On a Linux machine, the netstat -tupan command will show the list of active or pending TCP sessions, as well UDP ports on which running programs are listening. This facilitates identification of services offered on the network.

GOING FURTHER IPv6

Some network commands may work either with IPv4 (the default usually) or with IPv6. This is especially the case with the nmap and netstat commands, but also others, such as route or ip. The convention is that this behavior is enabled by the -6 command-line option.

If the server is a Unix machine offering shell accounts to users, it is interesting to determine if processes are executed in the background in the absence of their owner. The command ps auxw displays a list of all processes with their user identity. By checking this information against the output of the who command, which gives a list of logged in users, it is possible to identify wild servers or programs running in the background. Looking at crontabs (tables listing automatic actions scheduled by users) will often provide interesting information on functions fulfilled by the server (a complete explanation of cron is available in Section 9.7, “Scheduling Tasks with cron and atd”).

In any case, it is essential to backup your servers: this allows recovery of information after the fact, when users will report specific problems due to the migration.

3.2.2. Backing up the Configuration

It is wise to retain the configuration of every service identified in order to be able to install the equivalent on the updated server. The strict minimum is to print the configuration files and make a backup copy of them.

For Unix machines, the configuration files are usually found in /etc/, but they may be located in a sub-directory of /usr/local/. This is the case if a program has been installed from sources, rather than with a package. One may also find them, in some cases, under /opt/.

For data managing services (such as databases), it is strongly recommended to export them to a standard format that will be easily imported by the new software. Such a format is usually in text mode and documented; it may be, for example, an SQL dump for a database, or an LDIF file for an LDAP server.

Figure 3.2. Database backups

Each server software is different, and it is impossible to detail all existing cases. See the new and current software documentation to identify the exportable (thus, re-importable) portions and those which will require manual manipulation. Reading this book will clarify the configuration of the main Linux server programs.

3.2.3. Taking Over an Existing Debian Server

To effectively take over its maintenance, one may analyze a machine already running with Debian.

The first file to check is /etc/debian_version, which usually contains the version number for the installed Debian system (it is part of the base-files package). If it indicates testing/unstable, it means that the system was updated with packages coming from one of these two development distributions.

The apt-show-versions program (from the Debian package of the same name) checks the list of packages installed and identifies the versions available. aptitude can also be used for these tasks, albeit in a less systematic manner.

A glance at the /etc/apt/sources.list file will show where the installed Debian packages likely came from. If many unknown sources appear, the administrator may choose to completely reinstall the computer's system to ensure optimal compatibility with the software provided by Debian.

The sources.list file is often a good indicator: the majority of administrators keep, at least in comments, the list of prior APT sources used. But you should not forget that sources used in the past might have been deleted, and that some random packages grabbed on the Internet might have been manually installed (with the dpkg command). In this case, the machine is misleading in its appearance of “standard” Debian. This is why you should pay attention to any indication that will give away the presence of external packages (appearance of deb files in unusual directories, package version numbers with a special suffix indicating that it originated from outside the Debian project, such as ubuntu or ximian, etc.)

Likewise, it is interesting to analyze the contents of the directory /usr/local/, intended to contain programs compiled and installed manually. Listing software installed in this manner is instructive, since this raises questions on the reasons for not using the corresponding Debian package, if such a package exists.

QUICK LOOK cruft

The cruft package proposes to list the available files that are not owned by any package. It has some filters (more or less effective, and more or less up to date) to avoid reporting some legitimate files (files generated by Debian packages, or generated configuration files not managed by dpkg, etc.).

Be careful to not blindly delete everything that cruft might list!

3.2.4. Installing Debian

All information on the current server being now known, we can shut it down and begin to install Debian on it.

To choose the appropriate version, we must know the computer's architecture. If it is a PC, it is most likely to be i386. In other cases, we can narrow down the possibilities according to the previously used system.

Figure 3.3. Installing the appropriate Debian version

Table 3.1, “Matching operating system and architecture” is not intended to be exhaustive, but may be helpful. In any case, the original documentation for the computer is the most reliable source to find this information.

HARDWARE Next-generation PC

Most recent computers have 64 bit Intel or AMD processors, compatible with older 32 bit processors; the software compiled for “i386” architecture thus works. On the other hand, this compatibility mode does not fully exploit the capabilities of these new processors. This is why Debian provides software for “ia64” architecture for Intel Itanium chips and “amd64” for AMD chips. This last also works with Intel “em64t” processors, which are very similar to AMD64 processors.

Table 3.1. Matching operating system and architecture

Operating System

Architecture(s)

DEC Unix (OSF/1)

alpha, mipsel

HP Unix

hppa

IBM AIX

powerpc

Irix

mips

MacOS

powerpc, m68k, i386

MVS

s390

Solaris, SunOS

sparc, m68k, i386

Ultrix

mips

VMS

alpha

Windows NT

i386, alpha, mipsel

Windows XP / Windows Server 2008

i386, ia64, amd64

Windows Vista / Windows 7

i386, amd64

3.2.5. Installing and Configuring the Selected Services

Once Debian is installed, we must install and configure one by one all of the services that this computer must host. The new configuration must take into consideration the prior one in order to ensure a smooth transition. All the information collected in the first two steps are useful to successfully complete this part.

Figure 3.4. Install the selected services

Prior to jumping in to this exercise with both feet, it is strongly recommended that you read the remainder of this book. After that you will have a more precise understanding of how to configure the expected services.