Secrets of a linux ninja Software Freedom Day 2013 Johannesburg, South Africa

26/09/2013 Secrets of a Linux Ninja - SFD 2013 Johannesburg, South Africa

file:///home/mark/Documents/presentations/linux-ninja/index.html#/ 1/22

SECRETS OF A LINUX NINJA

Created by / Mark Clarke @mxc4

http://www.jumpingbean/

http://twitter.com/mxc4



LESSON 1: SSH! A NINJA IS SILENT!



Access lan based services via incoming SSH access,Get external SSH access even if its not enabled,Forward X sessions over SSH,Bypass web proxy restrictions

“Take things as they are. Punch when you have to punch. Kickwhen you have to kick.”



LAB SET UP

Micro-server represents lan. Laptop virtual machine represents external host. Laptop hostmachine is gateway

Lan Net:192.168.1.0/24External Net:192.168.122.0/24Gateway:192.168.1.4/192.168.122.1Lan Host:192.168.1.3External Host:192.168.122.192



ACCESS A LAN BASED SERVICE WITH INCOMING SSHACCESS

Scenario:

You have ssh access to the lan but no VPN access,You need to access a web application running on the lan.Web App: http://192.168.1.3/ninja.html



GET EXTERNAL SSH ACCESS EVEN IF ITS NOT ENABLED

Scenario:

You have no external ssh access to networkYou can connect to external ssh servers from the lan



FORWARD X SESSIONS OVER SSH

Scenario:

XDMCP is disabled,You have SSH access,XForwarding is enabled in sshd config file,



BYPASS WEB PROXY RESTRICTIONS

Scenario:

Your offices uses a web proxy which restricts traffic to sites with vital information,You have external SSH access,



LESSON 2: NINJA MOVES



Transferring files over SSHResuming partial transfers over SSHMounting a share over SSHTransferring files with netcat

“Do not pray for an easy life, pray for the strength to endure adifficult one.”



TRANSFERRING FILES OVER SSH

Scenario:

You have no ftp/NFS/Samba share access on the server.You need to copy over a file.You have SSH access.



RESUMING PARTIAL TRANSFERS OVER SSH

Scenario:

You are using scp to copy files,Your download 60 minute download interrupts after 40 minutes and you want toresume.



MOUNTING A SHARE OVER SSH

Scenario:

You want to mount a remote folder on a server,You have no share access,Only have SSH access



TRANSFERRING FILES WITH NETCAT

Scenario:

You need to transfer a file and have no SSH access.



LESSON 3: A NINJA OBSERVES



Monitoring disks for signs of failureCommand line tools: iotop,vmstat,iostat,psacct

“I fear not the man who has practiced 10,000 kicks once, but Ifear the man who has practiced one kick 10,000 times.”



MONITORING DISKS FOR SIGNS OF FAILURE

Scenario:

You know your disks will fail. You just don't know when.Use smartctl to monitor your disks.



COMMAND LINE TOOLS

Scenario:

What process is grinding your disks? - iotopWhere is the bottle neck - disk io, memory or network - vmstatWhich user or system account is using all your resources - psacctYour server crashes and you don't know why - sar



LESSON 4: A CLEAN KILL



Using regular expressions to killWho is preventing you from unmounting a block device?

“Take things as they are. Punch when you have to punch. Kickwhen you have to kick.”



USING REGULAR EXPRESSIONS TO KILL

Scenario:

You have a process to kill often and it a mission to get its pid all the timepkillkillall -r



WHO IS PREVENTING YOU FROM UNMOUNTING A BLOCKDEVICE?

Scenario:

You trying to unmount a device but you can't because a process/user is accessing itfuser

Secrets of a linux ninja Software Freedom Day 2013 Johannesburg, South Africa

Technology

Transcript of Secrets of a linux ninja Software Freedom Day 2013 Johannesburg, South Africa