Thursday, March 17, 2016

netstat command examples in linux ?

Netstat Command Examples
Netstat command displays various network related information such as network connections, routing tables, interface statistics, masquerade connections, multicast memberships etc.,

1. List All Ports (both listening and non listening ports)

List all ports using netstat -a
# netstat -a | more
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:30037         *:*                     LISTEN
udp        0      0 *:bootpc                *:*                               

Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     6135     /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     5140     /var/run/acpid.socket
List all tcp ports using netstat -at
# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:30037         *:*                     LISTEN
tcp        0      0 localhost:ipp           *:*                     LISTEN
tcp        0      0 *:smtp                  *:*                     LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN
List all udp ports using netstat -au
# netstat -au
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
udp        0      0 *:bootpc                *:*
udp        0      0 *:49119                 *:*
udp        0      0 *:mdns                  *:*

2. List Sockets which are in Listening State

List only listening ports using netstat -l
# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:ipp           *:*                     LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN
udp        0      0 *:49119                 *:*
List only listening TCP Ports using netstat -lt
# netstat -lt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:30037         *:*                     LISTEN
tcp        0      0 *:smtp                  *:*                     LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN
List only listening UDP Ports using netstat -lu
# netstat -lu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
udp        0      0 *:49119                 *:*
udp        0      0 *:mdns                  *:*
List only the listening UNIX Ports using netstat -lx
# netstat -lx
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     6294     private/maildrop
unix  2      [ ACC ]     STREAM     LISTENING     6203     public/cleanup
unix  2      [ ACC ]     STREAM     LISTENING     6302     private/ifmail
unix  2      [ ACC ]     STREAM     LISTENING     6306     private/bsmtp

3. Show the statistics for each protocol

Show statistics for all ports using netstat -s
# netstat -s
Ip:
    11150 total packets received
    1 with invalid addresses
    0 forwarded
    0 incoming packets discarded
    11149 incoming packets delivered
    11635 requests sent out
Icmp:
    0 ICMP messages received
    0 input ICMP message failed.
Tcp:
    582 active connections openings
    2 failed connection attempts
    25 connection resets received
Udp:
    1183 packets received
    4 packets to unknown port received.
.....
Show statistics for TCP (or) UDP ports using netstat -st (or) -su
# netstat -st

# netstat -su

4. Display PID and program names in netstat output using netstat -p

netstat -p option can be combined with any other netstat option. This will add the “PID/Program Name” to the netstat output. This is very useful while debugging to identify which program is running on a particular port.
# netstat -pt
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        1      0 rajesh-laptop.loc:47212 192.168.185.75:www        CLOSE_WAIT  2109/firefox
tcp        0      0 rajesh-laptop.loc:52750 lax:www ESTABLISHED 2109/firefox
5. Don’t resolve host, port and user name in netstat output

When you don’t want the name of the host, port or user to be displayed, use netstat -n option. This will display in numbers, instead of resolving the host name, port name, user name.
This also speeds up the output, as netstat is not performing any look-up.
# netstat -an
If you don’t want only any one of those three items ( ports, or hosts, or users ) to be resolved, use following commands.
# netsat -a --numeric-ports

# netsat -a --numeric-hosts

# netsat -a --numeric-users

6. Print netstat information continuously

netstat will print information continuously every few seconds.
# netstat -c
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 rajesh-laptop.loc:36130 101-101-181-225.ama:www ESTABLISHED
tcp        1      1 rajesh-laptop.loc:52564 101.11.169.230:www      CLOSING
tcp        0      0 rajesh-laptop.loc:43758 server-101-101-43-2:www ESTABLISHED
tcp        1      1 rajesh-laptop.loc:42367 101.101.34.101:www      CLOSING

7. Find the non supportive Address families in your system

netstat --verbose
At the end, you will have something like this.
 netstat: no support for `AF IPX' on this system.
 netstat: no support for `AF AX25' on this system.
 netstat: no support for `AF X25' on this system.
 netstat: no support for `AF NETROM' on this system.

8. Display the kernel routing information using netstat -r

# netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     *               255.255.255.0   U         0 0          0 eth2
link-local      *               255.255.0.0     U         0 0          0 eth2
default         192.168.1.1     0.0.0.0         UG        0 0          0 eth2
Note: Use netstat -rn to display routes in numeric format without resolving for host-names.

9. Find out on which port a program is running

# netstat -ap | grep ssh
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        1      0 dev-db:ssh           101.174.100.22:39213        CLOSE_WAIT  -
tcp        1      0 dev-db:ssh           101.174.100.22:57643        CLOSE_WAIT  -
Find out which process is using a particular port:
# netstat -an | grep ':80'

10. Show the list of network interfaces

# netstat -i
Kernel Interface table
Iface   MTU Met   RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500 0         0      0      0 0             0      0      0      0 BMU
eth2       1500 0     26196      0      0 0         26883      6      0      0 BMRU
lo        16436 0         4      0      0 0             4      0      0      0 LRU
Display extended information on the interfaces (similar to ifconfig) using netstat -ie:
# netstat -ie
Kernel Interface table
eth0      Link encap:Ethernet  HWaddr 00:10:40:11:11:11
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

          Memory:f6ae0000-f6b00000

Wednesday, March 9, 2016

How to configure Passwordless SSH login in Linux ?


SSH is often used to login from one machine to another machine, There are number of methods to achieve this but mostly in every method it requires authentication..... It also does requires authentication but for one time only i.e. for the first time you need to do a setup and for rest of the times when you will try to login via ssh it will not ask for any password.

For achieving this you just need to generate your own personal set of private/public key pair. ssh-keygen is used to generate that key pair for you.


A HOWTO for generating your own private/public key pair is given below:

Firstly generate your private/public key pair by following command:

[root@linuxforfreshers.com Desktop]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/root/.ssh/id_rsa): [Press enter if you want to save your keys to default location]
Enter passphrase (empty for no passphrase): [Enter your passphrase]
Enter same passphrase again:  [Enter your passphrase again to verify]
Your identification has been saved in /home/root/.ssh/id_rsa.
Your public key has been saved in /home/root/.ssh/id_rsa.pub.
The key fingerprint is:
52:17:88:67:f9:ae:03:e2:59:39:97:f9:7d:95:b6:ed root@linuxforfreshers.com
The key's randomart image is:
+--[ RSA 2048]----+
|       . o.      |
|      . =  .     |
|       o...      |
|       . ..      |
|      ..S+      .|
|    . =.+ .    o.|
|   . + + o .  ..o|
|    o   o . . ...|
|         .   . .E|
+-----------------+

Now just copy your public key to remote machine, in this case I have generated key pair for server.example.com and copied server's public key to client's machine via following command.

[root@linuxforfreshers.com .ssh]$ ssh-copy-id -i ~/.ssh/id_rsa.pub  client@192.168.86.129
client@192.168.86.129's password:  [Enter the password for the first time]
Now try logging into the machine, with "ssh 'client@192.168.86.129'", and check in:

cat  /home/client/ .ssh/authorized_keys

Now when you will try to login to client's machine it will not prompt for the password.

[root@linuxforfreshers.com ~]$ ssh client@192.168.86.129
Last login: Thu Dec  9 10:45:35 2015 from server.redhat.com


Difference between rhel 5 vs rhel 6

RHEL 5 VS RHEL 6

If by any chance you are appearing for an interview for a position if Linux Administrator then the most common question which is asked is what is the difference between RHEL5 and RHEL6 ?

Virtualization: In RHEL 6 KVM (Kernel based Virtual Machine) was used as a hypervisor but in the earlier releases of RHEL XEN was used as a hypervisor. The main advantage of KVM is that it supports the installation of many virtual machines/operating systems like Windows, Linux, Solaris and also it is very easy to manage those virtual machines.

Security: RHEL6 has an enhanced version of SELinux(Security Enhanced Linux) now, Basically now the features are more improved and there are various new set of rules which are added to SELinux one of such rule/feature is of SVirt which provides security to virtual machines from hackers.

EXT4: It stands for Extended 4, It has various new advantages then EXT2/3 which were used in earlier version(s) of RHEL. EXT4 is comparatively more faster and easy to manage then previous file systems.

IPv6: RHEL6 supports IPv6.

NFS4: It uses NFSv4 (Network File Transfer) the latest version of NFS for the sharing of files in the network rather than NFSv3.


GUI: It has a far better GUI(Graphical User Interface) then RHE5 or any of its prior version(s).

Tuesday, March 8, 2016

What is DDL, DML ,DCL and TCL in linux ?


 Data Definition Language (DDL) - Data definition language (DDL) commands enable you to perform the following tasks:

Ø  Create, alter, and drop schema objects

Ø  Grant and revoke privileges and roles

Ø  Add comments to the data dictionary

The CREATE, ALTER, and DROP commands require exclusive access to the object being acted upon. For example, an ALTER TABLE command fails if another user has an open transaction on the specified table.

 

Data Manipulation Language (DML) - These SQL commands are used for storing, retrieving, modifying, and deleting data. These commands are SELECT, INSERT, UPDATE, and DELETE.

 

Transaction Control Language (TCL) -  Transaction control commands manage changes made by DML commands. These SQL commands are used for managing changes affecting the data. These commands are COMMIT, ROLLBACK, and SAVEPOINT.

 

Data Control Language (DCL) -  It is used to create roles, permissions, and referential integrity as well it is used to control access to database by securing it. These SQL commands are used for providing security to database objects. These commands are GRANT and REVOKE.

Sunday, March 6, 2016

how to add EPEL & REMI Repository on CentOS/Rhel ?


 EPEL Repository

Adding EPEL Repository to RHEL / CentOS / Scientific Linux 6.x
EPEL is available as rpm, therefore you can install it on your system. You don’t have to manually add any entries on/etc/yum.repos.d/ directory of your system. Since it is available as noarch rpm, you can install it on both 32 and 64 bit systems. I tested this how-to on CentOS 6.5, however it will work on all 6.x versions.
First go to the EPEL repository download page. Download the latest EPEL rpm and install it as shown below.
# wget http://epel.mirror.net.in/epel/6/i386/epel-release-6-8.noarch.rpm
# rpm -Uvh epel-release-6-8.noarch.rpm
Adding EPEL Repository to RHEL / CentOS / Scientific Linux 5.x
First go to the EPEL repository download page. Download the latest EPEL rpm and install it as shown below.
# wget http://epel.mirror.net.in/epel/5/i386/epel-release-5-4.noarch.rpm
# rpm -Uvh epel-release-5-4.noarch.rpm
Now list out the installed repositories using command:
# yum repolist
Sample output:
Loaded plugins: fastestmirror, security
Determining fastest mirrors
 * base: mirror.leapswitch.com
 * epel: epel.mirror.net.in
 * extras: mirror.leapswitch.com
 * updates: mirror.leapswitch.com
repo id                                                   repo    name                                                                                      status
base                                                      CentOS-6 - Base                                                                                4,802
epel                                                      Extra Packages for Enterprise Linux 6 - i386                                                   8,385
extras                                                    CentOS-6 - Extras                                                                                 12
updates                                                   CentOS-6 - Updates                                                                               211
repolist: 13,410
Install Packages

Now you can install the packages as usual with command:
# yum install bugzilla

Hence bugzilla is not available in the default repositories, you will see that bugzilla is installed from EPEL repository.

Install packages from EPEL repository only

Let us install a package from EPEL repository. I am gonna install bugzilla package from EPEL repository. The below command shows that i disabled all existing repositories and install the httpd package form EPEL repository.
# yum install --disablerepo="*" --enablerepo=epel bugzilla
View a Package details
Also you can view the package information using command:

# yum info bugzilla
Sample output:
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
 * base: mirror.leapswitch.com
 * epel: epel.mirror.net.in
 * extras: mirror.leapswitch.com
 * updates: mirror.leapswitch.com
Available Packages
Name        : bugzilla
Arch        : noarch
Version     : 3.4.14
Release     : 1.el6
Size        : 953 k
Repo        : epel
Summary     : Bug tracking system
URL         : http://www.bugzilla.org/
License     : MPLv1.1
Description : Bugzilla is a popular bug tracking system used by multiple open source projects
            : It requires a database engine installed - either MySQL, PostgreSQL or Oracle.
            : Without one of these database engines (local or remote), Bugzilla will not work
            : - see the Release Notes for details.


Install REMI Repository On RHEL / CentOS / Scientific Linux / Fedora


Please be mindful that you should use REMI repository along with EPEL repository. Otherwise you may end up with dependency problem sometimes.

On CentOS/RHEL/Scientific Linux 7 x86_64:

wget http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
rpm -Uvh remi-release-7.rpm

On CentOS/RHEL/Scientific Linux 6 i386 or x86_64:

wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -Uvh remi-release-6.rpm

## for RHEL only
rhn-channel --add --channel=rhel-$(uname -i)-server-optional-6

On CentOS/RHEL/Scientific Linux 5 i386 or x86_64:

wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
rpm -Uvh remi-release-5.rpm

On Fedora 20  i386 or x86_64:

wget http://rpms.famillecollet.com/remi-release-20.rpm
yum install remi-release-20.rpm

On Fedora 19  i386 or x86_64:

wget http://rpms.famillecollet.com/remi-release-19.rpm
yum install remi-release-19.rpm

On Fedora 18  i386 or x86_64:

rpm -Uvh http://rpms.famillecollet.com/remi-release-18.rpm

Enable REMI repository


Edit file remi.repo,

vi /etc/yum.repos.d/remi.repo

Find the line enabled =0 and change it to 1 to enable REMI repository.

[...]
enabled=1
[...]

Save and close the file.

Now list out the installed repositories with command:

yum repolist

Sample output:

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.excellmedia.net
 * epel: epel.mirror.net.in
 * extras: centos.excellmedia.net
 * remi: mirror.smartmedia.net.id
 * updates: centos.excellmedia.net
repo id                                                     repo name                                                                                    status
base/7/x86_64                                               CentOS-7 - Base                                                                              8,465
epel/x86_64                                                 Extra Packages for Enterprise Linux 7 - x86_64                                               5,551
extras/7/x86_64                                             CentOS-7 - Extras                                                                               30
remi                                                        Les RPM de remi pour Enterprise Linux 7 - x86_64                                               671
updates/7/x86_64                                            CentOS-7 - Updates                                                                             577
repolist: 15,294

Now, you’re ready to install packages. You can install packages using command:


yum install <package-name>

Saturday, March 5, 2016

YUM Interview Questions and Answers in linux ?


1.What is yum ?
Answer: yum is "yellow update manager" which is a front end tool for package management. All the rpm commands activity can be carried out using yum command in automated way.
Yum mechanism will automatically resolve the dependencies unlike rpm commands.

2.How to install packages using yum ?
Answer  : yum install package_name

3.How to update the package using yum ?
Answer: yum update package_ name

4.How to search the package in yum ?
Answer: yum search package_name

5.How to remove the package  using yum ?
Answer:  yum remove package_name

6.How to check the updates for yum repository ?
Answer:  yum checkupdate

7.How to update the yum repo ?
Answer: yum update

8.How to get the package information using yum ?
Answer: yum info package_name

9.How to list the installed packages on Redhat linux using yum command ?
Answer: yum list installed

10.How to know the particular files belongs to which package ?
Answer:  yum provides file_path
Ex:
[root@linuxforfreshers ~]# yum provides
/etc/yum.conf
Loaded plugins: refreshpackagekit,
rhnplugin
This system is not registered with RHN.
RHN support will be disabled.
yum3.2.2714.
el6.noarch : RPM
installer/updater
Repo : localinstallation
Matched from:
Filename : /etc/yum.conf
yum3.2.2714.
el6.noarch : RPM
installer/updater
Repo : installed
Matched from:
Other : Providesmatch:
/etc/yum.conf

11.How to list the enabled repositories ?
Answer: yum repolist