Thanks to Webmaster Tips for the reminder about using lynx to pull the content of a web page without saving it to a file.
Using their method, we can quickly check the "Total Threat count" on Norton's Safe Web site for a domain using:
lynx -source "http://safeweb.norton.com/report/show?name=domain.com" | grep -i "Total threats found:" | awk -F '>' '{print $2}' | awk -F '<' '{print $1}'
Not all that pretty, but effective nonetheless. Looking to add 2-3 more command line based checks, including Google's Safe Browsing API.
Showing posts with label linux. Show all posts
Showing posts with label linux. Show all posts
Wednesday, September 9, 2009
Sunday, August 23, 2009
Dump all IPs from pcap with tshark
Simple command to dump all IPs from a PCAP using tshark (custom fields are RED):
tshark -nr sample.pcap ip awk '{print $3 ; $ 5 }' sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4 uniq > output_file
By section:
- Summarize all IP traffic in the PCAP without resolving names or ports
- Print the source and destination IPs on separate lines (the ;)
- Sort the results appropriately for IP addresses (thanks to networking.ringofsaturn.com)
- Remove duplicates
- Redirect the output to a file
tshark -nr sample.pcap ip awk '{print $3 ; $ 5 }' sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4 uniq > output_file
By section:
- Summarize all IP traffic in the PCAP without resolving names or ports
- Print the source and destination IPs on separate lines (the ;)
- Sort the results appropriately for IP addresses (thanks to networking.ringofsaturn.com)
- Remove duplicates
- Redirect the output to a file
Friday, August 14, 2009
Thursday, August 13, 2009
Lock down single user sign-on
Add the following to /etc/inittab
su:S:wait:/sbin/sulogin
source: http://thedaneshproject.com/posts/password-protect-single-user-mode/
su:S:wait:/sbin/sulogin
source: http://thedaneshproject.com/posts/password-protect-single-user-mode/
Subscribe to:
Posts (Atom)