May 07 2010

Increasing RAID resync/rebuild speed

Category: Articles,Linux administrationFractalizeR @ 6:33 pm

Recently I assembled a server with several 2Tb disks in Linux RAID. RAID resync reported by cat /proc/mdstat showed that resync will take about 9 hours! More than my working day! I started to look for a way to increase resync speed.

Continue reading “Increasing RAID resync/rebuild speed”

Tags: ,


Dec 27 2009

WARNING: mismatch_cnt is not 0 on /dev/md0

Category: Articles,Linux administrationFractalizeR @ 12:37 pm

I’ve gotten cron log from one of my servers today which says:

/etc/cron.weekly/99-raid-check:
 WARNING: mismatch_cnt is not 0 on /dev/md0

That worried me a little and I decided to investigate.

Continue reading “WARNING: mismatch_cnt is not 0 on /dev/md0”

Tags: , , , ,


Jul 01 2009

[Linux, FreeBSD] Small Anti-DDOS Shell Script for FreeBSD

Category: Articles,Linux administrationFractalizeR @ 3:21 pm

Struggling with DDoS on my friend’s site, I wrote small Anti-DDoS script, that in original just lists all IPs, that have more than X active connections open to your server. It was originally written for FreeBSD.

#!/bin/sh
# Set here a minimum number of connections for action to be executed (150 by default).
FR_MIN_CONN=150
TMP_PREFIX='/tmp/frrr'
TMP_FILE=`mktemp $TMP_PREFIX.XXXXXXXX`
netstat -ntu -f inet| awk '{if(NR>2 && NF=6) print $5}' | cut -d. -f1-4 | grep '^[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}$' | sort | uniq -c | sort -nr > $TMP_FILE
while read line; do
 CURR_LINE_CONN=$(echo $line | cut -d" " -f1)
 CURR_LINE_IP=$(echo $line | cut -d" " -f2)
 if [ $CURR_LINE_CONN -lt $FR_MIN_CONN ]; then
 break
 fi
 
 # You can insert your own logic here (e.g. ban with your favourite firewall). Now it just prints the IP to console.
 echo $CURR_LINE_IP
done < $TMP_FILE
rm -f $TMP_PREFIX.*

I think this will work on general Linux also. You just need to change “cut -d.” to “cut -d:” in the listing and, probably, “/bin/sh” to “/bin/bash”.

Tags: , ,


Jul 01 2009

[Linux, FreeBSD] Using netstat and ipfw to manually detect and blacklist DOSers on FreeBSD

Category: Articles,Linux administrationFractalizeR @ 1:22 pm

This is just an addition to my this article with some corrections needed if you use FreeBSD.

netstat command should look like

netstat -ntu -f inet| awk '{print $5}' | cut -d. -f1-4 | sort | uniq -c | sort -nr|more

And firewall IP blocking command should be

ipfw add deny all from xxx.xxx.xxx.xxx to any in

Tags: , , ,


Aug 24 2008

[Linux] Installing latest Apache, PHP and MySQL from sources

Category: Articles,Linux administrationFractalizeR @ 12:48 am

As you probably know, latest software versions are rarely available to be installed as rpms. So, you need to compile them yourself. In this article I will briefly describe a process of installing, configuring and  upgrading latest Apache and PHP.

Please remember, that installing from sources can sometimes break working system. So, please use this guide carefully.

Continue reading “[Linux] Installing latest Apache, PHP and MySQL from sources”

Tags: , , , , ,


Aug 11 2008

[Linux] Installing ClamAV antivirus and integrating with Exim and pure-ftpd

Category: Articles,Linux administrationFractalizeR @ 1:41 am

Every good server must have a good antivirus installed. Let’s install ClamAV to our machine. Paths to distributions are provided to the latest versions at the time of writting. If new version releases all you need to do is to change numbers in shell command.

Continue reading “[Linux] Installing ClamAV antivirus and integrating with Exim and pure-ftpd”

Tags: , ,


Jul 30 2008

[Linux] Installing automatic protection from DoS and DDoS attacks to your server

Category: Articles,Linux administrationFractalizeR @ 3:11 pm

During several months server I was responsible for was under DDoS attack, that almost flooded it. Due to lacking Linux skills, I almost lost my hope in protecting it by myself and started to think about paying some specialist to protect my server.

But suddenly, I found a miraculos and VERY easy to install and use solutuons I want to share with you today.

Continue reading “[Linux] Installing automatic protection from DoS and DDoS attacks to your server”

Tags: , , , , , ,


Jul 23 2008

[Linux] Using netstat and iptables to manually detect and blacklist DOSers

Category: Articles,Linux administrationFractalizeR @ 8:35 pm

If you suspect, that your server is flooded, the first thing you need to do is to issue the following command:
netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr

This will show you IP addresses  (second column) and the total number of connections from each (first one). If you see, that you have too many connections from some IP address, you can block it by issueing the following command:

Continue reading “[Linux] Using netstat and iptables to manually detect and blacklist DOSers”

Tags: , , , ,