143 docs tagged with "os"

A descendant of the HOSTS.TXT file is the hosts file. On Linux, this file resides at /etc/hosts. It has a very simple syntax:

Provides vital information that can be used for troubleshooting production performance problems.

The iptables command can be broken into multiple pieces:

During system initialization, systemd launches a series of system-generators very early in the startup phase. These generators help with low-level setup on items.

sandbox-exec is a built-in macOS command-line utility that runs a program inside a sandbox defined by a sandbox profile (a small Scheme/LISP-like policy file). The basic idea is to deny or allow specific operations (network, file reads/writes, process exec, etc.) so a command can only access what you explicitly permit.

udev is a device manager for the Linux kernel. It manages device nodes in /dev. It also handles all user space events raised when HW devices are added or removed into the system.

1. Open ~/.zshrc

Then add script path:

Check

Configuration

AppArmor is an LSM alternative to SELinux. Support for it has been incorporated in the Linux kernel since 2006. It has been used by SUSE, Ubuntu and other distributions.

Transport Layer

Add line numbers at start of each line

For GPT systems, we can use:

What data should be backed up?

BIND

Steps in the boot sequence:

Cache hierarchies are further extending the caching idea. Groups of cache servers working in concert can increase the caching efficiency, route the traffic to the best link, and support a higher number of clients.

HTTP caches help reduce perceived lag, network utilization, and may improve performance of web applications. Caches can also be used as a filtering proxy, restricting access to certain sites or resources. Caches come in two flavors, forward and reverse.

Entries are kept in /etc/resolv.enf.

New/Change IP address

Physical

Simple Client Troubleshooting

tar

A kernel feature that limits resource usage (CPU, RAM, disk i/o, network) of a collection of processes.

Granting ownership to specific user

If during the boot process, one or more filesystems fail to mount, fsck may be used to attempt repair. However, before doing that one should check that /etc/fstab has not been misconfigured or corrupted. Note once again that you could have a problem with a filesystem type the kernel you are running does not understand.

load symbols

crond is a daemon that runs in the bg. it checks the crontab (table) for jobs that need to be scheduled according to jobs configured in /etc/crontab.

- ethX: Ethernet devices.

Linux distributions provide block device level encryption primarily through the use of LUKS (Linux Unified Key Setup). LUKS is installed on top of cryptsetup.

Popular hard disk types:

ARP translates IPv4 addresses to MAC addresses

DNS Client/Resolver

The nameserver (DNS server) ordered list can be found here:

DNS Server Daemons

DNS Tools

The Domain Name System (DNS) is a distributed, hierarchical database for converting DNS names into IP addresses. The key-value store can be used for more than just IP address information. The DNS protocol runs in two different modes:

DNS is a distributed, hierarchical database for converting DNS names into IP addresses.

The Dynamic Host Configuration Protocol (DHCP) is used to configure the network-layer addressing. The dhcpd daemon used to be configured using both a configuration file (/etc/dhcp/dhcpd.conf) and a daemon options file that was distribution-dependent. Recent versions of dhcp have moved the daemon options into systemd.

Email programs and daemons have multiple roles and utilize various protocols.

types of variables:

This PowerShell script is useful when you have access to multiple Windows servers and need to run the same command on all of them.

- file - Determine the file type.

Each file has access rights associated to it. There are 3 groups of permissions:

Extended Attributes

Applications write and read files. The files are abstractions to the actual physical/hardware layer. The filesystem is an interface between the applications and the I/O layer.

Filter Table

A firewall is a network security system that monitors and controls network traffic. It applies to bot incoming and outgoing traffic. Can be implemented on HW and/or SW.

Forward/Reverse DNS Queries

Bootloader that handles the early phases of system startup.

Groups are collection of users that have a commonality.

C:\Windows\System32\drivers\etc\hosts

1. Create a service file and put in /etc/init.d/fake.service:

1) The main tool used is iostat.

The I/O scheduler provides an interface with the Generic Block Layer, which is a kernel component that handles the requests for all block devices in the system.

An inode is an index node. It serves as a unique identifier for a specific piece of metadata on a given filesystem.

The kernel is the core component of the OS. It:

Layer 2 is about the hardware setting and examination of network adapters. We can use the following commands to modify the network adapter configuration:

Linux Containers (LXC) are an operating system type of virtualization. This operating system type of virtualization uses the Linux facilities of cgroups and namespaces. This allows virtualization of items like CPUs, memory, block I/O, networks, etc.

Summarized information from Linux Kernel Development, 3rd Edition.

The LSM framework enhances security to the Linux kernel. The basic idea is to hook system calls and insert code whenever an application requests a transition to kernel (system) mode in orider to accomplish work that requiries enhances abilities.

Active Services

Virtual devices may be easier to manage than physical devices, and can have capabilities beyond what the physical devices provide themselves. A Volume Group (VG) is a collection of one or more physical devices, each called a Physical Volume (PV). A Logical Volume (LV) is a virtual block device that can be used by the system or applications. Each block of data in an LV is stored on one or more PV in the VG, according to algorithms implemented by Device Mapper (DM) in the kernel.

Virtual devices may be easier to manage than physical devices, and can have capabilities beyond what the physical devices provide themselves. A Volume Group (VG) is a collection of one or more physical devices, each called a Physical Volume (PV). A Logical Volume (LV) is a virtual block device that can be used by the system or applications. Each block of data in an LV is stored on one or more PV in the VG, according to algorithms implemented by Device Mapper (DM) in the kernel.

Be aware that many details have been omitted and would be required to make this a functioning example.

Several command line utilities are available to manage the LXC containers:

Every filesystem has a utility for formatting/making a filesystem on a partition. Usually it's prefix is mkfs and the binary resides in /sbin/mkfs.

The Linux® kernel is the main component of a Linux operating system (OS) and is the core interface between a computer’s hardware and its processes. It communicates between the 2, managing resources as efficiently as possible.

For instance, enter dig hackers-arise.com and add the ns option (short for nameserver ). The nameserver for hackers-arise.com is displayed in the ANSWER SECTION of Listing 3-3 .

OOM Killer

Modules enable the operating system to extend capabilities of network, disk, peripheral devices and others. They are pieces of software that can be loaded/unloaded into the kernel upon demand and without the need to restart the OS.

To be able to use a filesystem after creation, we need to mount it somewhere within the tree structure in a child directory within the / directory.

The three methods of mounting network filesystems (immediate mount -command line-; always mounted; and mounted on-demand) use a common configuration file /etc/fstab. Over the years, additional features and services have updated the options in /etc/fstab. Functionality that required external packages, services and configuration are now combined under systemd services.

Name resolution is translating hostnames to IP address.

netfilter is a packet-filtering framework built into the Linux kernel. To better understand netfilter, we need to start with some vocabulary:

Best command, will provide pid and name, listening, network stats:

IP addresses uniquely identify nodes across the internet. They are registered using an ISP.

The iptraf tool is a RT. network traffic analyzer that recognizes the following protocols:

Many protocols require consistent, if not accurate time to function properly.

There are alternatives for network configuration, not just libvirt. The alternatives in the configuration of the network usually center around the selection of hypervisor. Network configuration for Virtual Machines and LXC containers can be created with:

Network File System is a filesystem protocol built upon the Open Network Computing Remote Procedure Call system (ONC RPC). RPCs are managed by the portmap service.

Find time in format 16-58-56

The Open Systems Interconnection (OSI) model was created to standardize the language used to describe networking protocols. It defines the manner in which systems communicate with one another using abstraction layers. Each layer communicates with the layer directly above and below. Not all layers are used at all times.

- Andrew File System (AFS) is a distributed, network filesystem built for high performance. OpenAFS is an open source branch of the original AFS now owned by IBM.

Types of packages

Traffic on interface eth0, with ASCII decoding,

Provide mechanism to ensure that users/applications are properly identified and authenticated.

Finding processes

In Linux, threads are treated as standalone processes.

When a browser fetches an https

Query/Record Types

RAID (Redundant Array of Independent Disks) is a data storage virtualization technology.

Create a Socket Server

View File from Bottom

The dhclient command sends a DHCPDISCOVER request from the network interface specified (here, eth0 ). It then receives an offer ( DHCPOFFER ) from the DHCP server and confirms the IP assignment to the DHCP server with a dhcp request.

We can get the routing list of IP to device/interface:

Developed by the NSA.

To send a message:

The Server Message Block (SMB) protocol was originally designed at IBM and later incorporated as the de facto networking file/print sharing system for Microsoft Windows.

For advanced server troubleshooting, the /proc filesystem has settings that affect the network stack:

Signals are used to notify processes of events/exceptions and are the basis of Inter Process Communication (IPC).

Print all socket information:

The main squid configuration file, squid.conf, can be found in the following locations:

Enables remote login to servers. The important files are in:

Generate key

/dev

Linux employs a virtual memory system that allows it to function as if it had more memory than it physically has. Overcommiting functions two ways:

System - /var/log/sys

/sbin/init is the first user process (pid=1) run on the system and runs until shutdown. All processes (aside from kernel-related once) are children to init.

Network traffic viewer

The TCP Wrappers system is a host-based network firewall and ACL. Originally, it only protected the inetd system, but has now been extended with the shared object library libwrap.

The most common errors found in setting up network filesystems are:

IP Configuration

No boot loader screen

Attributes

VLANs use functionality in the switches and routers. The switch or router functionality must exist in the device as it is not usually an option that be added later.

Virtualization is the process of running a virtual instance of a computer system in a layer abstracted from the actual hardware. Most commonly, it refers to running multiple operating systems on a computer system simultaneously.

Sets a filter for any packet with 10.0.0.1, as either the source or dest]