Author: mark_user

Understanding Time

Time is a critical component of every computer. When to run updates, launch scheduled tasks, or just to keep user’s informed, are all dependent on time.

Every computer has a built in clock on the motherboard, usually powered by a battery, to keep track of the time. This hardware based clock is called the Real Time Clock (RTC) and is used to power the human readable ‘system time’, based on time zones.

• System Time = Uses Time Zones
• RTC = Real Time Zone = Uses Hardware clock

Unfortunately, the hardware clock will always eventually get out of sync with real time and need to be adjusted. This occurs because of power outages, battery on the MB dies, or other reasons.

Ubuntu Settings

Two commands are used to control the date and time. First, the ‘timedatectl‘ command is used to set the time zone. Next, the ‘timesyncd‘ command is used start or stop the sync service and to turn on or off the network time protocol (NTP).

An older process to manage these functions is called ntpd. While this process is still supported, it is recommended to use the newer methods.

Check Your Time Zone

In the United States, there are three primary time zones.

• UTC (Universal Time Coordinated)
• EDT (Eastern Daylight Time) = 2nd Sunday March to 1st Sunday in Nov. = 4 hr behind UTC
• EST (Eastern Standard Time) = 1st Sunday Nov to 2nd Sunday March. = 5 hr behind UTC

date

Get a list of available time zones

timedatectl list-timezones

Change the Time Zone

sudo timedatectl set-timezone America/New_York

Check the Sync & NTP Services

Note: Typically, the Real Time Clock or ‘RTC in local TZ’ should always be set to ‘no’. This is due to that most of the US uses spring/fall time changes and the RTC does not know anything about that.

Turn on the ‘System clock synchronized’

Check that there is a name server or two listed in the configuration file. The entries should be space separated.

sudo vim /etc/systemd/timesyncd.conf

Add the following lines under [Time]:
NTP=ntp.myserver.com time.nist.gov

Next, run the below command.

sudo systemctl start systemd-timesyncd

Turn on the ‘NTP Service’

sudo timedatectl set-ntp on

Verify the Clock is Synced

systemctl status systemd-timesyncd

Ref: https://www.linuxfordevices.com/tutorials/ubuntu/set-up-time-synchronization-ubuntu

Ref: https://opensource.com/article/20/6/time-date-systemd

Ref: https://ubuntu.com/server/docs/about-time-synchronisation

The Basic

TcpDump is a command line network monitoring tool for viewing packets, in real time, as they pass through the server network interface. Specifically, it can be used to view and record packets going into and out of a network interface and can be used to conduct all sort of analysis.

I use this tool to see if logs are actually coming into a server, typically over syslog, and what port are they being received on or are going to.

Inbound traffic from IP 10.16.28.143

tcpdump -i ens160 -nn 'src 10.16.28.143'

-i = listen on network card ens160
-n = do not translate IP address to DNS names
-nn = do not translate IP to DNS names or ports to service names
-v = verbose

Inbound traffic to a specific port

tcpdump -i eth0 -nn 'dst port 12017'

Either inbound or outbound traffic to/from port 12011

tcpdump -i any port 12011

Outbound traffic to IP 10.16.1.121

tcpdump -nn -i eth0 'dst 10.16.1.121'

Outbound traffic on port 443

Only capture TCP outbound traffic going to IP 10.10.192.30 on port 443.

tcpdump -i ens160 'tcp and port 443 and dst 10.10.192.30'

See if you are getting syslog data

Only capture data coming from subnets 10.10.149.0/24 or 10.10.153.0/24 and arriving on port 514.

tcpdump -i ens160 'dst port 514 and (src net 10.10.149.0/24 or src net 10.10.153.0/24)'

Outbound traffic going to port 443

tcpdump -i eth0 'src port 443'

Introduction

VIM is a popular Linux text editor program. Users can customize VIM by creating a .vimrc file in their home directory. Then, when launching VIM, it will load any variables that were preset in this file. You’ll need to set the file permissions of the .vimrc file to rw-rw—-.

A sample .vimrc file

In my opinion, the two most useful commands are to set line numbers on the file and set the color scheme, to make files easier to read. Here is how you set them up in the .vimrc file.

"This is a comment in VIM
set nu
colorscheme slate

Get a list of available color schemes

VIM comes with several color schemes loaded by default. You can also download others. To check what defaults are available, use this command.

:colorscheme[space][ctrl+d]

References

https://phoenixnap.com/kb/vim-color-schemes

https://thelinuxcode.com/vimrc_tutorial

Introduction

When working with systems, for troubleshooting, performance tuning, or regular maintenance, it’s often essential to gather key system information. This includes details such as the operating system version, hardware specifications, running processes, or file system disk usage. You might need to monitor CPU usage in real time or check how much storage space is available on your drives.

Fortunately, there are a set of powerful command-line tools that make this process quick and efficient. Below, we’ll explore some of the most useful commands to help you monitor and manage your system effectively.

What is OS Linux version

lsb_release -a

Get the installed memory (RAM)

free -h

Get a CPU count

lscpu | grep 'CPU(s)'

Get the hard drive details

df -h

Get disk space usage by directory

disk space used by the specified files and for each subdirectory.

du -chsk /*

Monitor Processes using TOP

Just run the command ‘top’ or ‘htop’ , if it is installed, to get real time Mem and CPU usage and see what process are resource hogs.