How to check packet Flows using tcpdump
Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression. It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. In all cases, only packets that match expression will be processed by tcpdump.
One of the most common uses of tcpdump is to determine whether you are getting basic two-way communication.
Command Options:
icmp View icmp packets
tcp port port-number View TCP packets with packets with either a source or destination TCP port of port-number
udp port port-number View UDP packets with either a source or destination UDP port of port-number
Example:
By using the -w filename option you can send the entire Ethernet frame, not just a brief IP information that normally goes to the screen, to a file. This can then be analyzed by graphical analysis tools such as Wireshark, which is available in both Windows and Linux
tcpdump -i eth0 -w /tmp/tcp.dump tcp port 22
The -n switch stops DNS name lookups and will make tcpdump work more reliably.
tcpdump -i eth0 -n tcp port 22
How to do rpm test install to check potential conflicts.
–test Do not install the package, simply check for and report potential conflicts.
–test Don’t really uninstall anything, just go through the motions. Useful in conjunction with the -vv option for debugging.
How to check privileges for an mysql account.
To check the privileges for an account, use SHOW GRANTS:
mysql> SHOW GRANTS FOR ‘root’@'localhost’;
+—————————————————-+
| Grants for root@localhost
+—————————————————-+
| GRANT ALL PRIVILEGES ON *.* TO ‘root’@'localhost’ IDENTIFIED BY PASSWORD ‘*C406D12D7025EFA560629ABD992F09C9E28002C6′ WITH GRANT OPTION |
+—————————————————-+
1 row in set (0.00 sec)
mysql>
How to check if CPU supports hardware virtualization (VT technology)
To run KVM, you need a processor that supports virtualization. For Intel processors this extension has name INTEL-VT, for AMD processors it has name AMD-V.
To see if your processor supports one of these technologies, please run the following command under Linux:
# egrep ‘(vmx|svm)’ /proc/cpuinfo
If nothing is printed, it means that your CPU does not support hardware virtualization. Otherwise, it does – but you still need to make sure that virtualization is enabled in the BIOS. If the svm flag is returned then your processor supports AMD-V or if the vmx flag is returned then your processor supports Intel VT.
How to check if the port is associated with the official list of known services.
Example:
cat /etc/services | grep 834
This command returns no output. This indicates that while the port is in the reserved range (meaning 0 through 1023) and requires root access to open, it is not associated with a known service.
Next, check for information about the port using netstat or lsof. To check for port 834 using netstat, use the following command:
The lsof command reveals similar information since it is also capable of linking open ports to services:
These tools reveal a great deal about the status of the services running on a machine. These tools are flexible and can provide a wealth of information about network services and configuration. Consulting the man pages for lsof, netstat, nmap, and services is therefore highly recommended.
