How To Check Open Ports On A Remote Server Without Netcat Or Nmap Linux Command?
In the work of sysadmin, we can sometimes want to check open ports on our remote server. But if we are on a machine where can not install nmap or we don't have the possibility to install a tool which can help us to check open ports, what could we do?
We can check it with bash using /dev/tcp or /dev/udp to open a TCP or UDP connection to the associated socket.
The command behavior is
$ echo > /dev/tcp/$host/$port
we can associate a message to display if the port is opened
$ echo > /etc/tcp/8.8.8.8/53 && echo "OPEN PORT"
OPEN PORT
$ echo > /dev/tcp/8.8.8.8/80 && echo "GOOD" || echo "NOT OPEN"
-bash: connect: Connection timed out
-bash: /dev/tcp/8.8.8.8/80: Connection timed out
NOT OPEN
Systemd Over Init System, What Do You Think?
Systemd is well designed. It was conceived from the top, not just to fix bugs, but to be a correct implementation of the base system services. A systemd, may refer to all the packages, utilities and libraries around daemon. It was designed to overcome the shortcomings of init. It itself is a background process which is designed to start processes in parallel, thus reducing the boot time and computational overhead. It has a lot other features as compared to init while Sysvinit was never designed to cope with the dynamic/event-based architecture of the current Linux kernel. The only reason why we still use it today is the cost of a migration.
Systemd ships a growing number of useful, unified command-line interfaces for system settings and control (timedatectl, bootctl, hostnamectl, loginctl, machinectl, kernel-install, localectl). In Debian, they use the existing configuration files without breaking compatibility.
Systemd makes the boot process much simpler, entirely removing the need to specify dependencies in many cases thanks to D-Bus activation, socket activation, file/inotify activation and udev integration.
Systemd supports SELinux integration while SysV doesn't
Systemd can handle the boot process from head to toe, without needing to use any of the existing shell scripts. Systemd extends the logging features of the system in many ways with journald, and can remain integrated with the existing rsyslog daemon. Logs are in a structured format, attributed to filename, line of code, PID and service. They include the early boot (starting from initramfs). They can be quickly filtered and programmatically accessed through an efficient interface.
Systemd unit files, unlike SysV scripts, can usually be shipped by upstream, or at least shared with other distributions (already more than 1000 existing unit files in Fedora) without any changes, the Debian specifics being handled by systemd itself.
Systemd is incredibly fast (1 second to boot). It was not designed with speed in mind, but doing things correctly avoids all the delays currently incurred by the boot process.
The transition plan is easy, since existing init scripts are treated as first-class services: scripts can depend (using LSB headers) on units, units can depend on scripts. More than 99% of init scripts can be used without a modification.
It is not just init. It unifies, in fewer lines of code, everything that is related to starting services and managing session groups: user login, cron jobs, network services (inetd), virtual TTY management… Having a single system to handle all of that allows us to remove a lot of cruft, and to use less memory on the system.
What Basics Measures Could You Take To Secure An Ssh Connection?
For Linux sysadmins, it is frequent to access servers by ssh. But are we sure the communication established is really good secured?
There some additionals very simple steps that can be taken to initially harden the SSH service, such as
Disabling root login, and even password-based logins will further reinforce the security of the server.
Disabling password-based logins and allow key based logins which are secured but can be taken further by restricting their use from only certain IP addresses.
Changing the standard port to something other significantly decreases random brute force attempts from the internet
Forcing the service to use only version 2 of the protocol will introduce both security and feature enhancement.
The whitelist approach can be taken, where only the users that belong to a certain list can log in via SSH to the server.
What Is Lvm And Does It Required On Linux Servers?
LVM is a logical volume manager. It requires to resize filesystem size. This size can be extended and reduced using lvextend and lvreduce commands respectively. You can think of LVM as dynamic partitions, meaning that you can create/resize/delete LVM partitions from the command line while your Linux system is running: no need to reboot the system to make the kernel aware of the newly-created or resized partitions. LVM also provides
You can extend over more than one disk if you have more than one hard-disk. They are not limited by the size of one single disk, rather by the total aggregate size.
You can create a (read-only) snapshot of any LV (Logical Volume). You can revert the original LV to the snapshot at a later time, or delete the snapshot if you no longer need it. This is handy for server backups for instance (you cannot stop all your applications from writing, so you create a snapshot and backup the snapshot LV), but can also be used to provide a "safety net" before a critical system upgrade (clone the root partition, upgrade, revert if something went wrong).
In the work of sysadmin, we can sometimes want to check open ports on our remote server. But if we are on a machine where can not install nmap or we don't have the possibility to install a tool which can help us to check open ports, what could we do?
We can check it with bash using /dev/tcp or /dev/udp to open a TCP or UDP connection to the associated socket.
The command behavior is
$ echo > /dev/tcp/$host/$port
we can associate a message to display if the port is opened
$ echo > /etc/tcp/8.8.8.8/53 && echo "OPEN PORT"
OPEN PORT
$ echo > /dev/tcp/8.8.8.8/80 && echo "GOOD" || echo "NOT OPEN"
-bash: connect: Connection timed out
-bash: /dev/tcp/8.8.8.8/80: Connection timed out
NOT OPEN
Systemd Over Init System, What Do You Think?
Systemd is well designed. It was conceived from the top, not just to fix bugs, but to be a correct implementation of the base system services. A systemd, may refer to all the packages, utilities and libraries around daemon. It was designed to overcome the shortcomings of init. It itself is a background process which is designed to start processes in parallel, thus reducing the boot time and computational overhead. It has a lot other features as compared to init while Sysvinit was never designed to cope with the dynamic/event-based architecture of the current Linux kernel. The only reason why we still use it today is the cost of a migration.
Systemd ships a growing number of useful, unified command-line interfaces for system settings and control (timedatectl, bootctl, hostnamectl, loginctl, machinectl, kernel-install, localectl). In Debian, they use the existing configuration files without breaking compatibility.
Systemd makes the boot process much simpler, entirely removing the need to specify dependencies in many cases thanks to D-Bus activation, socket activation, file/inotify activation and udev integration.
Systemd supports SELinux integration while SysV doesn't
Systemd can handle the boot process from head to toe, without needing to use any of the existing shell scripts. Systemd extends the logging features of the system in many ways with journald, and can remain integrated with the existing rsyslog daemon. Logs are in a structured format, attributed to filename, line of code, PID and service. They include the early boot (starting from initramfs). They can be quickly filtered and programmatically accessed through an efficient interface.
Systemd unit files, unlike SysV scripts, can usually be shipped by upstream, or at least shared with other distributions (already more than 1000 existing unit files in Fedora) without any changes, the Debian specifics being handled by systemd itself.
Systemd is incredibly fast (1 second to boot). It was not designed with speed in mind, but doing things correctly avoids all the delays currently incurred by the boot process.
The transition plan is easy, since existing init scripts are treated as first-class services: scripts can depend (using LSB headers) on units, units can depend on scripts. More than 99% of init scripts can be used without a modification.
It is not just init. It unifies, in fewer lines of code, everything that is related to starting services and managing session groups: user login, cron jobs, network services (inetd), virtual TTY management… Having a single system to handle all of that allows us to remove a lot of cruft, and to use less memory on the system.
 |
| Dell Boomi Most Frequently Asked Latest Linux Interview Questions Answers |
What Basics Measures Could You Take To Secure An Ssh Connection?
For Linux sysadmins, it is frequent to access servers by ssh. But are we sure the communication established is really good secured?
There some additionals very simple steps that can be taken to initially harden the SSH service, such as
Disabling root login, and even password-based logins will further reinforce the security of the server.
Disabling password-based logins and allow key based logins which are secured but can be taken further by restricting their use from only certain IP addresses.
Changing the standard port to something other significantly decreases random brute force attempts from the internet
Forcing the service to use only version 2 of the protocol will introduce both security and feature enhancement.
The whitelist approach can be taken, where only the users that belong to a certain list can log in via SSH to the server.
What Is Lvm And Does It Required On Linux Servers?
LVM is a logical volume manager. It requires to resize filesystem size. This size can be extended and reduced using lvextend and lvreduce commands respectively. You can think of LVM as dynamic partitions, meaning that you can create/resize/delete LVM partitions from the command line while your Linux system is running: no need to reboot the system to make the kernel aware of the newly-created or resized partitions. LVM also provides
You can extend over more than one disk if you have more than one hard-disk. They are not limited by the size of one single disk, rather by the total aggregate size.
You can create a (read-only) snapshot of any LV (Logical Volume). You can revert the original LV to the snapshot at a later time, or delete the snapshot if you no longer need it. This is handy for server backups for instance (you cannot stop all your applications from writing, so you create a snapshot and backup the snapshot LV), but can also be used to provide a "safety net" before a critical system upgrade (clone the root partition, upgrade, revert if something went wrong).
you can also set up writeable snapshots too. It allows you to freeze an existing Logical Volume in time, at any moment, even while the system is running. You can continue to use the original volume normally, but the snapshot volume appears to be an image of the original, frozen in time at the moment you created it. You can use this to get a consistent filesystem image to back up, without shutting down the system. You can also use it to save the state of the system, so that you can later return to that state if you mess things up. You can even mount the snapshot volume and make changes to it, without affecting the original.
What Is The Minimum Number Of Partitions You Need To Install Linux?
2
Linux can be installed on two partitions, one as / which will contain all files and a swap partition.
What Is The Name And Path Of The Main System Log?
/var/log/messages
By default, the main system log is /var/log/messages.
What Utility Can You Use To Automate Rotation Of Logs?
logrotate
The logrotate command can be used to automate the rotation of various logs.
What Key Combination Can You Press To Suspend A Running Job And Place It In The Background?
ctrl-z
Using ctrl-z will suspend a job and put it in the background.
What Command Is Used To Remove The Password Assigned To A Group?
gpasswd -r
The gpasswd command is used to change the password assigned to a group. Use the -r option to remove the password from the group.
In Order To Improve Your System's Security You Decide To Implement Shadow Passwords. What Command Should You Use?
The pwconv command creates the file /etc/shadow and changes all passwords to 'x' in the /etc/passwd file.
What Command Should You Use To Check The Number Of Files And Disk Space Used And Each User's Defined Quotas?
The repquota command is used to get a report on the status of the quotas you have set including the amount of allocated space and amount of used space.
You Have A File Called Phonenos That Is Almost 4,000 Lines Long. What Text Filter Can You Use To Split It Into Four Pieces Each 1,000 Lines Long?
The split text filter will divide files into equally sized pieces. The default length of each piece is 1,000 lines.
You Want To Create A Compressed Backup Of The Users' Home Directories. What Utility Should You Use?
You can use the z modifier with tar to compress your archive at the same time as creating it.