From: Ralph Corderoy <ralph@inputplus.co.uk>
To: coff@tuhs.org
Subject: [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
Date: Thu, 11 May 2023 10:18:57 +0100 [thread overview]
Message-ID: <20230511091857.79F92221B9@orac.inputplus.co.uk> (raw)
In-Reply-To: <CAJXSPs-67AUTJeokOfm4+4fE8HP5saPH=Udqycrw0S2tgcK0jQ@mail.gmail.com>
Hi,
>From a quick skim, these seem poorly written. They might do what's
required some of the time but are no better than a quickly knocked-up
attempt I'd do myself.
> Use the awk command to display only the data in column 5, and then
> display the information of the IP address in column 1
...
> netstat -atn | awk '{print $5}' | awk '{print $1}' | sort -nr | uniq -c
The second awk does nothing, even though it's documented.
> find $dir -type f|xargs md5sum > /tmp/md5_a.txt
> ssh $b_ip "find $dir -type f|xargs md5sum > /tmp/md5_b.txt"
> scp $b_ip:/tmp/md5_b.txt /tmp
> #Compare file names as traversal objects one by one
> for f in `awk '{print 2} /tmp/md5_a.txt'`
Looks like that ‘print 2’ should be $2. Presumably it was corrupted on
its long journey of cut-and-pastes and renderings. The '' quoting is
also adrift as what's there lumps the AWK with the input's path.
> if grep -qw "$f" /tmp/md5_b.txt
This checks if an A file is present in B. There is nothing to spot new
files in B not in A.
> then
> md5_a=`grep -w "$f" /tmp/md5_a.txt|awk '{print 1}'`
> md5_b=`grep -w "$f" /tmp/md5_b.txt|awk '{print 1}'`
Both 1 should be $1 to get the MD5 for the path. And grep's -w isn't
the right way to pick out the line.
$ md5sum * | grep -w foo
d41d8cd98f00b204e9800998ecf8427e foo
d41d8cd98f00b204e9800998ecf8427e foo extra
$
I didn't read further.
--
Cheers, Ralph.
next prev parent reply other threads:[~2023-05-11 9:19 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAJXSPs92h7yVVJm9UPp06zPQwRy-XkGPDhL-=uVT5sw=hEcLkQ@mail.gmail.com>
2023-05-10 23:56 ` [COFF] Fwd: " KenUnix
2023-05-11 0:12 ` [COFF] " Niklas Karlsson
2023-05-11 5:58 ` steve jenkin
2023-05-11 9:18 ` Ralph Corderoy [this message]
2023-05-11 22:06 ` [COFF] " Dave Horsfall
2023-05-11 22:35 ` segaloco via COFF
2023-05-12 2:13 ` Greg 'groggy' Lehey
2023-05-12 2:19 ` Adam Thornton
2023-05-12 2:34 ` Larry McVoy
2023-05-12 4:30 ` Tomasz Rola
2023-05-12 8:34 ` Ralph Corderoy
2023-05-12 13:58 ` Larry McVoy
2023-05-12 4:24 ` Tomasz Rola
2023-05-12 5:02 ` segaloco via COFF
2023-05-12 8:14 ` Robert Stanford via COFF
2023-05-12 16:40 ` Adam Thornton
2023-05-12 11:42 ` Ralph Corderoy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230511091857.79F92221B9@orac.inputplus.co.uk \
--to=ralph@inputplus.co.uk \
--cc=coff@tuhs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).