histogram

Despite all the wonderful text-oriented and processing tools in UNIX, one tool is surprisingly absent: an ability to generate some kind of text-based graph from an input stream. This would be useful for all sorts of things, but most notably for “eye-balling” the relative frequencies of similar data-sets. Such data-sets could be: logs of every sort, file-types in a directory, version control statistics, etc. The graph could be a simple thing, such as dashes that take up to the width of the current TTY. But as far as I could tell, no such tool exists.

Until now.

So here I present a step-by-step instruction on how to write such a tool in Perl. If you are hasty, you can simply download the the tool, rename it to just “histogram”, make it executable, and put it in your bin directory.

In the posts that follow, I’ll detail its usage and construction.

Here’s a quick example usage and output:

$ histogram ‘/ sshd\[[0-9]*\]: Connection closed by UNKNOWN/ { print substr($3,1,2) }’ /var/log/secure*
00:———————————————————————-
01:————————————————————————–
02:—————————————————————————
03:————————————————————————–
04:————————————————————————–
05:—————————————————————————
06:—————————————————————————
07:—————————————————————————–
08:—————————————————————————-
09:————————————————————————-
10:—————————————————————————-
11:—————————————————————————
12:———————————————————————–
13:————————————————————————-
14:——————————————-
15:—————————————
16:———————————–
17:————————————-
18:————————————–
19:————————————
20:————————————-
21:————————————
22:—————————————-
23:————————————–
What we’re trying to do here is get an idea how many times hackers are trying to penetrate the system with SSH attempts. So we use awk to look through the /var/log/secure logs for a string like “sshd … Connection closed by UNKNOWN” and print out the hour of the day each time the message occurred. Histogram then does the rest and prints out a “graph” so we can get an idea of the distribution of attack times — were they in the morning, the afternoon, all day, or what? In this case, it seems from midnight to about 2pm.

Read Full Post »

Backup com TAR em LOG usando FITA LTO/DLT com filtro de arquivos, SPLIT em FITA

Com este script podemos realizar um backup em fitas, caso a fita seja insuficiente será solicitado outra, conforme o tamanho setado em sMAX, o valor está em 40Gb em formato Byte.
Podendo ser realizado o envio por email do log gerado pelo backup.

Forma de uso :

script [caminho] [destino@email] [senha]

Obs. : configurar os campos conforme sua conta e usuário SMTP
PortSMTP=”587″
FQDNSMTP=”smtp.mail.yahoo.com.br”
EMAIL_FROM=”usuário@yahoo.com.br”

————-

#!/bin/bash

origem=$1                                                       # caminho da pasta/arquivo
logx=”/var/log/backup.log.lista”                       # Repositório do Log
listatmp=”/tmp/lista.backup.txt”                        # Lista de Temporária
sMAX=”4697620480″                                     # tananho Maximo de cada volume em Bytes
EMAIL_TO=”$2″                                            # usuario que receberá os emails
senhaSMTP=”$3″                                             # Senha para autenticar no smtp
###############################################################################################
PortSMTP=”587″                                             # Porta do servidor SMTP a ser conectado
FQDNSMTP=”smtp.mail.yahoo.com.br”          # Endereço do servidor SMTP —//—
EMAIL_FROM=”usuário@yahoo.com.br”      # usuario do email que se autentica no servidor SMTP
###############################################################################################
SERVIDOR_SMTP=”$FQDNSMTP:$PortSMTP”

echo “<<<INICIO DO BACKUP>>>” >> $logx
echo $(date +%D” ás “%H:%M:%S) >> $logx
echo “rebobinando fita..” >> $logx
mt -f /dev/st0 rewind >> $logx
mt -f /dev/st0 rewind
echo “” > $listatmp

clear
echo “criando lista de arquivos…”

# Arquivos aprovados para backup…
find $origem -name “*.pdf” >> $listatmp
find $origem -name “*.doc” >> $listatmp
find $origem -name “*.docx” >> $listatmp
find $origem -name “*.xls” >> $listatmp
find $origem -name “*.xlsx” >> $listatmp
find $origem -name “*.ppt” >> $listatmp
find $origem -name “*.pptx” >> $listatmp
find $origem -name “*.pps” >> $listatmp
find $origem -name “*.ppsx” >> $listatmp
find $origem -name “*.html” >> $listatmp
find $origem -name “*.htm” >> $listatmp
find $origem -name “*.txt” >> $listatmp
find $origem -name “*.lnk” >> $listatmp
find $origem -name “*.ods” >> $listatmp
find $origem -name “*.odt” >> $listatmp
find $origem -name “*.xlt” >> $listatmp
find $origem -name “*.gif” >> $listatmp
find $origem -name “*.png” >> $listatmp
find $origem -name “*.jpg” >> $listatmp
find $origem -name “*.bmp” >> $listatmp
find $origem -name “*.cdr” >> $listatmp
find $origem -name “*.cmx” >> $listatmp
find $origem -name “*.eml” >> $listatmp
find $origem -name “*.mdb” >> $listatmp
find $origem -name “*.dwg” >> $listatmp
find $origem -name “*.bak” >> $listatmp
find $origem -name “*.ctb” >> $listatmp
find $origem -name “*.eps” >> $listatmp
find $origem -name “*.rar” >> $listatmp

echo ”
————-log————-
” >> $logx
echo “escrevendo dados na midia…”
tar -cvf /dev/st0 -L $sMAX $origem
tar -cv /dev/st0 >> $logx
clear

echo “finalizando…”
echo “enviando relatório por email…..”
####################################################
ASSUNTO=”$HOSTNAME $(date) – BACKUP”
MENSAGEM=”$logx”
sendEmail -f $EMAIL_FROM -t $EMAIL_TO -u “$ASSUNTO” -m “$MENSAGEM” -s $SERVIDOR_SMTP -xu $EMAIL_FROM -xp $SENHA
####################################################

echo “removendo arquivo temp…”
rm $listatmp
echo “ejetando FITA…”
mt -f /dev/st0 eject

#–EOF

Read Full Post »

IPv4 File Parser Linux Command Line

This single line of code grabs any IP address from a list of files and sorts them and removes all duplicates then puts them in a file with and extension of .ip

 

for file in *; do cat $file | grep -o ‘[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}’ | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4 | uniq -u >> $file.ip; done

Read Full Post »

Generating Random Words

I was screwing around this morning and I needed some random words to test something with. The words needed to bereal words, not just random sequences of characters (btw, you can generate a random sequence of 8 characters from the shell using jot -r -c 8 a z | rs -g 0 8). In this case, I decided to simply grab a random word from /usr/share/dict/words.

Hmm, but how do I grab a random word from a file? My solution was to generate a random number in the range [1..n]where n is the number of lines in the file, cat -n the file so that line numbers are printed, grep for the line matching the random number, then print out the second column. It looks like this:

$ n=$(cat /usr/share/dict/words | wc -l)
$ cat -n /usr/share/dict/words | grep -w $(jot -r 1 1 $n) | cut -f2
idic
$ cat -n /usr/share/dict/words | grep -w $(jot -r 1 1 $n) | cut -f2
goldentop
$ cat -n /usr/share/dict/words | grep -w $(jot -r 1 1 $n) | cut -f2
Hamitism
$ cat -n /usr/share/dict/words | grep -w $(jot -r 1 1 $n) | cut -f2
accumulativeness
$ cat -n /usr/share/dict/words | grep -w $(jot -r 1 1 $n) | cut -f2
ratihabition

Read Full Post »

Locating Apps from the Command Line

The other day I needed to find the location of an application using its bundle ID. Easy, just use LaunchServices. But I needed to do this from a script. Here are a couple perl one-liners to do it.

$ perl -MMac::Processes -e 'printf "%s\n", LSFindApplicationForInfo(undef, "com.apple.TextEdit")'/Applications/TextEdit.app$ mv /Applications/TextEdit.app ~/Desktop/
$ perl -MMac::Processes -e 'printf "%s\n", LSFindApplicationForInfo(undef, "com.apple.TextEdit")'/Users/jgm/Desktop/TextEdit.app$ mv ~/Desktop/TextEdit.app /Applications/
$ perl -MMac::Processes -e 'printf "%s\n", LSFindApplicationForInfo(undef, undef, "TextEdit.app")'/Applications/TextEdit.app

(Yes, I know mdfind could do something similar. But it wouldn’t necessarily return the one that LaunchServices thinks is the “preferred” one if there were multiple applications with the same bundle ID.)

Read Full Post »

Linux dominou os negócios em Wall Street

Linux dominou os negócios em Wall Street – Mercado – IDG Now!.

Read Full Post »

The top 20 strongholds for desktop Linux

http://royal.pingdom.com/2011/05/12/the-top-20-strongholds-for-desktop-linux/

Read Full Post »

Ubuntu 11.10 com Suporte à Cloud Foundry Platform-as-a-Service

A Canonical anunciou que o Ubuntu 11.10, Ocelot Oneric, incluirá agora o sistema VMware Cloud Foundry, que foi lançado em abril e já suporta aplicações Spring, Grails, Rails, Sinatra, Node.js e Scala. O serviço Platform-as-a-Service (PaaS) oferece ambientes para execução de aplicativos adaptados para a nuvem, ao invés de Infrastructure-as-a-Service (IaaS), como OpenStack e EC2 da Amazon, que oferecem máquinas virtuais onde possam executar sistemas operacionais e suas aplicações.

PaaS oferecer APIs para recursos como bancos de dados que por sua vez, permite que o código subjacente da nuvem possa otimizar e escalar o acesso a esses recursos. Ubuntu 11.10 vai oferecer pacotes para o cliente VMC Cloud Foundry, que permite a implantação de aplicativos e gerenciamento, e VCAP Server, que permite que os sistemas sejam configurados como um nó em uma nuvem PaaS.

Nesta sequência, o VMC Client pode ser usado para configurar e implementar aplicativos para qualquer nuvem Cloud Foundry, incluindo a própria VMware http://www.CloudFoundry.com

Read Full Post »

Wireshark Update

Como analisador de protocolos de rede mais popular do mundo , o Wireshark tem agora uma atualização para as versões 1.4.4 e 1.2.15. Esta atualização corrige muitas vulnerabilidades , tais como :CVE-2011-0538, CVE-2011-0713 e o NTLMSSP dissector.

Os protocolos a seguir foram atualizados : ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow, NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP. Além disso, você pode ler as capturas através do LANalyzer, Nokia DCT3, e arquivos no formato Pcap-ng.

Para obter uma lista completa das alterações, veja:
Docs: – http://www.wireshark.org
Download: http://www.wireshark.org
Fonte: http://www.pentestit.com

Read Full Post »

Transformando seu Debian/Ubuntu no Backtrack 4 – Final “pwnsauce” RELEASE

1. Importe o arquivo GPG (chave):
$ wget -q http://archive.offensive-security.com/backtrack.gpg -O- | sudo apt-key add –

2. Adicione a seguinte linha ao sources.list do seu SO Linux (Debian/Ubuntu e variantes):
$ sudo echo “deb http://archive.offensive-security.com pwnsauce main microverse macroverse restricted universe multiverse” > /etc/apt/sources.list

3. Atualize seu repositório:
$ sudo apt-get update

Depois disso aparecerá entradas de pacotes (Synaptic, por exemplo), exibindo as seções com o nome “Backtrack” e a seção desejada.

Visitem o fórum oficial do Backtrack Brasil em:
http://www.backtrack-linux.org/forums/backtrack-portuguese-forums/

Publicado por Mauro Risonho de Paula Assumpção A.K.A firebits

Read Full Post »