TCPDUMP and SSLDUMP

Overview

I was interested in figuring out the time taken for a HTTP SSL handshake and the following file download time and after a discussion with colleagues decided in utilizing ssldump.

Usage

The ssldump utility can either read the output of tcpdump or could simply be set to listen on a particular interface as well. Some examples follow:

Listen on the Loopback interface  “lo”:

Note that if the client and server are on the same machine then this is what you might need to do.

Listen on a particular interface:

It could also read the generated output of tcpdump:

However if you have network traffic captured as a result of running tcpdump and running ssldump on it leads to “ERRORLength mismatch” message, then one needs to increase the packet capture size. This is what I did for a quick check:

Here the value “0” is assocated with the “snarflen” (-s) argument and it implies that we “use the required length to catch whole packets” (from the man page of tcpdump).

References:

For ssldump troubleshooting, please refer to:

http://ssldump.sourceforge.net/TROUBLESHOOTING

Python 2.7.3 install on Linux

To use a later version of Python to what the RPM is available for, one needs to build and install it.

This is what I did and it was a breeze to get that to up:

And that is it. If you run into issues, one can always start from scratch by running:

and then continue with the 3 steps that were outlined earlier viz.

How to get to the memory profile of your linux system – free, top, vmstat (free versus top versus vmstat)

Overview

There are a myriad of tools and scripts that one runs on Linux to figure out the important question of how much free memory is left viz. “how much RAM is available?”.
And to answer the query, we use the following 3 tools that are almost guaranteed to be on all Linux systems and some Unix variants:
  1. free
  2. top
  3. vmstat

Free

The following command line demonstrates the invocation of the “free” command to display the amount of free and used physical and swap memory in the system in megabytes – borrowing the description from the man pages.

Explanation:

Free memory => free + buffers + cached = 155 + 314 + 1171 = 1640 =~ 1641 [the value in 3rd row. 4th col]

top

Explanation:

Free memory => 159100k + 321752k + 1199916k = 1680768k =~ 1641M (this is the value that we arrived at from the “free” coammand above]

vmstat

Using vmstat with the ‘s’ switch to display the memory statistics, we have the following:

Explanation:

Free memory => free memory + buffer memory + swap cache = 157704 + 322028 + 1201220 = 1680952 = 1641.554M =~ 1640M

Synopsis
The paths to discovering memory statistics are many but they ultimately lead to the same figures.  :-)