I had a bunch of hostnames in a text file, but some were uppercase and some lowercase. This presents problems when searching and automating tasks, so I wanted a way to convert them all into lowercase as all text should be in Linux.
Here we are using “tr” to completed this task.
|
1 |
tr '[:upper:]' '[:lower:]' < input.txt > output.txt |
For security reasons, root access to Linux systems should be disabled as standard theses days. Some distributions still allow it but other have blocked it by default. We should be taking advantage of sudo, which allows you to log in with your standard unprivileged account but execute root commands with the sudo app.
Here are some quick and easy steps to stop root access to your system and improve your security footprint.
This command will lock the root account
|
1 |
passwd -l root |
This will replace the hashed password with “!”, which is another way to stop logons
|
1 |
usermod -p '!' root |
To add another level of security you should also disable root logons from the ssh server too. Here is how to do so,
|
1 |
vim /etc/ssh/sshd_config |
Ensure the following entry is set, if it currently does not exist in the config file, add it anywhere.
|
1 |
PermitRootLogin no |
Had a problem splunk having access permissions to /var/log/messages, syslog would change the permissions to read only by root and no one else. The fix is in the syslog config file. See below.
|
1 |
vim /etc/syslog-ng/syslog-ng.conf |
Should have an entry like this
|
1 |
destination d_mesg { file("/var/log/messages" perm(0655)); }; |
Pay particular attentions to,
|
1 |
perm(0655)); |
Then restart syslog
|
1 |
systemctl status syslog-ng.service |
A very common Linux administration task is to set user account to expire their password and request a new account password from the user.
To see what the current policy is set to, execute the following.
|
1 |
sudo chage -l username |
You should see output like.
|
1 2 3 4 5 6 |
Last password change : May 27, 2020Password expires : Sep 24, 2020 Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 120 Number of days of warning before password expires : 7 |
You can change the password expiry with the following command
|
1 |
sudo chage -M 120 username |
I wrote a script which takes a backup of my webserver, taking a snapshot of all the website content, database, and configuration files.
Theory is if the webserver died, we would be about to result quickly using the data backed up.
On the server, put the following script and below is the cron entry which triggers every week. You will need up change the username and password for your mysql server.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
#!/bin/bash tempdir="/tmp/backup-`date +%Y%m%d`" username="root" password="password" backuplocation="/home/ubuntu/backup.tgz" weblocation="/var/www" configlocation="/etc/apache2" mkdir ${tempdir} mysqldump -u${username} -p${password} --all-databases > ${tempdir}/backup.db cp -rf ${weblocation} ${tempdir}/ cp -rf ${configlocation} ${tempdir}/ tar -czf ${backuplocation} ${tempdir} rm -rf ${tempdir} |
This is the cron entry which fires up every friday.
|
1 |
40 15 * * 5 /home/ubuntu/backup.sh |
Now this script will be on a linux machine somewhere else, it will connect and copy the backup archive file generated. You must first setup the ssh key so that its passwordless connection.
|
1 |
45 01 * * 1 scp ubuntu@www.url.com.au:backup.tgz /mnt/backup/sitename/ |
Simplicity it key! It works and will get you out of trouble. Well worth the 5minute investment.
I have a cheap Chinese CCTV camera system at home, I wanted to explore the system up close.
I did a nmap scan of the system and found that port 23 (telnet) was open.
|
1 2 3 4 5 6 7 8 9 10 |
Nmap scan report for (192.168.1.88) Host is up (0.0051s latency). Not shown: 995 closed ports PORT STATE SERVICE 23/tcp open telnet 80/tcp open http 5000/tcp open upnp 8000/tcp open http-alt 10002/tcp open documentum MAC Address: 00:5A:E8:AB:EB:9C (Unknown) |
I kicked off a connection and saw that it was contactable. I tried a whole bunch of default username and passwords for these CCTV boxes but none worked.
So I tried googling it strange login prompt.
|
1 2 3 4 5 6 7 |
telnet 192.168.1.88 Trying 192.168.1.88... Connected to 192.168.1.88. Escape character is '^]'. GM login: Password |
I googled “GM Login”. Turns out GM stands for Grain Media and its default password is
|
1 2 |
GM login: root Password: GM8182 |
Ill continue to experiment with the machine and post my findings.
I ran across a neat little trick when attempted to recover a deleted file on my Linux box.
You can use grep to search your disk at a bit level for a deleted file, on the condition you know a string in its contents.
You can test it like this, write a text file and store a specific string in it. ie
|
1 |
vim /home/username/myfile.txt |
then insert something like
|
1 2 3 4 5 |
I like cats I like Dogs fast cars smell like roses i like rinos i like lions. |
then delete the file.
|
1 |
rm /home/username/myfile.txt |
Now lets find the deleted file.
|
1 |
grep -a -B10 -A10 'fast cars smell like roses' /dev/mapper/vg_system-root |
Your missing file should appear with a bit of junk above and below the contents of your file.
Increase the lines in the -B10 -A10 depending how big your file it.
Alot of us have ISPs which change your IP address and you may not want to setup a client with a dynamic IP or want a backup in case the services fails.
So i developed a bash script which checks to see if your public IP has changed. If it has it will log it and email you the new IP.
See below.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
#!/bin/bash log="ip_local_log.txt" email="email@gmail.com" url="http://www.whatsmyip.com.au" tmp="/tmp/ip.tmp" wget -q -O $tmp --user-agent="Mozilla/5.0 (Windows NT 5.2; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" $url ip=`cat $tmp | grep "displayTextarea" | awk -F '>' '{ print $3 }' | sed 's#</textarea##'` lastip=$(cat $log | tail -n 1 | awk -F ',' '{print $2}') if [ -z ${lastip} ] then echo "$(date),${ip}" >> ${log} exit 0 fi if [ ${lastip} == ${ip} ] then echo "Nothing changed." else echo "$(date),${ip}" >> ${log} mail -s "IP Address Change (Local Rye)" ${email} < ${log} fi |
I wanted a script which would read all the live dump1090 aircraft data and log it to a mysql database.
This base script does it, it will dump all the data to Mysql every minute.
It will start the dump1090 server and kick off a process which reads/sorts and inserts.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
#!/bin/bash dbserver="localhost" dbuser="flighttrax" dbpw="flighttrax" dbtable="flighttrax" clientid="1000000" core="/root/file.txt" dump="/tmp/dump.txt" selectdate=`date -d "1 min ago" '+%Y/%m/%d,%H:%M'` listener="localhost" listenerport="30003" ncpid=`ps waux | grep "nc $listener $listenerport"| grep -v grep | awk '{print $2}'` dumppid=`ps waux | grep "dump1090"| grep -v grep | awk '{print $2}'` log="/var/log/flighttrax.log" echo "`date`" >> $log echo "`date` - Starting script" >> $log echo "`date` - Netcat pid is $ncpid" >> $log echo "`date` - Dump1090 pid is $dumppid" >> $log if [ -z $dumppid ] then echo "`date` - Dump1090 not started yet" >> $log /root/dump1090/dump1090 --net --quiet & echo "`date` - Started Dump1090" >> $log exit fi if [ -z $ncpid ] then echo "`date` - Netcat not started yet" >> $log nc $listener $listenerport >> $core echo "`date` - Started NC" >> $log exit fi echo "`date` - Copying last minute" >> $log cat $core | grep $selectdate > $dump echo "`date` - Calculating Entries" >> $log entries=`wc -l $dump` echo "`date` - Total of $entries to import" >> $log echo "`date` - Starting FOR statement" >> $log for i in `cat $dump | awk -F ',' '{print $5}' | sort | uniq | sed '/^$/d'` do reg=$i flightnum=`cat $dump | grep $i | awk -F ',' '{print $11}'| sort| uniq | sed '/^$/d'|awk '{print $1}'|sed 's/\r//'` for i in `cat $dump | grep $reg | awk -F ',' '{print $7","$8","$15","$16","$12}'| sort| uniq | sed '/,,/d'` do date=`echo $i| awk -F ',' '{print $1}' | sed 's#/#-#g'` time=`echo $i| awk -F ',' '{print $2}'` lat=`echo $i| awk -F ',' '{print $3}'` long=`echo $i| awk -F ',' '{print $4}'` alt=`echo $i| awk -F ',' '{print $5}'` echo "$reg,$flightnum,$date,$time,$lat,$long,$alt" mysql -uflighttrax -pflighttrax flighttrax -e "INSERT INTO flighttrax VALUES ('','$clientid','$reg','$flightnum','$date $time','$lat','$long','$alt');" done done echo "`date` - For completed" >> $log echo "`date` - Deleting temp files" >> $log rm $dump echo "`date` - Done." >> $log |
There are free online tool to generate sitemap.xml, but the one I used would only index 500 pages. My site www.techinterchange.com.au has more, so I decide to write a bash script which ill index the site and generate an sitemap.xml.
Its simple, ill continue to add features and make it more reliable. This is only working with WordPress atm, Ill improve with the next revision.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
#!/bin/bash url=$1 linklist="/tmp/linklist.txt" urlcleaned="/tmp/url_clean.txt" endresult="sitemap.xml" date=$(date +%Y-%m-%dT%H:%M:%S+00:00) wget --spider --recursive --level=100000 --no-verbose --output-file=${linklist} ${url} cat ${linklist} | grep URL | awk -F 'URL:' '{print $2}'| grep "$url"|grep "200 OK" | grep -v "oembed" | sed 's#feed/ 200 OK##g'| grep -v "wp-includes" | grep -v "wp-content"| grep -v "wp-admin"| grep -v "wp-json" |grep -v "xmlrpc" | sort -u > ${urlcleaned} echo '<?xml version="1.0" encoding="UTF-8"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sitemaps.org/schemas/sitemap/0.9 http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd">' > ${endresult} for i in `cat ${urlcleaned}` do echo "<url>" >> ${endresult} echo "<loc>$i</loc>" >> ${endresult} echo "<lastmod>${date}</lastmod>" >> ${endresult} echo "</url>" >> ${endresult} done echo "</urlset>" >> ${endresult} |