Admin Tips 1

1)  Find the number of hits towards your webserver . This one is very much help full to find whether you are facing any DDOS.

netstat -ntu | grep ':80' | awk '{print $5}' | sed 's/::ffff://' | cut -f1 -d ':' | sort | uniq -c | sort -nr  | grep -v 127.0.0.1

2) Find and replace old files from backup .

Following command will find and remove all the directories  which are older than 10 days and its name contains "2001"
find /backup/mysql_backup/  -mtime  +10   -type d \( -iname "*-2001*" \) -exec rm -rf {} \;

3) Find and remove a file from a specified location

find . -name  '*.class' |  xargs /bin/rm -f

( dot “.” means the current working directory )

find /usr  -name  '*.class' |  xargs /bin/rm -f

5)  Archive a folder excluding unwanted directories

tar -zcvf  /home/adminlogs.tar.gz   --exclude='log' --exclude='tmp'  /home/adminlogs

If you have more files/folders to exclude then you can create file and mention the exclude list on that

# vi exclude.txt
abc

abc2

abc3

# tar -zcvf  /backup/adminlogs.tar.gz   -X exclude.txt /home/adminlogs

6) Untar files to the specified location or directory

# tar -xzf /home/admin/adminlogs.tar.gz -C /tmp

Hope that this tips will be helpful for you

  • UnKnown

    Hi,

    While using the netstat command for checking DDOs attack, very often get the following output
    no-of hits IP
    35 11.11.11.11
    78 22.22.22.22
    158 blank
    25 blank
    50 0.0.0.0

    Now I want to know , what that blank or 0.0.0.0 represents, if those are hidden IP’s how can I get them and block them. Hope you will help on this.

    Thx…