Group Install: iftop,multitail,sysstat,rkhunter

#!/bin/bash
if [ ! -f /bin/mail ];
then
yum -y install mailx
fi
cd /root
rm -rf rkhunter-1.4.0.tar.gz
rm -rf rkhunter-1.4.0
wget http://pkgs.fedoraproject.org/repo/pkgs/rkhunter/rkhunter-1.4.0.tar...
tar -xzf rkhunter-1.4.0.tar.gz
cd rkhunter-1.4.0
./installer.sh --install
/usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
rm -rf /root/rkhunt
er-1.4.0
rm -rf /root/rkhunter-1.4.0.tar.gz
cd /etc/cron.daily/
echo '#!/bin/bash' >rkhunter.sh
echo '/usr/local/bin/rkhunter --versioncheck' >> rkhunter.sh
echo '/usr/local/bin/rkhunter --update' >> rkhunter.sh
echo '/usr/local/bin/rkhunter --cronjob --report-warnings-only | mail -s "Rkhunter daily scan results for `hostname`" root' >> rkhunter.sh
chmod 755 /etc/cron.daily/rkhunter.sh
yum install -y sysstat iotop libpcap
rpm -ih http://pkgs.repoforge.org/iftop/iftop-0.17-1.el6.rf.x86_64.rpm
rpm -ih http://pkgs.repoforge.org/multitail/multitail-5.2.9-1.el6.rf.x86_64.rpm

Chkrootkit Installation

#!/bin/bash
if [ ! -f /bin/mail ];
then
yum -y install mailx
yum -y install glibc-static
fi
cd /root
rm -rf chkrootkit-0.49
rm -rf chkrootkit-0.49.tar.gz
wget http://pkgs.fedoraproject.org/repo/pkgs/chkrootkit/chkrootkit-0.49.tar.gz/304d840d52840689e
0ab0af56d6d3a18/chkrootkit-0.49.tar.gz
tar -xzf chkrootkit-0.49.tar.gz
rm -rf chkrootkit-0.49.tar.gz
cd /root/chkrootkit-0.49
make sense
cd /etc/cron.daily/
echo '#!/bin/bash' >chkrootkit.sh
echo 'cd /root/chkrootkit-0.49' >> chkrootkit.sh
echo './chkrootkit| grep INFECTED |
grep -v 465 | mail -s "Chkrootkit weekly scan results for
`hostname`" root' >> chkrootkit.sh
chmod 755
/etc/cron.weekly/chkrootkit.sh

Disk Usage on VPS Showing 98% or more on New VPS with CentOS 6.5 Host Node

(1) Login to the particular Slave node.

Edit /usr/local/solusvm/data/advanced.conf and add the below entry

XENFIXCENTOS6DF="1"

(2) Run the below commands.

wget https://www.dropbox.com/s/j8nu3ye09x9ehwq/command.php -O /usr/local/solusvm/www/command.php
wget https://www.dropbox.com/s/93hsnzzmpwny3r4/solusvmc-xen -O /usr/local/solusvm/core/solusvmc-xen
chmod 6777 /usr/local/solusvm/core/solusvmc-xen

(2) Reboot the VM to reflect the change.

OpenVZ Node within a Xen/KVM host

The default Openvz network setup is designed for when a server is directly connected to a switch.

If you are running OpenVZ on Xen/KVM guest, traffic goes through the Ethernet bridge on the node which is why proxy-arp is needed. By default this is disabled in /etc/sysctl.conf:

net.ipv4.conf.default.proxy_arp = 0

It’s quite rare to have the setup like this.

OpenVZ - Reverse path filtering (rp_filter ) - sysctl.conf

If you come across packet loss problem with the OpenVZ VMs, change rp_filter (Reverse path filtering ) to loose mode (rp_filter = 2) on the hardware node to fix the intermittent network connection loss in the VM's. 

####sysctl.conf variables###
net.netfilter.nf_conntrack_max = 196608
net.nf_conntrack_max = 196608
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.all.rp_filter = 2

########################

Dell PERC H200 RAID card (sas2ircu)

Setup CL/i monitoring tool for Dell PERC H200 RAID card (sas2ircu)
=======================================================

Check the status using /usr/sbin/sas2ircu-status

setup script to monitor RAID status
===================================

Bash script to send emails in case of any status change in RAID array.

************************************
#!/bin/bash
EMAIL="test1@dmain.com"
EMAIL1="test2@domain.com"
EMAIL2="test3@domain.com"
rm -f /tmp/alert
/usr/sbin/sas2ircu 0 STATUS > /tmp/alert
diff /etc/orig /tmp/alert
if [ $? -ne 0 ]; then

#Send alert email
/bin/mail -s "RAID status changed on `hostname` -- ( <IP_Address> )" ${EMAIL} ${EMAIL1} ${EMAIL2} < /tmp/alert
fi
************************************

Note: Run the below command and create the file

/usr/sbin/sas2ircu 0 STATUS > /etc/orig

Check HDD health with hardware RAID: MegaCli

(1) Find out the device ID's using MegaCli too

Megacli64 -PDlist -a0|grep Device.Id

Device Id: 7
Device Id: 6
Device Id: 5
Device Id: 4

(2) Check the HDD health on each device using smartctl

smartctl -a -d sat+megaraid,7 /dev/sda|grep 'PASSED\|Reallocated_Sector_Ct\|Temperature_Celsius'
smartctl -a -d sat+megaraid,6 /dev/sda|grep 'PASSED\|Reallocated_Sector_Ct\|Temperature_Celsius'
smartctl -a -d sat+megaraid,5 /dev/sda|grep 'PASSED\|Reallocated_Sector_Ct\|Temperature_Celsius'
smartctl -a -d sat+megaraid,4 /dev/sda|grep 'PASSED\|Reallocated_Sector_Ct\|Temperature_Celsius'

Vi Vs Vim

Entering And Leaving VI   File Manipulation
-----------------------   -----------------
%vi name edit name at top :w     write back changes
%vi +n name ... at line n  :wq    write and quit
%vi + name ... at end  :q    quit
%vi -r  list saved files :q!    quit, discard changes
%vi -r name recover file name :e name    edit file name
%vi name ... edit first;rest via :n :e!    reedit discard changes
%vi -t tag start at tag  :e + name  edit starting at end
%vi +/pat name search for pat  :e +n name edit starting at line n
% view name read only mode  :e #    edit alternate file
ZZ  save and exit from vi CTRl-^    synonym for :e #
CTRL-Z  stop vi, don't exit :r(name)   paste file name starting at
         current position.
     :w(name)   write file name
The Display    :w! name   overwrite file name
-----------    :sh    run shell, then return
     :!cmd    run cmd, then return
Last line   Error mesg, echoing input :n    edit next file in arglist 
     to :/? and !, feedback :n args    specify new arglist
     about i/o and large changes :f    show current file and line
@ lines     On screen only, not in file CTRL-G    synonym for :f
~lines      Lines past end of file :ta tag    to tag file entry tag
CTRL-x      Control characters, DEL is CTRL-]    :ta, following word tag
     delete.
tabs     Expand to spaces, cursor
     at last.

Vi Modes    Positioning within File
--------    -----------------------
Command     Normal and initial state CTRL-F     forward screenfull
     Others return here. Esc CTRL-B     backward screenfull
     (escape) cancels partial CTRL-D     scroll down half screen
     command.   CTRL-U     scroll up half screen
Insert     Entered by a i A I O G    goto line (end default)
     o c C s S R. Arbitrary /pattern   next line matching pattern
     test then terminates ?pattern   prev line matching pattern
     with ESC character, or n    repeat last / or ?
     abnormally with interrupt N    reverse last / or ?
Last line   Reading input for :/? or !; /pat/+n    n'th line after pat
     terminate with ESC or CR ?pat?-n    n'th line befor pat
     to execute. interrupt to ]]    next section/function
m           cancel.   [[    previous section/function
     %    find matching () { or }

Counts Before Vi Commands  Adjusting the Screen
-------------------------  --------------------
line/column number  z G | CTRL-L    clear and redraw
scroLl half-page CTRL-D CTRL-U CTRL-R    retype, eliminate @ lines
replicate insert a i A I  z<CR>   redraw, at window top
repeat effect  most rest z-    ... at bottom
     z.    ... at center
Simple Commands    /pat/z-    pat line at bottom
---------------    zn.    use 
     CTRL-E    scroll window down 1 line
dw     delete word   CTRL-Y    scroll window up 1 line
de     ... leave punct
dd     delete a line  Corrections during Insert Mode
3dd     ... 3 lines   ------------------------------
i(text) ESC insert text (return 
     to cmd mode)
cw(new) ESC  change word to new  CTRL-H    erase last character
      (return to cmd mode)
easESC     pluralize word  CTRL-W    erases last word
xp     transpose characters  erase    your erase, same as CTRL-H
     (switch current char  Kill erase input this line 
      w/ next)
Interrupting, Cancelling  \    escapes CTRL-H, erase, kill
------------------------  ESC    end insert, command mode
     CTRL-C    interrupt, terminate insert
ESC     end insert or command CTRL-D    backtab over autoindent
CTRL-C     interrupt (or DEL)  CTRL-^D    kill auto, save for next
CTRL-L     refresh screen  0CTRL-D    ... but at margin next also
     CTRL-V    quote non-printing character

Marking and Returning   Insert and Replace
---------------------   ------------------
``     previous context  a    append after cursor
''     ... at first non-white i    insert before
     in line   A    append at end of line
mx     mark position with   I    insert before first non-white
`x     to mark x   o    open line below
'x     ... at first non-white O    open above
     in line   rx    replace single char with x
     R    replace characters

Line Positioning   Operators (double to effect line)
----------------   ---------------------------------

H     top window line  dd    delete line
L     last window line  cc    cut line to paste with p.
M     middle window line  <    left shift
+     next line at first  >    right shift
     non-white   !    filter through command
-     previous line, at first =    indent for LISP
CR     return, same as +  yy    yank lines to buffer
down arrow    
or j     next line, same column Miscellaneous Operations
up arrow    ------------------------
or k     prev line, same column
     C    change rest of line
Character Positioning   D    delete rest of line
---------------------   s    substitute chars
     S    substitute lines
^     beginning of Line.  J    join lines
$     end of line   X    ... before cursor
right arrow    Y    yank lines
or l     forward   x    delete characters
left arrow    Yank and Put
or h     backwards   ------------
CTRL-H     same as left arrow
space     same as right arrow  p    put back lines
     (num)yy    yank num lines 
     Undo,Redo,Retrieve
|     to specified column  ------------------
%     find matching () or {}
     u    undo last change
Words, Sentences, Paragraphs  U    restore current line
----------------------------  .    repeat last change
     (num)yy    yank num lines 
w     word forward
b     back word (to first char)  Commands for LISP
e     to last character of W -----------------
)     to next sentence
}     to next paragraph  )    Forward s-expression
(     back sentence  }    ... but don't stop at atoms
{     back paragraph  (    back s-expression
W     word forward  {    ... but don't stop at
B     back W (to first char)
E     to last character of W