ausinfoTECH »

Monthly Archives: October 2015

noclobber BASH Shell Option

  By | | ,
Comments Off on noclobber BASH Shell Option

HowTo Keep Files Safe From Accidental Overwriting with noclobber option.

How do I set noclobber option to prevent overwriting files on bash shell?

set -o noclobber

Create a test file:

$ echo "foo bar"> output.txt

Next, try to write to a file called output.txt:

$ cat > output.txt
bash: output.txt: cannot overwrite existing file

How do I turn off noclobber on bash shell?

set +o noclobber

Reference:
http://www.cyberciti.biz/tips/howto-keep-file-safe-from-overwriting.html
https://en.wikipedia.org/wiki/Clobbering

 

mtr utility

  By | | , , , ,
Comments Off on mtr utility

Traditionally the traceroute (print the route packets take to network host) and ping (send ICMP ECHO_REQUEST to network hosts) programs are used as diagnostic tool to solve and isolate networking errors. It may take some time to use both tools to diagnose network issues. However, you can use the mtr program instead of ping and traceroute. It is a network diagnostic tool and it is the combination of traceroute and ping programs (in terms of functionality) and works as a single network diagnostic tool.

Once mtr invoked it starts investigates the network connection between the hosts (workstation) mtr runs on and HOSTNAME by sending packets with purposely low TTLs (time to live). It will continue to send packets with low TTL, noting the response time of the intervening routers. This allows mtr to print the response percentage and response times of the internet route to HOSTNAME.

During this run if you notice a sudden increase in packet-loss or response time is an indication of overloaded link or a bad link.

Examples:

mtr -c 5 -r -w ausinfotech.net

http://www.cyberciti.biz/tips/finding-out-a-bad-or-simply-overloaded-network-link-with-linuxunix-oses.html

Linux Processes

  By | |
Comments Off on Linux Processes

Process Management Commands in Linux:

ps‘ is one of the basic commands in Linux to view the processes on the system. It lists the running processes in a system along with other details such as process id, command, cpu usage, memory usage etc. Some of the following options come handy to get more useful information

ps -a - List all the running / active processes
ps -ef |grep - List only the required process
ps -aux - Displays processes including those with no terminals(x) Output is user oriented (u) with fields like USER, PID, %CPU, %MEM etc

pstree – In Linux, every process gets spawned by its parent process. This command helps visualize the processes by displaying a tree diagram of the processes showing the relationship between them. If a pid is mentioned, the root of the tree will be the pid. Else it will be rooted at init.

nice – With the help of nice command, users can set or change the priorities of processes in Linux. Higher the priority of a process, more is the CPU time allocated by the kernel for it. By default, a process gets launched with priority 0. Process priority can be viewed using the top command output under the NI (nice value) column.
Values of process priority range from -20 to 19. Lower the nice value, higher the priority.

nice --3 top

renice – It is similar to nice command. Use this command to change the priority of an already running process. Please note that users can change the priority of only the processes that they own.

enice -n -p - change the priority of the given process

ulimit – Command useful in controlling the system-wide resources available to the shells and processes. Mostly useful for system administrators to manage systems that are heavily used and have performance problems. Limiting the resources ensures that important processes continue to run while other processes do not consume more resources.
ulimit -a – Displays the current limits associated with the current user.

fg , bg – Sometimes, the commands that we execute take a long time to complete. In such situations, we can push the jobs to be executed in the background using ‘bg’ command and can be brought to the foreground with the ‘fg’ command.

We can start a program in background by using the ‘&’ :

find . -name *iso > /tmp/res.txt &

A program that is already running can also be sent to the background using ‘CTRL+Z’ and ‘bg’ command:

find . -name *iso > /tmp/res.txt &

this starts the job in the background. ctrl+z – suspend the currently executing foreground job

bg – push the command execution to background
We can list all the background processes using ‘jobs’ command jobs
We can bring back a background process to foreground using the ‘fg’ command. fg %

 

Test Internet connection speed with iperf in Linux

  By | | , ,
Comments Off on Test Internet connection speed with iperf in Linux

How do I test my Internet connection download speed from the console over the ssh session without using HTML5 or Adobe flash/Java applets based websites? How do I test my upload speed from the console?

You can use iperf utility for Linux – see https://iperf.fr/ iPerf3 is a tool for active measurements of the maximum achievable bandwidth on IP networks. It supports tuning of various parameters related to timing, buffers and protocols (TCP, UDP, SCTP with IPv4 and IPv6). For each test it reports the bandwidth, loss, and other parameters. This is a new implementation that shares no code with the original iPerf and also is not backwards compatible. iPerf was orginally developed by NLANR/DAST. iPerf3 is principally developed by ESnet / Lawrence Berkeley National Laboratory. It is released under a three-clause BSD license.

See tutorial at Nixcraft site http://www.cyberciti.biz/faq/linux-unix-test-internet-connection-download-upload-speed/

 

Windows netsh trace

  By | | ,
Comments Off on Windows netsh trace

Reference from SANS post: https://isc.sans.edu/diary/No+Wireshark?+No+TCPDump?+No+Problem!/19409

Have you ever been on a pentest, or troubleshooting a customer issue, and the “next step” was to capture packets on a Windows host? Then you find that installing winpcap or wireshark was simply out of scope or otherwise not allowed on that SQL, Exchange, Oracle or other host? It used to be that this is when we’d recommend installing Microsoft’s Netmon packet capture utility, but even then lots of IT managers would hesitate about using the “install” word in association with a critical server. Well, as they say in networking (and security as well), there’s always another way, and this is that way.

“netsh trace” is your friend. And yes, it does exactly what it sounds like it does.

Type “netsh trace help” on any Windows 7 Windows Server 2008 or newer box, and you’ll see the following:

C:\>netsh trace help

The following commands are available:

Commands in this context:
? - Displays a list of commands.
convert - Converts a trace file to an HTML report.
correlate - Normalizes or filters a trace file to a new output file.
diagnose - Start a diagnose session.
dump - Displays a configuration script.
help - Displays a list of commands.
show - List interfaces, providers and tracing state.
start - Starts tracing.
stop - Stops tracing.

C:\>netsh trace start capture=yes IPv4.Address=192.168.122.2

Trace configuration:
-------------------------------------------------------------------
Status:             Running
Trace File:         C:\Users\Administrator\AppData\Local\Temp\NetTraces\NetTrace
.etl
Append:             Off
Circular:           On
Max Size:           250 MB
Report:             Off

When you are done capturing data, it's time to stop it:

C:\> netsh trace stop
Correlating traces ... done
Generating data collection ... done
The trace file and additional troubleshooting information have been compiled as
"C:\Users\Administrator\AppData\Local\Temp\NetTraces\NetTrace.cab".
File location = C:\Users\Administrator\AppData\Local\Temp\NetTraces\NetTrace.etl

Tracing session was successfully stopped.

 

ShellCheck

  By | | ,
Comments Off on ShellCheck

Automatically detects problems with sh/bash scripts and commands!

ShellCheck is a static analysis and linting tool for sh/bash scripts. It’s mainly focused on handling typical beginner and intermediate level syntax errors and pitfalls where the shell just gives a cryptic error message or strange behavior, but it also reports on a few more advanced issues where corner cases can cause delayed failures.

http://www.shellcheck.net

 

Bleachbit linux and Windows cleanup utility

  By | | , ,
Comments Off on Bleachbit linux and Windows cleanup utility

BleachBit quickly frees disk space and tirelessly guards your privacy. Free cache, delete cookies, clear Internet history, shred temporary files, delete logs, and discard junk you didn’t know was there. Designed for Linux and Windows systems, it wipes clean a thousand applications including Firefox, Internet Explorer, Adobe Flash, Google Chrome, Opera, Safari,and more. Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Better than free, BleachBit is open source.

http://bleachbit.sourceforge.net/

 

Hollywood Technodrama

  By | |
Comments Off on Hollywood Technodrama

Dustin Kirkland has created a very cool Linux command line app named Hollywood. Which is very impressive and a very good load testing tool!

You can install on Ubuntu 15.04 and higher with:

sudo apt-get install hollywood

Older versions of Ubuntu:

sudo apt-add-repository ppa:hollywood/ppa
sudo apt-get update
sudo apt-get install hollywood

More info and links:
http://blog.dustinkirkland.com/2014/12/hollywood-technodrama.html

 

Search for .DS_Store files on Linux Public servers

  By | | ,
Comments Off on Search for .DS_Store files on Linux Public servers

Nasty .DS_Store Files Linux

This is a simple one liner to remove all .DS_Store files that maybe sitting on your Linux box. This output from an OpenVAS report is  very valid reason for doing this.

MacOS X creates a hidden file, ‘.DS_Store’ in each directory that has been viewed with the ‘Finder’. This file contains a list of the contents of the directory, giving an attacker information on the structure and contents of your website.

find / -name '*DS_Store' -exec rm -f {} \;

Obviously you have to be root for this to work, if you only want to target the directory that you are in, replace the / with a full stop .