• multitasking: several programs running at the same time.
• multiuser: several users on the same machine at the same time (and no two-user licenses!).
• multiplatform: runs on many different CPUs, not just Intel.
• multiprocessor: SMP support is available on the Intel and SPARC platforms (with work currently in progress on other platforms), and Linux is used in several loosely-coupled MP applications, including Beowulf systems (see http://cesdis.gsfc.nasa.gov/linux-web/beowulf/beowulf.html) and the Fujitsu AP1000+ SPARC-based supercomputer.
• multithreading: has native kernel support for multiple independent threads of control within a single process memory space.
• runs in protected mode on the 386.
• has memory protection between processes, so that one program can’t bring the whole system down.
• demand loads executables: Linux only reads from disk those parts of a program that are actually used.
• shared copy-on-write pages among executables. This means that multiple process can use the same memory to run in. When one tries to write to that memory, that page (4KB piece of memory) is copied somewhere else. Copy-on-write has two benefits: increasing speed and decreasing memory use.
• virtual memory using paging (not swapping whole processes) to disk: to a separate partition or a file in the filesystem, or both, with the possibility of adding more swapping areas during runtime (yes, they’re still called swapping areas). A total of 16 of these 128 MB (2GB in recent kernels) swapping areas can be used at the same time, for a theoretical total of 2 GB of useable swap space. It is simple to increase this if necessary, by changing a few lines of source code.
• a unified memory pool for user programs and disk cache, so that all free memory can be used for caching, and the cache can be reduced when running large programs.
• dynamically linked shared libraries (DLL’s), and static libraries too, of course.
• does core dumps for post-mortem analysis, allowing the use of a debugger on a program not only while it is running but also after it has crashed.
• mostly compatible with POSIX, System V, and BSD at the source level.
• through an iBCS2-compliant emulation module, mostly compatible with SCO, SVR3, and SVR4 at the binary level.
• all source code is available, including the whole kernel and all drivers, the development tools and all user programs; also, all of it is freely distributable. Plenty of commercial programs are being provided for Linux without source, but everything that has been free, including the entire base operating system, is still free.
• POSIX job control.
• pseudoterminals (pty’s).
• 387-emulation in the kernel so that programs don’t need to do their own math emulation. Every computer running Linux appears to have a math coprocessor. Of course, if your computer already contains an FPU, it will be used instead of the emulation, and you can even compile your own kernel with math emulation removed, for a small memory gain.
• support for many national or customized keyboards, and it is fairly easy to add new ones dynamically.
• multiple virtual consoles: several independent login sessions through the console, you switch by pressing a hot-key combination (not dependent on video hardware). These are dynamically allocated; you can use up to 64.
• Supports several common filesystems, including minix, Xenix, and all the common system V filesystems, and has an advanced filesystem of its own, which offers filesystems of up to 4 TB, and names up to 255 characters long.
• transparent access to MS-DOS partitions (or OS/2 FAT partitions) via a special filesystem: you don’t need any special commands to use the MS-DOS partition, it looks just like a normal Unix filesystem (except for funny restrictions on filenames, permissions, and so on). MS-DOS 6 compressed partitions do not work at this time without a patch (dmsdosfs). VFAT (WNT, Windows 95) support and FAT-32 is available in Linux 2.0
• special filesystem called UMSDOS which allows Linux to be installed on a DOS filesystem.
• read-only HPFS-2 support for OS/2 2.1
• HFS (Macintosh) file system support is available separately as a module.
• CD-ROM filesystem which reads all standard formats of CD-ROMs.
• TCP/IP networking, including ftp, telnet, NFS, etc.
• Appletalk server
• Netware client and server
• Lan Manager/Windows Native (SMB) client and server
• Many networking protocols: the base protocols available in the latest development kernels include TCP, IPv4, IPv6, AX.25, X.25, IPX, DDP (Appletalk), Netrom, and others. Stable network protocols included in the stable kernels currently include TCP, IPv4, IPX, DDP, and AX.25.

To set your Linux Servers system date and time from the command prompt (bash shell) use the date command to display the current date and time or set the system date / time over ssh session

You must login as root user to use date command.

Linux Set Date

Use the following syntax to set new data and time:
date set=”STRING”

For example, set new data to 2 Oct 2006 18:00:00, type the following command as root user:
date -s "8 FEB 2009 11:00:00"

OR

date set="8 FEB 2009 11:00:00"

Shutting down/Rebooting the server from the command line.

Below is a listing of each of the commands that will enable a user to shut down, turn off, reboot, etc. their Linux computer from the command line.

halt
poweroff
reboot
shutdown

The following is a list of UNIX commands that you might find helpful when modifying your web sites on the server. Most UNIX commands have many options and parameters which are not listed here. For more complete information on using UNIX commands, you can refer to the online manual by typing man [command] at the UNIX prompt, where “[command]” represents the command you would like more information about. Other UNIX help commands you can type are [command] -? and [command] –help. Example: man ls
This would bring up the help documentation for the “LS” command.

Note: When something is specified in brackets, such as [command] or [filename], it is used to indicate that you must input your desired information here. Do NOT include brackets in your command.

Navigating in UNIX

Moving, Copying and Deleting Files

Creating, Moving, Copying and Deleting Directories

Searching Files and Directories

File and Directory Permissions

There are three levels of file permissions: read, write and execute.  In addition, there are three groups to which you can assign permissions: file owner, user group and everyone.  The command chmod followed by three numbers is used to change permissions.  The first number is the permission for the owner, the second for the group and the third for everyone.  Here are how the levels of permission translate:

It is preferred that the group always have permission of 0.  This prevents other users on the server from browsing files via Telnet and FTP.  Here are the most common file permissions used:

This is a collection of useful tools and websites which can help you maintain your server, and optimise it for specific scenarios.

Network Tools

iftop does for network usage what top does for CPU usage. It listens to network traffic on a named interface and displays a table of current bandwidth usage by pairs of hosts.

www.ex-parrot.com/~pdw/iftop/

MySQL tools

MySQL Performance Tuning Primer Script

Provides useful configuration suggestions for your MySQL server.

www.day32.com/MySQL/

MySQLTuner

MySQLTuner is a high-performance MySQL tuning script written in perl that will provide you with a snapshot of a MySQL server’s health. Based on the statistics gathered, specific recommendations will be provided that will increase a MySQL server’s efficiency and performance. The script gives you automated MySQL tuning that is on the level of what you would receive from a MySQL DBA.

http://rackerhacker.com/mysqltuner/

Mytop

mytop is a console-based (non-gui) tool for monitoring the threads and overall performance of a MySQL server.

jeremy.zawodny.com/mysql/mytop/

DDoS Protection

mod_evasive

mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack.

www.zdziarski.com/projects/mod_evasive/

(D)DoS-Deflate

(D)DoS-Deflate is one of the best software level solutions to utilise in combating DDoS attacks.

deflate.medialayer.com/

Security tools

RKHunter

Rootkit Hunter (RKH) is an easy-to-use tool which checks computers running UNIX (clones) for the presence of rootkits and other unwanted tools.

rkhunter.sourceforge.net/

chkrootkit

chkrootkit is a tool to locally check for signs of a rootkit.

www.chkrootkit.org/

Ultra High Security Password Generator

Useful for creating secure passwords for accounts.

www.grc.com/passwords.htm

OSSEC

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response.

www.ossec.net/

grsecurity

grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model. It is licensed under the GPL. This requires recompiling the kernel and is not for the faint hearted!

www.grsecurity.net

Nessus

The Nessus vulnerability scanner, is the world-leader in active scanners, featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture.

www.nessus.org/nessus/

mod_security

mod_security supplies an array of request filtering and other security features to the Apache HTTP Server.

www.modsecurity.org

CentOS Security mailing list

Recieve security and other major announcements for CentOS straight to your inbox. Highly recommended.

lists.centos.org/mailman/listinfo/centos-announce

Server optimization

mod_deflate

The mod_deflate Apache module provides the DEFLATE output filter that allows output from your server to be compressed before being sent to the client over the network. Useful for saving bandwidth.

httpd.apache.org/docs/2.0/mod/mod_deflate.html

mod_top

mod_top is a production monitoring tool for LAMP applications with user interfaces modeled after the popular unix top. mod_top plans to support PHP, Perl, Ruby, Python, mySQL, Postgres, Apache1+2 on Linux. It is useful for analysing what scripts are causing issues with resource consumption on a server.

http://www.mod-top.org

DNS Tools

IntoDNS

Excellent free DNS scanner that provides a range of useful information about a domain’s DNS settings.

intodns.com/

DNSStuff

Does the same as IntoDNS but gives more detailed information. Subscription based.

www.dnsstuff.com

Getting help

CentOS Forums

The CentOS forums are a great place to ask questions relating to your Linux server.

www.centos.org/modules/newbb/index.php

webhostingtalk Forums

The webhostingtalk forums focus mainly on the web hosting industry, but include useful tutorials and technical forums for asking questions.

www.webhostingtalk.com

cPanel/WHM Official Forums

Ask your cPanel/WHM related questions here to get help from users and the cPanel team.

forums.cpanel.net/

WHM Documentation

The complete WHM manual in an easy to browse format.

www.cpanel.net/docs/whm/

Other

Linux/Unix cheatsheets

This blog post lists a number of useful cheatsheets that you can print off. Cheatsheets are lists of commands and other information that are useful as a quick reference.

www.scottklarr.com/topic/115/linux-unix-cheat-sheets—the-ultimate-collection/

DistroWatch

Useful website for keeping up to date on whats going on in the Linux world.

www.distrowatch.com

Sometimes you will have a database backup that is too big to restore over a web interface. The best way to restore large SQL backups is through SSH, and all it takes is one command. This tutorial will show you how.

First of all, connect to your server via SSH and login as root/elevate yourself to root status. Here is the command we are going to use:

mysql -u user -p password -h host database_name < backupfile.sql

You need to change the bold sections. A brief explanation of each:

• user: The user who has access to the database you are importing data into
• password: Password of the user
• host: The database host. This is usually localhost
• database_name: Name of the database you want to import data into
• backupfile.sql – Name/location of the backup file you want to import.

Here is a proper example:

mysql -u john -p johnspass -h localhost johns_db < /home/john/backups/backup.sql

In this example, we are importing the file backup.sql into the database johns_db, using the user john, and the database host is localhost.

This could take a while depending on the size of the database. Once you are returned to the command line, the import has been completed. It is a good idea to check in phpMyAdmin or a similar tool to make sure that the database imported correctly.

One of the most important tasks a system administrator should undertake is keeping the server up to date. Updates are frequently released for Linux, including security, performance a feature updates.

Luckily, most Linux distributions include an easy to use package manager which allows you to update your server with one command. This tutorial will show you how to update your server over SSH.

Firstly connect to your server via SSH and login as root/elevate yourself to root status. Now run the following command:

yum -y update

This instructs yum, the package manager for CentOS, to search for updates and install them without user confirmation. You can optionally remove the -y switch to make yum prompt you to confirm installation of updates. yum will then download and install all available updates.

Congratulations, you just updated your server! One thing to keep in mind is that kernel updates require a reboot to take effect. An example of what a kernel package looks like:

kernel-2.6.18-53.1.14.el5.x86_64.rpm

To see what your current kernel version is, run the following command:

uname -a

The version number will differ depending on what version is being installed.

Sometimes a MySQL database is simply too large to backup on a web based interface. In the event of this occurring, it is fairly easy to backup a database via SSH; all it takes is one command. This tutorial will show you how.

First of all, login to SSH either as root or elevate yourself to root status.

mysqldump -u user -p password -h host dbname > outputfile

The terms highlighted in bold need to be filled out by you. A brief overview of what they are:

• user: The user that has access to the database you want to backup
• password: The password of that user
• host: Your database host; usually setting this to localhost works fine
• dbname: The name of the database you want to backup
• outputfile: The name of the file you want to backup the database to.

Here is an example:

mysqldump -u john -p johnpass -h localhost john_db > /home/john/backup.sql

This will backup the database john_db to /home/john/backup.sql. Keep in mind for very large files, this will take some time, so be patient. Once it is finished, you will be returned to the command line.