I setup a gigabit switch and wanted to check the transfer rate between 2 linux systems.

1) Using iperf
==============
install iperf on both server and client, sudo apt install iperf

on server: iperf -s
on client: iperf -c server_host
————————————————————
Client connecting to server_host, TCP port 5001
TCP window size: 85.0 KByte (default)
————————————————————
[ 3] local 10.0.0.44 port 36798 connected with 10.0.0.30 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0-10.0 sec 1.09 GBytes 939 Mbits/sec

2) Using nc
===========
nothing to install, nc is already installed.

on server: nc -vvlnp 12345 >/dev/null
on client: dd if=/dev/zero bs=1M count=1K | nc -vv server_host 12345

Connection to server_host 12345 port [tcp/*] succeeded!
1024+0 records in
1024+0 records out
1073741824 bytes (1.1 GB, 1.0 GiB) copied, 9.16265 s, 117 MB/s

iperf reports 939 Mbits/sec, about same as 117 MB/s (divide 939 / 8 bits/byte)

END

Cloudflare’s mission is to help build a better Internet and today April 1st, are releasing a new DNS resolver, 1.1.1.1 – a recursive DNS service. This is not an April fool’s joke. Use the following IPv4 addresses for your resolver: 1.1.1.1 and 1.0.0.1. Easy to remember.

https://blog.cloudflare.com/dns-resolver-1-1-1-1/
https://1.1.1.1/

# Monitoring /var/log/auth.log for intrusion
#
# REF: https://unix.stackexchange.com/questions/123029/history-of-ip-addresses-that-accesed-a-server-via-ssh
# REF: https://unix.stackexchange.com/questions/190907/how-to-retrieve-ip-addresses-of-possible-ssh-attackers
# feb 2018
#

# sample /var/log/auth.log
=====
Feb 22 14:06:03 zentyal sshd[28061]: Failed password for root from 115.238.245.4 port 35807 ssh2
Feb 22 14:06:03 zentyal sshd[28061]: Received disconnect from 115.238.245.4: 11: [preauth]
Feb 22 14:06:03 zentyal sshd[28061]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.245.4
user=root
Feb 22 14:06:09 zentyal sshd[28068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.23
8.245.4 user=root
Feb 22 14:06:10 zentyal sshd[28068]: Failed password for root from 115.238.245.4 port 32916 ssh2
Feb 22 14:06:13 zentyal sshd[28068]: Failed password for root from 115.238.245.4 port 32916 ssh2
=====

# This will list IPs and the number of times each IP tried …

grep “Failed password for” /var/log/auth.log | grep -Po “[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+” | sort | uniq -c

1 43.229.205.182
1 47.223.140.95
2786 5.188.86.46
1 54.2.63.218
2 59.182.130.89
3 61.6.107.192
7 66.84.25.210
4 78.165.8.203

# this will grep rhost= which lists the hostname/ip of who tried.
# Then use geoiplookup from the geoip-bin package to get the Country.

zgrep sshd /var/log/auth.log* | grep rhost | sed -re ‘s/.*rhost=([^ ]+).*/\1/’ | sort -u

web1.status-telecom.ru
wsip-70-169-35-74.tu.ph.cox.net
wsip-70-182-157-6.br.br.cox.net
www2.daniweb.com
www2.hcchurch.org.tw
xplr-204-237-24-107.xplornet.com
y117067.ppp.asahi-net.or.jp

# another one liner to count all failed atempts and sort them in descending order (hi-lo)

awk ‘/Failed/ {x[$(NF-3)]++} END {for (i in x){printf “%3d %s\n”, x[i], i}}’ /var/log/auth.log | sort -nr

588 119.249.54.217
499 185.143.223.4
459 103.213.115.45
348 209.92.176.114
113 37.72.176.165
80 35.201.226.248

# Also, look at other packages like fail2ban and http://denyhosts.sourceforge.net/

END