Linux Server & System Monitoring

There are many Linux Server and System Monitoring packages out there for the Linux Platform that will also monitor other OS and devices (hardware) – here is a short list:

Munin And Monit:






Upgrade VMWare VC3.5 and ESXi 3.5 to vsphere 4 & ESXi4

References and detailed instructions at these links:,289142,sid94_gci1376405,00.html?track=NL-1429&ad;=738699&asrc;=EM_NLN_10266977&uid;=5050482

Unix Toolbox

Unix Toolbox is a collection of Unix/Linux/BSD commands and tasks which are useful for IT work or for advanced users. This is a practical guide with concise explanations, however the reader is supposed to know what s/he is doing.

You can download the PDF version which is a must have for any IT Pro on the road!

How to check if a website has been serving up malware

References and info at these sites:

Google safe browsing, enter the site name at the end:

McAfee Site Advisor:

Sucuri Site Check:





PowerShell script to delete files & folders

I needed a script to check the date of files and folders in a sub folder on a Windows server and could not find the right solution with a command or VB script, however a Powershell script did exactly what I needed.

I’m sure there is a VB script out there to do this, but I couldn’t really find one and I just don’t have the time or skills to create one – so this PS script works perfectly for my needs:
$filelocation = “I:DataBUBackupVMs”
gci -path $filelocation -r | where-object {$_.PsIsContainer -eq “True”} |
?{$_.creationtime -lt (get-date).adddays(-7)} | %{del $_.fullname -r -force}

The location of my folders and data is on a I: drive under the DataBU folder and anything older than 7 days will be deleted e.g. (get-date).adddays(-7). The -r will perform a recursive delete and the -force will ensure the data is deleted regardless of it’s access rights (assuming the script operator has enough permission).

IPTABLES Connection Tracker Feature

I needed to setup an internal FTP server on a Debian server, so I used VSFTPD which is an excellent FTP server – see

Anyway, it didn’t work all that well for me because I had a custom IPTABLES script running and of course needed to allow for FTP traffic. After fixing that it worked but something was still not right.
What I needed was an IPTABLES Module called connection tracking for FTP or ip_conntrack_ftp

In my IPTABLES configuration I added the following:
/sbin/modprobe ip_conntrack_ftp

The the actual rule with a helper:
iptables -A INPUT -m helper –helper ftp -j ACCEPT

On the VSFTPD configuration side of things I added the following:

Now it works like a gem!!

More info on IPTABLES Connection tracking:

Linux Rootkit Hunter and Unhide Utility (scanners)

Found this “Linux Rootkit Hunter” and gave it a go – works well enough and worth running on some systems.

Rootkit scanner is scanning tool to ensure you for about 99.9%* you’re clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

– MD5 hash compare
– Look for default files used by rootkits
– Wrong file permissions for binaries
– Look for suspected strings in LKM and KLD modules
– Look for hidden files
– Optional scan within plaintext and binary files

Rootkit Hunter is released as GPL licensed project and free for everyone to use.

See the website for more info and download:

This site runs through the install and operation:

Linux Detecting / Checking Rootkits with Chkrootkit and rkhunter Software:


Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique.
You can install it from most repos, with Debian/Ubuntu you can install with an apt-get install unhide

To use the tool:

sudo unhide-linux26 proc
sudo unhide-linux26 sys
sudo unhide-linux26 brute

It also has a TCP/UDP port scanner to check for hidden listening ports etc.

sudo unhide-tcp

More info see the developers website