==== Memory ====
== Identify memory usage of TIME_WAIT sockets ==
<code bash>
slabtop -o | grep -E '(^  OBJS|tw_sock_TCP|tcp_bind_bucket)'
  OBJS ACTIVE  USE OBJ SIZE  SLABS OBJ/SLAB CACHE SIZE NAME
 13104   5813  44%    0.03K    117      112       468K tcp_bind_bucket
  6900   6408  92%    0.19K    345       20      1380K tw_sock_TCP
</code>

==== OpenSSH ====
Because SSH is incredible.\\
== Tunneling ==
<code bash>
# Using connect-proxy as a socks proxy (tunneling ssh over http proxy to an ssh server on port 1.2.3.4:443)
Host 1.2.3.4
  ProxyCommand connect-proxy -H proxy:3128 %h %p
  Port 443
  User shaun

# -W can be used for raw port-forwarding on OpenSSH 5.4 and higher
Host internal.server
  HostName internal.server.com
  User shaun
  ProxyCommand ssh shaun@intermediary.server.com -W %h:%p

# Here's the old way, with netcat
Host internal.server
  HostName internal.server.com
  User shaun
  ProxyCommand ssh shaun@intermediary.server.com nc %h %p

# New to OpenSSH 7.3 and higher is the ProxyJump commmand, which does the same, but with multiple possible intermediaries
Host internal.server
   HostName internal.server.com
   ProxyJump shaun@intermediary1.server:22,shaun@intermediary2.server:22
   User shaun
</code>

== SSH as a VPN ==
<code bash>
ssh -NTCf -w 0:0 <destination>

# Machine A
ip link set tun0 up
ip addr add 10.0.0.100/32 peer 10.0.0.200 dev tun0

# Machine B
ip link set tun0 up
ip addr add 10.0.0.200/32 peer 10.0.0.100 dev tun0

# Add a route for target network on Machine B
ip route add 10.0.0.0/24 via 10.0.0.200

#This allows us to send packets from Machine B to any IP address on Network A, via Machine A. 
#To ensure that packets have a route back to Machine B add an arp entry on Machine A:

arp -sD 10.0.0.200 eth0 pub

#This sets a published arp destination for 10.0.0.200 to Machine A (proxy-ARP). 

# Kernel packet forwarding must be enabled for the routing bits
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

</code>

== Copy and install public key == 
<code bash>
ssh-copy-id -i .ssh/id_rsa.pub user@server.com
</code>

==== Filesystems ====
[[xfs]]\\
[[ext4]]\\
[[recovery]]\\

== Get detailed memory chip information ==
<code bash>
dmidecode --type 17
</code>
Sample output:
<code bash>
# dmidecode 2.12
SMBIOS 2.7 present.

Handle 0x003B, DMI type 17, 34 bytes
Memory Device
        Array Handle: 0x002C
        Error Information Handle: Not Provided
        Total Width: 72 bits
        Data Width: 64 bits
        Size: 32 GB
        Form Factor: DIMM
        Set: None
        Locator: D0
        Bank Locator: /SYS/MB/P0
        Type: DDR3
        Type Detail: Synchronous
        Speed: 1066 MHz
        Manufacturer: Samsung
        Serial Number: 366112E5
        Asset Tag:
        Part Number: M393B4G70BM0-YH9
        Rank: 1
        Configured Clock Speed: 1066 MHz
</code>

==== OpenSSL ====
==Convert .crt to .pem==
<code>
openssl x509 -in certificate.crt -out certificate.pem -outform PEM
</code>

== View certificate and key ==
<code bash>
openssl x509 -noout -text -in server.crt
openssl rsa -noout -text -in server.key
</code>

== Verify certificate matches key ==
The `modulus' and the `public exponent' portions in the key and the Certificate must match. But since the public exponent is usually 65537 and it's bothering comparing long modulus you can use the following approach:
<code bash>
openssl x509 -noout -modulus -in server.crt | openssl md5
openssl rsa -noout -modulus -in server.key | openssl md5
</code>

== Check which key or cert belongs to a CSR ==
<code bash>
openssl req -noout -modulus -in server.csr | openssl md5
</code>

== Show local certificate details ==
<code bash>
openssl s_client -showcerts -servername www.virtualhost.co.za -connect localhost:443 </dev/null | openssl x509 -text
</code>

==== Tcpdump ====
Dump TCP Rsets
<code bash>
tcpdump -fnni bond0:-nnvvS 'tcp[tcpflags] & (tcp-rst) != 0'
</code>

==== Other ====
== Conceal process in 'ps'==
<code bash>
echo FakeProcName > /tmp/cmdline
mount -n --bind -o ro /tmp/cmdline /proc/<pid>/cmdline

ps -ef | grep FakeProcName
</code>

== speedtest == 
<code bash>
curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python -
</code>

== get kernel debuginfo packages for systemtap and crash ==

For Unbreakable Enterprise Kernel:
<code bash>
export DLP="https://oss.oracle.com/ol7/debuginfo"
wget ${DLP}/kernel-uek-debuginfo-`uname -r`.rpm
wget ${DLP}/kernel-uek-debuginfo-common-`uname -r`.rpm
</code>

For Red Hat Compatible Kernel:
<code bash>
export DLP="https://oss.oracle.com/ol7/debuginfo"
wget ${DLP}/kernel-debuginfo-`uname -r`.rpm
    # wget ${DLP}/kernel-debuginfo-common-`uname -r`.rpm
</code>

Install
<code bash>
rpm -Uhv kernel-uek-debuginfo-4.1.12-112.14.15.el7uek.x86_64.rpm \
	 kernel-uek-debuginfo-common-4.1.12-112.14.15.el7uek.x86_64.rpm
</code>

== Get interrupts causing high system time ==
<code>
sar -I XALL 1 | grep -v 0.00 
</code> 

==== Iptables ====
== icmp rate limiting ==
<code bash>
  iptables -A INPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 1/second --limit-burst 1 -j ACCEPT
  iptables -A OUTPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 1/second --limit-burst 1 -j ACCEPT
</code>



[[Oracle Enterprise Linux]]