Sign your scripts

Sun 30 June 2013 by admin

Remote command execution from one host to another is nothing new in more complex infrastructure. It is usually going to happen at low user level privilege and it's also password less ssh communication based on ssh keys. But what happens when ssh keys leaked or this account was compromised ...

read more

VMware disk cloning

Sun 16 June 2013 by admin

Using free VMware vSphere Hypervisor doesn't give us a chance to easily clone virtual machines disks and cope with thin provision disks. But we could leverage administration to CLI (shell) and there we have command called: vmkfstools. This command is used to manage virtual disks i.e. create, convert ...

read more

linux nocache idea

Sun 09 June 2013 by admin

Each time when you read file it's content is put into cache:

# grep -w "Cached" /proc/meminfo
Cached:           255220 kB
# cat sample.file >/dev/null
# grep -w "Cached" /proc/meminfo
Cached:           357628 kB

of course it happens when there is enough free memory. But imagine situation when you read ...

read more

cisco tips #1

Sun 09 June 2013 by admin
  • replace default escape character (ctrl+shift+6) to ctrl+c:
line vty 0 4
  escape-character 3
  • show logging timestamps in configured timezone
service timestamps log datetime localtime year
  • secure your configuration

read more

tar diff

Sun 26 May 2013 by admin

Easy way to find out if something changed since my last tar backup:

tar -df mylastbackup.tar.gz
read more

cisco config archive doing

Sun 19 May 2013 by admin

More or less about archiving router configuration is presented on:

I would like to add some useful command in this area:

sh archive config differences nvram:startup-config system:running-config

it's pretty self explanatory - produces output with differences between startup ...

read more

clear ip nat selectively

Sun 12 May 2013 by admin

On cisco router device you can clear all ip nat translations once doing:

Router#clear ip nat translation *

but when you try remove only one translation you have to write long command i.e.

Router#clear ip nat translation udp inside <ip> <port> <ip> <port> outside <ip> <port> <ip> <port ...
read more

hidepid capabilities of procfs

Wed 01 May 2013 by admin

RHEL 5.9 introduces new feature which allow to hide some sensitive information about process activity to non-root users.  Release notes about new RHEL version doesn't tell us too much:

Restricting Access to /proc/<PID>/
The hidepid= and gid= mount options have been added to procfs to allow
restricting ...
read more

Scan for new hard disk

Wed 01 May 2013 by admin

Useful especially in virtual environment to discover hot-added hard disk i.e.:

echo "- - -" > /sys/class/scsi_host/host2/scan
read more

LinuxCon Europe 2012

Tue 13 November 2012 by admin

Lots of interesting post conference materials:

read more