SSL Server Security Test

https://www.htbridge.com

Advertisements

A cheat sheet list of 10 nmap commands that are extremely useful for every Systems or Network Administrator

Recently I was compiling a list of Linux commands that every sysadmin should know. One of the first commands that came to mind was nmap.

nmap is a powerful network scanner used to identify systems and services. nmap was originally developed with network security in mind, it is a tool that was designed to find vulnerabilities within a network. nmap is more than just a simple port scanner though, you can use nmap to find specific versions of services, certain OS types, or even find that pesky printer someone put on your network without telling you.

nmap can be used for good and for evil, today we will cover some common situations where nmap makes life easier for sysadmins which is generally good. Even if some Sysadmins are evil…

Discover IP’s in a subnet (no root)

 $ nmap -sP 192.168.0.0/24
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:37 MST
 Nmap scan report for 192.168.0.1
 Host is up (0.0010s latency).
 Nmap scan report for 192.168.0.95
 Host is up (0.0031s latency).
 Nmap scan report for 192.168.0.110
 Host is up (0.0018s latency).

This is one of the simplest uses of nmap. This command is commonly refereed to as a “ping scan”, and tells nmap to send an icmp echo request, TCP SYN to port 443, TCP ACK to port 80 and icmp timestamp request to all hosts in the specified subnet. nmap will simply return a list of ip’s that responded. Unlike many nmap commands this particular one does not require root privileges, however when executed by root nmap will also by default send arp requests to the subnet.

Scan for open ports (no root)

 $ nmap 192.168.0.0/24
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:23 MST
 Nmap scan report for 192.168.0.1
 Host is up (0.0043s latency).
 Not shown: 998 closed ports
 PORT STATE SERVICE
 80/tcp open http
 443/tcp open https

This scan is the default scan for nmap and can take some time to generate. With this scan nmap will attempt a TCP SYN connection to 1000 of the most common ports as well as an icmp echo request to determine if a host is up. nmap will also perform a DNS reverse lookup on the identified ip’s as this can sometimes be useful information.

Identify the Operating System of a host (requires root)

 # nmap -O 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:49 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00032s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 MAC Address: 00:00:00:00:00:00 (Unknown)
 Device type: general purpose
 Running: Apple Mac OS X 10.5.X
 OS details: Apple Mac OS X 10.5 - 10.6 (Leopard - Snow Leopard) (Darwin 9.0.0b5 - 10.0.0)
 Network Distance: 1 hop

With the -O option nmap will try to guess the targets operating system. This is accomplished by utilizing information that nmap is already getting through the TCP SYN port scan. This is usually a best guess but can actually be fairly accurate. The operating system scan however does require root privileges.

Identify Hostnames (no root)

 $ nmap -sL 192.168.0.0/24
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:59 MST
 Nmap scan report for 192.168.0.0
 Nmap scan report for router.local (192.168.0.1)
 Nmap scan report for fakehost.local (192.168.0.2)
 Nmap scan report for another.fakehost.local (192.168.0.3)

This is one of the most subtle commands of nmap, the -sL flag tells nmap to do a simple DNS query for the specified ip. This allows you to find hostnames for all of the ip’s in a subnet without having send a packet to the individual hosts themselves.

Hostname information can tell you a lot more about a network than you would think, for instance if you labeled your Active Directory Servers with ads01.domain.com you shouldn’t be surprised if someone guesses its use.

TCP Syn and UDP Scan (requires root)

 # nmap -sS -sU -PN 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 13:25 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00029s latency).
 Not shown: 1494 closed ports, 496 filtered ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 88/udp open|filtered kerberos-sec
 123/udp open ntp
 137/udp open netbios-ns
 138/udp open|filtered netbios-dgm
 631/udp open|filtered ipp
 5353/udp open zeroconf

The TCP SYN and UDP scan will take a while to generate but is fairly unobtrusive and stealthy. This command will check about 2000 common tcp and udp ports to see if they are responding. When you use the -Pn flag this tells nmap to skip the ping scan and assume the host is up. This can be useful when there is a firewall that might be preventing icmp replies.

TCP SYN and UDP scan for all ports (requires root)

 # nmap -sS -sU -PN -p 1-65535 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 10:18 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00029s latency).
 Not shown: 131052 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 17500/tcp open unknown
 88/udp open|filtered kerberos-sec
 123/udp open ntp
 137/udp open netbios-ns
 138/udp open|filtered netbios-dgm
 631/udp open|filtered ipp
 5353/udp open zeroconf
 17500/udp open|filtered unknown
 51657/udp open|filtered unknown
 54658/udp open|filtered unknown
 56128/udp open|filtered unknown
 57798/udp open|filtered unknown
 58488/udp open|filtered unknown
 60027/udp open|filtered unknown

This command is the same as above however by specifying the full port range from 1 to 65535 nmap will scan to see if the host is listening on all available ports. You can use the port range specification on any scan that performs a port scan.

TCP Connect Scan (no root)

 $ nmap -sT 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 12:48 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.0014s latency).
 Not shown: 964 closed ports, 32 filtered ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp

This command is similar to the TCP SYN scan however rather than sending a SYN packet and reviewing the headers it will ask the OS to establish a TCP connection to the 1000 common ports.

Aggressively Scan Hosts (no root)

 $ nmap -T4 -A 192.168.0.0/24
 Nmap scan report for 192.168.0.95
 Host is up (0.00060s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE VERSION
 22/tcp open ssh OpenSSH 5.9p1 Debian 5ubuntu1 (protocol 2.0)
 | ssh-hostkey: 1024 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:6c (DSA)
 |_2048 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:6c (RSA)
 80/tcp open http nginx 1.1.19
 |_http-title: 403 Forbidden
 |_http-methods: No Allow or Public header in OPTIONS response (status code 405)
 111/tcp open rpcbind
 | rpcinfo:
 | program version port/proto service
 | 100000 2,3,4 111/tcp rpcbind
 | 100000 2,3,4 111/udp rpcbind
 | 100003 2,3,4 2049/tcp nfs
 | 100003 2,3,4 2049/udp nfs
 | 100005 1,2,3 46448/tcp mountd
 | 100005 1,2,3 52408/udp mountd
 | 100021 1,3,4 35394/udp nlockmgr
 | 100021 1,3,4 57150/tcp nlockmgr
 | 100024 1 49363/tcp status
 | 100024 1 51515/udp status
 | 100227 2,3 2049/tcp nfs_acl
 |_ 100227 2,3 2049/udp nfs_acl
 2049/tcp open nfs (nfs V2-4) 2-4 (rpc #100003)
 Service Info: OS: Linux; CPE: cpe:/o:linux:kernel

Unlike some of the earlier commands this command is very aggressive and very obtrusive. The -A simply tells nmap to perform OS checking and version checking. The -T4 is for the speed template, these templates are what tells nmap how quickly to perform the scan. The speed template ranges from 0 for slow and stealthy to 5 for fast and obvious.

Fast Scan (no root)

 $ nmap -T4 -F 192.168.0.164
 Starting Nmap 6.01 ( http://nmap.org ) at 2013-02-24 12:49 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00047s latency).
 Not shown: 96 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp

This scan limits the scan to the most common 100 ports, if you simply want to know some potential hosts with ports open that shouldn’t be this is a quick and dirty command to use.

Verbose

 $ nmap -T4 -A -v 192.168.0.164
 Starting Nmap 6.01 ( http://nmap.org ) at 2013-02-24 12:50 MST
 NSE: Loaded 93 scripts for scanning.
 NSE: Script Pre-scanning.
 Initiating Ping Scan at 12:50
 Scanning 192.168.0.164 [2 ports]
 Completed Ping Scan at 12:50, 0.00s elapsed (1 total hosts)
 Initiating Parallel DNS resolution of 1 host. at 12:50
 Completed Parallel DNS resolution of 1 host. at 12:50, 0.01s elapsed
 Initiating Connect Scan at 12:50
 Scanning 192.168.0.164 [1000 ports]
 Discovered open port 139/tcp on 192.168.0.164
 Discovered open port 445/tcp on 192.168.0.164
 Discovered open port 88/tcp on 192.168.0.164
 Discovered open port 631/tcp on 192.168.0.164
 Completed Connect Scan at 12:50, 5.22s elapsed (1000 total ports)
 Initiating Service scan at 12:50
 Scanning 4 services on 192.168.0.164
 Completed Service scan at 12:51, 11.00s elapsed (4 services on 1 host)
 NSE: Script scanning 192.168.0.164.
 Initiating NSE at 12:51
 Completed NSE at 12:51, 12.11s elapsed
 Nmap scan report for 192.168.0.164
 Host is up (0.00026s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE VERSION
 88/tcp open kerberos-sec Mac OS X kerberos-sec
 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
 631/tcp open ipp CUPS 1.4
 | http-methods: GET HEAD OPTIONS POST PUT
 | Potentially risky methods: PUT
 |_See http://nmap.org/nsedoc/scripts/http-methods.html
 | http-robots.txt: 1 disallowed entry
 |_/
 Service Info: OS: Mac OS X; CPE: cpe:/o:apple:mac_os_x

By adding verbose to a majority of the commands above you get a better insight into what nmap is doing; for some scans verbosity will provide additional details that the report does not provide.

While these are 10 very useful nmap commands I am sure there are some more handy nmap examples out there. If you have one to add to this list feel free to drop it into a comment.

Source: http://bencane.com/2013/02/25/10-nmap-commands-every-sysadmin-should-know/

How to open DMP files in Windows 7?

DMP files (dump files) are useful for debugging Windows 7, so you should know how to open and read DMP files in Windows 7 if you want to debug Windows 7. It’s very easy to open DMP files, the difficult part is locating the actual problem and analyzing the DMP file.

How to open DMP files in Windows

In order to open and view DMP files in Windows 7, you first have to install a driver kit and set the symbol path. This will allow you to open DMP files. DMP, dump files are there for you to debug your system, so there’s no way around this.
This shouldn’t take longer than 10 minutes, but if you have a slow connection, downloading the 700MB ISO file (debugging tools) might take a while.

1. Download Windows Driver Kit

To open DMP files, you will need the Windows Debugging Tools (additional download). The Debugging Tools are included in the Windows Driver Kit Version 7.1.0. You have to download this ~700MB large ISO file from Microsoft first.

Download Windows Driver Kit Version 7.1.0

2. Install Driver Kit

I’m usually to lazy to burn ISO files, so I use some tools to open the ISO files and extract the files on it.
So, open the ISO file and extract everything. In the Debuggers directory you will find a x32 and x64 installer for the Windows Debugging Tool. Make sure to install the correct one!

64-bit Windows 7: Run setup_amd64.exe
32-bit Windows 7: Run setup_x86.exe

Important: Select Custom installed and change the location to e.g. C:\Debug\ it will make things easier if you don’t like typing the full path.

Don’t know how to open ISO files? Read this: How to open ISO files in Windows 7

3. Open WinDBG

Either go directly to C:\Debug (or wherever you installed the debugging tools to) and click on windbg.exe:

Debug Tools Windbg.exe

Or open WinDBG via the Start Menu:

Open WinDbg

Set Symbol File Path

1. Create a new folder on your main drive and call it “Symbols”, e.g. C:\Symbols

2. Click on “File” – “Symbol File Path …”:

WinDBG Set Symbol File Path

3. Insert the following path:

SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols

Replace “C:\Symbols” with your own folder if you created it somewhere else in step 1.

Open DMP file via WinDBG (CTRL+D)

WinDBG still opened? Good, the quickest way to open DMP files now is the shortcut CTRL+D or go to “File” and click on “Open Crash Dump File..”:

WinDBG Open Crash DUMP DMP File Windows 7

Where are DMP files located?

DMP files are located at O:\Windows\Minidump!

You can change the location where they are stored.

Can’t open DMP files? Permission Error!

If you are receiving a permission error like the one below, you have to take ownership of the DMP files first.

How to open Crash DMP file: Permission error

Usually, the owner is not even set:
Unable to display Current owner

Important: If you still receive the error “you don’t have permission to open this file, contact the system administrator”, copy the DMP file that you want to open and copy it into a subfolder, then it will work.

Let’s analyze the DMP file!

When you’re asked if you want to save the workspace, click yes. WinDBG will now open the DMP file and process it. This will take some time! Have some patience.

Here’s the first Bugcheck Analysis:
DMP Bugcheck Analysis

Of course, we want to dig a little deeper and enter !analyze -v to get detailed information. Now, below the next paragraph “Bugcheck Analysis” you will find some more concrete details. For my DMP file it read:

DRIVER_CORRUPTED_EXPOOL (c5)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is
caused by drivers that have corrupted the system pool. Run the driver
verifier against any new (or suspect) drivers, and if that doesn’t turn up
the culprit, then use gflags to enable special pool.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff80002c03000, address which referenced memory

In this case I had some corrupt drivers that attempted to access a IRQL that is too high, so my conclusion was to check my drivers. Now that you know the concrete error (my case: DRIVER_CORRUPTED_EXPOOL), you can also do some research and possibly find people with the same problem.

Sidenote: To run the driver verifier enter “verifier” into an elevated command prompt (how to open command prompt), you can then check the settings of currently loaded drivers for example. Keep in mind that this is advanced stuff, so you would have to do some research about it first.

I hope that this helped out some of you guys who wanted to open DMP files. Once you get used to reading DMP files, they can be handy for finding and solving problems in Windows 7 and Windows in general.

Source: http://windows7themes.net/how-to-open-dmp-files-in-windows-7.html

Kas ir deduplikācija?

Deduplication is becoming more prevalent in the world of proprietary solutions for data backup. However an open source solution deduplication shows the tip of his nose for some time and begins to mature : Opendedup.

For those who have forgotten or do not know this technology, I propose the definition of Wikipedia :

« Data deduplication is a specific form of compression where redundant data is eliminated, typically to improve storage utilization. In the deduplication process, duplicate data is deleted, leaving only one copy of the data to be stored. However, indexing of all data is still retained should that data ever be required. Deduplication is able to reduce the required storage capacity since only the unique data is stored. For example, a typical email system might contain 100 instances of the same one megabyte (MB) file attachment. If the email platform is backed up or archived, all 100 instances are saved, requiring 100 MB storage space. With data deduplication, only one instance of the attachment is actually stored; each subsequent instance is just referenced back to the one saved copy. In this example, a 100 MB storage demand could be reduced to only 1 MB. Different applications have different levels of data redundancy. Backup applications generally benefit the most from de-duplication due to the nature of repeated full backups of an existing file system. »

Also, add that to optimize this deduplication, data storage is usually in blocks of data as shown in the diagram below :

Great Applications for Deduplication

  • Backups
  • Virtual Machines
  • Network shares for unstructured data such as office documents and PSTs
  • Any application with a large amount of deduplicated data

 

Applications that are not a good fit for Deplication

  • Anything that has totally unique data
  • Pictures
  • Music Files
  • Movies/Videos
  • Encrypted Data

 

 

Deduplication with OpenDedup

SDFS leverages data deduplication for primary storage. It acts as a normal file system that can be used for typical IO operations similiar to EXT3, NTFS … etc. The difference is SDFS hashes blocks of data as they are written to the file system and only writes those that are unique to disk. Blocks that are not unique just refernce the data that is already on disk.

Requirements

System

Optional Packages

  • attr – (setfattr and getfattr) if you plan on doing snapshotting or setting extended file attributes.

Install (on Debian 6)

Consider that the Debian squeeze 6 is already installed.

Opendedup

# wget http://opendedup.googlecode.com/files/sdfs-1.0.7.tar.gz
# tar -zxf sdfs-1.0.5.tar.gz
# mv sdfs-bin /opt/sdfs

Attr

# apt-get install attr

Fuse

# wget http://opendedup.googlecode.com/files/debian-fuse.tar.gz
# tar -zxf debian-fuse.tar.gz
# cd debian-fuse
# apt-get install  libselinux1-dev libsepol1-dev
# dpkg -i libfuse2_2.8.3-opendedup0_amd64.deb \
# libfuse-dev_2.8.3-opendedup0_amd64.deb \
# fuse-utils_2.8.3-opendedup0_amd64.deb

Java

# tar -zxf jdk-7-fcs-bin-b146-linux-x64-20_jun_2011.tar.gz
# mkdir /usr/lib/jvm
# mv jdk1.7.0 /usr/lib/jvm/jdk
# export JAVA_HOME=/usr/lib/jvm/jdk

Create SDFS file system

For all possible parameters of mkfs.sdfs : mkfs.sdfs –help

–volume-capacity and –volume-name are required but I recommend –volume-maximum-full-percentage which will back an error when the file system is full. Otherwise the command « df » will show 100% but the storage space continue to increase. By default, data is stored in /opt/sdfs/<volume name>.

# mv /opt/sdfs-bin /opt/sdfs
# cd /opt/sdfs
/opt/sdfs# ./mkfs.sdfs --volume-name=sdfs_vol1 --volume-capacity=500MB --volume-maximum-full-percentage=100
Attempting to create volume ...
Volume [sdfs_vol1] created with a capacity of [500MB]
check [/etc/sdfs/sdfs_vol1-volume-cfg.xml] for configuration details if you need to change anything

Mount SDFS file system

/opt/sdfs# mkdir  /mnt/sdfs
/opt/sdfs# ./mount.sdfs -v sdfs_vol1 -m /mnt/sdfs
Running SDFS Version 1.0.7
reading config file = /etc/sdfs/sdfs_vol1-volume-cfg.xml

-f
/mnt/sdfs
-o
direct_io,big_writes,allow_other,fsname=sdfs_vol1-volume-cfg.xml
11:11:05.114     main  INFO [fuse.FuseMount]: Mounting filesystem

 

Tests

Two identical copies of files

To begin, we’ll copy the same file two times with a different name on SDFS file system :

# du -hc /opt/sdfs/volumes/sdfs_vol1/
[...]
20K     total

# cp jdk-7-fcs-bin-b146-linux-x64-20_jun_2011.tar.gz /mnt/sdfs/

# df -h /mnt/sdfs/
Sys. de fichiers    Taille  Uti. Disp. Uti% Monté sur
sdfs_vol1-volume-cfg.xml
                      500M   91M  410M  19% /mnt/sdfs

# du -hc /opt/sdfs/volumes/sdfs_vol1/
[...]
91M     total

# cp jdk-7-fcs-bin-b146-linux-x64-20_jun_2011-copie.tar.gz /mnt/sdfs/

df -h /mnt/sdfs/
Sys. de fichiers    Taille  Uti. Disp. Uti% Monté sur
sdfs_vol1-volume-cfg.xml
                      500M  181M  319M  37% /mnt/sdfs
# du -hc /opt/sdfs/volumes/sdfs_vol1/
[...]
91M     total

We can see that the disk space occupied by the file system is still the same. The command « df » clearly indicates the sum of the two files.

Copy of two files which the second contains two times the data of the first

# ls -lh ldap*
-rw-r--r-- 1 root root 42M  8 juil. 13:56 ldap2x.ldif
-rw-r--r-- 1 root root 21M 14 mars   2006 ldap.ldif

# cp ldap*.ldif /mnt/sdfs/

# df -h /mnt/sdfs/
Sys. de fichiers    Taille  Uti. Disp. Uti% Monté sur
sdfs_vol1-volume-cfg.xml
                      500M   63M  438M  13% /mnt/sdfs

# du -hc /opt/sdfs/volumes/sdfs_vol1/
[...]
42M     total

For this test the rate of duplication is 1/3.

Copying 500 MB of files (text, jpg, pdf, mp3 …) until saturation of the mounted file system

# ls -rlh /mnt/sdfs/
-rw-r--r-- 1 root root 7,8M 21 sept.  2010 Water - Evolution.mp3
-rw-r--r-- 1 root root 643K 10 juin  10:27 terrain vague.jpg
-rw-r--r-- 1 root root  34M  7 juin  09:48 squeezeboxserver_7.5.4_all.deb
[...]

# df -h /mnt/sdfs
Sys. de fichiers    Taille  Uti. Disp. Uti% Monté sur
sdfs_vol1-volume-cfg.xml
                      500M  500M     0 100% /mnt/sdfs
# du -hc /mnt/sdfs
[...]
564M    total

# du -hc /opt/sdfs/volumes/sdfs_vol1/
[...]
583M    total

There, I confess, I have some difficulty in interpreting these results !

Performance

For testing, I used a virtual machine with 4 G0 RAM, 2 CPU and 3 virtual disks, then I installed the Linux distribution Debian Squeeze 6.0.

# hdparm -t /dev/sda
/dev/sda:
Timing buffered disk reads: 486 MB in  3.02 seconds = 160.71 MB/sec

# hdparm -t /dev/sdb
/dev/sdb:
Timing buffered disk reads: 484 MB in  3.00 seconds = 161.18 MB/sec

# hdparm -t /dev/sdc
/dev/sdc:
Timing buffered disk reads: 482 MB in  3.00 seconds = 160.43 MB/sec
  • Test copy of a 698 MB file :
File system second
ext3 13
ext4 6
sdfs 19

Unsurprisingly EXT4 leads the race ahead and SDFS is close to the sag wagon.

  • Test with dd

Writing test

# time sh -c "dd if=/dev/zero of=/mnt/ext3/test bs=4096 count=175000 && sync"
# time sh -c "dd if=/dev/zero of=/mnt/ext4/test bs=4096 count=175000 && sync"
# time sh -c "dd if=/dev/zero of=/mnt/sdfs/test bs=4096 count=175000 && sync"

In this example, we create a test file on each partition (ext3, ext4 and sdfs) in which we will write 175 000 blocks of 4KB. This will give us a file of 717 MB. dd will return the time and the bandwidth used.

File system
second MB/s
ext3 1,95 367
ext4 1,79 401
sdfs 8,36 86

SDFS is almost four times slower than EXT3.

Reading test

time sh -c "dd if=/mnt/ext3/test of=/dev/null bs=4096 count=175000 && sync"
time sh -c "dd if=/mnt/ext4/test of=/dev/null bs=4096 count=175000 && sync"
time sh -c "dd if=/mnt/sdfs/test of=/dev/null bs=4096 count=175000 && sync"

We read the same test file (was sent to / dev / null). dd we will return the same information. But it is now reading.

File system
second MB/s
ext3 0,34 2100
ext4 0,32 2200
sdfs 4,98 144

In this second test, the gap is even greater with a ratio of 1 / 15!

The next step is the analysis of performance using the program bonnie + +. This program analyzes the type of access database to a file, as well as create, read, and destruction of small files simulating the use made by programs like Squid, INN, or programs using the Maildir format (qmail).

# bonnie++ -d /mnt/ext3 -s 512 -r 256 -u0
# bonnie++ -d /mnt/ext4 -s 512 -r 256 -u0
# bonnie++ -d /mnt/sdfs -s 512 -r 256 -u0

The command runs the test using 512 MB in the mounted file system. The other options specify the amount of memory (256 MB), and the user (-u0, that is the administrator).
Note that in certain boxes displayed « +++++ » means that the test to be less than 500 ms and the result could not be calculated.

Sequential writes
Sequential reads
Random access
Character Block Re-writing Character Block
SF test space KB/s % CPU KB/s % CPU KB/s % CPU KB/s % CPU KB/s % CPU KB/s % CPU
ext3 512 Mo 633 97 128217 32 92074 13 3744 97 +++++ +++ 6071 32
ext4 512 Mo 689 99 153463 21 162631 28 3854 98 +++++ +++ 5941 28
sdfs 512 Mo 36 29 99782 11 71622 20 35 29 147618 7 3241 24

 

Sequential creations Random creations
Creation Read Delete Creation Read Delete
SF number of files / sec % CPU / sec % CPU / sec % CPU / sec % CPU / sec % CPU / sec % CPU
ext3 16 24219 37 +++++ +++ 5241 7 26500 47 +++++ +++ 3908 5
ext4 16 29919 60 +++++ +++ 8112 11 30659 62 +++++ +++ 5669 8
sdfs 16 340 3 3747 7 907 3 405 3 4076 8 771 2

The order is complied with EXT4 which is slightly higher than EXT3 and SDFS in last place far behind the other 2.

Conclusion

Opendedup is certainly an attractive and promising. However for good performance, I think it should be used with disks at 15,000 rev / min and with minimum 4 GB of RAM. Also I noticed an encoding problem when file names contain accented characters. In addition deduplication which is supposed to be in blocks of data does not seem very effective. While the documentation is not abundant but it contains sufficient information. So I certainly must have missed something … :cry:

Your comments are welcome if you want to explore this subject.

References

Kas īsti ir Non-commercial Use?

“Non-commercial Use” means the use of the Software Product for noncommercial purposes only, and is limited to the following users:

  • Non-profit organizations (charities and other organizations created for the promotion of social welfare)
  • Universities, colleges, and other educational institutions (including, but not limited to elementary schools, middle schools, high schools, and community colleges)
  • Independent contractors who are under contract by the above-stated organizations and using the Software Product exclusively for such nonprofit or educational clients
  • Government organizations and agencies
  • Other individual users who use the Software Product for personal, noncommercial use only (for example, hobby, learning, or entertainment).

Webyog reserves the right to further clarify the terms of non-commercial Use at its sole determination.

Avots: http://webyog.com/faq/content/30/131/en/what-is-non_commercial-use.html