mycheckpoint

December 10th, 2014 No comments

Lightweight, SQL oriented monitoring for MySQL

mycheckpoint is an open source monitoring utility for MySQL, with strong emphasis on user accessibility to monitored data.

It is SQL oriented: charts, reports and advances metrics are generated on the fly with views.

http://code.openark.org/forge/mycheckpoint

Tags:

kipmi0 100% cpu usage

November 24th, 2014 No comments

Сделать 10%:
echo 100 > /sys/module/ipmi_si/parameters/kipmid_max_busy_us

Tags:

mdadm idle

November 24th, 2014 No comments

Отменить проверку массива можно так:
echo idle > /sys/block/md0/md/sync_action

Tags: , ,

socat

November 22nd, 2014 No comments

socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device (serial line etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 – raw, UDP, TCP), an SSL socket, proxy CONNECT connection, a file descriptor (stdin etc.), the GNU
line editor (readline), a program, or a combination of two of these. These modes include generation of “listening” sockets, named pipes, and pseudo
terminals.

http://www.dest-unreach.org/socat/

Tags:

Antidoto

November 22nd, 2014 No comments

Brand new Linux antimalware and antirootkit tool!

https://github.com/FastVPSEestiOu/Antidoto

Tags:

ddosmon

November 22nd, 2014 No comments

ddosmon is a network analysis platform which is designed to find anomalous network patterns such as DDoS attacks and act on them automatically. It can do this either by directly sniffing or acting on netflow data export streams.

https://bitbucket.org/tortoiselabs/ddosmon

Tags:

iptables recent

November 20th, 2014 No comments

iptables -N SSHSCAN

iptables -A INPUT -i eth0 -p tcp -m tcp --dport 22 -m state --state NEW -j SSHSCAN

iptables -A SSHSCAN -m recent --set --name SSH --rsource
iptables -A SSHSCAN -m recent --update --seconds 3600 --hitcount 5 --name SSH --rsource -j LOG --log-prefix "Anti SSH-Bruteforce: " --log-level 6
iptables -A SSHSCAN -m recent --update --seconds 3600 --hitcount 5 --name SSH --rsource -j LogDrp
iptables -A SSHSCAN -j ACCEPT

https://we.riseup.net/debian/iptables-recent-module-and-hit-limits

drop first syn packet:
-A INPUT -p tcp -m tcp --dport 80 --syn -m recent --set --name http --mask 255.255.255.255 --rsource
-A INPUT -p tcp -m tcp --dport 80 --syn -m recent ! --rcheck --seconds 15 --hitcount 2 --name http --mask 255.255.255.255 --rsource -j REJECT --reject-with icmp-port-unreachable

http://wiki.opennet.ru/Iptables_-m_recent

iptables -A INPUT -p tcp -m tcp --dport 80 -m string --string "GET / HTTP" --algo kmp --to 1024 -m recent --set --name httpddos --rsource
iptables -A INPUT -p tcp -m tcp --dport 80 -m string --string "GET / HTTP" --algo kmp --to 1024 -m recent --update --seconds 10 --hitcount 2 --name httpddos --rsource -j DROP

http://webhamster.ru/mytetrashare/index/mtb0/4152

Tags:

zopfli

November 20th, 2014 No comments

Zopfli Compression Algorithm is a new zlib (gzip, deflate) compatible compressor. This compressor takes more time (~100x slower), but compresses around 5% better than zlib and better than any other zlib-compatible compressor we have found.

https://code.google.com/p/zopfli/

Tags:

exabgp

November 20th, 2014 No comments

The BGP swiss army knife of networking

https://github.com/Exa-Networks/exabgp

Tags:

blktop

November 20th, 2014 No comments

blktop – top-like monitoring block devices metrics (latency, IOPS and so on)

https://github.com/amarao/blktop.git

Tags: