Lecture 08: When disaster strikes and all else fails

Similar documents
IT 341: Introduction to System Administration. Notes for Project #8: Backing Up Files with rsync

rsync link-dest Local, rotated, quick and useful backups!

Prerequisites: Students must be proficient in general computing skills but not necessarily experienced with Linux or Unix. Supported Distributions:

Basic Linux Security. Roman Bohuk University of Virginia

We're Not CIS. The Technical Staff & Computing Facilities. User Community. What CIS Does for CS. CIS: Computing and Information Services.

1 LINUX KERNEL & DEVICES

Honeypot Hacker Tracking and Computer Forensics

We're Not CIS. The Technical Staff & Computing Facilities. What CIS Does for CS. User Community

Operating system hardening

Short Read Sequencing Analysis Workshop

Zadara Enterprise Storage in

CL030 is a csage Certification Preparatory Course!

Linux Hardware Management. Linux System Administration COMP2018 Summer 2017

The Wonderful World of Services VINCE

Linux+ Guide to Linux Certification, Third Edition

INFRASTRUCTURE BEST PRACTICES FOR PERFORMANCE

Network Traffic Analysis - Course Outline

1 Data Center Requirements

CompTIA Linux Course Overview. Prerequisites/Audience. Course Outline. Exam Code: XK0-002 Course Length: 5 Days

Oracle Linux 7: System Administration Ed 1

"Charting the Course... Enterprise Linux System Administration Course Summary

CS197U: A Hands on Introduction to Unix

Security principles Host security

LPI201 LPIC-2 Exam Prep (Course 1) (LPI201) HL965S

Introduction to Cisco BAMS

Oracle Linux 7: System Administration Ed 1

Oracle Linux 7: System Administration Ed 1 LVC

DS Series Solutions Integrated Solutions for Secure, Centralized Data Center Management

Contingency Planning and Backups: SSH/SCP, Deltas, and Rsync

RedHat Certified Engineer

Cisco Prime Performance 1.3 Installation Requirements

Requirements and Dependencies

Cisco Unified CM Disaster Recovery System

A High Performance, High Reliability Perforce Server. Shiv Sikand, IC Manage Marc Lewert, Angela Thomas, TiVo

Linux Essentials. Smith, Roderick W. Table of Contents ISBN-13: Introduction xvii. Chapter 1 Selecting an Operating System 1

hash Remember the full pathname of a name argument head Output the first part of file(s) history Command History hostname Print or set system name

Installing Dell OpenManage 4.5 Software in a VMware ESX Server Software 2.5.x Environment

The table below lists the domains measured by this examination and the extent to which they are represented in the examination.

68 - Point Checklist Revised May 2017

ABOUT ZEPCAM SOFTWARE INSTALLATION MANAGEMENT AND BACKUPS. Description What is it Installation requirement Server requirement

Linux Systems Security. Backup and Change Management NETS Fall 2016

Oracle Linux System AdministrationNEW

Oracle Linux 5 & 6 System Administration TOD

Oracle Linux 5 & 6 System Administration

Installing Cisco APIC-EM on a Virtual Machine

Storage Protocol Offload for Virtualized Environments Session 301-F

COS 318: Operating Systems. File Systems. Topics. Evolved Data Center Storage Hierarchy. Traditional Data Center Storage Hierarchy

Foreword by Todd Heberlein

HANDS UP IF YOU DON T HAVE A VM OR IF YOU DON T REMEMBER YOUR PASSWORDS. Or something broke

cisco. Number: Passing Score: 800 Time Limit: 120 min.

Cisco Emergency Responder Installation

McAfee Network Security Platform 8.3

Fundamentals of Linux Platform Security

Fundamentals of Linux Platform Security. Hands-On Network Security. Roadmap. Security Training Course. Module 1 Reconnaissance Tools

Oracle - Oracle Linux 5 6 System Administration Ed 3

Enterprise Linux System Administration

Acronis Monitoring Service

SA2 v6 Linux System Administration II Net Configuration, Software, Troubleshooting

Services: Monitoring and Logging. 9/16/2018 IST346: Info Tech Management & Administration 1

Effective Use of CSAIL Storage

Storage and File Hierarchy

IOPStor: Storage Made Easy. Key Business Features. Key Business Solutions. IOPStor IOP5BI50T Network Attached Storage (NAS) Page 1 of 5

Venafi Platform. Architecture 1 Architecture Basic. Professional Services Venafi. All Rights Reserved.

COS 318: Operating Systems

Staying Out of the Swamp

SERVICE DESCRIPTION DEDICATED SERVER

MA0-104.Passguide PASSGUIDE MA0-104 Intel Security Certified Product Specialist Version 1.0

High Availability Overview Paper

Requirements for ALEPH 500 Installation

enalyzer enalyzer security

One Voice Operations Center

InControl 2 Software Appliance Setup Guide

Profiling tool. Prototype architecture. Prototype Architecture and components description

System Requirements. Things to Consider Before You Install Foglight NMS. Host Server Hardware and Software System Requirements

Minimum Requirements for Cencon 4 with Microsoft R SQL 2008 R2 Enterprise

TimeIPS Server. IPS256T Virtual Machine. Installation Guide

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

CyberStore DSS. Multi Award Winning. Broadberry. CyberStore DSS. Open-E DSS v7 based Storage Appliances. Powering these organisations

Securing the Frisbee Multicast Disk Loader

The power of centralized computing at your fingertips

Apple 9L Mac OS X Advanced System Administration v

Reliable Storage Servers

Disaster Recovery System Administration Guide for Cisco Unified Communications Manager Release 8.0(2)

IDP NetScreen-Security Manager Migration Guide

Symantec Backup Exec Blueprints

VMware vsphere with ESX 4.1 and vcenter 4.1

ENTERPRISE LINUX SYSTEM ADMINISTRATION

Rhapsody Interface Management and Administration. Presented by: Carolina Velasquez

SDX :30:09 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Mainframe Backup Modernization Disk Library for mainframe

Management Console User s Guide (AST 2500 Chipset)

One Voice Operations Center

"Charting the Course... Enterprise Linux System Administration. Course Summary

Triton file systems - an introduction. slide 1 of 28

IT341 Introduction to System Administration. Project 4 - Backup Strategies with rsync and crontab

Build your own NAS with OpenMediaVault

Automated Out-of-Band management with Ansible and Redfish

Virtualization and Performance

File Protection using rsync. Setup guide

UNIX System Administration

Transcription:

Lecture 08: When disaster strikes and all else fails Hands-on Unix system administration DeCal 2012-10-22 1 / 27

Projects groups of four people submit one form per group with proposed project ideas and SSH public keys we ll be provisioning VMs and sending out an announcement 2 / 27

What s up? What s hosing? What s in use? Too much traffic files Low-level files terminals sudo Other tools 3 / 27

What s up? What s up? What s hosing? What s in use? Too much traffic files Low-level files terminals sudo Other tools uptime: how long continuously running, what s the load average 1, 5, 15 min average number of processes waiting for CPU (or IO) w, who: who s logged in on machine write: write to a logged-in user wall: write to all logged-in users 4 / 27

What s hosing? What s up? What s hosing? What s in use? Too much traffic files Low-level files terminals sudo Other tools top, htop (Linux), ps (ps aux, ps elf) similarly iftop for network interface bandwidth, iotop (Linux) for disk IO 5 / 27

What s in use? What s up? What s hosing? What s in use? Too much traffic files Low-level files terminals sudo Other tools The action can t be completed... in use (Windows) The operation can t be completed... in use (Mac OS X) lsof for files lsof -i for network ports see also: netstat -pant, fuser 6 / 27

Too much traffic What s up? What s hosing? What s in use? Too much traffic files Low-level files terminals sudo Other tools netcat: pipe over TCP/UDP wireshark, tshark, tcpdump: packet sniffer/analyzer nmap: network scanner 7 / 27

Too many files What s up? What s hosing? What s in use? Too much traffic files Low-level files terminals sudo Other tools du, df: directory, filesystem disk space usage scp (secure copy): transfer files over SSH rsync (remote sync): intelligently transfer files (often over SSH) tar (tape archiver): combine files into a tarball 8 / 27

Low-level files What s up? What s hosing? What s in use? Too much traffic files Low-level files terminals sudo Other tools fdisk, parted (Linux): edit partition table fsck: check filesystem for errors dd: copy block devices 9 / 27

Too many terminals What s up? What s hosing? What s in use? Too much traffic files Low-level files terminals sudo Other tools screen, tmux metaterminal access multiple terminal sessions inside a single terminal session other features: persistence (after logging off), session sharing (between users) 10 / 27

sudo What s up? What s hosing? What s in use? Too much traffic files Low-level files terminals sudo Other tools sudo: switch user do (usually used to give your command root powers) via xkcd.com 11 / 27

Other tools What s up? What s hosing? What s in use? Too much traffic files Low-level files terminals sudo Other tools ldd (shared library dependencies), truss or strace (trace system calls) md5sum: file checksum watch: execute command and repeatedly show output seq: print sequence of numbers 12 / 27

Software meltdowns Hardware meltdowns Criminals on the loose Escalation of problems 2003 Northeast blackout 2003 Northeast blackout 13 / 27

Software meltdowns Software meltdowns Hardware meltdowns Criminals on the loose Escalation of problems 2003 Northeast blackout 2003 Northeast blackout system load (uptime command) too damn high remote access (networking, firewall, SSH) broken 14 / 27

Hardware meltdowns Software meltdowns Hardware meltdowns Criminals on the loose Escalation of problems 2003 Northeast blackout 2003 Northeast blackout failed hard drives failed fans, power supplies, CPU, RAM 15 / 27

Criminals on the loose Software meltdowns Hardware meltdowns Criminals on the loose Escalation of problems 2003 Northeast blackout 2003 Northeast blackout crackers will do Bad Things compromised accounts looks can be deceiving, uncertain what to trust 16 / 27

Escalation of problems Software meltdowns Hardware meltdowns Criminals on the loose Escalation of problems 2003 Northeast blackout 2003 Northeast blackout we like to build systems on top of each other if one thing fails, it may break other things, causing other things to fail 17 / 27

2003 Northeast blackout August 13, 2003, 9:21pm EDT (via en.wikipedia.org) 18 / 27

2003 Northeast blackout August 14, 2003, 9:03pm EDT (via en.wikipedia.org) 19 / 27

Be Prepared Power Out-of-band Redundancy Monitoring Security Backups 20 / 27

Be Prepared Be Prepared Power Out-of-band Redundancy Monitoring Security Backups Boy Scout motto Murphy s Law: Anything that can go wrong, will go wrong. s happens 21 / 27

Power Be Prepared Power Out-of-band Redundancy Monitoring Security Backups Uninterruptible Power Supply (UPS) many UPSes can remotely power cycle servers 22 / 27

Out-of-band Be Prepared Power Out-of-band Redundancy Monitoring Security Backups separate hardware that can be remotely accessed independent from rest of hardware, dedicated NIC can access BIOS, power cycle, provide visual display e.g., IPMI, Dell DRAC, Sun LOM 23 / 27

Redundancy Be Prepared Power Out-of-band Redundancy Monitoring Security Backups dual redundant power supplies typical RAID failover servers for high availability spare parts (hard drives!) for swapping 24 / 27

Monitoring Be Prepared Power Out-of-band Redundancy Monitoring Security Backups many large scale operations (Google, Facebook) have many failed servers at any point in time, monitoring servers reroute traffic appropriately monitor syslog SNMP traps alarm notification by email, text message 25 / 27

Security Be Prepared Power Out-of-band Redundancy Monitoring Security Backups subscribe to OS security announcements Intrusion Detection Software (e.g., snort, bro) be wary of lax permissions limit root access 26 / 27

Backups Be Prepared Power Out-of-band Redundancy Monitoring Security Backups user data, system configuration ideally daily, weekly, monthly rotations RAID is not a backup e.g., rsync, cron, rsnapshot 27 / 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback