Computer Old Farts Forum
 help / color / mirror / Atom feed
* [COFF] Fwd: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
       [not found] <CAJXSPs92h7yVVJm9UPp06zPQwRy-XkGPDhL-=uVT5sw=hEcLkQ@mail.gmail.com>
@ 2023-05-10 23:56 ` KenUnix
  2023-05-11  0:12   ` [COFF] " Niklas Karlsson
                     ` (2 more replies)
  0 siblings, 3 replies; 17+ messages in thread
From: KenUnix @ 2023-05-10 23:56 UTC (permalink / raw)
  To: COFF


[-- Attachment #1.1: Type: text/plain, Size: 4998 bytes --]

Useful Shell Scripts Network Connections , Logins and
*Block hacking attempts*

[image: image.png]

#1. See how many remote IPs are connecting to the machine

See how many remote IPs are connecting to the local machine (whether
through ssh or web or ftp ) Use netstat — atn to view the status of all
connections on the machine, — a to view all, -T Display only tcp connection
information, ≤ n Display in numeric format Local Address (the fourth column
is the IP and port information of the machine) Foreign Address (the fifth
column is the IP and port information of the remote host) Use the awk
command to display only the data in column 5, and then display the
information of the IP address in column 1 Sort can be sorted by number
size, and finally use uniq to delete the redundant duplicates and count the
number of duplicates


netstat -atn  |  awk  '{print $5}'  | awk  '{print $1}' | sort -nr  |  uniq -c

#2. Detect file consistency in specified directories of two servers

Detect the consistency of files in specified directories on two servers, by
comparing the md5 values of files on two servers to detect consistency

#!/bin/bash
dir=/data/web
b_ip=xxx.xxx.xxx.xxx
#Iterate through all the files in the specified directory and use them
as arguments to the md5sum command to get the md5 values of all the
files and write them to the specified file
find $dir -type f|xargs md5sum > /tmp/md5_a.txt
ssh $b_ip "find $dir -type f|xargs md5sum > /tmp/md5_b.txt"
scp $b_ip:/tmp/md5_b.txt /tmp
#Compare file names as traversal objects one by one
for f in `awk '{print 2} /tmp/md5_a.txt'`
do
#The standard is machine a. When machine b does not exist to traverse
the files in the object directly output the non-existent results
if grep -qw "$f" /tmp/md5_b.txt
then
md5_a=`grep -w "$f" /tmp/md5_a.txt|awk '{print 1}'`
md5_b=`grep -w "$f" /tmp/md5_b.txt|awk '{print 1}'`
#Output the result of file changes if the md5 value is inconsistent
when the file exists
if [ $md5_a != $md5_b ]
then
echo "$f changed."
fi
else
echo "$f deleted."
fi
done

#3. Detect network interface card traffic and record it in the log
according to the specified format

Detect the network interface card traffic and record it in the log
according to the specified format, and record it once a minute. The log
format is as follows:

   - 2019–08–12 20:40
   - ens33 input: 1234bps
   - ens33 output: 1235bps

#!/bin/bash
while :
do
LANG=en
logfile=/tmp/`date +%d`.log
#Redirect the output of the following command execution to the logfile log
exec >> $logfile
date +"%F %H:%M"
#The unit of traffic counted by the sar command is kb/s, and the log
format is bps, so it should be *1000*8
sar -n DEV 1 59|grep Average|grep ens33|awk '{print
$2,"\t","input:","\t",$5*1000*8,"bps","\n",$2,"\t","output:","\t",$6*1000*8,"bps"}'
echo "####################"
#Because it takes 59 seconds to execute the sar command, sleep is not required
done

#4. Iptables automatically blocks IPs that visit websites frequentlyBlock
more than 200 IP accesses per minute

   - According to Nginx

#!/bin/bash
DATE=$(date +%d/%b/%Y:%H:%M)
ABNORMAL_IP=$(tail -n5000 access.log |grep $DATE |awk
'{a[$1]++}END{for(i in a)if(a[i]>100)print i}')
#First tail prevents the file from being too large and slow to read,
and the number can be adjusted for the maximum number of visits per
minute. awk cannot filter the log directly because it contains special
characters.
for IP in $ABNORMAL_IP; do
    if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then
        iptables -I INPUT -s $IP -j DROP
    fi
done


   - Connection established over TCP


#!/bin/bash
ABNORMAL_IP=$(netstat -an |awk '$4~/:80$/ &&
$6~/ESTABLISHED/{gsub(/:[0-9]+/,"",$5);{a[$5]++}}END{for(i in
a)if(a[i]>100)print i}')
#gsub is to remove the colon and port from the fifth column (client IP)
for IP in $ABNORMAL_IP; do
    if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then
        iptables -I INPUT -s $IP -j DROP
    fi
done

Block IPs with more than 10 SSH attempts per minute

   - Get login status via lastb

#!/bin/bash
DATE=$(date +"%a %b %e %H:%M") #Day of the week, month, and hour %e
displays 7 for single digits, while %d displays 07
ABNORMAL_IP=$(lastb |grep "$DATE" |awk '{a[$3]++}END{for(i in
a)if(a[i]>10)print i}')
for IP in $ABNORMAL_IP; do
    if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then
        iptables -I INPUT -s $IP -j DROP
    fi
done


   - Get login status from logs

#!/bin/bash
DATE=$(date +"%b %d %H")
ABNORMAL_IP="$(tail -n10000 /var/log/auth.log |grep "$DATE" |awk
'/Failed/{a[$(NF-3)]++}END{for(i in a)if(a[i]>5)print i}')"
for IP in $ABNORMAL_IP; do
    if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then
        iptables -A INPUT -s $IP -j DROP
        echo "$(date +"%F %T") - iptables -A INPUT -s $IP -j DROP"
>>~/ssh-login-limit.log
    fi
done

Might come in handy...

-- 
End of line

[-- Attachment #1.2: Type: text/html, Size: 8910 bytes --]

[-- Attachment #2: image.png --]
[-- Type: image/png, Size: 58299 bytes --]

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Fwd: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-10 23:56 ` [COFF] Fwd: Useful Shell Scripts Network Connections , Logins and Block hacking attempts KenUnix
@ 2023-05-11  0:12   ` Niklas Karlsson
  2023-05-11  5:58   ` steve jenkin
  2023-05-11  9:18   ` [COFF] " Ralph Corderoy
  2 siblings, 0 replies; 17+ messages in thread
From: Niklas Karlsson @ 2023-05-11  0:12 UTC (permalink / raw)
  To: COFF


[-- Attachment #1.1: Type: text/plain, Size: 5755 bytes --]

A little outdated in that many Linux distributions no longer come with
'netstat' by default - you now use the 'ss' command. You may be able to
obtain netstat by installing some form of network-legacy package, of course.

As for blocking IPs that access you too frequently, there's 'fail2ban'
which can do this more flexibly and configurably.

As for #3 I'm not sure, but I'd be surprised if there wasn't some tool for
that as well.

/Niklas

Den tors 11 maj 2023 kl 01:57 skrev KenUnix <ken.unix.guy@gmail.com>:

> Useful Shell Scripts Network Connections , Logins and
> *Block hacking attempts*
>
> [image: image.png]
>
> #1. See how many remote IPs are connecting to the machine
>
> See how many remote IPs are connecting to the local machine (whether
> through ssh or web or ftp ) Use netstat — atn to view the status of all
> connections on the machine, — a to view all, -T Display only tcp connection
> information, ≤ n Display in numeric format Local Address (the fourth column
> is the IP and port information of the machine) Foreign Address (the fifth
> column is the IP and port information of the remote host) Use the awk
> command to display only the data in column 5, and then display the
> information of the IP address in column 1 Sort can be sorted by number
> size, and finally use uniq to delete the redundant duplicates and count the
> number of duplicates
>
>
> netstat -atn  |  awk  '{print $5}'  | awk  '{print $1}' | sort -nr  |  uniq -c
>
> #2. Detect file consistency in specified directories of two servers
>
> Detect the consistency of files in specified directories on two servers,
> by comparing the md5 values of files on two servers to detect consistency
>
> #!/bin/bash
> dir=/data/web
> b_ip=xxx.xxx.xxx.xxx
> #Iterate through all the files in the specified directory and use them as arguments to the md5sum command to get the md5 values of all the files and write them to the specified file
> find $dir -type f|xargs md5sum > /tmp/md5_a.txt
> ssh $b_ip "find $dir -type f|xargs md5sum > /tmp/md5_b.txt"
> scp $b_ip:/tmp/md5_b.txt /tmp
> #Compare file names as traversal objects one by one
> for f in `awk '{print 2} /tmp/md5_a.txt'`
> do
> #The standard is machine a. When machine b does not exist to traverse the files in the object directly output the non-existent results
> if grep -qw "$f" /tmp/md5_b.txt
> then
> md5_a=`grep -w "$f" /tmp/md5_a.txt|awk '{print 1}'`
> md5_b=`grep -w "$f" /tmp/md5_b.txt|awk '{print 1}'`
> #Output the result of file changes if the md5 value is inconsistent when the file exists
> if [ $md5_a != $md5_b ]
> then
> echo "$f changed."
> fi
> else
> echo "$f deleted."
> fi
> done
>
> #3. Detect network interface card traffic and record it in the log
> according to the specified format
>
> Detect the network interface card traffic and record it in the log
> according to the specified format, and record it once a minute. The log
> format is as follows:
>
>    - 2019–08–12 20:40
>    - ens33 input: 1234bps
>    - ens33 output: 1235bps
>
> #!/bin/bash
> while :
> do
> LANG=en
> logfile=/tmp/`date +%d`.log
> #Redirect the output of the following command execution to the logfile log
> exec >> $logfile
> date +"%F %H:%M"
> #The unit of traffic counted by the sar command is kb/s, and the log format is bps, so it should be *1000*8
> sar -n DEV 1 59|grep Average|grep ens33|awk '{print $2,"\t","input:","\t",$5*1000*8,"bps","\n",$2,"\t","output:","\t",$6*1000*8,"bps"}'
> echo "####################"
> #Because it takes 59 seconds to execute the sar command, sleep is not required
> done
>
> #4. Iptables automatically blocks IPs that visit websites frequentlyBlock
> more than 200 IP accesses per minute
>
>    - According to Nginx
>
> #!/bin/bash
> DATE=$(date +%d/%b/%Y:%H:%M)
> ABNORMAL_IP=$(tail -n5000 access.log |grep $DATE |awk '{a[$1]++}END{for(i in a)if(a[i]>100)print i}')
> #First tail prevents the file from being too large and slow to read, and the number can be adjusted for the maximum number of visits per minute. awk cannot filter the log directly because it contains special characters.
> for IP in $ABNORMAL_IP; do
>     if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then
>         iptables -I INPUT -s $IP -j DROP
>     fi
> done
>
>
>    - Connection established over TCP
>
>
> #!/bin/bash
> ABNORMAL_IP=$(netstat -an |awk '$4~/:80$/ && $6~/ESTABLISHED/{gsub(/:[0-9]+/,"",$5);{a[$5]++}}END{for(i in a)if(a[i]>100)print i}')
> #gsub is to remove the colon and port from the fifth column (client IP)
> for IP in $ABNORMAL_IP; do
>     if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then
>         iptables -I INPUT -s $IP -j DROP
>     fi
> done
>
> Block IPs with more than 10 SSH attempts per minute
>
>    - Get login status via lastb
>
> #!/bin/bash
> DATE=$(date +"%a %b %e %H:%M") #Day of the week, month, and hour %e displays 7 for single digits, while %d displays 07
> ABNORMAL_IP=$(lastb |grep "$DATE" |awk '{a[$3]++}END{for(i in a)if(a[i]>10)print i}')
> for IP in $ABNORMAL_IP; do
>     if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then
>         iptables -I INPUT -s $IP -j DROP
>     fi
> done
>
>
>    - Get login status from logs
>
> #!/bin/bash
> DATE=$(date +"%b %d %H")
> ABNORMAL_IP="$(tail -n10000 /var/log/auth.log |grep "$DATE" |awk '/Failed/{a[$(NF-3)]++}END{for(i in a)if(a[i]>5)print i}')"
> for IP in $ABNORMAL_IP; do
>     if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then
>         iptables -A INPUT -s $IP -j DROP
>         echo "$(date +"%F %T") - iptables -A INPUT -s $IP -j DROP" >>~/ssh-login-limit.log
>     fi
> done
>
> Might come in handy...
>
> --
> End of line
>
>

[-- Attachment #1.2: Type: text/html, Size: 10276 bytes --]

[-- Attachment #2: image.png --]
[-- Type: image/png, Size: 58299 bytes --]

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Fwd: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-10 23:56 ` [COFF] Fwd: Useful Shell Scripts Network Connections , Logins and Block hacking attempts KenUnix
  2023-05-11  0:12   ` [COFF] " Niklas Karlsson
@ 2023-05-11  5:58   ` steve jenkin
  2023-05-11  9:18   ` [COFF] " Ralph Corderoy
  2 siblings, 0 replies; 17+ messages in thread
From: steve jenkin @ 2023-05-11  5:58 UTC (permalink / raw)
  To: COFF


> On 11 May 2023, at 09:56, KenUnix <ken.unix.guy@gmail.com> wrote:
> 
> Useful Shell Scripts Network Connections , Logins and Block hacking attempts

I found this content on Medium as a ‘members only’ article, published 5 April, 2023.
A 2nd article of “useful shell scripts”

	<https://medium.com/@Beck_Moulton/useful-shell-scripts-2-df9cbcf6bdd8>

Author handle is "Beck Moulton”, who does Java according to their Bio.

	"Focus on the back-end field, do actual combat technology sharing”

	<https://medium.com/@Beck_Moulton/about>

There’s Golang and Rust threads and more.

==============

I didn’t see any attribution of source in the articles.
The snippets have the feel to be from some standard source, but I didn’t identify it.

Previous post of ‘useful’ scripts (#1 vs #2) from 17 March, 2023.

	<https://medium.com/@Beck_Moulton/useful-shell-scripts-f846350eb1ae>

		#1 According to the PID input by the user, filter out all the information of the PID
		#2 Display all information about the process according to the process name
		#3 View information about the user based on the user name
		#4 Check the connection status of tcp
		#5 Display system performance

==============

A random github page from 2014, a “Linux Admin Cheatsheet”, for anyone wanting more.
Not a recommendation, not a comment on suitability or quality of content.

	<https://github.com/crhuber/linux-cheatsheet>

==============

cheers
steve

--
Steve Jenkin, IT Systems and Design 
0412 786 915 (+61 412 786 915)
PO Box 38, Kippax ACT 2615, AUSTRALIA

mailto:sjenkin@canb.auug.org.au http://members.tip.net.au/~sjenkin


^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-10 23:56 ` [COFF] Fwd: Useful Shell Scripts Network Connections , Logins and Block hacking attempts KenUnix
  2023-05-11  0:12   ` [COFF] " Niklas Karlsson
  2023-05-11  5:58   ` steve jenkin
@ 2023-05-11  9:18   ` Ralph Corderoy
  2023-05-11 22:06     ` Dave Horsfall
  2 siblings, 1 reply; 17+ messages in thread
From: Ralph Corderoy @ 2023-05-11  9:18 UTC (permalink / raw)
  To: coff

Hi,

>From a quick skim, these seem poorly written.  They might do what's
required some of the time but are no better than a quickly knocked-up
attempt I'd do myself.

> Use the awk command to display only the data in column 5, and then
> display the information of the IP address in column 1
...
> netstat -atn  |  awk  '{print $5}'  | awk  '{print $1}' | sort -nr  |  uniq -c

The second awk does nothing, even though it's documented.

> find $dir -type f|xargs md5sum > /tmp/md5_a.txt
> ssh $b_ip "find $dir -type f|xargs md5sum > /tmp/md5_b.txt"
> scp $b_ip:/tmp/md5_b.txt /tmp
> #Compare file names as traversal objects one by one
> for f in `awk '{print 2} /tmp/md5_a.txt'`

Looks like that ‘print 2’ should be $2.  Presumably it was corrupted on
its long journey of cut-and-pastes and renderings.  The '' quoting is
also adrift as what's there lumps the AWK with the input's path.

> if grep -qw "$f" /tmp/md5_b.txt

This checks if an A file is present in B.  There is nothing to spot new
files in B not in A.

> then
> md5_a=`grep -w "$f" /tmp/md5_a.txt|awk '{print 1}'`
> md5_b=`grep -w "$f" /tmp/md5_b.txt|awk '{print 1}'`

Both 1 should be $1 to get the MD5 for the path.  And grep's -w isn't
the right way to pick out the line.

    $ md5sum * | grep -w foo
    d41d8cd98f00b204e9800998ecf8427e  foo
    d41d8cd98f00b204e9800998ecf8427e  foo extra
    $

I didn't read further.

-- 
Cheers, Ralph.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-11  9:18   ` [COFF] " Ralph Corderoy
@ 2023-05-11 22:06     ` Dave Horsfall
  2023-05-11 22:35       ` segaloco via COFF
  0 siblings, 1 reply; 17+ messages in thread
From: Dave Horsfall @ 2023-05-11 22:06 UTC (permalink / raw)
  To: Computer Old Farts Followers

On Thu, 11 May 2023, Ralph Corderoy wrote:

> From a quick skim, these seem poorly written.  They might do what's 
> required some of the time but are no better than a quickly knocked-up 
> attempt I'd do myself.

[...]

It appears to be some jerk pretending to be Ken T; any fool can take a 
Gmail address (and they do).

-- Dave

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-11 22:06     ` Dave Horsfall
@ 2023-05-11 22:35       ` segaloco via COFF
  2023-05-12  2:13         ` Greg 'groggy' Lehey
  2023-05-12 11:42         ` Ralph Corderoy
  0 siblings, 2 replies; 17+ messages in thread
From: segaloco via COFF @ 2023-05-11 22:35 UTC (permalink / raw)
  To: Dave Horsfall; +Cc: Computer Old Farts Followers

I would be cautious with that sort of accusation.  I've seen Ken here's traffic on TUHS and COFF for a little bit now and at least myself have never seen him try and pass off a false identity.  I've seen email replies reach TUHS from Ken Thompson himself, there's nothing I've seen in this Ken's messaging that appears to present a facsimile of Ken T. or anyone else.  Of course, if such misdirection is happening and can be proven, probably best to warn Warren directly on that sort of thing.

That all said, yeah, I don't see this sort of email being too relevant to COFF.  I'm no moderator so I won't claim to have authority on anything, but I for one tend to ignore just about anything Linux-oriented or specific in this list and TUHS.

- Matt G.

P.S. Sorry to backseat mod at all, I just have seen this sort of thing before, I don't think anyone involved has bad intentions, communicating over the internet is hard.

------- Original Message -------
On Thursday, May 11th, 2023 at 3:06 PM, Dave Horsfall <dave@horsfall.org> wrote:


> On Thu, 11 May 2023, Ralph Corderoy wrote:
> 
> > From a quick skim, these seem poorly written. They might do what's
> > required some of the time but are no better than a quickly knocked-up
> > attempt I'd do myself.
> 
> 
> [...]
> 
> It appears to be some jerk pretending to be Ken T; any fool can take a
> Gmail address (and they do).
> 
> -- Dave

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-11 22:35       ` segaloco via COFF
@ 2023-05-12  2:13         ` Greg 'groggy' Lehey
  2023-05-12  2:19           ` Adam Thornton
                             ` (2 more replies)
  2023-05-12 11:42         ` Ralph Corderoy
  1 sibling, 3 replies; 17+ messages in thread
From: Greg 'groggy' Lehey @ 2023-05-12  2:13 UTC (permalink / raw)
  To: segaloco; +Cc: Computer Old Farts Followers

[-- Attachment #1: Type: text/plain, Size: 1161 bytes --]

On Thursday, 11 May 2023 at 22:35:46 +0000, COFF wrote:
> On Thursday, May 11th, 2023 at 3:06 PM, Dave Horsfall <dave@horsfall.org> wrote:
>> On Thu, 11 May 2023, Ralph Corderoy wrote:
>>
>> It appears to be some jerk pretending to be Ken T; any fool can
>> take a Gmail address (and they do).
>
> I would be cautious with that sort of accusation...

Agreed.  My guess is that the poster is really called Ken.  You can't
blame him for that.

> That all said, yeah, I don't see this sort of email being too
> relevant to COFF.

Well, it *is* Unix-related.  Should COFF be restricted beyond that?
The whole idea of the list was to provide a platform for topics where
TUHS was inappropriate.  I don't see the distinction Unix/Linux as an
issue: a surprising number of Unix people have moved on to Linux.  And
I don't think we should pontificate on the merits of the post.  Some
are better than others.

Greg
--
Sent from my desktop computer.
Finger grog@lemis.com for PGP public key.
See complete headers for address and phone numbers.
This message is digitally signed.  If your Microsoft mail program
reports problems, please read http://lemis.com/broken-MUA.php

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 163 bytes --]

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-12  2:13         ` Greg 'groggy' Lehey
@ 2023-05-12  2:19           ` Adam Thornton
  2023-05-12  2:34             ` Larry McVoy
  2023-05-12  4:24           ` Tomasz Rola
  2023-05-12  8:14           ` Robert Stanford via COFF
  2 siblings, 1 reply; 17+ messages in thread
From: Adam Thornton @ 2023-05-12  2:19 UTC (permalink / raw)
  To: Computer Old Farts Followers



> On May 11, 2023, at 7:13 PM, Greg 'groggy' Lehey <grog@lemis.com> wrote:
> 
> Agreed.  My guess is that the poster is really called Ken.  You can't
> blame him for that.


You can fault his judgment for calling himself "Unix Ken" or whatever, because for most people around here, that would indicate a specific person who isn't him, but nothing he's posted seems to indicate malice or an intention to confuse people.

I bet there are more than two people named Ken who are into Unix in the world.

Adam

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-12  2:19           ` Adam Thornton
@ 2023-05-12  2:34             ` Larry McVoy
  2023-05-12  4:30               ` Tomasz Rola
  2023-05-12  8:34               ` Ralph Corderoy
  0 siblings, 2 replies; 17+ messages in thread
From: Larry McVoy @ 2023-05-12  2:34 UTC (permalink / raw)
  To: Adam Thornton; +Cc: Computer Old Farts Followers

On Thu, May 11, 2023 at 07:19:50PM -0700, Adam Thornton wrote:
> 
> 
> > On May 11, 2023, at 7:13 PM, Greg 'groggy' Lehey <grog@lemis.com> wrote:
> > 
> > Agreed.  My guess is that the poster is really called Ken.  You can't
> > blame him for that.
> 
> 
> You can fault his judgment for calling himself "Unix Ken" or whatever, because for most people around here, that would indicate a specific person who isn't him, but nothing he's posted seems to indicate malice or an intention to confuse people.
> 
> I bet there are more than two people named Ken who are into Unix in the world.
> 
> Adam

Adding my voice to Unix Ken is just another Ken.  Nothing I've seen from
him says he is trying to be Ken T.

And since I'm opining, I both liked and didn't like his scripts.  I liked
that they were very classic Unix, a pleasant reminder of where we have 
come from.  What I didn't like was all that data flowing through all 
those pipes.  Yes, it is simple but it just doesn't scale that well
when you are processing gigabytes of data, which you frequently are
these days.

I'll date myself, but I could replace every one of those scripts
with a single pretty understandable perl script.  Modern people might
prefer Python, I can program in Python but I have a huge aversion to a
programming language that doesn't include printf in the base language.
Too weird for me.
-- 
---
Larry McVoy           Retired to fishing          http://www.mcvoy.com/lm/boat

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-12  2:13         ` Greg 'groggy' Lehey
  2023-05-12  2:19           ` Adam Thornton
@ 2023-05-12  4:24           ` Tomasz Rola
  2023-05-12  5:02             ` segaloco via COFF
  2023-05-12  8:14           ` Robert Stanford via COFF
  2 siblings, 1 reply; 17+ messages in thread
From: Tomasz Rola @ 2023-05-12  4:24 UTC (permalink / raw)
  To: Computer Old Farts Followers

On Fri, May 12, 2023 at 12:13:17PM +1000, Greg 'groggy' Lehey wrote:
> On Thursday, 11 May 2023 at 22:35:46 +0000, COFF wrote:
[...]
> 
> > That all said, yeah, I don't see this sort of email being too
> > relevant to COFF.
> 
> Well, it *is* Unix-related.  Should COFF be restricted beyond that?
> The whole idea of the list was to provide a platform for topics where
> TUHS was inappropriate.  I don't see the distinction Unix/Linux as an
> issue: a surprising number of Unix people have moved on to Linux.  And
> I don't think we should pontificate on the merits of the post.  Some
> are better than others.

Myself, I have had a look at Ken's postings. Maybe I will not copy
straight to my own scripts, maybe not, but I always look for examples
of (shell) scripts and options to various programs which may serve as
refresher or inspiration.

-- 
Regards,
Tomasz Rola

--
** A C programmer asked whether computer had Buddha's nature.      **
** As the answer, master did "rm -rif" on the programmer's home    **
** directory. And then the C programmer became enlightened...      **
**                                                                 **
** Tomasz Rola          mailto:tomasz_rola@bigfoot.com             **

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-12  2:34             ` Larry McVoy
@ 2023-05-12  4:30               ` Tomasz Rola
  2023-05-12  8:34               ` Ralph Corderoy
  1 sibling, 0 replies; 17+ messages in thread
From: Tomasz Rola @ 2023-05-12  4:30 UTC (permalink / raw)
  To: Computer Old Farts Followers

On Thu, May 11, 2023 at 07:34:28PM -0700, Larry McVoy wrote:
[...]
> 
> And since I'm opining, I both liked and didn't like his scripts.  I liked
> that they were very classic Unix, a pleasant reminder of where we have 
> come from.  What I didn't like was all that data flowing through all 
> those pipes.  Yes, it is simple but it just doesn't scale that well
> when you are processing gigabytes of data, which you frequently are
> these days.

I believe (and I think I have seen more than once) that on multicore
computer all parts of the pipe will be ran on their own core, if
possible. Thus a script with pipes would give about the simplest way
to modernize this "old school" kind of processing.

-- 
Regards,
Tomasz Rola

--
** A C programmer asked whether computer had Buddha's nature.      **
** As the answer, master did "rm -rif" on the programmer's home    **
** directory. And then the C programmer became enlightened...      **
**                                                                 **
** Tomasz Rola          mailto:tomasz_rola@bigfoot.com             **

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-12  4:24           ` Tomasz Rola
@ 2023-05-12  5:02             ` segaloco via COFF
  0 siblings, 0 replies; 17+ messages in thread
From: segaloco via COFF @ 2023-05-12  5:02 UTC (permalink / raw)
  To: Tomasz Rola; +Cc: Computer Old Farts Followers

You can relegate any Linux grumbles from me to the cheap seats.  It's my daily driver as it is for many folks, I certainly wouldn't steer discussion away, my opinions on the matter are informed by my own biases after all...

Can't complain too much though, I keep coming back to Linux for the hardware support...due to the nature of the BSD licensing there are probably a lot more BSDish drivers floating around out there than we see, but they're only in use by a select few.

- Matt G.

------- Original Message -------
On Thursday, May 11th, 2023 at 9:24 PM, Tomasz Rola <rtomek@ceti.pl> wrote:


> On Fri, May 12, 2023 at 12:13:17PM +1000, Greg 'groggy' Lehey wrote:
> 
> > On Thursday, 11 May 2023 at 22:35:46 +0000, COFF wrote:
> 
> [...]
> 
> > > That all said, yeah, I don't see this sort of email being too
> > > relevant to COFF.
> > 
> > Well, it is Unix-related. Should COFF be restricted beyond that?
> > The whole idea of the list was to provide a platform for topics where
> > TUHS was inappropriate. I don't see the distinction Unix/Linux as an
> > issue: a surprising number of Unix people have moved on to Linux. And
> > I don't think we should pontificate on the merits of the post. Some
> > are better than others.
> 
> 
> Myself, I have had a look at Ken's postings. Maybe I will not copy
> straight to my own scripts, maybe not, but I always look for examples
> of (shell) scripts and options to various programs which may serve as
> refresher or inspiration.
> 
> --
> Regards,
> Tomasz Rola
> 
> --
> ** A C programmer asked whether computer had Buddha's nature. **
> ** As the answer, master did "rm -rif" on the programmer's home **
> ** directory. And then the C programmer became enlightened... **
> ** **
> ** Tomasz Rola mailto:tomasz_rola@bigfoot.com **

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-12  2:13         ` Greg 'groggy' Lehey
  2023-05-12  2:19           ` Adam Thornton
  2023-05-12  4:24           ` Tomasz Rola
@ 2023-05-12  8:14           ` Robert Stanford via COFF
  2023-05-12 16:40             ` Adam Thornton
  2 siblings, 1 reply; 17+ messages in thread
From: Robert Stanford via COFF @ 2023-05-12  8:14 UTC (permalink / raw)
  To: coff

On 12/5/23 12:13, Greg 'groggy' Lehey wrote:
> On Thursday, 11 May 2023 at 22:35:46 +0000, COFF wrote:
>> On Thursday, May 11th, 2023 at 3:06 PM, Dave Horsfall <dave@horsfall.org> wrote:
>>> On Thu, 11 May 2023, Ralph Corderoy wrote:
>>>
>>> It appears to be some jerk pretending to be Ken T; any fool can
>>> take a Gmail address (and they do).
>> I would be cautious with that sort of accusation...
> Agreed.  My guess is that the poster is really called Ken.  You can't
> blame him for that.
>
>
I cop the same thing with my domain. That's my surname and I was lucky 
to score the domain (stanford.com.au) when it became available. I've 
never tried to pass it off as anything else, yet every now and then I 
encounter someone who gets a bee in their bonnet over it.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-12  2:34             ` Larry McVoy
  2023-05-12  4:30               ` Tomasz Rola
@ 2023-05-12  8:34               ` Ralph Corderoy
  2023-05-12 13:58                 ` Larry McVoy
  1 sibling, 1 reply; 17+ messages in thread
From: Ralph Corderoy @ 2023-05-12  8:34 UTC (permalink / raw)
  To: coff

Hi Larry,

> I can program in Python but I have a huge aversion to a programming
> language that doesn't include printf in the base language.

Python has Perl's sprintf() but as the ‘fmt % values’ operator rather
than a function.  So it isn't just available for printing but general
string formatting.

    >>> mol = '%04d' % (6 * 7)
    >>> print('%08x  %-8s' % (826366246, mol))
    31415926  0042    

-- 
Cheers, Ralph.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-11 22:35       ` segaloco via COFF
  2023-05-12  2:13         ` Greg 'groggy' Lehey
@ 2023-05-12 11:42         ` Ralph Corderoy
  1 sibling, 0 replies; 17+ messages in thread
From: Ralph Corderoy @ 2023-05-12 11:42 UTC (permalink / raw)
  To: coff

Hi,

> I would be cautious with that sort of accusation.

KenUnix replied but it didn't make it to the list.
He's asked me to forward it on.

    To put everybody at ease my "handle" KenUnix has been in use by me
    for many years.
    It was never intended to be used to disguise me as someone else 
    It dates back to Ken (me) and using Unix for many years. I E. KenUnix.
    Ken

-- 
Cheers, Ralph.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-12  8:34               ` Ralph Corderoy
@ 2023-05-12 13:58                 ` Larry McVoy
  0 siblings, 0 replies; 17+ messages in thread
From: Larry McVoy @ 2023-05-12 13:58 UTC (permalink / raw)
  To: Ralph Corderoy; +Cc: coff

On Fri, May 12, 2023 at 09:34:37AM +0100, Ralph Corderoy wrote:
> Hi Larry,
> 
> > I can program in Python but I have a huge aversion to a programming
> > language that doesn't include printf in the base language.
> 
> Python has Perl's sprintf() but as the ???fmt % values??? operator rather
> than a function.  So it isn't just available for printing but general
> string formatting.
> 
>     >>> mol = '%04d' % (6 * 7)
>     >>> print('%08x  %-8s' % (826366246, mol))
>     31415926  0042    

I'm aware, I've used it.  It feels bolted on.  It's still weird.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [COFF] Re: Useful Shell Scripts Network Connections , Logins and Block hacking attempts
  2023-05-12  8:14           ` Robert Stanford via COFF
@ 2023-05-12 16:40             ` Adam Thornton
  0 siblings, 0 replies; 17+ messages in thread
From: Adam Thornton @ 2023-05-12 16:40 UTC (permalink / raw)
  To: Robert Stanford, Computer Old Farts Followers


> On May 12, 2023, at 1:14 AM, Robert Stanford via COFF <coff@tuhs.org> wrote:

> I cop the same thing with my domain. That's my surname and I was lucky to score the domain (stanford.com.au) when it became available. I've never tried to pass it off as anything else, yet every now and then I encounter someone who gets a bee in their bonnet over it.

Heh.

I own fsf.net.  That, once upon a time, was the Flathead Software Foundry.  I, obviously, registered that domain pretty early in the grand scheme of things.

If the actual Free Software Foundation wants it (they've never asked), it's theirs for the cost of registration.  Everyone else can just eff right off.  I turn down offers for it occasionally, but none of them have come close to what I consider a reasonable cost for my effort for migrating off of it would be.

Adam

^ permalink raw reply	[flat|nested] 17+ messages in thread

end of thread, other threads:[~2023-05-12 16:40 UTC | newest]

Thread overview: 17+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <CAJXSPs92h7yVVJm9UPp06zPQwRy-XkGPDhL-=uVT5sw=hEcLkQ@mail.gmail.com>
2023-05-10 23:56 ` [COFF] Fwd: Useful Shell Scripts Network Connections , Logins and Block hacking attempts KenUnix
2023-05-11  0:12   ` [COFF] " Niklas Karlsson
2023-05-11  5:58   ` steve jenkin
2023-05-11  9:18   ` [COFF] " Ralph Corderoy
2023-05-11 22:06     ` Dave Horsfall
2023-05-11 22:35       ` segaloco via COFF
2023-05-12  2:13         ` Greg 'groggy' Lehey
2023-05-12  2:19           ` Adam Thornton
2023-05-12  2:34             ` Larry McVoy
2023-05-12  4:30               ` Tomasz Rola
2023-05-12  8:34               ` Ralph Corderoy
2023-05-12 13:58                 ` Larry McVoy
2023-05-12  4:24           ` Tomasz Rola
2023-05-12  5:02             ` segaloco via COFF
2023-05-12  8:14           ` Robert Stanford via COFF
2023-05-12 16:40             ` Adam Thornton
2023-05-12 11:42         ` Ralph Corderoy

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).