Edit: Still good information
Originally posted January 21, 2020 on AIXchange
Courtesy of Russell Adams, here’s some useful information on performance monitoring tool nmon and how to more securely verify IBM downloads.
Recently I found some interesting information on Russell Adams’ blog. This is about nmon, the performance monitoring tool (excerpt below):
“Recently I was learning about Nigel’s new efforts with JSON and web based graphing, and came across his nmonchart tool. This new tool has dynamically zooming graphs via javascript directly in your browser from a single file! I had to try it, and I’m very impressed.
Running it against a single file was trivial and the resulting HTML loaded into a browser without issues to view the data. However when I wanted to view several days of data in separate files there wasn’t an option.
A few minutes later and some awk magic result an awk script to combine data files for reading into nmonchart.”
He includes a sample script and some files, so be sure to read the whole thing.
In another blog entry, he covers an option for verifying IBM downloads made to the NIM server (excerpt below):
“IBM doesn’t typically publish a simple text file of checksums with any of their POWER or AIX downloads. They do include an XML file for Download Director.
They do make an attempt to allow customers to validate the download using that XML file in VIO downloads by providing a file called ck_sum.bff. The customer is instructed to execute ck_sum.bff against the directory of downloads to confirm the downloads.
This raises many red flags for me for violating security best practices. I should never execute untrusted code from any source on my systems! The typical place this would run is on a NIM system or AIX box as root! I strongly advise against using this method.
Given IBM does have the checksums in an XML file, we can extract them for validation without using untrusted code. I accomplished this on a Linux box with XSLTPROC, but I believe this tool may be available for AIX as well.”
Again, there’s a script and sample output with this post.