Sunday, December 28, 2014

Tips for Monitoring Linux server Best and Simples Tips

Well welcome back guys to my blog on Tips for Linux server monitoring the activities on Linux server.

The following tips will allow you to monitor the activity on Linux server.Its start with the few assumptions like  
  1.  you are using CentOS server 
  2. You are also having minimal installation of Centos  
I am assuming minimal install as i can provide you the details
like installation of mail agent etc .

so lets start with it.

First of all you need to have internet connectivity on server if so then by default postfix is installed on you server so you can go for it else if you don't have internet connectivity and you have mail server configured on some other server This can be the code when you are running payment-gateway on server and PCI slandered won't allow you to so so then 

Install mailx as a client to send a mail so that you can use a command mail to send a mail

 #yum install mailx 

Install ssmtp on your Centos server and open the /etc/ssmtp/ssmtp.conf
  
# vim /etc/ssmtp/ssmtp.conf file

the added the following line to the file make sure you change the email address and password as per your mail server configuration. 

for simplicity and to cover more point i am taking gmail as my mailing server not the default postfix.
 
AuthUser=vijay9867206455@gmail.com
AuthPass=xxxxxxxx
FromLineOverride=YES
mailhub=smtp.gmail.com:587
UseSTARTTLS=YES
TLS_CA_File=/etc/pki/tls/certs/ca-bundle.crt
 

I have added the last line as while using the gmail you will get a typical error that can not connect to smtp.gmail.com  and to avoid the error I have added the below line for the TLS certificate.

then close the file and execute the following commands 

 # service sendmail stop && service postfix stop
 # chkconfig sendmail off
 # mv /usr/sbin/sendmail /usr/sbin/sendmail.old 
 # ln -s /usr/sbin/ssmtp /usr/sbin/sendmail

so good so then strat the postfix service and we will try to send a sample mail by using following command.
   #echo "This is a test" | mail -s "Test" vijay9867206455@gmail.com

and we will receive a mail for it.

Then open /etc/aliases

vim /etc/aliases

and find the like look like this

# Person who should get root's mail
#root: marc


and change this to look like this

# Person who should get root's mail
root: vijay99867206455@gmail.com

  
as written in file dont forget to fire newaliases command

#newaliases
 
 the simply login as user other than root and try to use sudo with wrong password and you will see you start getting alart for then too for any security breach or any unwanted activity you start getting alert.Its a very small tip but will help you alot for handing large servers for more convinces if you server's ip is 192.168.1.100 then change the host name to 192-168-1-10 or some thing like this so you will get the more clue if you are handling large number of servers

Thanks guys letme know if you have any issue you can mail me on my mail id  

Wednesday, December 10, 2014

Working with NTP (Network Time Protocol) Part 2

Working with NTP (Network Time Protocol) Part2

to set the timezone after the installation in Linux we need to install the tzdata package in Linux 
use the following command to install the tzdata 
# yum install tzdata

# tzselect

and select the proper time zone .

change time zone for specific user in linux
Open the .profile file from the home directory of user in my case assume i have a use called nrathi

so open a file .profile using command 
 # vim /home/nrathi/.profile
it will look like this  
 
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
 

add the following line to it will change the time zone for the specific user as the user local time zone is near to India.
 
# User specific environment and start-up programs
PATH=$PATH:$HOME/bin
export PATHt

timezone='GMT+5.30'; export timezone

and some the file and we are done to test log-out and log-in as nrathi  and test it


 

Working with NTP (Network Time Protocol) Part 1

Installing and Configuring with the NTP

Hello Guys today i will tell you about the NTP protocol and how to play with NTP protocol and some fine tuning with it.so lets start.

To install the NTP on centos

To begin, log in as root

# yum –y install ntpd 

The default installation of NTP will use a public server that has access to the atomic clock, but in order to optimize the service we will need to make a few simple changes in order to streamline and optimize what time servers are used. To do this, we shall open the main configuration file with your favorite text editor like so:

# vi /etc/ntp.conf 
  
Scroll down and look for the following lines:
 
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.
html).

server 0.centos.pool.ntp.org
server 1.centos.pool.ntp.org
server 2.centos.pool.ntp.org

Replace the values shown with a list of preferred time servers like so:

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.
html).

server 0.uk.pool.ntp.org
server 1.uk.pool.ntp.org
server 2.uk.pool.ntp.org
server 3.uk.pool.ntp.org


Now find the following lines:
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodifynotrap
 
 Before starting our time service, we should add and confirm a network range in order that we can determine who can and who cannot receive time service-based requests.

To do this, uncomment the preceding line and replace the values to reflect your

network environment like so:
# Hosts on local network are less restricted.
Restrict XXX.XXX.XXX.XXX mask YYY.YYY.YYY.YYY nomodifynotrap
 
When complete, save and close the file before synchronizing your server by using the following command:

ntpdate NTP_SERVER_ADDRESS_HERE
For example, you can use ntpdate pool.ntp.org.
 
The initial synchronization request requires priming, so you may want to run and repeat this command several times before ensuring that the service will start during the boot process, by using the following command:

# chkconfig ntpd on
 
When finished, you can start the NTP service like so:
 
# service ntpd start
 
You should reboot to ensure that the relevant changes take effect:
 
# reboot
 
Well done, you have now installed and configured the NTP service. The overall process of time synchronization will take some time to complete, but you will be able to use the standard NTP query program (ntpq) in order to review a list of known peers as and a summary of their current state. To do this, return to your
console and type:

# ntpq–p
 

All daemons are prone to the environmental conditions found on your network, and the NTP service is not an exception. Periodic packet breaks can be disruptive, but even if you have not
experienced this yet, it may be advantageous to explore a solution that will make your NTP service far more persistent when probing the third-party servers. Known as the iburst option, this feature is designed to tell the NTP service to issue a burst
of eight packets to the remote server instead of one in order to offer an improved approach to the time synchronization process. Implementing this method is very simple and to begin,
simply return to your console and open the main configuration file in your favorite text editor
like so:

# vi /etc/ntp.conf

Scroll down the file and locate your time servers. Now simply append your time servers with a whitespace followed by the term iburst. For example, your new configuration file will look
like this:

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.
html).
server 0.uk.pool.ntp.org iburst
server 1.uk.pool.ntp.org iburst
server 2.uk.pool.ntp.org iburst
server 3.uk.pool.ntp.org iburst

to sync the clock with the hardware clock we need to sync it by using the following command 
 
# hwclock–systohc

and need to reboot using reboot command  

# hwclock–show