How strong is your server kung fu?

August 10th, 2008

You are currently browsing the articles from Server Fu written on August 10th, 2008.

HOW TO Check Your Server’s RAM Status.

Ever wondered how to check that status of your server’s ram with a convient, simple to use command? Well, worry no more.

STEPS

1) Enter

root@server [~]# free -o

Your response should look something like this:

total used free shared buffers cached
Mem: 2067220 2013636 53584 0 28300 1323664
Swap: 2031608 71336 1960272

This command will show you your total available/used memory and cached memory. In the case obvoe, this server has 2 gigabytes of RAM installed and has used a large portion of it with a memory intensive application. The SWAP file has been put to use to buttress the RAM use.

Another method is to use this command for more detail.

root@server [~]# cat /proc/meminfo

You will get a result something like this:

MemTotal: 2067220 kB
MemFree: 95960 kB
Buffers: 20472 kB
Cached: 1373616 kB
SwapCached: 25076 kB
Active: 697120 kB
Inactive: 1211676 kB
HighTotal: 1171136 kB
HighFree: 19632 kB
LowTotal: 896084 kB
LowFree: 76328 kB
SwapTotal: 2031608 kB
SwapFree: 1962060 kB
Dirty: 464 kB
Writeback: 0 kB
AnonPages: 505384 kB
Mapped: 32668 kB
Slab: 49260 kB
PageTables: 4128 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
CommitLimit: 3065216 kB
Committed_AS: 1145992 kB
VmallocTotal: 114680 kB
VmallocUsed: 5128 kB
VmallocChunk: 107708 kB
HugePages_Total: 0
HugePages_Free: 0
HugePages_Rsvd: 0
Hugepagesize: 4096 kB

Written by admin on August 10th, 2008 with comments disabled.
Read more articles on How To and Linux.

Layeredtech pop3 hacker caught

Our intrusion detection software picked up the start of a dictionary attack targeting our pop3 or email server coming from the Layeredtech server provider.

Time:     Sat Aug  9 19:22:43 2008 -0400
IP:       72.232.183.242 (US/United States/242.183.232.72.static.reverse.ltdomains.com)
Failures: 5 (pop3d)
Interval: 240 seconds
Blocked:  Yes
Log entries:
Aug  9 19:21:16 pop3d: LOGIN FAILED, user=test, ip=[::ffff:72.232.183.242]
Aug  9 19:21:52 pop3d: LOGIN FAILED, user=test, ip=[::ffff:72.232.183.242]
Aug  9 19:21:57 pop3d: LOGIN FAILED, user=web, ip=[::ffff:72.232.183.242]
Aug  9 19:22:36 pop3d: LOGIN FAILED, user=test, ip=[::ffff:72.232.183.242]
Aug  9 19:22:41 pop3d: LOGIN FAILED, user=test, ip=[::ffff:72.232.183.242]

Whois 72.232.183.242 you might ask?

Why it is the crappy dedicated server provider Layeredtech.

OrgName:    Layered Technologies, Inc.
OrgID:      LAYER-3
Address:    5085 W Park Blvd
Address:    Suite 700
City:       Plano
StateProv:  TX
PostalCode: 75093
Country:    US

Written by admin on August 10th, 2008 with comments disabled.
Read more articles on Hacker and ModSecurity.