Lab 3 Configuring the kernel

Goal: Develop skills tuning the /proc filesystem.

Gain some experience working with device special files and modules.

Use the tools available to explore hardware resources.

Estimated Duration: 45 minutes

Sequence 1: Turning off ping responses

Scenario: You want to reduce the exposure of a critical system. One of your strategies is to “hide” it from easy discovery by ICMP ECHO requests.

Deliverable: A system that does not respond to ping.

Instructions:

1. Configure your system, so that it does not respond to any ping request. This configuration should survive a reboot.

Hint: Install the kernel-doc package and check the kernel documentation on /usr/share/doc/kernel-doc-2.6.18/Documentation/networking/ipsysctl.txt.

a. Check the present value of /proc/sys/net/ipv4/icmp_echo_ignore_all

# cat /proc/sys/net/ipv4/icmp_echo_ignore_all

It should be currently set to zero which means your system will respond normally to pings.

b. Change the value of /proc/sys/net/ipv4/icmp_echo_ignore_all to a 1 which will prevent other hosts from successfully pinging your host while not affecting your ability to ping them. Verify your work.

# echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
# cat /proc/sys/net/ipv4/icmp_echo_ignore_all

c. Now test pinging server1.example.com. Pressing Ctrl-C will stop the ping command and display some statistics for you. You should have been able to ping server1.

d. Next have someone else try pinging your station. They should not receive any responses back from your system. Alternatively, try to ping your own network address. This should not work either.

e. Now reboot your system and try to ping your station again. What happened? Why?

f. Remember that changes to the /proc filesystem are temporary and if you want them to persist across reboots you need to put an entry in /etc/sysctl.conf. Edit /etc/sysctl.conf and put the following line at the bottom:

net.ipv4.icmp_echo_ignore_all=1

g. To activate this change run:

# sysctl -p

h. Check the value in /proc. If it is not set to a 1 then recheck the previous two steps. Next reboot your system and check the value in /proc again.

2. MANDATORY CLEANUP

a. Comment out or remove net.ipv4.icmp_echo_ignore_all=1 from /etc/sysctl.conf

b. Remember that changing this file does not affect the system's current configuration, so you will want to undo your change directly as well:

# echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all
# cat /proc/sys/net/ipv4/icmp_echo_ignore_all

This is to prevent other things from breaking during the week and help preserve your and your instructor's sanity.

Optional Sequence 2: Creating a file persistently under /dev/

Scenario: You want to make sure the /dev/myusbdisk filename is available after a reboot and can be used to mount a USB device.

Deliverable: A system that provides /dev/myusbdisk automatically after a reboot.

System Setup: System running in runlevel 5.

Instructions:

1. Modify the udev subsystem in such a way that /dev/myusbdisk gets automatically created at boot time.

Create a file named /etc/udev/rules.d/99-usb.rules and insert the following statement in it:

KERNEL=="sdb1", NAME="myusbdisk"

Note: Systems with IDE harddrives use sda for the first USB disk.

2. Reboot the system.

init 6

Plug a USB key to your system and verify that you now have a file named /dev/myusbdisk.

ls -l /dev/myusbdisk

3. MANDATORY CLEANUP: Remove the file you have created under /etc/udev/rules.d/ and unplug the USB device.

rm /etc/udev/rules.d/99-usb.rules

Sequence 3: Exploring processes, hardware and memory resources

Scenario: You want to determine what processes are running on your system, which hardware devices are available, and how much RAM is left.

Deliverable:

System Setup: System running in runlevel 5.

Instructions:

1. Determine the top-three processes with the largest memory footprint.

# top

Type “M” to sort processes in order of decreasing memory usage. The three processes at the top of the list are the three largest.

2. Determine the top-three processes with the largest cpu usage.

# top

Type “P” to sort processes in order of decreasing CPU usage. The three processes at the top of the list are the three busiest processes.

3. Start a window in which, using vmstat, a memory snapshot will be obtained every 5
seconds.

# vmstat 5

In parallel, start a memory-intensive application and observe the results.

# cat /dev/hda > /dev/null

4. Determine what network card (brand and/or model) is currently connected to your system.

You might first want to take a look at the lspci command.

The hal-device -manager will also display more information about the network interface card.

RH133读书 笔记(3) - Lab 3 Configuring the kernel的更多相关文章

  1. RH133读书笔记(1)-Lab 1 Managing Startup

    Lab 1 Managing Startup Goal: To familiarize yourself with the startup process System Setup: A system ...

  2. RH133读书笔记(2)-Lab 2 Working with packages

    Lab 2 Working with packages Goal: To gain working experience with package management System Setup: A ...

  3. RH033读书笔记(11)-Lab 12 Configuring the bash Shell

    Sequence 1: Configuring the bash Shell Deliverable: A system with new aliases that clear the screen, ...

  4. RH133读书 笔记(5) - Lab 5 User and Group Administration

    Lab 5 User and Group Administration Goal: To build skills for user and group administration. Estimat ...

  5. RH133读书 笔记(4) - Lab 4 System Services

    Lab 4 System Services Goal: Develop skills using system administration tools and setting up and admi ...

  6. RH133读书笔记(6) - Lab 6 Adding New Filesystems to the Filesystem Tree

    Lab 6 Adding New Filesystems to the Filesystem Tree Goal: Develop skills and knowlege related to par ...

  7. RH133读书笔记(9)-Lab 9 Installation and System-Initialization

    Lab 9 Installation and System-Initialization Goal: Successfully install Red Hat Enterprise Linux. Sy ...

  8. RH133读书笔记(8)-Lab 8 Manage Network Settings

    Lab 8 Manage Network Settings Goal: To build skills needed to manually configure networking Estimate ...

  9. RH133读书笔记(7)-Lab 7 Advanced Filesystem Mangement

    Lab 7 Advanced Filesystem Mangement Goal: Develop skills and knowlege related to Software RAID, LVM, ...

随机推荐

  1. POJ 2948 DP

    一个row*col的矩阵,每一个格子内有两种矿yeyenum和bloggium,而且知道它们在每一个格子内的数量是多少.最北边有bloggium的收集站,最西边有 yeyenum 的收集站.如今要在这 ...

  2. TSL230选型

    tsl230是一种可以直接将光强转化成频率值的器件.详细原理就不介绍了,数据手冊里写的都非常清楚,230系列包括非常多种,主要为下面四类:TSL230,TSL230A,TSL230B系列:TSL230 ...

  3. windows phone 7 通过Post提交URL到服务器,从服务器获取数据(比如登陆时候使用)

    原文:windows phone 7 通过Post提交URL到服务器,从服务器获取数据(比如登陆时候使用) HttpWebRequest myRequest = (HttpWebRequest)Web ...

  4. Spring jdbc 对象Mapper的简单封装

    一般查询实体的时候,都需要这么使用/**      * 根据id查询      *       * @return      */     public Emp queryEmpById(Intege ...

  5. Automatically generate serial number in abap

    流水号的产生:   在ABAP开发中,很多地方都需要按照自己的规则生成流水号,把这些流水号保存进透明表,作为唯一标示. 一. 系统中设定流水号 使用T-Code SNRO来创建一个流水号标识对象. 输 ...

  6. windows phone 浏览器 (1)

    原文:windows phone 浏览器 (1) windows phone 浏览器主要用的控件是phone:WebBrowser,该控件就是windows phone中的IE,在grid控件嵌套的g ...

  7. 浅谈新一代Android操作系统Android L

    今天早一些的时候,Google公布了新一代Android操作系统Android L.让我很意外的是命名规则的变化,之前外界纷纷推測会叫Android5.0,同一时候会给一个甜品的名字命名.由于Andr ...

  8. 《Head First 设计模式》学习笔记——迭代模式 + 组合模式

    迭代模式设置共生死亡,一般来说.我们只是想实现一个集,我们需要的同时提供这个集合的迭代器,喜欢java中间Collection.List.Set.Map等,这些集合都有自己的迭代器.假如我们要实现一个 ...

  9. 基于 Android 的 3D 视频示例代码

    笔者:Mark Liu 下载样本代码 简单介绍 在Android 中,创建一个可以播放视频剪辑的应用很easy:创建一个採用 3D 图形平面的游戏应用也很easy.可是,创建一个可以在 3D 图形对象 ...

  10. android于src和background差额

    ImageView中XML属性src和background的差别: background会依据ImageView组件给定的长宽进行拉伸,而src就存放的是原图的大小.不会进行拉伸.src是图片内容(前 ...