447

Xauthority, 544–545

threads, 258–261

identifying, 261–266

kernels, 260

multiple, 121–122

PTH, 259

Time-To-Live (TTL), 450

time. See NTP

tools

anacron, 329–331

at command, 332–334

backup/recovery, 300, 308

cpio, 303–305

dd, 306

dump, 305–306

mkisofs, 307

rsync, 307

tar, 300–302

cron, 316–323

daemons, 324–327

kcron, 327–329

troubleshooting, 335–342

devices, 231–234

ipcalc, 461

partx, 202

performance, 154. See also performance

PuTTY, 391

syslog, 234

top command, 80–89

TOS (Type of Service), 450

TPS (transfers per second), 113

traces, slow DNS lookups, 485

tracks, 139

transfers, 134–138

transfers per second (TPS), 113

Transmission Control Protocol. See TCP

Transmission Control Protocol/Internet Protocol. See TCP/IP

transport layer, 468–479

FTP slow down, 488–492

NTP, 479–483

slow DNS lookups, 483–486

UDP packet loss, 486–488

troubleshooting

authentication, 397–400

printing, 373–375, 380

raw network socket printing, 376

SSH, 395–402

Tsillas, Jim, 528

TTL (Time-To-Live), 450

tuning

benchmarking (bonnie++), 141, 144

sector alignment, 139

tunnels (SSH), 391, 402

Type of Service (TOS), 450

types

of host vulnerabilities, 387

of keys, 390

of printers, 358, 360

U

UDP (User Datagram Protocol), 468–472

packet loss, 486–488

slow DNS lookups, 483–486

synchronizing NTP, 479–483

ulimit command, 279

uname command, 235–244

Uniform Resource Locator (URL), 377

Universal Serial Bus. See USB

universal vulnerabilities, 384

unlocking accounts, 505

updating

hardware, 66

kernels, 60–64

logs, 340–341

URL (Uniform Resource Locator), 377

USB (Universal Serial Bus)

local printing, 365, 368

storage, 181–184

used drives, 208–210

User Datagram Protocol. See UDP

usermode command, 498–505

users

disassociation (printing), 354

multiple OS panics, 67–71

multiuser mode, 26–28

profile files, 521

signals, 276

single user mode, 9, 18

/usr/bin/run-parts script, 322

utilities. See tools

utilization, CPUs, 144–149, 155

V

validating modules, 519

values, converting binary, 187

variables, adding, 319

VAS (Virtual Address Space), 268

vector graphics, printing, 356

versions

devices, 231

drivers, 166–170

X Window, 529

vgcreate failures, 224

video cards, 531, 546–548

viewing

auto-negotiation, 435

backups, 309–312

bytes, 208–210

core dumps, 275–284

devices, 231

drivers, 436

failed devices, 235–244

iptable rules, 419

partition tables, 202

Virtual Address Space (VAS), 268

Virtual Page Descriptor. See VPD

vmalloc, 233

vmstat command, 99–101

VPD (Virtual Page Descriptor), 236

vulnerabilities, 384–387

W

wait( ) method, 258

weak passwords (vulnerabilities), 387

Web browser hangs, 271–272

Windows performance, 139

worldwide name (WWN), 129

wrong order, drive scanning, 223

WWN (worldwide name), 129

X–Z

X Consortium, 528

X Window

authentication, 544–545

components, 529–540

desktop managers, 544

display managers, 542–543

overview of, 527–529

servers, 534–540, 546–548

X.org Foundation, 529

X11, 401

X11R4, 528

X386, 528

Xauthority, 544–545

xclock program, 545

XFree86 Project, Inc., 528

xterm command, 540

Xwrapper, installing, 530

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.145.89.82