Friday, August 31, 2007

Send Network Packets to a Host with spray

The spray command is used to send packets to a hostname, URL, or IP. It reports how many packets were received and transfer rate. However, spray can NOT be used as a network benchmark because it uses unreliable connectionless protocols such as UDP. Here's an example of its use on my box.

# spray esoft
sending 1162 packets of length 86 to esoft...
754 packets (64.888%) dropped by esoft
26 packets/sec, 2317 bytes/sec

Thursday, August 30, 2007

Troubleshooting a Network with the Snoop Utility

One of the most useful networking utilities is the snoop command. It is used to capture and inspect network packets. Here are some examples of its use.

Snoop a network in the promiscuous mode (captures and displays all packets as received)
# snoop
Using device /dev/hme (promiscuous mode)
192.168.1.26 -> esoft TELNET C port=2319
esoft -> 192.168.1.10 TELNET R port=2319 Using device /dev/hm
192.168.1.26 -> esoft TELNET C port=2319

Snoop a particular host
# snoop client-10

Prints detailed ETHER, IP and TCP header data (a lot of data)
# snoop -v

Snoop between two hosts
# snoop client-10 client-11

Capture snoop output to a file (binary format)
# snoop -o snoop_capture

Read captured snoop output from file
# snoop -i snoop_capture

Prints summary mode
# snoop -V

Extra:

I've been asked how to disable snoop. Rename the utility so it can't be executed when someone executes snoop via CLI. Or simply move it to another area of the filesystem. You can also tighten down the permissions, too. i.e. root can only run it.

# mv /usr/sbin/snoop /usr/sbin/mysnoop
# mv /usr/sbin/snoop /usr/sbin/.snoop
# chmod 700 /usr/sbin/snoop

Check the permissions (perm 600) on the interfaces -- hme, ge, ce, eri, etc
# ls -l /devices/pseudo/

Wednesday, August 29, 2007

Date Command in Debian Linux

Here are some interesting uses of the date command in Debian Linux by Mary M. Chaddock, GSEC, GCUX. She is a Network Security Administrator for Abilene Christian University in Texas. Thanks Mary for the nice email, and of course, the Debian date tip.

Mary said, "Specifically, I often have a need to convert log dates or search logs for specific dates when the log date is in epoch format."

Displays the current date
'date +%s'

Gives date two weeks ago
'date +%s --date=-2week'

Converts an epoch timestamp
'date --date=@1187103930'

Monday, August 27, 2007

System Activity Reporter Command Monitors CPU, Disk and Virtual Memory

The system activity reporter or sar command is useful in reporting system resource utilization. It can report on CPU, disk, and virtual memory use. Here are some examples.

Three samples for every 5 seconds

For CPU utilization
# sar 5 3

For disk utilization
# sar -d 5 3

For virtual memory utilization
#sar -g 5 3

Sunday, August 26, 2007

Text Editor for Simple Formatting

The fmt utility is a simple text formatter. It will fill lines up to a specified character width -- default is 72. Here are some examples.

Original file
# more sysad
This blog
is primarily
a howto for UNIX
system administration.
Its articles consist of Solaris,
Sybase, Oracle, and miscellaneous
tips and operating system information.

Here's the default of 72 characters wide.
# fmt sysad
This blog is primarily a howto for UNIX system administration. Its
articles consist of Solaris, Sybase, Oracle, and miscellaneous tips and
operating system information.

Here's the same file but formatted 35 characters wide.
# fmt -35 sysad
This blog is primarily a howto for
UNIX system administration. Its
articles consist of Solaris,
Sybase, Oracle, and miscellaneous
tips and operating system
information.

Combine files (default width)
# fmt sysad sysad
This blog is primarily a howto for UNIX system administration. Its
articles consist of Solaris, Sybase, Oracle, and miscellaneous tips and
operating system information. This blog is primarily a howto for UNIX
system administration. Its articles consist of Solaris, Sybase, Oracle,
and miscellaneous tips and operating system information.

Saturday, August 25, 2007

Merge Lines From One or More Files

The paste command will merge corresponding lines from one or more files. Each file is treated as a column. Here are some examples to demonstrate its use.

# more city
Helena
Bosie
Olympia
Salem
Denver

# paste city city
Helena Helena
Bosie Bosie
Olympia Olympia
Salem Salem
Denver Denver

# more state
Montana
Idaho
Washington
Oregon
Colorado

# paste city state
Helena Montana
Bosie Idaho
Olympia Washington
Salem Oregon
Denver Colorado

Redirect output to file
# paste city state > CityState
# more CityState
Helena Montana
Bosie Idaho
Olympia Washington
Salem Oregon
Denver Colorado

Thursday, August 23, 2007

Limit User's File Size -- UNIX

If you are hurting for disk space, you might want to look into limiting the file size a user can create. Depending on the shell, you can do this by using either limit or ulimit command -- add to a user's initialization file to make permanent. Here are a few examples.

# sh
# ulimit -f 5000
# mkfile 6m MB
File Size Limit Exceeded - core dumped

# ksh
# ulimit -f 5000
# mkfile 6m MB
File Size Limit Exceeded(coredump)

# csh
# limit filesize 5m
# mkfile 6m MB
File Size Limit Exceeded (core dumped)

# bash
# ulimit -f 5000
# mkfile 6m MB
File Size Limit Exceeded (core dumped)

Tuesday, August 21, 2007

Convert Tab to Specified Number of Spaces

You can also use the expand utility to specify the number of spaces between a tab. See below for an illustration.

Original file with tabs
# cat -v -t esoftfile
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft

Convert tab to 20 spaces
# expand -20 esoftfile | cat -t -v
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft

Convert tab to 10 spaces
# expand -10 esoftfile | cat -v -t
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft

Convert tab to 2 spaces
# expand -2 esoftfile | cat -v -t
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft

Remove Tabs From a File -- UNIX

Occasionally, you might want to remove tabs from a file. This can be accomplished with the expand command. Here's an easy way of doing that.

View tabs (^I)
# cat -v -t esoftfile
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft

View tabs (^I) removed and replaced with 5 spaces to stdout
# expand esoftfile | cat -v -t
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft

Tabs removed and output written to file
# expand esoftfile > esoftfile_notab

Verify tabs removed
# vi esoftfile_notab
esoft esoft esoft esoft$
esoft esoft esoft esoft$
esoft esoft esoft esoft$
esoft esoft esoft esoft$
esoft esoft esoft esoft$
~
~
~
:set list

Monday, August 20, 2007

Double Space a Single Spaced File -- UNIX

You can use the powerful stream editor (sed) utility to convert a single-spaced file to a double-spaced file. Conversely, you can take a double-spaced file and convert it to a single-spaced file. Here's an illustration.

Single-spaced to double-spaced file
# more tstfile
This is a test
This is a test
This is a test
This is a test
This is a test
This is a test

Now output to stdout and tstfile1 -- double-spaced
# sed G tstfile | tee tstfile1
This is a test

This is a test

This is a test

This is a test

This is a test

This is a test

Verify tstfile1 is double-spaced
# more tstfile1
This is a test

This is a test

This is a test

This is a test

This is a test

This is a test

Double-spaced to single-spaced file
Now output to stdout and tstfile2 -- single-spaced
# sed 'n;d' tstfile1 | tee tstfile2
This is a test
This is a test
This is a test
This is a test
This is a test
This is a test

Verify tstfile2 is single-spaced
# more tstfile2
This is a test
This is a test
This is a test
This is a test
This is a test
This is a test

Extra...
To triple-spaced
# sed 'G;G' tstfile | tee tstfile1

To double-spaced
# sed 'n;n;d' tstfile1 | tee tstfile2

To single-spaced
# sed 'n;n;d' tstfile1 | sed 'n;d' | tee tstfile3

Saturday, August 18, 2007

Nvu or "New View" Web Authoring Application

Nvu or "New View" is a complete and 100% open source web authoring application that I use to modify my websites. It works on Linux, Microsoft Windows, and Macintosh platforms. A great deal of technical expertise is not required to use this application.

From the Nvu site: "Anyone is welcome to download Nvu at no charge, including the source code if you need to make special changes. Developers are encouraged to get involved and help make Nvu even better."

Friday, August 17, 2007

Specify or Report Default Permissions with umask

The umask command can be used to specify default permissions on files you create. It also can be used to report on a file's current defaults. Here are some examples.

Explanation of what the octal digits mean
0 - don't restrict any permissions
1 - restrict execute permissions
2 - restrict write permissions
4 - restrict read permissions

Report current umask setting
# umask

Provides complete access to every file you create on the system to everyone.
# umask 000

Provides complete access to you and your group. The others (world) are excluded.
# umask 007

Provides complete access to you but limits group and others to read and execution.
# umask 022

Thursday, August 16, 2007

Change the Operational Status of Processors

The psradm command can be used to change the operational status of a processor(s) in a multiprocessor system. The statuses are online, offline and no-intr. Here are a few examples.

Take processors 2 and 3 offline
# psradm -f 2 3

Processors 1 and 2 are not interrupted by I/O processes
# psradm -i 1 2

Bring a specified processor, 3, online
# psradm -n 3

Bring all processors online
# psradm -a -n

Wednesday, August 15, 2007

Log Telnet and FTP Sessions in Log File

For security reasons, you might opt to log telnet and FTP sessions. On my box, those sessions are logged into the /var/adm/messages file. To make this change, you will have to modify the /etc/rc2.d/S72inetsvc script. Here's an example.

Go to the bottom of this file and look for this line, /usr/sbin/inetd -s &

# vi /etc/rc2.d/S72inetsvc
...
/usr/sbin/inetd -s &

Change to /usr/sbin/inetd -s -t &
: wq!

You will have to recycle the inetd daemon.

Tuesday, August 14, 2007

Reverse the Contents of a File

The tail command can be used to reverse the contents of a file. Here's an example.

# cat > filename
THIS IS AN EASY WAY TO REVERSE THE CONTENT OF A FILE.
THE REVERSAL WILL DO MORE THAN 10 LINES. IT WILL REVERSE THE ENTIRE FILE.
EOM
.
# tail -r filename
.
EOM
THE REVERSAL WILL DO MORE THAN 10 LINES. IT WILL REVERSE THE ENTIRE FILE.
THIS IS AN EASY WAY TO REVERSE THE CONTENT OF A FILE.

By the way, this command line entry will do the same thing as tail -r.
# perl -e 'print reverse <>' filename

Display either Files or Directories -- UNIX

I'm revisiting the common but important ls command. Here's an easy way to show either files or directories that are in the current directory.

Listing files only
# ls -l | awk '{if (substr($1,1,1) == "-") {print}}'
-rw-r--r-- 1 esoft other 103936 Jul 7 21:11 070707_archive.tar
-rw-r--r-- 1 esoft other 348672 Jul 7 21:44 07072007_archive.tar
-rw-r--r-- 1 esoft other 330240 Jul 7 21:16 07072007Y_arch.tar
-rw-r--r-- 1 esoft other 482 Jun 2 19:42 crontab_file
-rw-r--r-- 1 esoft other 1029 May 30 00:21 exclude
-rw-r--r-- 1 esoft other 0 May 30 00:24 include
-rw-r--r-- 1 esoft other 103936 Jul 7 21:14 Jul07%s070707_archive.tar
...

Listing directories only
# ls -ld */.
drwxr-xr-x 2 esoft sys 512 Oct 22 2005 default/.
drwxr-xr-x 3 esoft other 512 Jul 7 20:03 esoft/.
drwx------ 2 esoft staff 512 May 30 22:16 Mail/.
drwxr-xr-x 2 esoft other 512 Jul 7 20:57 RAID/.
drwxr-xr-x 3 esoft other 512 Jul 7 19:33 TEMP/.
drwxr-xr-x 10 esoft other 512 Jun 19 21:59 TEMP1/.
drwxrwxrwx 2 esoft other 512 May 30 00:00 data/.
drwxr-xr-x 4 esoft other 512 Jun 26 21:14 TMP/.
drwxr-xr-x 3 esoft other 512 Jun 26 21:08 TMP1/.

Monday, August 13, 2007

Display Non-printable Characters in a Text File

I received a message asking me how to see non-printable characters in a text file. Almost immediately, utilities such as vi, cat, and od come to mind. The od command clearly states which non-printable characters are present. Here are examples using a text file.

# vi filename.txt
^I^I^I^I$
$
$
$
this is a test$
^I^I^I^I$
~
: set list

# cat -vet filename.txt
^I^I^I^I$
$
$
$
this is a test$
^I^I^I^I$

# od -c filename.txt
0000000 \t \t \t \t \n \n \n \n t h i s i s
0000020 a t e s t \n \t \t \t \t \n
0000034

Related post

Using octal dump to find bad characters

Sunday, August 12, 2007

Using the UNIX repeat Command

The other day I was thinking about all those sentences I had to write while in grade school (primary). It would have been great to know something about the repeat command. In all seriousness, you can use it as a separator (maybe script output). Here are some examples of its use.

# repeat 5 echo "*********"
*********
*********
*********
*********
*********
# repeat 5 echo "##########"
##########
##########
##########
##########
##########
# repeat 5 echo " "





# repeat 500 echo "I will not chew gum or backtalk."
I will not chew gum or backtalk.
I will not chew gum or backtalk.
I will not chew gum or backtalk.
I will not chew gum or backtalk.
I will not chew gum or backtalk.
...
You get the idea

Saturday, August 11, 2007

Display Specific Lines in a File using sed

I'm often asked how to show specific lines in a file. The utility I use for this task is the powerful string editor or sed. Here's a brief example of its use.

For illustration purposes, I'm using the cat -n filename to show the line numbers in this script.

# cat -n filename
...
8 for i in $*
9
10 do
11
12 typeset -i16 hex
13 hex=$i
14 print $i equals $hex in hexadecimal
15
16 typeset -i8 oct
17 oct=$i
18 print $i equals $oct in octal
19
20 typeset -i2 bin
21 bin=$i
22 print $i equals $bin in binary
23
24 print
25 done
...

Prints out the for loop without displaying the line numbers
# sed -n 8,25p filename | tee for_loop

Friday, August 10, 2007

Recreate the /dev/null Link using devlinks

If you inadvertently delete the /dev/null link, you can recreate it by using the devlinks command. The null device is basically a bit bucket. Here's an example.

# cd /dev/
# ls -l null
null: No such file or directory
# devlinks
# ls -l null
lrwxrwxrwx 1 root other 27 Aug 10 16:11 null -> ../devices/pseudo
mm@0:null

If null device and link is missing, use mknod.

# cd /devices/pseudo
# mknod mm@0:null c 13 2
# chown root:sys mm@0:null
# chmod 666 mm@0:null
# devlinks

Thursday, August 09, 2007

Capitalize Strings in UNIX

There might be times when you need to CAPITALIZE everything. The capitalize command handles this task well. Here is an example of its use.

Capitalize entire contents of a script or plain file
# cat testme | /usr/openwin/bin/capitalize -u
#!/BIN/KSH

IF [ $# = 0 ]; THEN
ECHO ADD AN ARGUMENT LIST
EXIT
FI
...

# cat Tech@Sakana | /usr/openwin/bin/capitalize -u
YOU CAN USE CAPITALIZE COMMAND OR THE UNIX TR COMMAND, WHICH WAS SUGGESTED BY STEPHANE KATTOOR

Capitalize the output of a command
# date | /usr/openwin/bin/capitalize -u
THU AUG 9 22:56:16 KST 2007

To lowercase , read this post: Output strings to lowercase

Tuesday, August 07, 2007

Display the core File Configuration

The dumpadm command is used to show the dump configuration. However, you can change the dump configuration using the dumpadm -d option, e.g. dumpadm -d /dev/dsk/the_slice_device

Note below that a crash dump would be saved in the /var/crash/esoft directory.

# dumpadm
Dump content: kernel pages
Dump device: /dev/dsk/c0t0d0s1 (swap)
Savecore directory: /var/crash/esoft
Savecore enabled: yes

Monday, August 06, 2007

Z Shell for loop -- UNIX zsh

Here is a succinct use of the for loop using the robust Z Shell. See ZSH is cool: Brace Expansion by St├ęphane Kattoor for background details. Here is a practical application of the zsh for loop.

Using the Bourne shell for loop
# sh
# for i in 1 2 3 4 5 6 7 8 9 10 11 12
do
rcp -p /etc/hosts esoftclient$i:/etc
done

Now using brace expansion for the Z shell for loop
# zsh
# for i in {1..12}
do
rcp -p /etc/hosts esoftclient$i:/etc
done

# zsh
# for i in {1..100}
do
rcp -p /etc/hosts esoftclient$i:/etc
done

As you can see in the aforementioned, this inline is short and to the point.

Friday, August 03, 2007

Display the Checksum and Size for a File

The UNIX cksum command is used to display the checksum and the size of a file. This command is useful in verifying file integrity over noisy transmission lines. Here's an example of its application.

# cksum firefox-1.0-sparc-sun-solaris2.8.tar
2821005393 55203840 firefox-1.0-sparc-sun-solaris2.8.tar

I saw some email traffic from someone asking for methods of verifying files over noisy lines, so I thought this might be a useful post.

Wednesday, August 01, 2007

Process Control for UNIX

Here's a listing of common process controls. This listing contains controls codes accompanied with descriptions.

Control+s --> Stops screen scrolling
Control+q --> Resumes suspended display
Control+d --> Signals end of file
Control+c --> Interrupts a process
Control+z --> Suspends a foreground process
bg --> Resumes a background process
fg --> Resumes a foreground process
Control+u --> Clears command line