Ask Your Question
0

Determining server's purpose

asked 2013-11-18 15:14:12 -0500

Tori Lynn gravatar image

updated 2014-09-28 10:35:51 -0500

mether gravatar image

I am by all serious accounts a Linux noob who has just inherited almost 2 dozen servers from an admin I cannot contact. Most of the boxes are running some old version of Fedora or CentOS (mostly somewhere between Fedora 2 & Fedora 15).

So, if you found yourself in my situation, how would you go about determining what all these servers do? Of who would you ask the million questions you don't have answers to and aren't really sure how to look up? I don't think you guys would appreciate EVERY stupid question on this forum, but what other options are there?

I once had a sort of "mentor" when it came to Linux admin, but he's since taken a new job and has no time to help me anymore, so I don't have anyone I know that I could actually talk to about it.

Thanks in advanced for any suggestions you can offer. Even just pointing me to a forum that won't get offended by my "still learning Linux" questions would be great!

edit retag flag offensive close merge delete

Comments

So here is my Linux noob coming trough. As root, I tried systemctl list-units --type=service on 2 different Fedora 13 boxes and got -bash: systemctl: command not found

So then I ran yum provides "*/systemctl" and got No Matches found

I'm probably just tired and not thinking straight, but what am I missing here?

Tori Lynn gravatar imageTori Lynn ( 2013-11-18 16:54:44 -0500 )edit

I wanted the above comment to appear with the answer below, but it wouldn't let me comment on that, just my original question. Don't get it...

Tori Lynn gravatar imageTori Lynn ( 2013-11-18 17:00:48 -0500 )edit

Don't forget this situation offers also a possibility of a cleanup. From the description your environment is not critical - so power down the servers that you are unable to determine the purpose of, let them sit in the rack, and wait for people complaining.

marcindulak gravatar imagemarcindulak ( 2013-11-19 03:56:30 -0500 )edit

Thanks so much!

Tori Lynn gravatar imageTori Lynn ( 2013-11-19 08:16:57 -0500 )edit

2 Answers

Sort by ยป oldest newest most voted
0

answered 2013-11-18 15:41:44 -0500

javierwilson gravatar image

First I would test the usual suspects, see if is a web/app server, mail server or file server. From the command line, you can use:

 netstat -nltp

To see what TCP ports are open ans listening... this will give you and idea of what the server is being used for, you will see a list of ports and processes, for example :::80 ... xxx/httpd or :::3306 ... xxx/mysqld.

You can also use:

 ps aux

To see the list of running processes, this will give you more clues. Or you could list all services with the service manager:

 systemctl

Good luck!

edit flag offensive delete link more

Comments

On pre-systemd systems the last command is service --status-all

marcindulak gravatar imagemarcindulak ( 2013-11-19 03:58:49 -0500 )edit

Check also for the presence of special users created for the purpose of running services like license servers, automatic build systems, etc. Verify also cron tasks for root and other users with crontab -l, and any periodic runs under /etc/cron.*

marcindulak gravatar imagemarcindulak ( 2013-11-19 07:13:47 -0500 )edit
0

answered 2013-11-20 10:16:43 -0500

Tori Lynn gravatar image

I just found this and wanted to share in case anyone ever finds this thread with a similar situation. Unfortunately, my karma does not yet allow me to post links, so... from the Spiceworks Community web site I found a script (below) that the writes says:

Our datacenter has way more servers in it than we need, probably by a factor of two. To help me find the ones we don't need, I have put together this script. Far from comprehensive, it nonetheless has cut my time to determine the purpose of a Linux Server from several hours to about 30 minutes. It grabs a list of the running processes, the last logins for all accounts on the box, crons for root, whether the system has been used as a sendmail server recently, shows all of the current connections to the machine, grabs about 500 packets of traffic from 'eth0' (adjust to your needs), shows which system logs have been updated recently, some information about whether MySQL is running and active, if it is an apache server and for what virtual hosts, whether it has libvirt KVM virtual machines running on it, shows the iptables rules, the routing table, and the users set up on the machine. Has been a huge timesaver in knowing what any given Linux box is. Works best run as root. Redirect output to a text file which you can then comb through.

Here is his code. I haven't tried it yet, nor am I endorsing it. Just sharing info...

# Script to help determine the purpose of the target Linux server
# RUN AS ROOT FOR BEST RESULTS

# display running processes
printf "\n\n\n====================================================================\n"
printf "\tShowing running processes\n"
printf "====================================================================\n\n"
ps aux

# display the running processes in top
printf "\n\n\n====================================================================\n"
printf "\tShowing processes in top\n"
printf "====================================================================\n\n"
top -b -n 1

# check last logins
printf "\n\n\n====================================================================\n"
printf "\tDisplaying last logins for all accounts\n"
printf "====================================================================\n\n"
lastlog

# check running crons
printf "\n\n\n====================================================================\n"
printf "\tShowing crons set up for root\n"
printf "====================================================================\n\n"
crontab -l

# check status of sendmail server
printf "\n\n\n====================================================================\n"
printf "\tLooking at recent sendmail usage\n"
printf "====================================================================\n\n"
ls -altr /var/spool/mail

# check local hostnames for which sendmail server is receiving mail
printf "\n\n\n====================================================================\n"
printf "\tDisplaying sendmail local hostnames\n"
printf "====================================================================\n\n"
cat /etc/mail/local-host-names

# show current connections
printf "\n\n\n====================================================================\n"
printf "\tRetrieving current connection table\n"
printf "====================================================================\n\n"
netstat -tapen

# gather some traffic
printf "\n\n\n====================================================================\n"
printf "\tGathering some traffic for analysis\n"
printf "====================================================================\n\n"
tcpdump -i eth0 not port 22 -vvvvAe -c 500

# show which logs have been used most recently
printf "\n\n\n====================================================================\n"
printf "\tShowing recently used logs\n"
printf "====================================================================\n\n"
ls -altr /var/log

# show which mysql files have been used most recently
printf "\n\n\n====================================================================\n"
printf "\tShowing recently used mysql ...
(more)
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2013-11-18 15:14:12 -0500

Seen: 3,042 times

Last updated: Nov 20 '13