Index
Numerics
2.4.9-e.27 kernel, 66
A
abstraction, printing, 355
access
crontab command, 320
performance, 131
accessing CPU utilization issues, 144–149
applying Oracle statspak, 149–151
benchmarking (bonnie++), 141, 144
determining I/O request sizes, 133
journaling to separate disks, 131–133
“No Space Left on Device” errors, 152–154
small block I/O transfers, 134–135, 138
tools, 154–155
tuning sector alignments, 139
restrictions, 388
TCP/IP physical network layers, 426
communicating at physical levels, 438–440
detecting links, 429–437
Ethernet frames, 440–442
X Window, 538
accounts
locking, 504
unlocking, 505
ACK (acknowledgement), 476
action field, 23
adapters, HBA, 161
adding
environment variables, 319
fields, 81
LUNs via PCI, 170–180
partition error messages, 197–198
PCI devices, 169
storage via PCMCIA/USB, 181–184
Address Resolution Protocol (ARP), 438, 443–445
addresses
CHS, 192–198
IP, 454–459
MAC, 438
VAS, 268
agents, forwarding, 401
aging passwords, 496–501, 503–507
aligning sectors, 139
allocation, memory, 85, 152–154
anacron, 329–331
application layer, TCP/IP, 492
applications
backups, 309–312
compression, 294
PAM, 510
arguments, 512
/etc/pam.conf, 513
/etc/pam.d, 512
functions, 511
/lib/security, 514
modules, 512
passwords, 522–525
resources, 515
shells, 521
troubleshooting, 516–521
threads, 258–266
tunnels, 402
xclock, 545
arguments
iostat command, 102–104
PAM, 512
SOCK, 99
ARP (Address Resolution Protocol), 438, 443–445
arrays, 112
at command, 332–334
atrun scripts, 333–334
attacks, 388
authentication
keys, 397–400
X Window, 544–545
Authorization, 512–514
auto-negotiation, 433–435
autoloaders, 290–293
B
backup
commands, 300
cpio, 303–305
dd, 306
dump, 305–306
mkisofs, 307
rsync, 307
tar, 300–302
hardware/software, determining, 309–312
incremental, 298
media, 285
autoloaders/tape libraries, 290–293
cleaning tapes, 297
compression, 294
controlling tape drives, 295–297
hard disks, 298
magnetic tape, 286–290
optical disks, 297
rewind/no-rewind devices, 294
partition tables/MBRs, 211–221
scope, 298–300
banners, printing, 355
bare metal recovery, 308
baselines, configuring, 131–133
bash shell, user profile files, 521
batch command, 333
batch mode, 87–89
Bidirectional Parallel Port (BPP), 369
binary values, converting, 187
BIOS, 2
GRUB, 2–15
initializing, 210
LILO, 15–17
mkbootdisk command, 20–21
bits, 186–189
blocking devices, 109–110
blocks
small I/O transfers, 134–138
blogger command, 33
boot.d directory, 27
booting
confirm mode, 37
drives, 223
emergency mode, 9
from floppy disks, 48
multiuser mode, 9
root filesystems, 42–48
single user mode, 9
bootloaders, 2
BIOs, 210
/boot under LVM control, 224–227
LILO, 15–17
mkbootdisk command, 20–21
partition tables/MBRs, 205–210
BPP (Bidirectional Parallel Port), 369
breakpoints, printing, 381
broadcasts
ARP, 444
IP, 459
ping command, 463
bugs, PAM, 519–521
built-in cleaning, 297
bypassing devices, 110
bytes
calculating, 186–189
viewing, 208–210
C
caches
ARP, 445
arrays, 112
dentry, 234
inode, 234
calculations
bits/bytes, 186–189
octets, 455
carelessness (vulnerabilities), 388
central processing units. See CPUs
cfdisk, 214–215
chage command, 498–505
chkconfig command, 33
CHS (Cylinder, Head, Sector) partition layouts, 192–198
CIDR (Classless Inter-Domain Routing), 456
ckets, connecting, 478
classes
host vulnerabilities, 385
layouts, 457
printing, 354
Classless Inter-Domain Routing (CIDR), 456
cleaning tapes, 297
Clear Interrupt (CLI), 211
clear text data captured (vulnerabilities), 387
CLI (Clear Interrupt), 211
clients
NTP, 479–483
SSH, 395–402
X Window, 540
closed ports, 415
code, swapper, 73
command-line, editing GRUB, 11–12
commands
at, 332–334
backup, 300
cpio, 303–305
dd, 306
dump, 305–306
mkisofs, 307
rsync, 307
tar, 300–302
batch, 333
blogger, 33
chage, 498–505
chkconfig, 33
conntrack, 411
crontab, 316–323
cron daemons, 324–327
debugging output, 335–336
dmesg, 232
errordump, 75
ethtool, 431
f, 81
fdisk, 109
find /boot/grub/stage1, 13
free, 105
gzip, 294
initlog, 32
insmod lpfcdd, 245
iptables, 412
ksymoops, 71
lp, 347–349
lpsci, 235–244
ls, 256
lsof, 539
mkbootdisk, 20–21
mkxauth -c, 545
modinfo, 436
mt, 269
nmap, 414–415
passwd, 498–505
ping, 444
broadcasts, 463
ICMP requests, 451
testing, 447
ps, 261–273
pwck, 507
raw, 109–110
recovery, 300
cpio, 303–305
dd, 306
dump, 305–306
mkisofs, 307
rsync, 307
tar, 300–302
root (hd0,0), 13
route, 440
rpm, 519
sar, 89
CPU statistics, 91–93
data collector, 89–90
disk I/O statistics, 94–95
measuring performance, 112–114
networking statistics, 95–99
setup (hd0), 13
spoolers, 347–349
sysctl, 53
tar, 294
top, 80–89
ulimit, 279
uname, 235–244
usermode, 498–505
vmstat, 99–101
xterm, 540
Common UNIX Printing System. See CUPS
components (X Window), 529
clients, 540
compression, 294
configuration
auto-negotiation, 434
baselines, 131–133
files, 22–29
hangs, 37
iptables, 407–413
login, 507–510
OpenSSH, 391
partitions, 195–196
processes, 255–257
SAN, 160–161
via PCI, 170–180
via PCMCIA/USB, 181–184
kernel module, 162–170
SSH, 391
X Window, 531–540
confirm mode, 36
connections
sockets, 478
SSH, 400–402
TCP, 476
TCP/IP physical network access layers, 426
testing, 394
conntrack command, 411
controls
files, 371–372
mtx, 290
tape drives.mt, 295–297
converting binary values, 187
copy-on-write (COW) design, 255
core dumps, 275–284
corruption, password/shadow files, 506–507
COW (copy-on-write) design, 255
cpio command, 303–305
CPUs (central processing units)
statistics, 91–93
vmstat command, 99–101
CRC (cyclic redundancy check), 438
cron, 316–323
daemons, 324–327
kcron, 327–329
troubleshooting, 335–342
crontab command, 316–323
cron daemons, 324–327
output, 335–336
customizing top command, 85–87
cyclic redundancy check (CRC), 438
Cylinder, Head, Sector. See CHS
cylinders, 139
D
daemons
at, 333–334
NTP, 480
sshd, 477
data circuit equipment (DCE), 360
data collectors, 89–90
data files, 372
data terminal equipment (DTE), 360
Dawes, David, 528
DBMS (database management system), 387
DCE (data circuit equipment), 360
debugging output, 335–336
default_idel function, 58
defining partitions, 192–194
demiliterized zone. See DMZ networks
demonstrating failures, 214–215
dentry cache, 234
design. See configuration
desktop managers, X Window, 544
detecting
links, 429–437
similar devices (kernel module), 162
devices
blocking, 109–110
bypassing, 110
detecting, 162
drivers, 126–130
failures
identifying failed devices, 235–244
replacing, 245–252
searching for errors, 231–234
supported devices, 229–231
HID, 531
rewind/no-rewind, 294
Differentiated Services Code Point (DSCP), 450
directories
boot.d, 27
/etc/sysconfig, 35
rc scripts, 30–36
confirm mode, 36
startup, 37–41
rc.d, 28
spools, 355
disabling ICMP, 448
diskdump, 67
disks
I/O
multiple threads, 121–122
reducing strain, 122–125
statistics, 94–95
partitions, 186–191
journaling to, 131–133
sleep status, 251
display managers, X Window, 542–543
dmesg command, 232
DMZ (demilitarized zone) networks, 385
DNS (domain name service) slow lookups, 483–486
domain name service. See DNS
dot matrix printers, 358. See also printing
drivers
devices, 126–130
monitors, 66
mtx, 290
options, 437
versions, 166–170
viewing, 436
drives
tape, 295–297
used, 208–210
wrong order, scanning in, 223
DSCP (Differentiated Services Code Point), 450
DTE (data terminal equipment), 360
dual-display video cards, starting X Window servers, 546–548
dump command, 305–306
dumps
core, 275–284
obtaining, 67
DUP, 463
duplex, modifying interfaces, 431
E
ECP (Enhanced Capabilities Port), 369
editing
/etc/rc.d/rc.sysinit, 39
menus (GRUB), 6–7
EFI (Extensible Firmware Interface), 75
emergency mode, booting, 9
Emulex HBAs, 230. See also HBAs
Encapsulating Security Payload (ESP), 453
encryption
SSH, 390–391
troubleshooting, 395–402
Endian order, 187
Enhanced Capabilities Port (ECP), 369
Enhanced Parallel Port (EPP), 369
environments
variables, 319
X desktop managers, 544
EPP (Enhanced Parallel Port), 369
errordump command, 75
errors
devices, 231–234
init processes, 29
messages
GRUB, 7
partitions, 197–198
“No Space Left on Device”, 152–154
passwords, 401
ESP (Encapsulating Security Payload), 453
espionage (vulnerabilities), 388
/etc/crontab (Red Hat) file, 321
/etc/inittab file, 22–29
/etc/lilo.conf file options, 16
/etc/nologin file, 509–510
/etc/pam.conf file, 513
/etc/pam.d file, 512
/etc/pam.d files, missing preventing login, 518–519
/etc/passwd file, 496–501, 503–507
/etc/rc.d/rc.sysinit, editing, 39
/etc/security file, 508–509
/etc/shadow file, 496–501, 503–507
/etc/sysconfig directory, 35
/etc/toprc file, 86
Ethernet frames, 440–448
evaluating hangs, 282–284
exit( ) method, 258
extended partitions, 199–203
Extensible Firmware Interface (EFI), 75
F
f command, 81
failures
demonstrating, 214–215
devices
identifying failed devices, 235–244
replacing, 245–252
searching for errors, 231–234
supported devices, 229–231
ping command, 447
vgcreate, 224
FCP (Fibre Channel Protocol), 248
Fibre Channel Protocol (FCP), 248
fields
action, 23
FLAG, 451
Fragment offset, 451
processes, 85
run levels, 22
sar-d, 95
sar-n EDEV, 97
sar-n SOCK, 99
top command, 81
vmstat command, 100
File Transfer Protocol. See FTP
files
configuration, 391
control, 371–372
crontab, 320
data, 372
/etc/crontab, 321
/etc/inittab, 22–29
/etc/lilo.conf, 16
/etc/nologin, 509–510
/etc/pam.conf, 513
/etc/passwd, 496–507
/etc/security, 508–509
/etc/shadow, 496–507
/etc/toprc, 86
/lib/security, 512–514
PPD, 346
user profile, 521
filesystems
overview of, 186–189
performance, 131
accessing CPU utilization issues, 144–149
applying Oracle statspak, 149–151
benchmarking (bonnie++), 141, 144
determining I/O request sizes, 133
journaling to separate disks, 131–133
“No Space Left on Device” errors, 152–154
small block I/O transfers, 134–138
tools, 154–155
tuning sector alignments, 139
root, 41–48
superblock recovery, 217–223
FILTER table, 407
filters, 355
find /boot/grub/stage1 command, 13
finger command, 496–501, 503–507
FLAG field, 451
floppy disks, booting from, 48
flow control, 474
footers, printing, 355
fork( ) system, 255
forwarding agents, 401
Fragment offset fields, 451
frames (Ethernet), 440–448
free command, 105
FTP (Files Transfer Protocol), 488–492
functions. See also commands
default_idle, 58
PAM, 511
panic_blink( ), 63
G
gazip command, 294
GDB (GNU Project Debugger), 282–284
GNU Portable Threads (PTH), 259
graphics, printing, 356
GRUB (GRand Unified Bootloader), 2–15, 46–48
gzip process, 272–273
H
hacking, recovery after, 421
hangs
configuration, 37
cron jobs, 337–338
evaluating, 282–284
operating systems, 52
interruptible, 53–64
non-interruptible, 64–66
processes, 267–273
single user mode, 9
Web browsers, 271–272
hard disks, backup/recovery, 298
hardware
backups, 309–312
devices. See devices
machine checks, 74
non-interruptible hangs, 64, 66
TCP/IP physical network access layers, 426
X Window, 531–540
HBAs (host bus adapters), 67, 161, 230
headers
IP, 449
printing, 355
TCP, 473
UDP, 471
heavyweight process (HWP), 259
helical scans, 287
HID (Human Interface Devices), 531
high CPU utilization, 144–149
host bus adapters. See HBAs
hosts
open ports, 414
security, 383
key mismatches, 396
optimizing, 388
vulnerabilities, 384–387
unable to communicate, 460–466
human error (vulnerabilities), 388
Human Interface Devices (HID), 531
HWP (heavyweight process), 259
I
I/O
multipath, 126–130
performance, 107
applying raw command, 109–110
bypassing raw devices, 110
determining sequential speed, 111–112
LUNs, 108
measuring, 112–114
PIO, 139
requests, 133
ICMP (Internet Control Message Protocol), 445–451
IDE (Intelligent/Integrated Drive Electronics), 186
incremental backups, 298
init processes, /etc/inittabl file, 22–29
initializing BIOS, bootloaders, 210
initlog command, 32
inkjet printers, 358
inode cache, 234
inserting. See adding
insmod lpfcdd command, 245
installing
GRUB, 46–48
patches, 74
X Window display managers, 543
Xwrapper, 530
Intelligent/Integrated Drive Electronics. See IDE
interfaces
auto-negotiation, 434
EFI, 75
hangs, 271–272
HID, 531
MII, 429
networks
detecting links, 429–437
troubleshooting, 427–429
shell, 7
speed, 431
Internet Control Message Protocol. See ICMP
Internet Printing Protocol. See IPP
interprocess communication (IPCS), 259
interruptible hangs, 53–64
iostat command, 102–104, 112–114
IP (Internet Protocol), 449–453
address models and routing, 454–459
firewalls, 466–468
ipcalc tool, 461
IPCS (interprocess communication), 259
IPP (Internet Printing Protocol), 377–378
isag, 155
J
jobs
anacron, 329–331
at command, 332–334
cron
daemons, 324–327
managing, 316–323
troubleshooting, 335–342
printing, 354
journaling to separate disks, 131–133
K
kdeadmin package, 327
kernels
2.4.9-3.27, 66
bootloaders, 2
GRUB, 2–15
LILO, 15–17
mkbootdisk command, 20–21
device failures, 229–231
init processes, 22–29
interruptible hangs, 60–64
module, 161–170
signals, 276
threads, 260
VAS, 268
keys
authentication, 397–400
host security mismatches, 396
keywords
/etc/inttab file, 23
/etc/lilo.conf file, 16
respawn, 29
single, 36
Knoppix CD, 45
ksymoops command, 71
L
Lai, Glenn, 528
laser printers, 358
layers
performance
applying raw command, 109–110
bypassing raw devices, 110
determining sequential speed, 111–112
LUNs, 108
measuring, 112–114
troubleshooting, 107
TCP/IP, 423–425
application layer, 492
communicating at physical levels, 438–440
Ethernet frames, 440–442
FTP slow down, 488–492
host miscommunications, 460–466
IP firewalls, 466–468
physical access, 426–437
slow DNS lookups, 483–486
synchronizing NTP, 479–483
transport layer, 468–479
UDP packet loss, 486–488
LBA (Logical Block Addressing), 192, 203–204
least significant bit (LSB), 187
lightweight process (LWP), 254, 259
LILO (LInux LOader), 2, 15–17, 37
line printers, 358
linear recording methods, 287
LKCD (Linux Kernel Crash Dump), 67
LLC (Logical Link Control), 438
load balancing, multipath I/O, 126–130
loading. See bootloaders
local parallel printing, 369
local serial printing, 360–364
local vulnerabilities, 385
locking accounts, 504–505
Logical Block Addressing (LBA), 192, 203–204
Logical Link Control (LLC), 438
logical partitions, 199–203
Logical Unit Numbers. See LUNs
login, 495
accounts, 496–507
configuration, 507–510
PAM, 510
arguments, 512
/etc/pam.conf, 513
/etc/pam.d, 512
functions, 511
/lib/security, 514
modules, 512
resources, 515
troubleshooting, 516–521
passwords, 522–525
shells, 521
logs
cron, 340–341
interruptible hangs, 58–59
SSH, 395–402
lookups, slow DNS, 483–486
loss, UDP packets, 486–488
lost password, resetting, 45
lp commands, 347–349
lpsci command, 235–244
ls command, 256
LSB (least significant bit), 187
lsof command, 539
LUNs (Logical Unit Numbers), 108
limitations, 228
PCI, 170–180
LVM control, /boot under, 224–227
lvol, stripping, 122–125
LWP (lightweight process), 254, 259
M
MAC (Media Access Control) addresses, 438
machine checks (hardware), 74
Magic SysRq keystroke, 53–64
maintenance, 509–510
management
/boot under LVM control, 224–227
cron jobs, 316–323
daemons, 324–327
kcron, 327–329
troubleshooting, 335–342
X Window
desktop managers, 544
display managers, 542–543
MANGLE tables, 407
mapping
ports, 394
/proc/ioports, 163–166
spoolers, 380
Massachusetts Institute of Technology (“Athena Project”), 527
Master Boot Record. See MBR
Matrox G400 dual head video cards, 531
Maximum Transaction Unit (MTU), 451
MBR (Master Boot Record), 2
backups, 211–223
bootloaders, 205–210
CHS addressing, 192–198
GRUB, 12–15
LBA, 203–204
location of, 189–191
logical/extended, 199–203
measurement, performance, 110–114
media, backup/recovery, 285–295
Media Access Control (MAC) addresses, 438
Media Independent Interface (MII), 429
memory
free command, 105
“No Space Left on Device” error, 152–154
top command, 85
vmstat command, 99–101
X Window video cards, 532
menus, GRUB, 3–7
messages
cron, 324
errors. See errors
ICMP, 445–448
SSH, 400
methods
exit( ), 258
linear recording, 287
wait( ), 258
MII (Media Independent Interface), 429
mii-tool, modifying interface speed, 431
mismatches, host key, 396
mkbootdisk command, 20–21
mkisofs command, 307
mkxauth –c command, 545
modes
confirm, 36
emergency, 9
stacker, 291
modinfo command, 436
modules
kernel, 162–170
PAM, 512
validating, 519
monitoring
free command, 105
iostat command, 102–104
sar command, 89–99
top command, 80–87
monitors, updating drivers, 66
most significant bit (MSB), 187
mounting partitions, 216
MSB (most significant bit), 187
MTU (Maximum Transaction Unit), 451
mtx, 290
multipath I/O, 126–130
multiple OS panics, 67–71
multiple partitions, 201–203
multiple threads of I/O to disks, 121–122
N
names, WWN, 129
namp command, 414
NAT (Network Address Translation), 406
netdump, 67
netfilter, system hardening, 403–410, 412–421
netstat command, 415, 479, 486
Network Time Protocol. See NTP
networks
DMZ, 385
interfaces, 429–437
OSI layers, 423–425
raw socket printing, 375–376
security, 383
statistics, 95- 99
TCP/IP, 423–425. See also TCP/IP
nmap command, 415
no-rewind devices, 294
non-interruptible hangs, 64–66
“No Space Left on Device” errors, 152–154
NTP (Network Time Protocol), 479–483
O
OCFS (Oracle Cluster File System), 139
octets, calculating, 455
one-to-one relationships, 258
Open Group, The, 528
open ports, scanning, 414
Open Shortest Path First (OSPF), 466
OpenSSH, 390–391
operating systems
bootloaders, 2
GRUB, 2–15
LILO, 15–17
mkbootdisk command, 20–21
hangs, 52
interruptible, 53–64
non-interruptible, 64–66
panics, 66–74
processes, 255–258
optical disks, backup/recovery, 297
optimization. See configuration
options
drivers, 436–437
/etc/lilo.conf file, 16
GRUB, 5
Oracle, applying statspak, 149–151
Oracle Cluster File System (OCFS), 139
ordering iptable rules, 420
OSI network layers, 423–425, 443
ARP/RARP, 443–445
firewalls, 466–468
FTP slow down, 488–492
host miscommunications, 460–466
ICMP, 445–448
IP, 449–459
slow DNS lookups, 483–486
synchronizing NTP, 479–483
transport layer, 468–479
UDP packet loss, 486–488
OSPF (Open Shortest Path First), 466
output
debugging, 335–336
top command, 81–85
P
packages
at, 332–334
kdeadmin, 327
packets, UDP, 486–488
Page Description Language. See PDL
PAL (Processor Abstraction Layer), 74
PAM, 510
arguments, 512
/etc/pam.conf, 513
/lib/security, 514
modules, 512
resources, 515
troubleshooting, 516–521
panics (OS), 66–74
panic_blink( ) function, 63
parallel printing, local, 369
parameters, Magic SystRq keystroke, 54
parent process id (PPID), 22, 254
partitions
adding, 197–198
GRUB, 5
mounting, 216
overview of, 186–189
recovery, 212–215
tables, 199–211. See also tables
partx, 202
passwd command, 498–505
passwords
aging, 496–507
/etc/passwd file, 496–507
root, 45
SSH, 401
troubleshooting, 522–525
weak, 387
patches, installing, 74
PCI (Peripheral Component Interconnect)
cards, 71
devices, 169
LUNs, 170–180
PCMCIA, adding storage, 181–184
PDL (Page Description Language), 347–379
performance
tools
free command, 105
iostat command, 102–104
sar command, 89–99
top command, 80–89
vmstat command, 99–101
Peripheral Component Interconnect. See PCI
permissions, /lib/security file, 514
physical attacks, 388
physical I/O (PIO), 139
physical network access layers. See access; networks
PIO (physical I/O), 139
ports. See also connections
closed, 415
mapping, 394
open, 414
PPID (parent process id), 22, 254
preventing login, 516–519
printing
connectivity, 360–370, 371–379
filters, 355
PDL, 379
spoolers, 345–356
troubleshooting, 380
types of printers, 358–360
private host keys, 390
private user keys, 390
processes
core dumps, 275–284
creating, 255–257
/etc/init, 22–29
free command, 105
gzip, 272–273
hangs, 267–273
high CPU utilization, 144
HWP, 259
interruptible hangs, 53–64
iostat command, 102–104
IPCS, 259
kill, 269
non-interruptible hangs, 64–66
PPID, 254
rc scripts, 30–41
sar command, 89–99
structures, 254–255
terminating, 258
top command, 80–87
Processor Abstraction Layer (PAL), 74
/proc/ioports, mapping, 163–166
profiles, user files, 521
protocols
FCP, 248
FTP, 488–492
ICMP, 445–448
IPP, 377–378
NTP, 479–483
RARP, 443–445
RIP, 466
TCP, 468–479
ps command, 262–271
pstree hangs, 337–338
PTH (GNU Portable Threads), 259
public host keys, 390
public user keys, 390
PuTTY, 391
pwck command, 507
PZERO, 267
Q–R
QoS (Quality of Service), 450
RARP (Reverse ARP), 443–445
raster graphics, printing, 356
raw command, 109–110
raw network socket printing, 375–376
rc scripts, 30–41
rc.d directory, 28
recording linear methods, 287
recovery, 309–311
after being hacked, 421
bare metal, 308
commands, 300
dd, 306
dump, 305–306
mkisofs, 307
rsync, 307
filesystems, 217–223
media, 285. See also media
partitions, 212–215
reducing disk I/O strain, 122–125
refused messages, SSH connections, 400
reinstalling
GRUB, 46–48
MBR with GRUB stage 1, 13
relationships
one-to-one, 258
processes, 255
threads, 258–266
remote printing, 369–375
Remote Procedure Calls (RPCs), 486
remote vulnerabilities, 385
replacing
failed devices, 245–252
PCI cards, 71
reporting, 290
requests
I/O, 133
ICMP, 448–451
Rescue CD, 42
resetting lost root passwords, 45
resources, PAM, 515
respawn keyword, 29
restoring superblocks, 221
restrictions
access, 388
crontab, 320
Reverse ARP. See RARP
rewind devices, 294
RIP (Routing Information Protocol), 466
Roell, Thomas, 528
root (hd0,0) command, 13
root filesystems, 41–48
root logins, limiting, 508–509
round robin (RR), 126
route command, 440
routing, 456–459
Routing Information Protocol (RIP), 466
RPCs (Remote Procedure Calls), 486
rpm command, 519
RR (round robin), 126
rsync command, 307
rules (iptables), 419–420
run levels field, 22
S
SAL (System Abstraction Layer), 74
SAN (storage area network), 159
configuration, 160–161
kernel module, 162–166
LUNs, 170–180
searching driver versions, 166–170
storage, 181–184
SASI (Shugart Associates System Interface), 186
saving
customization, 85–87
iptables, 413
scanning
drives in the wrong order, 223
open ports, 414
scope, backup, 298–300
SCP (secure copy), 390
scripts
atrun, 333–334
data collectors, 89–90
rc, 30–41
sendmail, 35
/usr/bin/run-parts, 322
SCSI (Small Computer Systems Interface), 186
searching
device errors, 231–234
hangs, 337–338
drivers, 166–170
second hard disks, booting from, 42
sector alignment, 139
secure copy (SCP), 390
Secure FTP (SFTP), 390
Secure Shell. See SSH
security
crontab, 320
firewalls, 466–468
/lib/security file, 514
networks, 383
prevention, 389
hardening (with netfilter/iptables), 403–414
SSH encryption, 390–402
system, 383–387
X Window, 538
sending signals, 276
sendmail script, 35
sequential speed, 111–112
serial printing, local, 360–364
servers
SAN, 181–184. See also SAN
terminal, 379
X Window, 529–531. See also X Window
services, rc scripts, 30–41
setup (hd0) command, 13
SFTP (Secure FTP), 390
sharing memory, 152–154
shells
environment variables, 319
interfaces, 7
troubleshooting, 521
Shugart Associates System Interface. See SASI
shutting down
iptables, viewing rules, 419
TCP connections, 476
signals, core dumps, 275–284
single keyword, 36
single partitions, 201–203
sizing
requests, 133
sleep statement, 434
slow DNS lookups, 483–486
slow down, FTP, 488–492
small block I/O transfers, 134–138
Small Computer Systems Interface. See SCSI
SMP (Symmetric Multi-Processor), 259
social engineering attacks, 388
SOCK argument, 99
sockets, raw network printing, 375–376
software defects (vulnerabilities), 387
speed
auto-negotiation, 433
interfaces, 431
sequential, 111–112
spoofing, 387
spoolers, 345–356
SPP (Standard Parallel Port), 369
SSH (Secure Shell) encryption, 390–402
sshd daemon, 477
stacker mode, 291
stacks
interruptible hangs, 58–59
missing preventing login, 516–517
stage 1 files, reinstalling MBRwith GRUB, 13
Standard Parallel Port (SPP), 369
starting
kcron, 328
multiuser mode, 26–28
processes, 30–41
rc scripts, 37–41
X Window servers, 546–548
statements, sleep, 434
statistics
CPUs, 91–93
disk I/O, 94–95
networking, 95–99
Oracle statspak, 149–151
vmstat command, 99–101
statspak (Oracle), applying, 149–151
storage
crontab files, 320
devices, 110
PCMCIA/USB, 181–184
storage area network. See SAN
strain, reducing disk I/O, 122–125
stripping lvol, 122–125
superblock filesystem recovery, 217–223
supported device failures, 229–231
swapper code, 73
swaps
free command, 105
utilization, 155
Symmetric Multi-Processor (SMP), 259
synchronizing NTP, 479–483
sysctl command, 53
syslog, 234
System Abstraction Layer (SAL), 74
system security. See security
T
tables
FILTER, 407
MANGLE, 407
partitions, 211–217. See also partitions
tape
libraries, 290–293
tasks, 255–258. See also processes
TCP (Transmission Control Protocol), 468–479
TCP/IP (Transmission Control Protocol/Internet Protocol), 423–425
application layer, 492
network layer, 443–453, 455–459
host miscommunications, 460–466
IP firewalls, 466–468
physical access layer, 426
communicating at physical levels, 438–440
detecting links, 429–437
Ethernet frames, 440–442
links, 427–429
transport layer, 468–479
FTP slow down, 488–492
slow DNS lookups, 483–486
synchronizing NTP, 479–483
UDP packet loss, 486–488
terminal servers, 379
terminating processes, 258
testing
connections, 394
ping command, 447
Xauthority, 544–545
threads, 258–261
identifying, 261–266
kernels, 260
multiple, 121–122
PTH, 259
Time-To-Live (TTL), 450
time. See NTP
tools
anacron, 329–331
at command, 332–334
cpio, 303–305
dd, 306
dump, 305–306
mkisofs, 307
rsync, 307
tar, 300–302
cron, 316–323
daemons, 324–327
kcron, 327–329
troubleshooting, 335–342
devices, 231–234
ipcalc, 461
partx, 202
performance, 154. See also performance
PuTTY, 391
syslog, 234
top command, 80–89
TOS (Type of Service), 450
TPS (transfers per second), 113
traces, slow DNS lookups, 485
tracks, 139
transfers, 134–138
transfers per second (TPS), 113
Transmission Control Protocol. See TCP
Transmission Control Protocol/Internet Protocol. See TCP/IP
transport layer, 468–479
FTP slow down, 488–492
NTP, 479–483
slow DNS lookups, 483–486
UDP packet loss, 486–488
troubleshooting
authentication, 397–400
raw network socket printing, 376
SSH, 395–402
Tsillas, Jim, 528
TTL (Time-To-Live), 450
tuning
benchmarking (bonnie++), 141, 144
sector alignment, 139
Type of Service (TOS), 450
types
of host vulnerabilities, 387
of keys, 390
U
UDP (User Datagram Protocol), 468–472
packet loss, 486–488
slow DNS lookups, 483–486
synchronizing NTP, 479–483
ulimit command, 279
uname command, 235–244
Uniform Resource Locator (URL), 377
Universal Serial Bus. See USB
universal vulnerabilities, 384
unlocking accounts, 505
updating
hardware, 66
kernels, 60–64
logs, 340–341
URL (Uniform Resource Locator), 377
USB (Universal Serial Bus)
storage, 181–184
used drives, 208–210
User Datagram Protocol. See UDP
usermode command, 498–505
users
disassociation (printing), 354
multiple OS panics, 67–71
multiuser mode, 26–28
profile files, 521
signals, 276
/usr/bin/run-parts script, 322
utilities. See tools
utilization, CPUs, 144–149, 155
V
validating modules, 519
values, converting binary, 187
variables, adding, 319
VAS (Virtual Address Space), 268
vector graphics, printing, 356
versions
devices, 231
drivers, 166–170
X Window, 529
vgcreate failures, 224
viewing
auto-negotiation, 435
backups, 309–312
bytes, 208–210
core dumps, 275–284
devices, 231
drivers, 436
failed devices, 235–244
iptable rules, 419
partition tables, 202
Virtual Address Space (VAS), 268
Virtual Page Descriptor. See VPD
vmalloc, 233
vmstat command, 99–101
VPD (Virtual Page Descriptor), 236
vulnerabilities, 384–387
W
wait( ) method, 258
weak passwords (vulnerabilities), 387
Web browser hangs, 271–272
Windows performance, 139
worldwide name (WWN), 129
wrong order, drive scanning, 223
WWN (worldwide name), 129
X–Z
X Consortium, 528
X Window
authentication, 544–545
components, 529–540
desktop managers, 544
display managers, 542–543
overview of, 527–529
X.org Foundation, 529
X11, 401
X11R4, 528
X386, 528
Xauthority, 544–545
xclock program, 545
XFree86 Project, Inc., 528
xterm command, 540
Xwrapper, installing, 530