Posts Tagged ‘about’

Recover lost / forgotten root password for CentOS 7 Linux / Boot CentOS 6 into Single User mode to reset admin pass

Friday, September 27th, 2024

centos-community-enterprise-operating-system-logo.

If you have some old CentOS 7 Virtual machine hanging for a long time and you don't remember the root password or you don't remember where you have stored it, but you have something important as data left over, you might need to recover root password for your CentOS 7 Virtual Machine.

I recently had to resolve that issue and here is the few easy steps to take to recover the lost root password.

Assuming you have tried to boot the VM and the VM boots fine and your few attempts to input manually some default passwords of yours failed, next 

1. Reboot the Virtual Machine to the GRUB boot menu

 

grub.png

The GRUB boot screen should appear and be there for few secs

2. Edit the boot loader kernel options ( add add rd.break enforcing=0 )

 

How to reset root password on CentOS Linux - Clouvider

Press 'e' to Edit the boot loader and modify the boot commands options passed to the linux kernel.

In GRUB edit mode:

add rd.break enforcing=0


to the end of the line starting with linux at the end of passed parameters list as shown in the picture.

When done editing, press Ctrl-x (Control button x key simultaneously) to boot with changed parameters.

ALTERNATIVE WAY TO BOOT THE SYSTEM INTO ROOT WITHOUT PASSWORD PROMPT:

Alternative options to use instead of add rd.break.enforcing=0 are to substitute the rhgb quiet kernel option with init=/bin/bash

Edit CentOS Grub Boot Menu Entries rhgb quiet options shot

Modify kernel parameters pass init=/bin/bash to kernel to boot emergency mode centos linux

 

As you might wonder for the meaning of the passed 2 parameters:

rd.break breaks the boot process at initramfs while
enforcing=0 disables the SELinux (which often enabled by default on CentOS).

Another way is to 

3. Boot in CentOS emergency mode and Reset the root password
 

When done editing, press Ctrl-x to boot with changed parameters.

As you might wonder for the meaning of the passed parameters:

rd.break breaks the boot process at initramfs while
enforcing=0 disables the SELinux (which often enabled by default on CentOS).

Whence system boots up with the modified kernel options cmd, the switch_root prompt will appear.
As the emerency mode boots the filesystem into read-only mode under /sysroot default directory, in order to be able to
modify the MD5 root password stored hash inside RO mounted /sysroot/etc/shadow you need to remount the Filesystme
in read-write mode.

To Remount the read-only file system /sysroot in write mode:

# mount -o remount,rw /sysroot

As the /sysroot is not the root directory to be able to use a standard passwd command you need to make /sysroot
as the default root folder for the booted linux by chrooting into it.
 

  • Generate MD5 password manually (for Hardcore masochistic admins 🙂 )

If you're a hard core linux sysadmin of course, generate your own new md5 password and directly modify /etc/shadow copy pasting the md5 string.

If you want to manually generate the md5 string, you can do it depending on the required encryption algorithm with:

For (md5, sha256, sha512) encrypted pass

# openssl passwd -6 -salt xyz  yourpass

For   (md5, sha256, sha512) encrypted pwd

# mkpasswd –method=SHA-512 –stdin

For (des, md5, sha256, sha512) encrypted pw

# perl -e 'print crypt("YourPasswd", "salt", "sha512"),"\n"'


Once the string is generated;

# vim  /etc/shadow


and exchange the old with new string for MD5

  • Change password with chroot (the easy common way)

remount read write the filesystem in emergency single user mode CentOS LINUX

# chroot /sysroot

That should drop you into another shell bash-4.x

 

Reset root user password in CentOS 7

# passwd
Changing password for user root.
New password:
Retype new password:

We need have to sync the entire filesystem we have to use the sync command, for novice sys admins who never heard about this command, below
short description:

The Linux sync command synchronizes cached data to permanent storage.
This data includes modified superblocks, modified inodes, delayed reads and writes, and others. sync uses several system calls:

sync()
syncfs()
fsync()
fdatasync()


For example, the sync command utilizes the sync() system call to write all buffered modifications to file data and metadata to an underlying storage device.

As a Linux systems administrator or developer, understanding the sync command can be crucial for efficient file synchronization. Additionally, sync can be helpful after crashes or when the file system becomes corrupted.

In this tutorial, we’ll explore the various aspects of the sync command. Also, we’ll see how we can use sync in different scenarios.

# sync

# exec /sbin/init

Try out the root password after booting normally into CentOS and the new set administrator pass should work.


Resetting forgotten (lost) root password on CentOS 6

The process is absolutely the same except on the Step 1 (in the modification of GRUB boot menu by pressing e key), add to

rhgb quiet

at the end one 'S'

This S character means 'boot CentOS into Single user mode'

rhgb quiet S

 

Go to single user mode on CentOS 6 Linux in boot loader S kernel setting

Then, press ENTER key and press b key to boot CentOS 6 into to single user mode.
 

All Debian Linux package repository apt sources.list file for Debian versions 6, 7, 8, 9, 10, 11 and 12

Friday, May 31st, 2024

debian-package-management-repositories-for-all-distributions

If you have to administrate legacy Debian servers, that keeps hanging either for historical reasons or just because you didn't have time to upgrade it up to latest versions, machines that are hanging in the hangar or a mid office building Old server room, doing nothing but simply NAT (Network Address Translation), Proxying, serving  traffic via Squid / Haproxy / Apache / Varnish or Nginx server but you still want to have the possibility to extend the OS even though it is out of date / End of Life reached and out of support as well as perhaps full of security holes, but due to its unvisibility on the Internet hanging in a Demilitarized network the machine stayed on the Local (DMZ)-ed network and still for example you need to install simple things for administration reasons locally on the machine, for example nmap or netcat or some of the network tools for monitoring such as iftop or iptraf etc. you might find out unfortunately that this is not possible anymore, because the configured /etc/apt/sources.list repository mirror is no longer available at its URL. Thus to restore the functioning of apt and apt-get pkg management tools on Debian you need to correct the broken missing package mirrors due to resructurings on the network with a correct ones, originally provided by Debian or eventually if this doesn't work a possible Debian package archive URL. 

In this article, I'll simply provide such URLs you might use to correct your no longer functioning package manager due to package repositoriy unavailibility, below are the URLs (most of which that should be working as of year 2024). To resolve the issues edit and place the correct Debian version you're using.

1. Check the version of the Debian Linux

# cat /etc/debian_version


or use the universal way to check the linux OS, that should be working on almost all Linux distributions

# cat /etc/issue
Debian GNU/Linux 9 \n \l

2. Modify /etc/apt/sources.list and place URL according to Debian distro version

# vim /etc/apt/sources.list


3. Repositories URL list Original and Archived for .deb packages according to Debian distro release
Debian 6 (Wheezy)

Original repostiroes (Not Available and Not working anymore as of year 2024)

 

Old Archived .deb repository for 6 Squeeze

deb http://archive.debian.org/debian squeeze main
deb http://archive.debian.org/debian squeeze-lts main


​Debian 7 (Wheezy)

Original repostiroes (Not Available and Not working anymore as of year 2024)

Old Archived .deb repository for Jessie (still working as of 2024) :

deb http://archive.debian.org/debian wheezy main contrib non-free
deb http://archive.debian.org/debian-security wheezy/updates main

( Security updates are not provided anymore.)

NOTE:  If you get an error about keyrings, just install it
 

# apt-get install debian-archive-keyring


Debian 8 (Jessie)
Original .deb package repository with non-free included for Debian 8 "Jessie"

deb http://deb.debian.org/debian/ jessie main contrib non-free
deb http://ftp.debian.org/debian/ jessie-updates main contrib
deb http://security.debian.org/ jessie/updates main contrib non-free

Old Archived .deb repository for 8 Jessie (still working as of 2024):

deb http://archive.debian.org/debian/ jessie main non-free contrib
deb-src http://archive.debian.org/debian/ jessie main non-free contrib
deb http://archive.debian.org/debian-security/ jessie/updates main non-free contrib
deb-src http://archive.debian.org/debian-security/ jessie/updates main non-free contrib

 

# echo "Acquire::Check-Valid-Until false;" | tee -a /etc/apt/apt.conf.d/10-nocheckvalid

# apt-get update

# apt-get update && apt-get upgrade

 

 If you need backports, first be warned that these are archived and no longer being updated; they may have security bugs or other major issues. They are not supported in any way.

deb http://archive.debian.org/debian/ jessie-backports main


Debian 9 (Stretch)
Original .deb package repository with non-free included for Debian 9 "Stretch":

 

deb http://deb.debian.org/debian/ stretch main contrib non-free
deb http://deb.debian.org/debian/ stretch-updates main contrib non-free
deb http://security.debian.org/ stretch/updates main contrib non-free

Archived old repository .deb for Stretch :

deb http://archive.debian.org/debian/ stretch main contrib non-free
deb http://archive.debian.org/debian/ stretch-proposed-updates main contrib non-free
deb http://archive.debian.org/debian-security stretch/updates main contrib non-free


Debian 10 (Buster)
Origian repository URL:

deb http://deb.debian.org/debian/ buster main non-free contrib
deb http://deb.debian.org/debian/ buster-updates main non-free contrib
deb http://security.debian.org/ buster/updates main non-free contrib

 

Fixing unworking backports for Debian 10 Buster


Change the /etc/apt/sources.list URL with this one

deb http://archive.debian.org/debian buster-backports main contrib non-free


If you want to list packages installed via the backports repository only, that needs to be replaced with newer versions (if such available from the repository)

# apt list –installed | grep backports
# dpkg –list | grep bpo
# dpkg –list | grep -E '^ii.*bpo.*'

ii  libpopt0:amd64                        1.18-2                         amd64        lib for parsing cmdline parameters
ii  libuutil3linux                        2.0.3-9~bpo10+1                amd64        Solaris userland utility library for Linux
ii  libzfs4linux                          2.0.3-9~bpo10+1                amd64        OpenZFS filesystem library for Linux


Debian 11 (Bullseye)
Origianl repository address:

deb http://deb.debian.org/debian bullseye main contrib non-free
deb http://deb.debian.org/debian bullseye-updates main contrib non-free
deb http://security.debian.org/debian-security bullseye-security main contrib non-free

Debian 12 (Bookworm)
Original Repository :

 

deb http://deb.debian.org/debian bookworm main contrib non-free-firmware non-free
deb http://deb.debian.org/debian bookworm-updates main contrib non-free-firmware non-free
deb http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware non-free

Add Backports to sources.list

deb http://deb.debian.org/debian bookworm-backports main


Thats all, hopefully that would help some sysadmin out there. Enjoy !

Improve haproxy logging with custom log-format for better readiability

Friday, April 12th, 2024

Haproxy logging is a very big topic, worthy of many articles, but unfortunately not enough is written on the topic, perhaps for the reason haproxy is free software and most people who use it doesn't follow the philosophy of free software sharing but want to keep, the acquired knowledge on the topic for their own and if possible in the capitalist world most of us live to use it for a Load Balancer haproxy consultancy, consultancy fee or in their daily job as system administrators (web and middleware) or cloud specialist etc. 🙂

Having a good haproxy logging is very important as you need to debug issues with backend machines or some other devices throwing traffic to the HA Proxy.
Thus it is important to build a haproxy logging in a way that it provides most important information and the information is as simple as possible, so everyone can understand what is in without much effort and same time it contains enough debug information, to help you if you want to use the output logs with Graylog filters or process data with some monitoring advanced tool as Prometheus etc.

In our effort to optimize the way haproxy logs via a configured handler that sends the haproxy output to logging handler configured to log through rsyslog, we have done some experiments with logging arguments and came up with few variants, that we liked. In that article the idea is I share this set of logging  parameters with hope to help some other guy that starts with haproxy to build a good logging readable and easy to process with scripts log output from haproxy.

The criterias for a decent haproxy logging used are:

1. Log should be simple but not dumb
2. Should be concrete (and not too much complicated)
3. Should be easy to read for the novice and advanced sysadmin

Before starting, have to say that building the logging format seems tedious task but to make it fit your preference could take a lot of time, especially as logging parameters naming is hard to remember, thus the haproxy logging documentation log-format description table comes really handy:

Haproxy log-format paremeters ASCII table
 

 Please refer to the table for log-format defined variables :
 

+---+------+-----------------------------------------------+-------------+
| R | var  | field name (8.2.2 and 8.2.3 for description)  | type        |
+---+------+-----------------------------------------------+-------------+
|   | %o   | special variable, apply flags on all next var |             |
+---+------+-----------------------------------------------+-------------+
|   | %B   | bytes_read           (from server to client)  | numeric     |
| H | %CC  | captured_request_cookie                       | string      |
| H | %CS  | captured_response_cookie                      | string      |
|   | %H   | hostname                                      | string      |
| H | %HM  | HTTP method (ex: POST)                        | string      |
| H | %HP  | HTTP request URI without query string (path)  | string      |
| H | %HQ  | HTTP request URI query string (ex: ?bar=baz)  | string      |
| H | %HU  | HTTP request URI (ex: /foo?bar=baz)           | string      |
| H | %HV  | HTTP version (ex: HTTP/1.0)                   | string      |
|   | %ID  | unique-id                                     | string      |
|   | %ST  | status_code                                   | numeric     |
|   | %T   | gmt_date_time                                 | date        |
|   | %Ta  | Active time of the request (from TR to end)   | numeric     |
|   | %Tc  | Tc                                            | numeric     |
|   | %Td  | Td = Tt - (Tq + Tw + Tc + Tr)                 | numeric     |
|   | %Tl  | local_date_time                               | date        |
|   | %Th  | connection handshake time (SSL, PROXY proto)  | numeric     |
| H | %Ti  | idle time before the HTTP request             | numeric     |
| H | %Tq  | Th + Ti + TR                                  | numeric     |
| H | %TR  | time to receive the full request from 1st byte| numeric     |
| H | %Tr  | Tr (response time)                            | numeric     |
|   | %Ts  | timestamp                                     | numeric     |
|   | %Tt  | Tt                                            | numeric     |
|   | %Tw  | Tw                                            | numeric     |
|   | %U   | bytes_uploaded       (from client to server)  | numeric     |
|   | %ac  | actconn                                       | numeric     |
|   | %b   | backend_name                                  | string      |
|   | %bc  | beconn      (backend concurrent connections)  | numeric     |
|   | %bi  | backend_source_ip       (connecting address)  | IP          |
|   | %bp  | backend_source_port     (connecting address)  | numeric     |
|   | %bq  | backend_queue                                 | numeric     |
|   | %ci  | client_ip                 (accepted address)  | IP          |
|   | %cp  | client_port               (accepted address)  | numeric     |
|   | %f   | frontend_name                                 | string      |
|   | %fc  | feconn     (frontend concurrent connections)  | numeric     |
|   | %fi  | frontend_ip              (accepting address)  | IP          |
|   | %fp  | frontend_port            (accepting address)  | numeric     |
|   | %ft  | frontend_name_transport ('~' suffix for SSL)  | string      |
|   | %lc  | frontend_log_counter                          | numeric     |
|   | %hr  | captured_request_headers default style        | string      |
|   | %hrl | captured_request_headers CLF style            | string list |
|   | %hs  | captured_response_headers default style       | string      |
|   | %hsl | captured_response_headers CLF style           | string list |
|   | %ms  | accept date milliseconds (left-padded with 0) | numeric     |
|   | %pid | PID                                           | numeric     |
| H | %r   | http_request                                  | string      |
|   | %rc  | retries                                       | numeric     |
|   | %rt  | request_counter (HTTP req or TCP session)     | numeric     |
|   | %s   | server_name                                   | string      |
|   | %sc  | srv_conn     (server concurrent connections)  | numeric     |
|   | %si  | server_IP                   (target address)  | IP          |
|   | %sp  | server_port                 (target address)  | numeric     |
|   | %sq  | srv_queue                                     | numeric     |
| S | %sslc| ssl_ciphers (ex: AES-SHA)                     | string      |
| S | %sslv| ssl_version (ex: TLSv1)                       | string      |
|   | %t   | date_time      (with millisecond resolution)  | date        |
| H | %tr  | date_time of HTTP request                     | date        |
| H | %trg | gmt_date_time of start of HTTP request        | date        |
| H | %trl | local_date_time of start of HTTP request      | date        |
|   | %ts  | termination_state                             | string      |
| H | %tsc | termination_state with cookie status          | string      |
+---+------+-----------------------------------------------+-------------+
R = Restrictions : H = mode http only ; S = SSL only


Our custom log-format built in order to fulfill our needs is as this:

log-format %ci:%cp\ %H\ [%t]\ [%f\ %fi:%fp]\ [%b/%s\ %si:%sp]\ %Tw/%Tc/%Tt\ %B\ %ts\ %ac/%fc/%bc/%sc/%sq/%bq


Once you place the log-format as a default for all haproxy frontend / backends or for a custom defined ones, the output you will get when tailing the log is:

# tail -f /var/log/haproxy.log

Apr  5 21:47:19  10.42.73.83:23262 haproxy-fqdn-hostname.com [05/Apr/2024:21:46:23.879] [ft_FRONTEND_NAME 10.46.108.6:61310] [bk_BACKEND_NAME/bk_appserv3 10.75.226.88:61310] 1/0/55250 55 sD 4/2/1/0/0/0
Apr  5 21:48:14  10.42.73.83:57506 haproxy-fqdn-hostname.com [05/Apr/2024:21:47:18.925] [ft_FRONTEND_NAME 10.46.108.6:61310] [bk_BACKEND_NAME//bk_appserv1 10.35.242.134:61310] 1/0/55236 55 sD 4/2/1/0/0/0
Apr  5 21:49:09  10.42.73.83:46520 haproxy-fqdn-hostname.com [05/Apr/2024:21:48:13.956] [ft_FRONTEND_NAME 10.46.108.6:61310] [bk_BACKEND_NAME//bk_appserv2 10.75.226.89:61310] 1/0/55209 55 sD 4/2/1/0/0/0


If you don't care about extra space and logs being filled with more naming, another variant of above log-format, that makes it even more readable even for most novice sys admin or programmer would look like this:

log-format [%t]\ %H\ [IN_IP]\ %ci:%cp\ [FT_NAME]\ %f:%fp\ [FT_IP]\ %fi:%fp\ [BK_NAME]\ [%b/%s:%sp]\ [BK_IP]\ %si:%sp\ [TIME_WAIT]\ {%Tw/%Tc/%Tt}\ [CONN_STATE]\ {%B\ %ts}\ [STATUS]\ [%ac/%fc/%bc/%sc/%sq/%bq]

Once you apply the config test the haproxy.cfg to make sure no syntax errors during copy / paste from this page

haproxy-serv:~# haproxy -c -f /etc/haproxy/haproxy.cfg
Configuration file is valid


Next restart graceously haproxy 

haproxy-serv:~# /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid -sf $(cat /var/run/haproxy.pid)


Once you reload haproxy graceously without loosing the established connections in stead of restarting it completely via systemd sysctl restart haproxy:

 

2024-04-05T21:46:03+02:00 localhost haproxy[1897731]: 193.200.198.195:50714 haproxy-fqdn-hostname.com [05/Apr/2024:21:46:03.012] [FrotnendProd 10.55.0.20:27800] [BackendProd/<NOSRV> -:-] -1/-1/0 0 — 4/1/0/0/0/0
2024-04-05T21:46:03+02:00 localhost haproxy[1897731]: 193.100.193.189:54290 haproxy-fqdn-hostname.com
[05/Apr/2024:21:46:03.056] [FrotnendProd 10.55.0.20:27900] [BackendProd/<NOSRV> -:-] -1/-1/0 0 — 4/4/3/0/0/0
2024-04-05T21:46:03+02:00 localhost haproxy[1897731]: 193.100.193.190:26778 haproxy-fqdn-hostname.com
[05/Apr/2024:21:46:03.134] [FrotnendProd 10.55.0.20:27900] [BackendProd/tsefas02s 10.35.242.134:27900] 1/-1/0 0 CC 4/4/3/0/0/0

Note that in that log localhost haproxy[pid] is written by rsyslog, you can filter it out by modifying rsyslogd configurations

The only problem with this log-format is not everyone wants to have to much repeating information pointer on which field is what, but I personally liked this one as well because using it even though occuping much more space, makes the log much easier to process with perl or python scripting for data visualize and very for programs that does data or even "big data" analysis.

A Biography of one big Heart + His Holiness Patriarch Neophyte (Neofit) head of Bulgarian Orthodox Church

Friday, March 22nd, 2024


His-Holiness-Patriarch-Neofitos-with-Dikiri-and-Thrikiri-blessing-the-people

Patriarch Neophyte (Simeon Nikolov Dimitrov) was born on October 15, 1945 in Sofia from a highly pious family. His father was a simple railway man and his mother a maid (cleaner). His Mother was a famous in the Church as a good christian who was singing on the Church choire in some churches and had a great perseverance and love for the Christian faith, she was the one to push further his two boys Simeon and Dimitar to take the spiritual path within the Orthodox Church. One of them the older brother Dimitar Nikolov Dimitrov to later become A Proto-Psalt and Director and Head of Sofia's Saint Alexander Nevsky Cathedral Church choire for many years (the most prestigious place for people who graduated Church music) and the other to become our 7th Patriarch in order from the times of Physical Liberation of Bulgaria From Turkish Slavery and Spiritual liberation from the dictatorship of the Greek Orthodox Church with the restoration of the Bulgarian Church with the Bulgarian Exarchate.

 At the age of twenty in 1965, he graduated from the Sofia Theological Seminary "St. Ioan Rilski / Saint John of Rila"  (then the seminary moved due to communist party decision) at the Cherepish station nearby the Cherepish monastery, Vrachansko. He served two years of military mandatory service, and in 1971 he graduated from the Theological Academy "St. Kliment Ohridski".

After his specialization at the Moscow Theological Academy in Russia, where he received the title of "Candidate of Theology (COT)" in Church Music (COT equal to our Bulgarian "Phd / doctor") , in 1973 he was appointed a teacher of Choral Church Singing and became the conductor of the student choir at the Theological Academy.

Archimandrite-Gelasij-of-new-York-later-picture-as-metropolitan-of-New-York-America

He began his monastic journey under the Spiritual eldership of Archimandrite Gelasius then abbot of the Troyan Monastery.

His monastic ordination in monkship was performed on August 3, 1975 by the previous Bulgarian Patriarch Maxim on the feast of Assumption of the Virgin Mary, August 15, 1975 , he was ordained to the rank of hierodeacon immediately, on March 25, 1976, Annunciation, he was raised in the Church hierarchy to hieromonk, and on November 21, 1977 ., Presentation of the Theotokos (The Entry of Most Holy Theotokos into the Temple), was raised to the Archimandrite dignity.

He then was assigned the obedience to be Protosyncellus (Protosingel) of the Sofia Metropolia in years 1981 to 1985.

His-All-Holiness-Patriarch-Neophytos-picture-as-young-Bishop-Levkijski-of-Bulgarian-Orthodox-Church

On December 18, 1985, he was ordained as the Bishop of Lefkias (Levkijski) a title earlier held by the all famous Levkijski Bishop Partenius (Partenij)  in the Patriarchal Cathedral "Saint Alexander Nevsky" and was appointed as vicar  bishop of the Metropolia of Sofia.

In 1989, he became rector of Sofia Theological Academy part of (Sofia University at that time), and in July 1991, when the Theological Academy returned to be the pre-revolutinary Faculty of Theology of the Sofia University "St. Kliment Ohridski", was elected the first dean of the restored Faculty of Theology.

His-Holiness-Neophytos-picture-as-Metropolitan-of-Ruse

Since January 27, 1992, he has been the chief Secretary of Holy Synod (A prestioug position) until March 27, 1994, when Bishop  Neophyte was elected Metropolitan of Dorostolo-Cherven.eparchy (which is now separated in two separate aparchies (The Eparchy of Ruse and Eparchy of Dorostol – the ancient Roman area Dorostorum)  

By decision of the Fifth Church-People's Council in 2001, with the consent and approval of the Holy Synod Assembly of metropolitans, the diocese was divided into two (the Dorostol diocese was separated with the city of Silistra -the Ancient Istrum (Histria ancient city) and he began to be titled Metropolitan of Ruse.
In the function of metropolitan he has won the respect of both church and authorities.and he was given the respectful medal "Respected citizen of Ruse".

In 2008 metropolitan Neophyte received the very prestigious academic title "doctor honoris causa" of the Sofia University "Saint Kliment Ohridski". More about it here.

His-All-Holiness-Patriarch-Neophytos-Patriarch-of-Bulgaria-and-Metropolitan-of-Sofia

On 22 June 2010 he was given a medal "St. St. Cyril and Methodius" as a respectful act for his big contribution to development of Bulgarian Music and Culture.

On February 24, 2013, a Patriarchal Electoral Church Council was convened in Sofia and the people and all people were mostly troubled on who will be the next Patriarch in this muddy times.

Soon after his arise to patriarchical throne in 2013 he was given another medal he received "Glory and Honour" in 2013 by Russian Orthodox Church.
Every Church member of that time was troubled about the future of the Bulgarian Orthodox Church, and everyone felt a big relief as The Synodal Elders elected Metropolitan Neophyte of Ruse to become the 7th Patriarch of Bulgaria after the restoration of the BPC-BP Bulgarian Church (Bulgarian Patriarchate) after so many years of being under the yoke of Byzantine Church and after liberation of Bulgaria, due to politics delicions and the harsh and anti-bulgarian activities of the Greeks in attempt to own the Church the church suffered its schism and returned its full communion to the family of national members of Holy Eastern Orthodox Church.
After his election His Holiness Patriarch Neofit is titled  Metropolitan of Sofia.and Patriarch of Bulgaria.

Patriarch-Neophyte_signature-podpis

His-Holiness-Patriarch-Neophytos-head-of-Bulgarian-Orthodox-Church

Patriarch Neophyte has the fame of being one of the best church singers in Bulgaria and one of the best and most famous Church Hymns has been circulating throughout the public space the Internet / TV and Radio for the last 10+ years as they are invaluable due to the unique voice qualities of the Patriarch. I guess there is no person in Bulgaria and outside of it who did not heard his Paschal (Katavasia and Stychorions) Hymns.

Resurrection of Christ Katavasios and Stychorion Playlist with Patriarch Neophytos (Sung) Famous Eastern Orthodox Hymns Patriarch Neofit passed away on 13 of March 2024 after a months of sickness after being hospitalized on 29 November 2023 in VMA (Army Medical Academy) due to pulmonary disease (later to understand it is a cancer in its latests stages). In his last days in hospital, the Holy Synod summoned all the Churches and people to pray fervently for the quick recovery of the patriarch through a miracle.
Patriarch Neofit passed away silently his clean holy Soul to Christ on 13 of March 2024
His brother Proto-Psalt (associated professor) Dimitar also passed on on 11 January 2024.

Protopsalt-Dimitar-associated-professor-in-Music-Director-of-st-Alexander-Nevsky-Choire
Patriarch Neophytos and his brothre Proto-Psalt Dimitar

Protopsalt Dimitar Dimitrov a brother of the Patriarch passed just 2 days after a famous Metropolitan of Joanichius has passed away to Christ on 9 January 2024 in 82 years of old.

His-Holiness-Mitropolit-Ioanikij-JoanichiusSlivenski
His Holiness Metropolitan Joanichius


Patriarch Neofit and Metropolitan Joanichius

The personality of Patriarch Neophytos was non-conflict, a lover of peace and compromises, anti-war (i would say pacifist in modern terms) and was among the few patriarchs not being in fear or influenced by the overall Church politics of the Russian Church and he publicly condemned the war as a great evil in his Theophany preach.

"The Lord God and the Holy Church bless only that army that does not show aggression, and whose sole purpose is to protect and defend its people and country within its internationally recognized territorial borders," said the patriarch for the feast of Epiphany water sanctification and sprinkling of battle flags.

The patriarch position was to try to reconcile the clergy and try to heal the misunderstandings and human conflicts between his God given flock of Priest, Monks, Bishops and Clergy with true fatherhood love, prayer and a lot of patience that we the people of 21 century miss so badly.
With a lot of sadness we send our beloved Patriarch Neophytos (Neofit) of Bulgaria to the All Mighty God and Pray if he has received a Grace from God to Pray fervently and Always for us his poor pupils and childs!

his-Holiness-Patriarh-Neofit-treti-mart-pic

God Have Mercy on the Soul of Patriarch Neophytos ! Blessed and Eternal to be his Memory ! Amen !

Monitoring network traffic tools to debug network issues in console interactively on Linux

Thursday, December 14th, 2023

transport-layer-fourth-layer-data-transport-diagram

 

In my last article Debugging and routing network issues on Linux (common approaches), I've given some step by step methology on how to debug a network routing or unreachability issues between network hosts. As the article was mostly targetting a command line tools that can help debugging the network without much interactivity. I've decided to blog of a few other tools that might help the system administrator to debug network issues by using few a bit more interactive tools. Throughout the years of managing multitude of Linux based laptops and servers, as well as being involved in security testing and penetration in the past, these tools has always played an important role and are worthy to be well known and used by any self respecting sys admin or network security expert that has to deal with Linux and *Unix operating systems.
 

1. Debugging what is going on on a network level interactively with iptraf-ng

Historically iptraf and today's iptraf is also a great tool one can use to further aid the arsenal debug a network issue or Protocol problem, failure of packets or network interaction issues SYN -> ACK etc. proto interactions and check for Flag states and packets flow.

To use iptraf-ng which is a ncurses based tool just install it and launch it and select the interface you would like to debug trafic on.

To install On Debians distros

# apt install iptraf-ng –yes

# iptraf-ng


iptraf-ng-linux-select-interface-screen
 

iptraf-ng-listen-all-interfaces-check-tcp-flags-and-packets


Session-Layer-in-OSI-Model-diagram
 

2. Use hackers old tool sniffit to monitor current ongoing traffic and read plain text messages

Those older who remember the rise of Linux to the masses, should remember sniffit was a great tool to snoop for traffic on the network.

root@pcfreak:~# apt-cache show sniffit|grep -i description -A 10 -B10
Package: sniffit
Version: 0.5-1
Installed-Size: 139
Maintainer: Joao Eriberto Mota Filho <eriberto@debian.org>
Architecture: amd64
Depends: libc6 (>= 2.14), libncurses6 (>= 6), libpcap0.8 (>= 0.9.8), libtinfo6 (>= 6)
Description-en: packet sniffer and monitoring tool
 Sniffit is a packet sniffer for TCP/UDP/ICMP packets over IPv4. It is able
 to give you a very detailed technical info on these packets, as SEQ, ACK,
 TTL, Window, etc. The packet contents also can be viewed, in different
 formats (hex or plain text, etc.).
 .
 Sniffit is based in libpcap and is useful when learning about computer
 networks and their security.
Description-md5: 973beeeaadf4c31bef683350f1346ee9
Homepage: https://github.com/resurrecting-open-source-projects/sniffit
Tag: interface::text-mode, mail::notification, role::program, scope::utility,
 uitoolkit::ncurses, use::monitor, use::scanning, works-with::mail,
 works-with::network-traffic
Section: net
Priority: optional
Filename: pool/main/s/sniffit/sniffit_0.5-1_amd64.deb
Size: 61796
MD5sum: ea4cc0bc73f9e94d5a3c1ceeaa485ee1
SHA256: 7ec76b62ab508ec55c2ef0ecea952b7d1c55120b37b28fb8bc7c86645a43c485

 

Sniffit is not installed by default on deb distros, so to give it a try install it

# apt install sniffit –yes
# sniffit


sniffit-linux-check-tcp-traffic-screenshot
 

3. Use bmon to monitor bandwidth and any potential traffic losses and check qdisc pfifo
Linux network stack queues

 

root@pcfreak:~# apt-cache show bmon |grep -i description
Description-en: portable bandwidth monitor and rate estimator
Description-md5: 3288eb0a673978e478042369c7927d3f
root@pcfreak:~# apt-cache show bmon |grep -i description -A 10 -B10
Package: bmon
Version: 1:4.0-7
Installed-Size: 146
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Architecture: amd64
Depends: libc6 (>= 2.17), libconfuse2 (>= 3.2.1~), libncursesw6 (>= 6), libnl-3-200 (>= 3.2.7), libnl-route-3-200 (>= 3.2.7), libtinfo6 (>= 6)
Description-en: portable bandwidth monitor and rate estimator
 bmon is a commandline bandwidth monitor which supports various output
 methods including an interactive curses interface, lightweight HTML output but
 also simple ASCII output.
 .
 Statistics may be distributed over a network using multicast or unicast and
 collected at some point to generate a summary of statistics for a set of
 nodes.
Description-md5: 3288eb0a673978e478042369c7927d3f
Homepage: http://www.infradead.org/~tgr/bmon/
Tag: implemented-in::c, interface::text-mode, network::scanner,
 role::program, scope::utility, uitoolkit::ncurses, use::monitor,
 works-with::network-traffic
Section: net
Priority: optional
Filename: pool/main/b/bmon/bmon_4.0-7_amd64.deb
Size: 47348
MD5sum: c210f8317eafa22d9e3a8fb8316e0901
SHA256: 21730fc62241aee827f523dd33c458f4a5a7d4a8cf0a6e9266a3e00122d80645

 

root@pcfreak:~# apt install bmon –yes

root@pcfreak:~# bmon

bmon_monitor_qdisc-network-stack-bandwidth-on-linux

4. Use nethogs net diagnosis text interactive tool

NetHogs is a small 'net top' tool. 
Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process.
 

root@pcfreak:~# apt-cache show nethogs|grep -i description -A10 -B10
Package: nethogs
Source: nethogs (0.8.5-2)
Version: 0.8.5-2+b1
Installed-Size: 79
Maintainer: Paulo Roberto Alves de Oliveira (aka kretcheu) <kretcheu@gmail.com>
Architecture: amd64
Depends: libc6 (>= 2.15), libgcc1 (>= 1:3.0), libncurses6 (>= 6), libpcap0.8 (>= 0.9.8), libstdc++6 (>= 5.2), libtinfo6 (>= 6)
Description-en: Net top tool grouping bandwidth per process
 NetHogs is a small 'net top' tool. Instead of breaking the traffic down per
 protocol or per subnet, like most tools do, it groups bandwidth by process.
 NetHogs does not rely on a special kernel module to be loaded.
Description-md5: 04c153c901ad7ca75e53e2ae32565ccd
Homepage: https://github.com/raboof/nethogs
Tag: admin::monitoring, implemented-in::c++, role::program,
 uitoolkit::ncurses, use::monitor, works-with::network-traffic
Section: net
Priority: optional
Filename: pool/main/n/nethogs/nethogs_0.8.5-2+b1_amd64.deb
Size: 30936
MD5sum: 500047d154a1fcde5f6eacaee45148e7
SHA256: 8bc69509f6a8c689bf53925ff35a5df78cf8ad76fff176add4f1530e66eba9dc

root@pcfreak:~# apt install nethogs –yes

# nethogs


nethogs-tool-screenshot-show-user-network--traffic-by-process-name-ID

5;.Use iftop –  to display network interface usage

 

root@pcfreak:~# apt-cache show iftop |grep -i description -A10 -B10
Package: iftop
Version: 1.0~pre4-7
Installed-Size: 97
Maintainer: Markus Koschany <apo@debian.org>
Architecture: amd64
Depends: libc6 (>= 2.29), libncurses6 (>= 6), libpcap0.8 (>= 0.9.8), libtinfo6 (>= 6)
Description-en: displays bandwidth usage information on an network interface
 iftop does for network usage what top(1) does for CPU usage. It listens to
 network traffic on a named interface and displays a table of current bandwidth
 usage by pairs of hosts. Handy for answering the question "Why is my Internet
 link so slow?".
Description-md5: f7e93593aba6acc7b5a331b49f97466f
Homepage: http://www.ex-parrot.com/~pdw/iftop/
Tag: admin::monitoring, implemented-in::c, interface::text-mode,
 role::program, scope::utility, uitoolkit::ncurses, use::monitor,
 works-with::network-traffic
Section: net
Priority: optional
Filename: pool/main/i/iftop/iftop_1.0~pre4-7_amd64.deb
Size: 42044
MD5sum: c9bb9c591b70753880e455f8dc416e0a
SHA256: 0366a4e54f3c65b2bbed6739ae70216b0017e2b7421b416d7c1888e1f1cb98b7

 

 

root@pcfreak:~# apt install –yes iftop

iftop-interactive-network-traffic-output-linux-screenshot


6. Ettercap (tool) to active and passive dissect network protocols for in depth network and host analysis

root@pcfreak:/var/www/images# apt-cache show ettercap-common|grep -i description -A10 -B10
Package: ettercap-common
Source: ettercap
Version: 1:0.8.3.1-3
Installed-Size: 2518
Maintainer: Debian Security Tools <team+pkg-security@tracker.debian.org>
Architecture: amd64
Depends: ethtool, geoip-database, libbsd0 (>= 0.0), libc6 (>= 2.14), libcurl4 (>= 7.16.2), libgeoip1 (>= 1.6.12), libluajit-5.1-2 (>= 2.0.4+dfsg), libnet1 (>= 1.1.6), libpcap0.8 (>= 0.9.8), libpcre3, libssl1.1 (>= 1.1.1), zlib1g (>= 1:1.1.4)
Recommends: ettercap-graphical | ettercap-text-only
Description-en: Multipurpose sniffer/interceptor/logger for switched LAN
 Ettercap supports active and passive dissection of many protocols
 (even encrypted ones) and includes many feature for network and host
 analysis.
 .
 Data injection in an established connection and filtering (substitute
 or drop a packet) on the fly is also possible, keeping the connection
 synchronized.
 .
 Many sniffing modes are implemented, for a powerful and complete
 sniffing suite. It is possible to sniff in four modes: IP Based, MAC Based,
 ARP Based (full-duplex) and PublicARP Based (half-duplex).
 .
 Ettercap also has the ability to detect a switched LAN, and to use OS
 fingerprints (active or passive) to find the geometry of the LAN.
 .
 This package contains the Common support files, configuration files,
 plugins, and documentation.  You must also install either
 ettercap-graphical or ettercap-text-only for the actual GUI-enabled
 or text-only ettercap executable, respectively.
Description-md5: f1d894b138f387661d0f40a8940fb185
Homepage: https://ettercap.github.io/ettercap/
Tag: interface::text-mode, network::scanner, role::app-data, role::program,
 uitoolkit::ncurses, use::scanning
Section: net
Priority: optional
Filename: pool/main/e/ettercap/ettercap-common_0.8.3.1-3_amd64.deb
Size: 734972
MD5sum: 403d87841f8cdd278abf20bce83cb95e
SHA256: 500aee2f07e0fae82489321097aee8a97f9f1970f6e4f8978140550db87e4ba9


root@pcfreak:/ # apt install ettercap-text-only –yes

root@pcfreak:/ # ettercap -C

 

ettercap-text-interface-unified-sniffing-screenshot-linux

7. iperf and netperf to measure connecitivity speed on Network LAN and between Linux server hosts

iperf and netperf are two very handy tools to measure the speed of a network and various aspects of the bandwidth. It is mostly useful when designing network infrastructure or building networks from scratch.
 

If you never used netperf in the past here is a description from man netperf

NAME
       netperf – a network performance benchmark

SYNOPSIS
       netperf [global options] — [test specific options]

DESCRIPTION
       Netperf  is  a benchmark that can be used to measure various aspects of
       networking performance.  Currently, its focus is on bulk data  transfer
       and  request/response  performance  using  either  TCP  or UDP, and the
       Berkeley Sockets interface. In addition, tests for DLPI, and  Unix  Do‐
       main Sockets, tests for IPv6 may be conditionally compiled-in.

 

root@freak:~# netperf
MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to localhost () port 0 AF_INET : demo
Recv   Send    Send
Socket Socket  Message  Elapsed
Size   Size    Size     Time     Throughput
bytes  bytes   bytes    secs.    10^6bits/sec

 87380  65536  65536    10.00    17669.96

 

Testing UDP network throughput using NetPerf

Change the test name from TCP_STREAM to UDP_STREAM. Let’s use 1024 (1MB) as the message size to be sent by the client.
If you receive the following error send_data: data send error: Network is unreachable (errno 101) netperf: send_omni:

send_data failed: Network is unreachable, add option -R 1 to remove the iptable rule that prohibits NetPerf UDP flow.

$ netperf -H 172.31.56.48 -t UDP_STREAM -l 300 — -R 1 -m 1024
MIGRATED UDP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 172.31.56.48 () port 0 AF_INET
Socket Message Elapsed Messages
Size Size Time Okay Errors Throughput
bytes bytes secs # # 10^6bits/sec

212992 1024 300.00 9193386 0 251.04
212992 300.00 9131380 249.35

UDP Throughput in a WAN

$ netperf -H HOST -t UDP_STREAM -l 300 — -R 1 -m 1024
MIGRATED UDP STREAM TEST from (null) (0.0.0.0) port 0 AF_INET to (null) () port 0 AF_INET : histogram : spin interval
Socket Message Elapsed Messages
Size Size Time Okay Errors Throughput
bytes bytes secs # # 10^6bits/sec

9216 1024 300.01 35627791 0 972.83
212992 300.01 253099 6.91

 

 

Testing TCP throughput using iPerf


Here is a short description of iperf

NAME
       iperf – perform network throughput tests

SYNOPSIS
       iperf -s [options]

       iperf -c server [options]

       iperf -u -s [options]

       iperf -u -c server [options]

DESCRIPTION
       iperf  2  is  a tool for performing network throughput and latency mea‐
       surements. It can test using either TCP or UDP protocols.  It  supports
       both  unidirectional  and  bidirectional traffic. Multiple simultaneous
       traffic streams are also supported. Metrics are displayed to help  iso‐
       late the causes which impact performance. Setting the enhanced (-e) op‐
       tion provides all available metrics.

       The user must establish both a both a server (to discard traffic) and a
       client (to generate traffic) for a test to occur. The client and server
       typically are on different hosts or computers but need not be.

 

Run iPerf3 as server on the server:

$ iperf3 –server –interval 30
———————————————————–
Server listening on 5201
———————————————————–

 

Test TCP Throughput in Local LAN

 

$ iperf3 –client 172.31.56.48 –time 300 –interval 30
Connecting to host 172.31.56.48, port 5201
[ 4] local 172.31.100.5 port 44728 connected to 172.31.56.48 port 5201
[ ID] Interval Transfer Bandwidth Retr Cwnd
[ 4] 0.00-30.00 sec 1.70 GBytes 488 Mbits/sec 138 533 KBytes
[ 4] 30.00-60.00 sec 260 MBytes 72.6 Mbits/sec 19 489 KBytes
[ 4] 60.00-90.00 sec 227 MBytes 63.5 Mbits/sec 15 542 KBytes
[ 4] 90.00-120.00 sec 227 MBytes 63.3 Mbits/sec 13 559 KBytes
[ 4] 120.00-150.00 sec 228 MBytes 63.7 Mbits/sec 16 463 KBytes
[ 4] 150.00-180.00 sec 227 MBytes 63.4 Mbits/sec 13 524 KBytes
[ 4] 180.00-210.00 sec 227 MBytes 63.5 Mbits/sec 14 559 KBytes
[ 4] 210.00-240.00 sec 227 MBytes 63.5 Mbits/sec 14 437 KBytes
[ 4] 240.00-270.00 sec 228 MBytes 63.7 Mbits/sec 14 516 KBytes
[ 4] 270.00-300.00 sec 227 MBytes 63.5 Mbits/sec 14 524 KBytes
– – – – – – – – – – – – – – – – – – – – – – – – –
[ ID] Interval Transfer Bandwidth Retr
[ 4] 0.00-300.00 sec 3.73 GBytes 107 Mbits/sec 270 sender
[ 4] 0.00-300.00 sec 3.73 GBytes 107 Mbits/sec receiver

Test TCP Throughput in a WAN Network

$ iperf3 –client HOST –time 300 –interval 30
Connecting to host HOST, port 5201
[ 5] local 192.168.1.73 port 56756 connected to HOST port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-30.00 sec 21.2 MBytes 5.93 Mbits/sec
[ 5] 30.00-60.00 sec 27.0 MBytes 7.55 Mbits/sec
[ 5] 60.00-90.00 sec 28.6 MBytes 7.99 Mbits/sec
[ 5] 90.00-120.00 sec 28.7 MBytes 8.02 Mbits/sec
[ 5] 120.00-150.00 sec 28.5 MBytes 7.97 Mbits/sec
[ 5] 150.00-180.00 sec 28.6 MBytes 7.99 Mbits/sec
[ 5] 180.00-210.00 sec 28.4 MBytes 7.94 Mbits/sec
[ 5] 210.00-240.00 sec 28.5 MBytes 7.97 Mbits/sec
[ 5] 240.00-270.00 sec 28.6 MBytes 8.00 Mbits/sec
[ 5] 270.00-300.00 sec 27.9 MBytes 7.81 Mbits/sec
– – – – – – – – – – – – – – – – – – – – – – – – –
[ ID] Interval Transfer Bitrate
[ 5] 0.00-300.00 sec 276 MBytes 7.72 Mbits/sec sender
[ 5] 0.00-300.00 sec 276 MBytes 7.71 Mbits/sec receiver

 

$ iperf3 –client 172.31.56.48 –interval 30 -u -b 100MB
Accepted connection from 172.31.100.5, port 39444
[ 5] local 172.31.56.48 port 5201 connected to 172.31.100.5 port 36436
[ ID] Interval Transfer Bandwidth Jitter Lost/Total Datagrams
[ 5] 0.00-30.00 sec 354 MBytes 98.9 Mbits/sec 0.052 ms 330/41774 (0.79%)
[ 5] 30.00-60.00 sec 355 MBytes 99.2 Mbits/sec 0.047 ms 355/41903 (0.85%)
[ 5] 60.00-90.00 sec 354 MBytes 98.9 Mbits/sec 0.048 ms 446/41905 (1.1%)
[ 5] 90.00-120.00 sec 355 MBytes 99.4 Mbits/sec 0.045 ms 261/41902 (0.62%)
[ 5] 120.00-150.00 sec 354 MBytes 99.1 Mbits/sec 0.048 ms 401/41908 (0.96%)
[ 5] 150.00-180.00 sec 353 MBytes 98.7 Mbits/sec 0.047 ms 530/41902 (1.3%)
[ 5] 180.00-210.00 sec 353 MBytes 98.8 Mbits/sec 0.059 ms 496/41904 (1.2%)
[ 5] 210.00-240.00 sec 354 MBytes 99.0 Mbits/sec 0.052 ms 407/41904 (0.97%)
[ 5] 240.00-270.00 sec 351 MBytes 98.3 Mbits/sec 0.059 ms 725/41903 (1.7%)
[ 5] 270.00-300.00 sec 354 MBytes 99.1 Mbits/sec 0.043 ms 393/41908 (0.94%)
– – – – – – – – – – – – – – – – – – – – – – – – –
[ ID] Interval Transfer Bandwidth Jitter Lost/Total Datagrams
[ 5] 0.00-300.04 sec 3.45 GBytes 98.94 Mbits/sec 0.043 ms 4344/418913 (1%)

UDP Throughput in a WAN

$ iperf3 –client HOST –time 300 -u -b 7.7MB
Accepted connection from 45.29.190.145, port 60634
[ 5] local 172.31.56.48 port 5201 connected to 45.29.190.145 port 52586
[ ID] Interval Transfer Bandwidth Jitter Lost/Total Datagrams
[ 5] 0.00-30.00 sec 27.4 MBytes 7.67 Mbits/sec 0.438 ms 64/19902 (0.32%)
[ 5] 30.00-60.00 sec 27.5 MBytes 7.69 Mbits/sec 0.446 ms 35/19940 (0.18%)
[ 5] 60.00-90.00 sec 27.5 MBytes 7.68 Mbits/sec 0.384 ms 39/19925 (0.2%)
[ 5] 90.00-120.00 sec 27.5 MBytes 7.68 Mbits/sec 0.528 ms 70/19950 (0.35%)
[ 5] 120.00-150.00 sec 27.4 MBytes 7.67 Mbits/sec 0.460 ms 51/19924 (0.26%)
[ 5] 150.00-180.00 sec 27.5 MBytes 7.69 Mbits/sec 0.485 ms 37/19948 (0.19%)
[ 5] 180.00-210.00 sec 27.5 MBytes 7.68 Mbits/sec 0.572 ms 49/19941 (0.25%)
[ 5] 210.00-240.00 sec 26.8 MBytes 7.50 Mbits/sec 0.800 ms 443/19856 (2.2%)
[ 5] 240.00-270.00 sec 27.4 MBytes 7.66 Mbits/sec 0.570 ms 172/20009 (0.86%)
[ 5] 270.00-300.00 sec 25.3 MBytes 7.07 Mbits/sec 0.423 ms 1562/19867 (7.9%)
– – – – – – – – – – – – – – – – – – – – – – – – –
[ ID] Interval Transfer Bandwidth Jitter Lost/Total Datagrams
[ 5] 0.00-300.00 sec 272 MBytes 7.60 Mbits/sec 0.423 ms 2522/199284 (1.3%)
[SUM] 0.0-300.2 sec 31 datagrams received out-of-order


Sum it up what learned


Debugging network issues and snooping on a Local LAN (DMZ) network on a server or home LAN is useful  to debug for various network issues and more importantly track and know abou tsecurity threads such as plain text passowd communication via insecure protocols a failure of proper communication between Linux network nodes at times, or simply to get a better idea on what kind of network is your new purchased dedicated server living in .It can help you also strenghten your security and close up any possible security holes, or even help you start thinking like a security intruder (cracker / hacker) would do. In this article we went through few of my favourite tools I use for many years quite often. These tools are just part of the tons of useful *Unix free tools available to do a network debug. Tools mentioned up are worthy to install on every server you have to administratrate or even your home desktop PCs, these are iptraf, sniffit, iftop, bmon, nethogs, nmon, ettercap, iperf and netperf.
 If you have some other useful tools used on Linux sys admin tasks please share, I'll be glad to know it and put them in my arsenal of used tools.

Enjoy ! 🙂

Check the Type and Model of available installed Memory on Linux / Unix / BSD Server howto

Monday, October 30th, 2023

how-linux-kernel-manages-memory-picture

As a system administrator one of the common task, one has to do is Add / Remove or Replace (of Broken or failing Bank of RAM memory) a piece of additional Bank of memory Bank to a Linux / BSD / Unix server.  Lets say you need to fullfil the new RAM purchase and provide some information to the SDM (Service Delivery Manager) of the compnay you're hirder in or you need to place the purchase yourself. Then you  need to know the exact speed and type of RAM currently installed on the server installed.

In this article i'll shortly explain how do I find out ram (SDRAM) information from a via ordinary remote ssh shell session cmd prompt. In short will be shown how can one check RAM speed configured and detected by Linux / Unix kernel ? 
As well as  how to Check the type of memory (if it is DDR / DDR2 / DDR or DDR4) or ECC with no access to Hardware Console.  Please note this article will be definitely boring for the experienced sysadmins but might help to a starter sysadmins to get on board with a well know basic stuff.

There are several approaches, of course easiest one is to use remote hardware access interrace statistics web interface of ILO (on IBM machine) or the IDRAC on (Dell Server) or Fujitsu's servers iRMC. However as not always access to remote Remote hardware management interface is available to admin. Linux comes with few commands that can do the trick, that are available to most Linux distributions straight for the default package repositories.

Since mentioning about ECC a bit up, most old school admins and computer users knows pretty well about DDRs as they have been present over time but ECC is being used over actively on servers perhaps over the last 10 / 15 years and for those not dealt with it below is a short description on what is ECC RAM Memory.

ECC RAM, short for Error Correcting Code Random Access Memory, is a kind of RAM can detect most common kinds of memory errors and correct a subset of them. ECC RAM is common in enterprise deployments and most server-class hardware. Above a certain scale and memory density, single-bit errors which were up to this point are sufficiently statistically unlikely begin to occur with enough frequency that they can no longer be ignored. At certain scales and densities of memory arbitrary memory errors that are literally "one in a million chances" (or more) may in fact occur several times throughout a system's operational life.

Putting some basics, Lets proceed and Check RAM speed and type (line DDR or DDR2 or DDR3 or DDR4) without having to physically go to the the Data Center numbered rack that is containing the server.


Most famous and well known (also mentioned) on few occasions in my previous articles are: dmidecode and lshw

Quickest way to get a quick overview of installed servers memory is with:
 

root@server:~# dmidecode -t memory | grep -E "Speed:|Type:" | sort | uniq -c
      4     Configured Memory Speed: 2133 MT/s
     12     Configured Memory Speed: Unknown
      4     Error Correction Type: Multi-bit ECC
      2     Speed: 2133 MT/s
      2     Speed: 2400 MT/s
     12     Speed: Unknown
     16     Type: DDR4

 

To get more specifics on the exact type of memory installed on the server, the respective slots that are already taken and the free ones:

root@server:~# dmidecode –type 17 | less

Usually the typical output the command would produce regarding lets say 4 installed Banks of RAM memory on the server will be like:

Handle 0x002B, DMI type 17, 40 bytes
Memory Device
        Array Handle: 0x0029
        Error Information Handle: Not Provided
        Total Width: 72 bits
        Data Width: 64 bits
       
Size: 16 GB
        Form Factor: RIMM
        Set: None
        Locator: CPU1 DIMM A1
        Bank Locator: A1_Node0_Channel0_Dimm1
       
Type: DDR4
        Type Detail: Synchronous
       
Speed: 2400 MT/s
        Manufacturer: Micron
       
Serial Number: 15B36358
        Asset Tag: CPU1 DIMM A1_AssetTag
       
Part Number: 18ASF2G72PDZ-2G3B1 
        Rank: 2
       
Configured Memory Speed: 2133 MT/s
        Minimum Voltage: Unknown
        Maximum Voltage: Unknown
        Configured Voltage: Unknown

Handle 0x002E, DMI type 17, 40 bytes
Memory Device
        Array Handle: 0x0029
        Error Information Handle: Not Provided
        Total Width: Unknown
        Data Width: Unknown
        Size: No Module Installed
        Form Factor: RIMM
        Set: None
        Locator: CPU1 DIMM A2
        Bank Locator: A1_Node0_Channel0_Dimm2
        Type: DDR4
        Type Detail: Synchronous
        Speed: Unknown
        Manufacturer: NO DIMM
        Serial Number: NO DIMM
        Asset Tag: NO DIMM
        Part Number: NO DIMM
        Rank: Unknown
        Configured Memory Speed: Unknown
        Minimum Voltage: Unknown
        Maximum Voltage: Unknown
        Configured Voltage: Unknown

 

Handle 0x002D, DMI type 17, 40 bytes
Memory Device
        Array Handle: 0x0029
        Error Information Handle: Not Provided
        Total Width: 72 bits
        Data Width: 64 bits
        Size: 16 GB
        Form Factor: RIMM
        Set: None
        Locator: CPU1 DIMM B1
        Bank Locator: A1_Node0_Channel1_Dimm1
        Type: DDR4
        Type Detail: Synchronous
        Speed: 2400 MT/s
        Manufacturer: Micron
        Serial Number: 15B363AF
        Asset Tag: CPU1 DIMM B1_AssetTag
        Part Number: 18ASF2G72PDZ-2G3B1 
        Rank: 2
        Configured Memory Speed: 2133 MT/s
        Minimum Voltage: Unknown
        Maximum Voltage: Unknown
        Configured Voltage: Unknown

Handle 0x0035, DMI type 17, 40 bytes
Memory Device
        Array Handle: 0x0031
        Error Information Handle: Not Provided
        Total Width: 72 bits
        Data Width: 64 bits
        Size: 16 GB
        Form Factor: RIMM
        Set: None
        Locator: CPU1 DIMM D1
        Bank Locator: A1_Node0_Channel3_Dimm1
        Type: DDR4
        Type Detail: Synchronous
        Speed: 2133 MT/s
        Manufacturer: Micron
        Serial Number: 1064B491
        Asset Tag: CPU1 DIMM D1_AssetTag
        Part Number: 36ASF2G72PZ-2G1A2  
        Rank: 2
        Configured Memory Speed: 2133 MT/s
        Minimum Voltage: Unknown
        Maximum Voltage: Unknown
        Configured Voltage: Unknown

Handle 0x0033, DMI type 17, 40 bytes
Memory Device
        Array Handle: 0x0031
        Error Information Handle: Not Provided
        Total Width: 72 bits
        Data Width: 64 bits
        Size: 16 GB
        Form Factor: RIMM
        Set: None
        Locator: CPU1 DIMM C1
        Bank Locator: A1_Node0_Channel2_Dimm1
        Type: DDR4
        Type Detail: Synchronous
        Speed: 2133 MT/s
        Manufacturer: Micron
        Serial Number: 10643A5B
        Asset Tag: CPU1 DIMM C1_AssetTag
        Part Number: 36ASF2G72PZ-2G1A2  
        Rank: 2
        Configured Memory Speed: 2133 MT/s
        Minimum Voltage: Unknown
        Maximum Voltage: Unknown
        Configured Voltage: Unknown

 

The marked in green are the banks of memory that are plugged in the server. The

field Speed: and Configured Memory Speed: are fields indicating respectively the Maximum speed on which a plugged-in RAM bank can operate and the the actual Speed the Linux kernel has it configured and uses is at.

It is useful for the admin to usually check the complete number of available RAM slots on a server, this can be done with command like:

root@server:~#  dmidecode –type 17 | grep -i Handle | grep 'DMI'|wc -l
16


As you can see at this specific case 16 Memory slots are avaiable (4 are already occupied and working configured on the machine at 2133 Mhz and 12 are empty and can have installed a memory banks in).


Perhaps the most interesting information for the RAM replacement to be ordered is to know the data communication SPEED on which the Memory is working on the server and interacting with Kernel and Processor to find out.

root@server:~#  dmidecode –type 17 | grep -i "speed"|grep -vi unknown
    Speed: 2400 MT/s
    Configured Memory Speed: 2133 MT/s
    Speed: 2400 MT/s
    Configured Memory Speed: 2133 MT/s
    Speed: 2133 MT/s
    Configured Memory Speed: 2133 MT/s
    Speed: 2133 MT/s
    Configured Memory Speed: 2133 MT/s

 

If you're lazy to remember the exact dmidecode memory type 17 you can use also memory keyword:

root@server:~# dmidecode –type memory | more

For servers that have the lshw command installed, a quick overview of RAM installed and Full slots available for memory placement can be done with:
 

root@server:~#  lshw -short -C memory
H/W path                 Device        Class          Description
=================================================================
/0/0                                   memory         64KiB BIOS
/0/29                                  memory         64GiB System Memory
/0/29/0                                memory         16GiB RIMM DDR4 Synchronous 2400 MHz (0.4 ns)
/0/29/1                                memory         RIMM DDR4 Synchronous [empty]
/0/29/2                                memory         16GiB RIMM DDR4 Synchronous 2400 MHz (0.4 ns)
/0/29/3                                memory         RIMM DDR4 Synchronous [empty]
/0/29/4                                memory         16GiB RIMM DDR4 Synchronous 2133 MHz (0.5 ns)
/0/29/5                                memory         RIMM DDR4 Synchronous [empty]
/0/29/6                                memory         16GiB RIMM DDR4 Synchronous 2133 MHz (0.5 ns)
/0/29/7                                memory         RIMM DDR4 Synchronous [empty]
/0/29/8                                memory         RIMM DDR4 Synchronous [empty]
/0/29/9                                memory         RIMM DDR4 Synchronous [empty]
/0/29/a                                memory         RIMM DDR4 Synchronous [empty]
/0/29/b                                memory         RIMM DDR4 Synchronous [empty]
/0/29/c                                memory         RIMM DDR4 Synchronous [empty]
/0/29/d                                memory         RIMM DDR4 Synchronous [empty]
/0/29/e                                memory         RIMM DDR4 Synchronous [empty]
/0/29/f                                memory         RIMM DDR4 Synchronous [empty]
/0/43                                  memory         768KiB L1 cache
/0/44                                  memory         3MiB L2 cache
/0/45                                  memory         30MiB L3 cache

Now once we know the exact model and RAM Serial and Part number you can google it online and to purchase more of the same RAM Model and Type you need so the installed memory work on the same Megaherzes as the installed ones.
 

Living of New Martyr Saint Onuphrius of Gabrovo, a Bulgarian saint martyred in year 1818

Friday, June 17th, 2022

sveti-Onufrij-Gabrovski-saint-Onufrius-Gabrovski

The New Martyr saint Onufrij ( Onuphrius ) (1786 – 1818) was born in Gabrovo, Veliko Tarnovo Diocese, to pious and noble parents.
(His father Decho later became a monk under the name of Daniel in the same Hilendar monastery on Mount Athos, where his son was then active).
The child Onuphrius was given the name Matthew in Holy Baptism.
When he grew up, he was sent to a one of scarce Bulgarian schools, where he studied well.
When he was 17 years old, his parents once punished him for some childish thing unrest, and out of frivolous childishness, he declared in the presence of Turks that he would accept the Muslim faith.

In such cases, the Turks immediately seized the person who gave the promise to convert to islam and performed the rite of Mohammedan circumcision on him.

To prevent this, his parents hid him and perhaps sent him to the "fotress" of Christian Orthodox FaIth and keeper of Bulgarian spirit, the Troyan Monastery "Holy Mother of God".
In Troyan Monastery, to this day there is a the mouth to mouth legend that the Venerable Martyr Onuphrius began his monastic feat and received his first monastic haircut here with the name Manasseah (Manasij).

sveti-Onufrij-Gabrovski-Bylgarski-svetec

He ascended diligently in spiritual life, but the voice of his conscience began to rebuke him more and more for his public denial of Christianity, even if only in words.
Probably because of this he went to Holy Mount Athos, hoping that there, under the guidance of more experienced elders, he would repent enough and calm his conscience.
Manasseah spent some time in the Hilendar Monastery (a monastery that at this time has been inhibited with many Bulgarian monks), where he was ordained a deacon.

But, as the holy fathers of the Church say, the more a Christian grows in virtue, the deeper he humbles himself and his small sins seem great., same happened with Hierodeacon Manasseah.

He was always impressed by the words of the Savior Christ:

"Whosoever shall confess me before men, him will I confess also before my Father which is in heaven; but whosoever denieth me before men, him will I also deny before my Father which is in heaven." (Matt. 10: 32-33).

And from the lives of the saints he was especially deeply moved by the example of the holy martyr Barlaam, who held his hand without trembling over the burning pagan altar until his hand burned completely, but did not drop incense on the altar, to protect the occusation that he has offered incense to the idols.
His heart was inflamed with jealousy when the Venerable Euthymius, Ignatius and Acacius (Agathius), performed their martyrdom.
Then Manasseah secretly left Hilendar and went to the Forerunner's Hermitage to the local clergyman (elder) Nicephorus with a request to prepare him for such a martyrdom.

For four months he worked hard on enormous spiritual and bodly feats under the guidance of this elder.
Every day Manasseh made four thousand bows; his prayer was unceasing; his remorseful mood brought tears to his eyes.

During these four months of preparation he ate two and a half kilograms of dried grapes, and in the strictest forty-day fast he ate 30 grams of bread every two or three days and drank water in moderation.
After Elder Nicephorus thus prepared him for the impending martyrdom, he cut his hair in a great scheme receiving the great-schema name of Onufrij ( Onuphrius ) and sent him to the island of Chios with the same companion, Elder Gregory, whom he sent with the other martyrs анд вхере тхеир feat would take place there.

On Island Chios Saint Onuphrius lived one Sunday in fasting and prayer, while on Friday, the day of Christ's suffering, he appeared in Turkish robes before the local turkish judge, openly blasphemed Muhammad and threw the green turban on his head.

holy-new-martyr-Onufrius-Onufrij-of-Gabrovo

He was exhorted, thrown into prison, tortured, and sentenced to death the same day.
On January 4, 1818, his head was cut off on the seashore and along with his blood his body was thrown into the sea, so that Christians could not take for granted his holiness any particle veneration of the Venerable Martyr.

Before his death, some asked him about his name and homeland.
The Venerable Martyr replied that his name was Matthew and that he was from Veliko Tarnovo.
In this way he wanted to save the Holy Mount Athos and his monastery from troubles by the Turks.
Soon after his martyrdom, the Greeks from Mount Athos, soon canonized him and compiled a (living) biography and a service in his honor.

Text Translated from:

© Lives of the Saints. Synodal Publishing House of Bulgarian Orthodox Church, Sofia, 1991, edited by Parthenius, Bishop of Lefkada and Archimandrite Dr. Athanasius (Bonchev).

In Praise of Holy 40 Martyrs of Sebaste – a medieval work by Saint Clement of Ohrid (The Wonderworker)

Wednesday, March 9th, 2022

Holy_40_Martyrs-martyrdom-Bulgarian-icon

I consider / think for the will of the same mind and the equality of wisdom of these fourty martyrs and in amazement, I resort to Christ,  by whom clearly comes every good giving and every gift, as the Many-Blessed Paul said and blessed: “Thou are Christ – a God’s power and wisdom.” And with that power, were filled the many-blessed fourty warriors, martyrs for Christ.

They shone in the world like the brightest stars and illuminated the whole universe with the rays of the knowledge of God, having among them the spiritual sun – Christ. Illuminated by its light and adorned with great beauty, they blossomed with special faith like fragrant lilies, abundantly watered with the dew of the Holy Spirit. Decorating themselves with good deeds, they became beloved of their Lord, because in purity and love they surpassed each other. They shone like lamps with spiritual radiance: some with fasting and abstinence, others with good faith and hospitality; some with kneeling prayer and sincerity, and others with humility and meekness; some with vigilance and sincere love, and others with love and mercy for the poor. Indeed, the power of the Holy Spirit was with them, urging them to every good deed and by faith protecting them from every calamity.

And so, they were as homogeneous in appearance and beauty. Weaved through faith and love like a golden necklace, they were connected to each other by unanimity. Leaving the vain way of life, they zealously wished to stand before the unspoken glory of God through good deeds and sincere love. They urged each other to hurry to the holy path of feat. Instead of armor, they put on the faith, and instead of a shield, they armed themselves with The Cross and appeared in battle like Lightning – Riding against thousands and tens of thousands and were glorified with Victory. They fought a double war – with Visible and Invisible enemies.

Ivory_Relief-from-Constantinople_40_Martyr-10th-century-now-kept-in_Bode-museum-Berlin

Ivory Relief icon 40 Martyr 10th century from Constantinople now kept in Bode museum Berlin

The devil, who could not see their beauty and faith, as well as their pure life, fought against them by entering the malevolent court of Licinius, who was autocratic at the time. He raised persecution against Christians. Wanting to deceitfully capture the faithful martyrs, Licinius forced everyone to worship idols. But the ancient prophet proclaimed and said: “Lord will not leave the rod of the wicked on the lot of the righteous, so that the righteous do not stretch out their hands to iniquity. Lord, do good to the good and to the righteous at heart! ” With this light they illuminated themselves, striving brilliantly and wonderfully in martyrdom, despising the ordinary pleasure of joy. Cheering each other on, they said to each other, “Brethren, let us not be afraid of this short-lived torment, which passes quickly like a shadow, but brings us into the eternal dwellings. Therefore, brothers, stand firmly armed against the adversery-enemy, so that we may be adorned with victorious crowns of Christ God!
Because for the sake of earthly life and for the sake of the mortal king we did not spare ourselves in battles, but, having fallen into many troubles, protected by the power of God, we emerged victorious, then – if we try to follow him, taking upon ourselves his voluntary sufferings, we hope that he will be with us, as he promised: “When you are taken to assemblies, to authorities, to prisons, to kings and princes, and to tormentors for my name's sake, do not worry about what to say or what to answer, for I will give you words and wisdom that all your adversaries will not be able to resist or contradict. And do not be afraid of those who kill the body and can do no harm to the soul; but be afraid of him; who, after the murder, has the power to throw into hell. "

With these words, they learned and supported each other, and powerfully trampled on the devil's cunning. They gladly endured all kinds of sorrows, saying to themselves the apostolic word: "God is not unjust, brethren, to forget your labor."

40_Holy_Martyrs-of-Sebaste-Sebastia-in-the-ice-cold-lake-icon

40 Holy Martyrs of Sebaste martyrdon in the Lake Εκκλησιαστικό Μουσείο (Alexandrupoli, Greece Church Museum)

When they stood at night, in the cold, in the middle of the swamp, near the town of Sebastia, here is one of them, turning away, ran to the bathroom (built near the plateau) and, touching the heat, it melted like ice and died. And suddenly an unspeakable light shone from the sky on them, and the cold turned from it into warmth. And forty crowns descended from heaven upon their heads. Only one wreath remained, with nowhere to stop.The guardian, seeing this miracle, took off his clothes, jumped to the martyrs and cried out in a loud voice: “I believe in the Son of God Jesus Christ, in whom even these holy martyrs believe; may He honor me with the same glory, so that I may complete with them a martyr's deed! ” And immediately the crown of unspeakable glory descended on his head and stood. This is God's mercy, as the Lord Himself said, "The last shall be first, and the first last."

oly_Forty_Martyrs_Church-in-Veliko-Tarnovo-Trnov-Bulgaria
Church of Holy Martyrs, ex-Capital of Bulgarian Empire Tarnovo / Trnov, Bulgaria

Therefore, how can we praise the most holy company, from which this wretched man fell away, as Judas once fell away from God's chosen company, and as the devil fell away from the angelic staff and from the light and became the ruler of darkness and deserved eternal torment. His envy engulfed this wretched man. But still the devil was trampled by the invincibles.

The church nourished them with spiritual food, crowned them with the brightest wreaths; he made them companions of the angels and showed them to the whole universe as bright lamps. With their miracles they shine more than the sun. The prophet announced about them in antiquity, saying: “You have tested us, O God, you have melted us as silver is melted; put men over our heads. We went through fire and water and you set us free. " As they desired this eternal peace, they left behind the beauty of life, houses, wealth, fathers, mothers, sisters and brothers, wife, children, and even despised their lives, according to the Lord's command. That is why the Lord has miraculously shown all His favor to them. Indeed, they were vessels of good use, chosen for the service of the only ruler and our savior, Jesus Christ. Nothing could separate Christ's love from them: no fire, no water, no other suffering.

That is why today we celebrate their memory with respect and, giving them the due praise, we say: "Rejoice, all-honorable and wonderful company of the most glorious army!"

They became like the disembodied forces and surpassed them; for they, being disembodied, stand in their place and enjoy the unspeakable beauty. And the martyrs, having swum the earthly ravaged sea , illuminated the whole world with their blood. With spiritual wings, they flew up and stood before the unspeakable glory of God. They abundantly heal the sick, cast out demons, alleviate suffering, enlighten churches, keep the peace, guide people to good deeds, cast out demons and quickly destroy their cunning, enrich the poor in two ways – mentally and physically – destroy heresies. Shining with the brightest dawns, they became great advocates – martyrs for the faith.


Chapel_of_the_Forty_Martyrs_holy-martyrs-holy-relics-Church-of-Holy-Sepulchre-Jerusalem

Chapel of the Forty Martyrs containing the Holy Relics Church of Holy Sepulchre Jerusalem


So what mouth or which tongue will be able to praise these heavenly lamps, which appeared brighter than the sun? With their pure relics, they illuminated the whole world like stars. They warmed the day's frost, ignited by the Holy Spirit. And fiery flames extinguished them, as once the godly youths in Babylon. With their golden bones they illuminated the streams of the river, adorned all the churches with their fragrant relics, delighted the world with their unspeakable miracles, banished deception, and planted the truth, stepped on the devil, rejoiced Christ! That is why the right hand of the Almighty adorned them with bright wreaths and illuminated them with the rays of the unspeakable light, honored them wonderfully and with the honor to stand before God, clothed them with God-woven clothes, filled them with the power of the Holy Spirit and made them equal to disembodied forces. . That is why God is wonderful among his saints, always glorifying those who glorify him, and miraculously honoring them with unspeakable miracles. I want to tell one of their many miracles, namely how children listen to their noble mother.

Sveti-40_Mychneici-Bylgaria-Holy-40-Martyrs-Manastir_-_Vrachesh-Bulgaria

A Nun Monastery near Vrachesh Village, Bulgaria – Monastic Church

When these blessed martyrs surrendered their holy souls into the hands of the Lord, one of them was still breathing. His mother, seeing that he was left alive, rejected the female weakness, took male audacity, took his beloved son on his shoulders and, following him (after the car loaded with the bodies of the martyrs), said to him: "Do your best, Sufferer for Christ, be courageous and strengthen your heart, and may my soul rejoice for you! Do not fall away, as Judas once fell away from the apostles, nor as one of you has now fallen away, but give God all your hope and your spirit, and he will support you; for, behold, Christ is standing before you, brother, to receive your soul and await your arrival. ” As she spoke this, her son, carried by her, surrendered his soul into the hands of the Lord. She took it, placed it with the saints, and said, "Rest, child, with your holy company, and remember me with them in your holy prayers, so that I may accomplish your martyrdom." Then she returned with joy, praising God. Have you heard, brethren, of the love and boldness of the Christ-loving mother? How she feared neither the king, nor the tormentor, nor the sword, nor the fire, but only the life-giver of God.

Merdanya_monastery_40_Martyrs-after-the-battle-of-Klokotnitsa-by-Bulgarian-ruler-Ivan_Asen-II-near-Lyaskovec

Church of 40 Holy Martyrs in Merdanya Monastery near Lyskovec Veliko Tarnovo, Bulgaria (The monastery in thankfulness to the martyrs for helping the Bulgarian King Ivan Asen II in the Famous Medieval battle of Klokotnitsa which occured on 9th of March year 1230 near the Village of Klokotnitsa – As a result, Bulgaria emerged once again for short time as the most powerful state in South-Eastern Europe)

Therefore, if we reject from ourselves any fear of men, let us make room in ourselves for the fear of God. May he enlighten our souls and hearts! May we always abide in fasting, in purity and sincere love, in meekness and obedience, abstaining from all evil. Let us adorn ourselves with good deeds, like these most holy martyrs, glorifying the Most Holy Trinity, one in three persons – the Father, and the Son, and the Holy Spirit – now and always, and forever. Amen!

Text originally existing in Church Slavonic and translated to Bulgarian language by Archimandrite Dr. Atanasii Bonchev (who was also the Author of the Book the Living of the Saints used in the Bulgarian Orthodox Church even today)
 

The Menaion (one of Liturgy service books) of the Eastern Orthodox Church lists the names of the Forty Martyrs as follows:

  • Hesychius, Meliton, Heraclius, Smaragdus, Domnus, Eunoicus, Valens, Vivianus, Claudius, Priscus, Theodulus, Euthychius, John, Xantheas, Helianus, Sisinius, Cyrion, Angius, Aetius, Flavius, Acacius, Ecditius, Lysimachus, Alexander, Elias, Candidus, Theophilus, Dometian, Gaius, Gorgonius, Eutyches, Athanasius, Cyril, Sacerdon, Nicholas, Valaerius, Philoctimon, Severian, Chudion, and Aglaius.


A curious fact is in the Eastern Orthodox Church, there is a prayer mentioning the Forty Holy Martyrs of Sebaste is also placed in the Orthodox Wedding Service (referred to as a "crowning") to remind the bride and groom that spiritual crowns await them in Heaven also if they remain as faithful to Christ as these saints of long ago.

Hearing on the enormousness of Saintship of the Holy Fourty Martyrs and their endurance. 
Let us ask them for their holy prayers for more peace, love, faith and hope and endurance and patience on the hard trials each one of us face constantly!

Holy 40 Martyrs of Sebastia Pray the Lord Jesus Christ so we find mercy in God!

Saint Prophor Pchinski Saint Jochichim of Osogovo and Saint Gabriel of Lesnovo the three little known Bulgarian spritual followers of Saint John of Rila

Saturday, January 15th, 2022

Biography of St. Prohor Pshinski

Saint_Prohor_Pchinski-face-icon

St. Prohor Pshinski. Mural from the 15th century in the church "St. Archangel Michael" in Saparevo near Kyustendil. Source: bartol, bartol.blog.bg

 St. Prohor Pshinski. Mural from the 15th century in the church "St. Archangel Michael" in Saparevo near Kyustendil. Source: bartol, bartol.blog.bg The Rev.

Prohor Pshinski was a Bulgarian by birth from pious parents in the Ovce Pole region of northern Macedonia. It was given by God to childless parents for their prayers and sucked in along with his mother's milk and her high piety. When he grew up, his parents insisted on marrying him. But he once heard in the temple the words of the Savior: "He that loveth father or mother more than me is not worthy of me," (Matt. 10:37). the town of Vranje in Yugoslavia. He lived in a cave where water springs for 32 years. Once a frightened deer ran to him, chased by a hunter who soon appeared.

Saint_Prohor_Pchinski_Fresco-Byzantine-Empire-icon
Prophor Pchinski (Pshinksi) Byzantine Empire Icon

At his first meeting, the monk called the hunter by name and predicted that he would soon become a Byzantine emperor. At that time Bulgaria was under Byzantine slavery (1018 – 1186). And indeed, after some time this man reigned under the name of Roman Diogenes (1067-1071). Astonished by the fulfillment of this prophecy, he discovered the incorruptible relics of the late Prohor Pshinski and built a large temple in the name of the saint on the site of his asceticism. His holy relics were laid there and a monastic fraternity gathered.

This monastery still exists. The Venerable Prohor Pshinski died on September 14, but due to the great feast of the Exaltation of the Holy Cross, the celebration of his memory was postponed to January 15. His monastery celebrates his memory on September 19.

© Lives of the Saints. Synodal Publishing House, Sofia, 1991, edited by Parthenius, Bishop of Lefkada (Levkijski) and Archimandrite Dr. Athanasius (Bonchev).

Saint_Prohor_Pshinski-XV-century-wall-painting-icon-Kyustendil-Bulgaria

Saint Prohor Pchinski (Pshinski) Wall Painting icon XV century Kyustendil Bulgaria

The prologue biography of St. Prohor Pshinski is an original ancient Bulgarian writting, known in a single transcript in the New Prologue from the beginning of the 14th century (GIM, Uvar. 70). Under the date of October 19, the Venerable Hermit Saint is mentioned next to St. Ivan Rilski. Both texts are published by Kl. Ivanova (1977). D. Chesmedjiev (2009) points out that the cult of St. Prohor Pshinski is poorly fixed in the written tradition. All the details about the saint are known from his prologue. St. Prohor lived in the 11th century, working in the Kozyak mountain (near the village of Staro Nagorichino). After his death, his relics were transferred to the church he founded, called Pshinya, where he was healed.

Saint Prophor Pchinski in Modern Theology

His cult probably originated during the Byzantine rule. His memory is celebrated on September 13 and October 19. In the New Prologue, in addition to biographies of St. Ivan Rilski and St. Prohor Pshinski, there are also biographies of St. Achilles of Larissa, St. Simeon of Serbia and others. 30 years ago Kl. Ivanova (Ivanova 1977: 59) has suggested that the manuscript was compiled in the Pshin Monastery itself, but the spelling and language features of the collection are Serbian. According to the latest research by the same researcher, Nora's prologue originates from Jerusalem and was created in the Serbian monastery "St. Archangel Michael ”(Ivanova 2008: 68–70).

 

Biography of Saint Joachim of Osogovo

Images of St. Ivan Rilski and St. Joachim of Sarandapor from the Poganovo Monastery, end of the 15th century. It is not known where he came from, from his life it is known that he came from the west, according to Ivan Snegarov, perhaps from Zeta, in the Osogovo Mountains, where he sought monastic asylum.

An unknown boyar from the village of Gradets, not far from Kriva Palanka, today in northern Macedonia, shows him the place he was looking for monastic solitude – a cave by the Sarandapor River, today's Kriva River. Here St. Joachim spends his life as a hermit, in fasting and prayer, and the local Bulgarians revere him as a holy man. 

Osogovo Monastery.

Kutugenski-Manastir-Sveti-Joachim-Ioakim-Osogovski
Osogovo Monastery Saint Joachim Icon

Joachim Osogowski died on August 16, 1105.On this date the Bulgarian Orthodox Church commemorates him.

Years later, the widowed priest Theodore of the Sheep Field settled in the place of Joachim's hermitage, adopting the monastic name Theophanes. After his saint appears, he discovers his miraculous relics, which are laid in the church built in his memory. In the 12th century, the cult of St. Joachim became so popular in northwestern Macedonia that a monastery of the same name was built around the temple. 

Joachim-of-Osogovo-known-also-as-Sarandopolski-Poganovo_Ivan_Rilski

Images of St. Ivan Rilski and St. Joachim of Sarandapor from the Poganovo Monastery, end of the XV-th century ( the three most famous spiritual pupils of Saint John of Rila )

In the monastery, similar to the life of St. Ivan Rilski, a life of St. Joachim was created, known from later transcripts, as well as a service of the saint. Around the middle of the 14th century the cult of St. Joachim spread to the eastern Bulgarian lands, and at the end of the 14th century it was transferred to Russia.

Biography of Saint Gavriil (Gabriel) Lesnovski

Saint-Gabriel-of-Lesnovo-320px-Archangels_Chapel_in_Rila_Monastery_Gabriel_of_Lesnovo_-_year-1845

Saint Gabriel of Lesnovo fresco from Archangels Chapel Rila Monastery, Bulgaria

Saint_Gabriel-of-Lesnovo-icon-St-Alexander-Nevski
St. Gavriil Lesnowski.
Detail of a mosaic on one of the doors of the Patriarchal Cathedral "St. Alexander Nevsky" in Sofia St. Gavriil Lesnowski. Detail of a mosaic on one of the doors of the Patriarchal Cathedral "St. Alexander Nevsky" in Sofia

Reverend Gavriil Lesnovski is one of the three great followers of the Rila desert dweller St. Ivan Rilski. He lived in the XI – XII century. He was born in the village of Osiche, Palaneshko (Macedonia). He came from rich Bulgarian parents and received a good education. When he was old, his parents betrothed him to a good-looking bride. Soon, however, his fiancée died. Then he entered a monastery and became a monk. With the inheritance he received from his parents, Gabriel built a monastery with a church named after St. Archangel Michael in the Lesnovo Mountains, northern Macedonia, near the present town of Kratovo.

The Venerable Father gathered monks, appointed an abbot, and he himself secluded himself in the mountains of desert life and silence, doing so for 30 years. He then returned to his monastery and died on January 15. Thirty years after the death of the Venerable Gabriel, a Russian monk named Joseph in the town of Sredets (Sofia) – at the suggestion of the saint – went to the place where the Venerable struggled, found his grave, found his incorruptible relics, laid them in a coffin and provided for prayer worship to believers.

For many years the holy relics of the Reverend Gabriel rested in the Lesnovo Monastery and performed many miracles. Probably in the thirteenth century one of the Bulgarian kings of the Assen dynasty brought them to his capital Tarnovo and laid them in the church "Holy Apostles" in Trapezitsa. According to the Reverend's prologue of 1330, "they have lain there until now and give healing." After the Ottoman invasion of Bulgaria, traces of the holy relics of the Venerable Gavriil Lesnovski are lost. The monastery he founded was later named after him and became an important literary center. © Lives of the Saints. Synodal Publishing House, Sofia, 1991, edited by Parthenius, Bishop of Lefkada (Levkijski) and Archimandrite Dr. Athanasius (Bonchev).

Saint-Gabriel_Lesnovski-Saint-_Joachom_Osogovski_and-saint_Prohor-Pchinski-Saint_Alexander_Cathedral_SofiaSaint Gabriel of Lesnovo, Saint Joachim of Osogovo and Saint Prohor Pchinski mosaic saint Alexander Nevski Cathedral Church, Sofia, Bulgaria

The Saints Prohor Pchinski, Joachim of Osogovo together with Saint Gabriel of Lesnovo according to Bulgarian Orthodox Church tradition are considered to be 3 of the many pupil monks of Saint John of Rila who spread the light of Holy Eastern Orthodox Christian faith in whole Bulgarian lands and from there towards Russia and far west Serbia, Croatia, Hungary who historically has been orthodox and later converted to Roman Catholicism.

Saint Filothea Temnishka of Tarnovo feast day 7 of December. A XII century miracle working Saint little known in the West

Tuesday, December 14th, 2021

Icon-of-Saint-Feothea-Feotheus-of-Tarnovo-Bulgaria-icon-in-her-Church-saint-Feothea-of-Trnovo


Living of Saint Filothea of Tarnovo 

The Venerable Filothea (Filotea) is born in the Byzantine city of Polivot in (Southern Thrace). She was a fruit of a continous prayers of her parents. 
Received a good education for the time and reached adulthood, her parents give her for a bride (in arranged marriage against her will) which was a standard practice of its time.
Even merrying using  her enormous wisdom she was able to persuade her husband to live vestal life (the marriage was not consumed). 
In relatively short years her husband passed away. She has moved to a Insland nearby the close lake, built a small hermit cell hut and prayed and fasted incessantly living a a holy hermit life in solitude, night vigils, tears and repentance and stillness.
Because of her zealoutry God has given her the Grace of Miracle working prayers and the wisdom to teach. A well known spiritual persons, cleargyman, priests, deacons and people come to her to hear her graceful words and councils as well as to receive a healing through her holy prayers.

Saint-Filothea-of-Tarnovo-Romanian-icon2.

Cause of her absitence of food and sleep and praers all over the clock she lost body weight, forseeing her death she has presented herself to the Lord on 7th of December (the exact year of her death and the age are unknown, presumably she lived somewhere in the XII century). Her holy relics turned to be incorruptable (a sign for immerse holiness, among with wonder working healing miracles were considered some of the conditions for considering a deceased person a saint – for more on inccorruptability of saint relics check out my previous article here).

Sveta-Filotea-Tyrnovska-jitie-zabravenata-pokrovitelka-na-Vidin

In the beginning of XIII century her holy relics were solemnly carried with honor from Polivot to the Capital of Second Bulgarian Empire Tarnovo by King Kaloyan. There her holy relics stayed by God's great providence for 200 years, being visited by the whole Christiandome for veneration.

The-Transfer-of-Saint-Filotea-Holy-Miracle-Working-relics-to-Tarnovo-Bulgaria-thirteen-century

After the fall of Bulgaria under the Ottoman yoke (year 1393). Probably to save the holy relics from destruction, they were taken to the far North Bulgarian borders in the Fortress of Bdin (today city of Vidin) and after staying for a while once the fortress was taken over by Mohameddans, taken a by the Serbs, and later Wallachs (todays Romanians) has taken the relics from Serbs, once the Serbian lands were invaded.

Currently her holy relics are present the old Wallachian Capital Curtea de Argeș (near river of Argeș).

Holy-relics-of-Saint-Filotea-of-Tarnovo.
Holy Relics of Saint Filothea, one of the most famous places for Christian veneration in Romania
(Saint Demetrius of Besarabia – another Bulgarian saint, Saint Filotea, and Saint Petka of Bulgaria are among the most venerated saints in Romania today)

The main source we have for the living of Saint Filothea (Filotheus) is written by Saint Patriarch Euthymius of Tarnovo Bulgaria (born circa 1325, died c.1402 / 1404). It is a very long document describing a lot of interesting details about Saint Filothea's healing miracles after she prayed with crying to the Lord even before she died. The miracle healings, chasing out of demons and restoration of eye sight and other glorious things continued even after she passed out to Christ to multitudes of people who prayed in front of her relics with faith.

Saint-Patriach-Euthymius-of-Tarnovo-last-Bulgarian-Patriarch-before-Turkish-Slavery-author-of-saint-Feotheas-Living
Saint Patriarch Euthymiuus of Tarnovo, the main source author for today's Filoteas Living 

During her life she spoke to the people coming to her a lot of his sacred methodical words.
She told them before her death:

"The time has come for me to leave here, so I thought it right to remind you of the traditions and decisions of the Orthodox faith by the Holy Apostles and the Divine Fathers. You know that the Orthodox faith is the head of our lives. In your efforts to give it to us pure and immaculate, the Holy Apostles suffered various kinds of death. , and to keep the church traditions unshakable, and not to waver here and there from different winds.

However, the Lord Jesus Christ shed His blood for her and did not allow his Church to be completely destroyed. But he gave her help, and fate led her to victory. I, the poor, have been brought up in piety since my childhood, and I received it from my parents as a precious treasure. Therefore, as a holy peak in the Church, I ask you not to forget the tradition of the Holy Prophets and Apostles, as the great apostle Paul wrote to Timothy: and others to learn! " (Tim. 2: 2)

Saint-Venerable-Filotea-of-Tarnovo-Romanian-icon

You deserve to hold the true faith and not listen to pagan fables at all. They can rebuke us a thousand times, they can insult us a thousand times, but a lie will never defeat the truth, nor will malice prevail over wisdom. For, they reduced the name of the Deity in the creation, in men – oh wickedness! – in trees, in stones, cats, dogs, and are not ashamed to think that creation came into being by itself, and do not understand, the unthinking, in their evil wickedness and wisdom, that everything was brought from non-being into existence by one true God, Who created heaven and earth and everything visible and invisible. And the gods, who did not create the heavens and the earth, may perish! (Jeremiah 10:11). Let those who make them and who hope in them be like them! (Ps. 113:16; 134:18). Therefore the Gentiles were deceived, and their foolish hearts were darkened. Considering themselves to be wise, they proved foolish, and changed the glory of one God in the likeness of quadrupeds, reptiles, and birds (Rom. 1: 21-23). Let the wretched see where the celestial bodies and earthly beings in the air and water came from, and most of all where the even more primitive came from – heaven and earth, air and aquatic nature! Who mixed and divided them? What is their communication with each other – separation and consent? Who moves and leads them? How does one element, which is contrary in nature, run away with another harmlessly in the fullness of one world? How do they exist in agreement without consulting and talking? All this is the work of divine providence, and they left the Creator and honored and served creation instead of the Creator (Rom. 1:25) and wander in vain and rage against our pious faith and against pious Christians, to whom they impose ruthless torture and force them to renounce the sweet name of Christ.

You do not pay attention to their threats, even if they lead you to the torturous wheels, to the boiling cauldrons, to the sword or fire, do not be afraid of their horrors! (Isa. 8:12, 70s). Another life and another age that awaits us awaits us, where the prophets rejoice, the apostles rejoice together with the figures of the Venerable Lent, with the angels and archangels, with the martyrs and all the saints. Always think this, write this in your hearts! Take care of yourself and the whole flock, among which God has appointed you shepherds and teachers (Acts 20:28), in order to keep yourself and them pure and undefiled!

Everything in this world will be beautifully and habitually scattered like dust and forgotten, only virtue lasts forever and ever. Therefore, try to keep yourself clean and to lead the entrusted flock to lively pastures, so that the Lord of all, seeing this diligence of yours, may reward you with a reward worthy of your labors and make you worthy of His kingdom! " 
 

Saint_Filothea_Tarnovska_Romanian-icon
Romanian Contemporary Icon of Saint Filothea

A high-ranking and famous man named Navkratius, from the city of Amoria, was appointed by the then king to be the governor of Greece. It happened to him to fight the godless Agarians (The Turks), and after the two sides fought, by the unknown destinies of God, his whole army was defeated: some were killed, and others were captured and taken to Sicily. Along with the others, a stratilat (army commanded) was captured, but his name was Artavan, from the town of Philomelia. Taken away by the ungodly, they were imprisoned in a gloomy dungeon and guarded with great care. Thus detained there, they were perplexed as to what to invent and what to do. And overwhelmed with grief, they called for the help of Almighty God and His loved ones.

Then Artavan remembered St. Philothea and began to tell them about her glorious miracles and that she had received the gift of healing various ailments and diseases. As he listened to Stratilat Navkratius, his heart burned and he began to call for her help. And because he was filled with divine desire and was inflamed with fervent faith, he could not wait to hide it for a long time, but he quickly got up and raised everyone to earnest prayer, shedding tears. And all of them unanimously rushed to earnest prayer and called for the help of the God-loving Philotheus, saying:

"Christ-related slave, undefiled bride, pure dove, abode of the Holy Spirit, if you look mercifully on us humble and desperate, and free us from this terrible dungeon, we will be trumpets of your countless miracles, with a loud voice we will we preach, and we will spend the rest of our lives chaste and pure. O Venerable Mother, do not despise us, for we are bitterly distressed in this terrible and miserable dungeon! "

Saint-Philotea-saint-Alexander-Nevski-Cathedral-Sofia-Bulgaria-wall-painting

With such prayers they spent the whole night, with hot tears and heartache. When they had finished this all-night vigil and finished their prayer, they lay down to rest and give a little sleepy consolation to the body. Everyone fell asleep in their place, the reverend appeared to them and rejoiced their hearts with words of consolation, saying:

"Your prayer has been heard and God has not despised your sighs. So go in peace and return to your homes, thanking God for your gratitude, who frees prisoners from bondage!" (Ps. 67: 7).

They awoke with joy, the iron chains lay fallen from them, the dungeon was wide open. They believed the vision to be true, and immediately left the open dungeon, the guard lying as if dead, and fleeing freely. But before they went home, they first went to the island to pay their respects to the reverend. After fulfilling this obligation, each of them returned home and told all the glorious miracles of the Venerable Philoteia.

After this spread everywhere, and managed to enter every ear, a leper, full of faith and fervent zeal, quickly came to the church of the Venerable Mother, called for mercy and with diligent requests and frequent bows, long sleepless nights, fasting and torture tormented himself and he relentlessly spent in her divine temple. The Blessed One, seeing his long diligence and his bodily leprosy, which had almost ended, immediately bowed to mercy, appeared in the dream of the church cleric and ordered him to anoint him with oil from the holy chandel of the Immaculate Conception all over his body. When he awoke, the cleric quickly obeyed the order. and not many days later he sent him safe to his home to glorify and thank God, as well as to His close friend.

A lot of time passed and many miracles happened. The Greek kingdom was exhausted and its scepter holders found themselves in difficult circumstances. Finding the right time, the Romans stormed the Greek state and inflicted unbearable misery.

At the same time, the Bulgarian kingdom became very strong and powerful, and it encompassed and conquered all the surrounding areas. At that time in Bulgaria the tsarist scepter was ruled well and even magnificently by the pious and glorious tsar Kaloyan (1197-1207). Seeing the Greek kingdom completely exhausted, he attacked it manfully, and many cities and villages were captured and ruined. And having gathered all the good, he brought it to his glorious city of Tarnovo – the whole nation with all the animals moved to their country. As he did all this, he heard the miracles of the Venerable Philotheus, and his heart was greatly inflamed. Because it is usually a matter of the souls of the pious to show zeal for virtue and to show zeal in every way.

After conquering the whole region and subduing it to his authority, he came to the place where the venerable body of the reverend lay, filled himself with unspeakable joy, praising God and diligently thanking Him. He fell before the reverend relics of the reverend, flooded them with his tears, and reverently kissed them. He then ordered an all-night vigil and gave many alms to the poor. In the morning a divine liturgy was celebrated, which was attended by the king in great joy and merriment with all his army. And he made the good decision to bring the reverend's body to his country. 

Holy Venerable Mother Filothea pray the Lord to have mercy on every suffering and needy, poor, sick, weak and low and all the people who remember your holy memory and summon your prayers !

Amen !

Article Sources:
1. The Living of Saints by dr. Atanasii Bonchev and bishop Partenij 
2. The Living of Saint Filothea written by Saint Patriarch Euthymius of Tarnovo