Wednesday, December 30, 2009
Sunday, December 27, 2009
How to Convert .BIN/.CUE Files to .ISO in Ubuntu
An ISO image is an archive file (a.k.a. disk image) of an optical disc using a conventional ISO (International Organization for Standardization ) format that is supported by many software vendors. ISO image files typically have a file extension of .ISO. Occasionally, you might come across a disc image in the BIN format. While there are ways to use BIN/CUE’s in Linux, it is much easier to convert them to the standard ISO format.
bchunk (BinChunker)
CD image format conversion from bin/cue to iso/cdrThe bchunk package contains a UNIX/C rewrite of the BinChunker program. BinChunker converts a CD image in a .bin/.cue format (sometimes .raw/.cue) into a set of .iso and .cdr/.wav tracks. The .bin/.cue format is used by some non-UNIX CD-writing software, but is not supported on most other CD-writing programs.
Install bchunk using the following command
sudo aptitude install bchunk
This will complete the installation.
Using bchunk
bchunk syntax
bchunk [-v] [-p] [-r] [-w] [-s]
Available options
-v - Makes binchunker print some more unnecessary messages, which should not be of interest for anyone.
-w - Makes binchunker write audio tracks in WAV format.
-s - Makes binchunker swap byte order in the samples of audio tracks.
-p - Makes binchunker go into PSX mode and truncate MODE2/2352 tracks to 2336 bytes at offset 0 instead of normal 2048 bytes at offset 24.
-r - Makes binchunker output MODE2/2352 tracks in raw format, from offset 0 for 2352 bytes. Good for MPEG/VCD.
Bchunk Example
bchunk IMAGE.bin IMAGE.cue IMAGE.iso
Using CDemu
You can also use CDemu to do this and the ubuntu ppa as follows
deb http://ppa.launchpad.net/cdemu/ubuntu hardy main
deb-src http://ppa.launchpad.net/cdemu/ubuntu hardy main
source:- http://www.ubuntugeek.com/how-to-convert-bincue-files-to-iso-in-ubuntu.html
bchunk (BinChunker)
CD image format conversion from bin/cue to iso/cdrThe bchunk package contains a UNIX/C rewrite of the BinChunker program. BinChunker converts a CD image in a .bin/.cue format (sometimes .raw/.cue) into a set of .iso and .cdr/.wav tracks. The .bin/.cue format is used by some non-UNIX CD-writing software, but is not supported on most other CD-writing programs.
Install bchunk using the following command
sudo aptitude install bchunk
This will complete the installation.
Using bchunk
bchunk syntax
bchunk [-v] [-p] [-r] [-w] [-s]
Available options
-v - Makes binchunker print some more unnecessary messages, which should not be of interest for anyone.
-w - Makes binchunker write audio tracks in WAV format.
-s - Makes binchunker swap byte order in the samples of audio tracks.
-p - Makes binchunker go into PSX mode and truncate MODE2/2352 tracks to 2336 bytes at offset 0 instead of normal 2048 bytes at offset 24.
-r - Makes binchunker output MODE2/2352 tracks in raw format, from offset 0 for 2352 bytes. Good for MPEG/VCD.
Bchunk Example
bchunk IMAGE.bin IMAGE.cue IMAGE.iso
Using CDemu
You can also use CDemu to do this and the ubuntu ppa as follows
deb http://ppa.launchpad.net/cdemu/ubuntu hardy main
deb-src http://ppa.launchpad.net/cdemu/ubuntu hardy main
source:- http://www.ubuntugeek.com/how-to-convert-bincue-files-to-iso-in-ubuntu.html
Saturday, December 26, 2009
File system layout in a linux partition
annalissa
now is this same layout/structure used for both primary and logical partitions ?
onebuck
Simplistically, a partition is nothing more than a container. Within that container you will construct a 'filesystem' that will be used to support the system. On a hard disk subsystem you can have multiple partitions, which are limited by the OS definitions. Look at the partition link for a detailed definition.
see:- http://en.wikipedia.org/wiki/Partition_%28computing%29
aragorn
Yes, they have the same layout. The only difference between a primary and logical partition is that a primary partition has its partition table entries - i.e. the beginning and end of the partition - listed in the partition table of the master boot record of the hard disk it sits
on, while a logical partition has its partition table entries listed in an extended partition container, which itself is a (special kind of) primary partition.
The Linux kernel doesn't care about whether a partition is either primary or logical, or whethr it's an LVM logical volume for that matter. (Note: LVM "Logical Volume Management") is an abstraction layer on top of the existing partitioning layer.)
Why daemon ?
Neil
Does anyone know why processes that run and wait for input are called Daemons? Just curious.
neil markwick
DAEMON
------
/day'mn/ or /dee'mn/ (From the mythological meaning, later rationalised as the acronym "Disk And Execution MONitor") A program that is not invoked explicitly, but lies dormant waiting for some condition(s) to occur. The idea is that the perpetrator of the condition need not be aware that a daemon is lurking (though often a program will commit an action only because it knows that it will implicitly invoke a daemon).
For example, under ITS writing a file on the LPT spooler's directory would invoke the spooling daemon, which would then print the file. The advantage is that programs wanting files printed need neither compete for access to, nor understand any idiosyncrasies of, the LPT. They simply enter their implicit requests and let the daemon decide what to do with them. Daemons are usually spawned automatically by the system, and may either live forever or be regenerated at intervals.
Unix systems run many daemons, chiefly to handle requests for services from other hosts on a network. Most of these are now started as required by a single real daemon, inetd, rather than running continuously. Examples are cron (local timed command execution), rshd (remote command
execution), rlogind and telnetd (remote login), ftpd, nfsd (file transfer), lpd (printing).
Does anyone know why processes that run and wait for input are called Daemons? Just curious.
neil markwick
DAEMON
------
/day'mn/ or /dee'mn/ (From the mythological meaning, later rationalised as the acronym "Disk And Execution MONitor") A program that is not invoked explicitly, but lies dormant waiting for some condition(s) to occur. The idea is that the perpetrator of the condition need not be aware that a daemon is lurking (though often a program will commit an action only because it knows that it will implicitly invoke a daemon).
For example, under ITS writing a file on the LPT spooler's directory would invoke the spooling daemon, which would then print the file. The advantage is that programs wanting files printed need neither compete for access to, nor understand any idiosyncrasies of, the LPT. They simply enter their implicit requests and let the daemon decide what to do with them. Daemons are usually spawned automatically by the system, and may either live forever or be regenerated at intervals.
Unix systems run many daemons, chiefly to handle requests for services from other hosts on a network. Most of these are now started as required by a single real daemon, inetd, rather than running continuously. Examples are cron (local timed command execution), rshd (remote command
execution), rlogind and telnetd (remote login), ftpd, nfsd (file transfer), lpd (printing).
Tuesday, December 15, 2009
/etc/resolv.conf
Ex:-
search domain.tld west.domain.tld
domain domain.tld
nameserver ip address
see man resolv.conf
search domain.tld west.domain.tld
domain domain.tld
nameserver ip address
see man resolv.conf
digg - command line dns client
dig similar to nslookup in batch mode, by default returns more information than nslookup
dig mx vtc.com
dig mail.yahoo.com ubuntu.com
dig @192.168.220.2 www.vtc.com
how to trace delegation using dig ?
ex:- dig +trace mail.yahoo.com
typing dig with no option , does a look up on the root of the namespace
dig mx vtc.com
dig mail.yahoo.com ubuntu.com
dig @192.168.220.2 www.vtc.com
how to trace delegation using dig ?
ex:- dig +trace mail.yahoo.com
typing dig with no option , does a look up on the root of the namespace
Saturday, December 12, 2009
Thursday, December 10, 2009
How to change target of a symbolic link ?
dandyrandy
Is it possible to change the target of a symbolic link?
What I currently have is:
/home/Data1
/home/Data2
/home/Stores
In the Stores directory, I did: ln -s /home/Data1 /home/Stores/abc
$ pwd
/home/Stores
$ ls -latr
lrwxrwxrwx 1 dandy dandy 46 Feb 12 16:38 abc -> /home/Data1
I want to now change that target to:
abc -> /home/Data2
BUT, I don't want to do have to delete the link and re-create it to the new target. I just want to rename/change/modify the target. Is it possible?
fimblo
I normally delete the symlink and re-create it on one line, minimizing the time the link does not exist:
rm mysymlink ; ln -s mytargetfile mysymlink
I suppose you could write a little hack which does it in one go, but I've never heard of one which is included in standard POSIX systems...
shamrock
ln -s /home/Data1 /home/Stores/abc
ln -f -s /home/Data2 /home/Stores/abc
see:- http://en.wikibooks.org/wiki/LPI_Linux_Certification/Create_&_Change_Hard_&_Symbolic_Links
Is it possible to change the target of a symbolic link?
What I currently have is:
/home/Data1
/home/Data2
/home/Stores
In the Stores directory, I did: ln -s /home/Data1 /home/Stores/abc
$ pwd
/home/Stores
$ ls -latr
lrwxrwxrwx 1 dandy dandy 46 Feb 12 16:38 abc -> /home/Data1
I want to now change that target to:
abc -> /home/Data2
BUT, I don't want to do have to delete the link and re-create it to the new target. I just want to rename/change/modify the target. Is it possible?
fimblo
I normally delete the symlink and re-create it on one line, minimizing the time the link does not exist:
rm mysymlink ; ln -s mytargetfile mysymlink
I suppose you could write a little hack which does it in one go, but I've never heard of one which is included in standard POSIX systems...
shamrock
ln -s /home/Data1 /home/Stores/abc
ln -f -s /home/Data2 /home/Stores/abc
see:- http://en.wikibooks.org/wiki/LPI_Linux_Certification/Create_&_Change_Hard_&_Symbolic_Links
Wednesday, December 9, 2009
Basic Web Server On Ubuntu 9.04 With Zend Framework
see:- http://www.howtoforge.com/basic-web-server-on-ubuntu-9.04-with-zend-framework
Monday, December 7, 2009
Monday, November 30, 2009
How to do everything with dd command
http://www.linuxquestions.org/linux/answers/Applications_GUI_Multimedia/How_To_Do_Eveything_With_DD
Tuesday, November 24, 2009
install flock in ubuntu
1) download flock from here:- http://flock.com/versions
2) Right-click on the file you downloaded Flock. Select Extract here and then the desktop will display a folder called 'flock'.
3) Use the root access
zodiac@zodioc:~$ sudo nautilus
4) move flock directory to /opt
To test whether you have correctly installed flock then run the following command from a terminal:
zodiac@zodioc: ~ $ /opt/flock/flock-browser
5) Create link
Now you create a link to the flock so that programs can be run by the user. Type the following command in a terminal:
zodiac@zodioc: sudo ln-s /opt/flock/flock-browser /usr/bin/flock-browser
6) Create shortcut
In order to create a shortcut flock, be it in the menu bar or desktop, follow these steps:
System - Preferences - Main Menu
In the Applications menu on the left you select Internet and then click New Item is located on the right.
Fill in the blank boxes with information such as the following:
Type: Application
Name: Flock
Command: flock-browser
Comment: Flock Browse
NB:- Tested on ubuntu 9.04, jaunty
2) Right-click on the file you downloaded Flock. Select Extract here and then the desktop will display a folder called 'flock'.
3) Use the root access
zodiac@zodioc:~$ sudo nautilus
4) move flock directory to /opt
To test whether you have correctly installed flock then run the following command from a terminal:
zodiac@zodioc: ~ $ /opt/flock/flock-browser
5) Create link
Now you create a link to the flock so that programs can be run by the user. Type the following command in a terminal:
zodiac@zodioc: sudo ln-s /opt/flock/flock-browser /usr/bin/flock-browser
6) Create shortcut
In order to create a shortcut flock, be it in the menu bar or desktop, follow these steps:
System - Preferences - Main Menu
In the Applications menu on the left you select Internet and then click New Item is located on the right.
Fill in the blank boxes with information such as the following:
Type: Application
Name: Flock
Command: flock-browser
Comment: Flock Browse
NB:- Tested on ubuntu 9.04, jaunty
Wednesday, November 18, 2009
Wednesday, November 4, 2009
festival examples
festival> (SayText "Where do you come from where do you go")
festival> (tts '/home/zodiac/Desktop/shanthi-manthra-for-peace' nil)
festival> (tts '/home/zodiac/Desktop/shanthi-manthra-for-peace' nil)
Sunday, October 25, 2009
i am not being able to play amr files..????
i am not being able to play the files transfered from my phone. They are amr files recording from my phone.
In order to listen to amr files try the program called Mobile Media Converter
http://www.miksoft.net/mobileMediaConverter.htm
As a prerequisite install libstdc++5 through synaptic MMC should do the job
Hope it helps,
Bhavani Shankar.
source:- https://answers.launchpad.net/ubuntu/+question/21732
In order to listen to amr files try the program called Mobile Media Converter
http://www.miksoft.net/mobileMediaConverter.htm
As a prerequisite install libstdc++5 through synaptic MMC should do the job
Hope it helps,
Bhavani Shankar.
source:- https://answers.launchpad.net/ubuntu/+question/21732
Saturday, October 17, 2009
create or edit short cut entry in Gnome, Thunar etc
1) create a file app-name.desktop
2) edit app-name.desktop file , to have the following entries
[Desktop Entry]
Version=1.0
Encoding=UTF-8
Name=GIMP
Exec=gimp (command to be executed)
Tcon= location of the icon file
Type=Application
NB:- tested on ubuntu 9.04
2) edit app-name.desktop file , to have the following entries
[Desktop Entry]
Version=1.0
Encoding=UTF-8
Name=GIMP
Exec=gimp (command to be executed)
Tcon= location of the icon file
Type=Application
NB:- tested on ubuntu 9.04
Wednesday, October 14, 2009
dpkg-deb
With dpkg-deb, it is possible to extract information and data from DEB files . To print a package’s control information, use the tool as follows:
zodiac@zodioc:/var/cache/apt/archives$ dpkg-deb --info wallpaper-step-into-freedom-theme_1.4.0.jaunty.ppa1_all.deb
new debian package, version 2.0.
size 1556530 bytes: control archive= 641 bytes.
386 bytes, 12 lines control
641 bytes, 7 lines md5sums
Package: wallpaper-step-into-freedom-theme
Source: step-into-freedom-theme
Version: 1.4.0.jaunty.ppa1
Architecture: all
Maintainer: Adrien Beudin
Installed-Size: 1592
Suggests: step-into-freedom-theme
Section: x11
Priority: extra
Homepage: http://francois.vogelweith.com/
Description: Step-into-freedom wallpaper
This package contains Step-into-freedom wallpaper.
zodiac@zodioc:/var/cache/apt/archives$ dpkg-deb --info wallpaper-step-into-freedom-theme_1.4.0.jaunty.ppa1_all.deb
new debian package, version 2.0.
size 1556530 bytes: control archive= 641 bytes.
386 bytes, 12 lines control
641 bytes, 7 lines md5sums
Package: wallpaper-step-into-freedom-theme
Source: step-into-freedom-theme
Version: 1.4.0.jaunty.ppa1
Architecture: all
Maintainer: Adrien Beudin
Installed-Size: 1592
Suggests: step-into-freedom-theme
Section: x11
Priority: extra
Homepage: http://francois.vogelweith.com/
Description: Step-into-freedom wallpaper
This package contains Step-into-freedom wallpaper.
Couturier - Merge PDF,IMAGES in LINUX
http://www.gtk-apps.org/content/show.php/Couturier+-+Merge+PDF+in+LINUX?content=102837
Tuesday, October 13, 2009
Right Click Plugins - Nautilus - Ubuntu 9.04
1) nautilus-sendto
2) nautilus-open-terminal
3) nautilus-image-converter
4) nautilus-actions
2) nautilus-open-terminal
3) nautilus-image-converter
4) nautilus-actions
autopackage: easy linux installation
see:- http://autopackage.org/faq.html?PHPSESSID=d852dfa1440b6a3eea5f9d3d95c8318e#1_4
universalindentgui : jaunty
see:- https://bugs.launchpad.net/ubuntu/+source/universalindentgui/+bug/382505
Monday, October 12, 2009
Sunday, October 11, 2009
Saturday, October 10, 2009
Improving Ubuntu: A Beginners Guide to Filing Bug Reports
see:- http://ubuntuforums.org/showthread.php?t=1011078
Wednesday, September 30, 2009
Monday, September 28, 2009
Sunday, September 27, 2009
Connect your nokia phone with linux without pc suite!!
You can connect Nokia phones WITHOUT ANY CONNECTIVITY SOFTWARE OR SETUP. Amazing,?
I connected the mobile via the USB data cable and was just about to do what you instructed when a pop-up came saying: “Mobile Broadband Internet Modem” connected. Then it automatically showed a wondow with Bangladesh written on it and in the window there were options to select Aktel, Banglalink or Grameenphone.
I selected Grameenphone, it configured by itself and connected within 5 seconds. I really love Ubuntu. It keeps getting better and better.And just think, it automatically selects Bangladesh and gives option for GP, BL or Aktel.
So, people, order a Ubuntu 8.10 CD or download and burn it.Experience the magic.
see:- http://tareqalam.wordpress.com/2008/07/11/connect-your-nokia-phone-with-linux-without-pc-suite/
I connected the mobile via the USB data cable and was just about to do what you instructed when a pop-up came saying: “Mobile Broadband Internet Modem” connected. Then it automatically showed a wondow with Bangladesh written on it and in the window there were options to select Aktel, Banglalink or Grameenphone.
I selected Grameenphone, it configured by itself and connected within 5 seconds. I really love Ubuntu. It keeps getting better and better.And just think, it automatically selects Bangladesh and gives option for GP, BL or Aktel.
So, people, order a Ubuntu 8.10 CD or download and burn it.Experience the magic.
see:- http://tareqalam.wordpress.com/2008/07/11/connect-your-nokia-phone-with-linux-without-pc-suite/
Wednesday, September 23, 2009
speeding up internet connection in ubuntu
you can speed up internet connection by disabling IPV6(iff it is not needed)
sudo gedit /etc/modeprobe.d/aliases
edit the line alias net-pf-10 ipv6 as alias net-pf-10 off
then save & reboot
NB:- tested on ubuntu 9.04
wojox
Code:
gksudo gedit /etc/modprobe.d/blacklist.conf
and add the line:
Code:
blacklist ipv6
then reboot. This removes IPv6 from the kernel entirely, not just the browser
scorp123
It does work. Without recompiling. If you "blacklist" the ipv6 module it will not be loaded ... which might on some systems indeed increase the performance of ipv4 a little bit.
Allen Kistler
What not loading ipv6 does is keep your machine from requesting IPv6 DNS records (AAAA) from your DNS server. Some DNS servers ignore requests for IPv6 addresses, which means the client has to time out the request before it asks for an IPv4 address (A). (If it retries, then it has to time out all the retries, which could be half a minute or so.) Most DNS servers are well-behaved enough now that they'll return an invalid request result or an unknown result if they don't support IPv6 requests, so the client can make an IPv4 request right away. In other words, for most people this tip isn't going to improve anything.
FWIW, Google did some initial testing a year or so ago that found a different, but related, problem. If the client is IPv6-enabled, but the Internet connection is IPv4-only, requesting *and*getting* an IPv6 address for a site makes the site completely inaccessible. That's why
they didn't assign an IPv6 address to www.google.com, but instead created a different name (ipv6.google.com) that probably points to the same pool of servers.
sudo gedit /etc/modeprobe.d/aliases
edit the line alias net-pf-10 ipv6 as alias net-pf-10 off
then save & reboot
NB:- tested on ubuntu 9.04
wojox
Code:
gksudo gedit /etc/modprobe.d/blacklist.conf
and add the line:
Code:
blacklist ipv6
then reboot. This removes IPv6 from the kernel entirely, not just the browser
scorp123
It does work. Without recompiling. If you "blacklist" the ipv6 module it will not be loaded ... which might on some systems indeed increase the performance of ipv4 a little bit.
Allen Kistler
What not loading ipv6 does is keep your machine from requesting IPv6 DNS records (AAAA) from your DNS server. Some DNS servers ignore requests for IPv6 addresses, which means the client has to time out the request before it asks for an IPv4 address (A). (If it retries, then it has to time out all the retries, which could be half a minute or so.) Most DNS servers are well-behaved enough now that they'll return an invalid request result or an unknown result if they don't support IPv6 requests, so the client can make an IPv4 request right away. In other words, for most people this tip isn't going to improve anything.
FWIW, Google did some initial testing a year or so ago that found a different, but related, problem. If the client is IPv6-enabled, but the Internet connection is IPv4-only, requesting *and*getting* an IPv6 address for a site makes the site completely inaccessible. That's why
they didn't assign an IPv6 address to www.google.com, but instead created a different name (ipv6.google.com) that probably points to the same pool of servers.
Tuesday, September 22, 2009
automounting windows share
edit the /etc/fstab file as follows:-
//192.168.1.252/videos /home/spowers/server cifs guest,auto 0 0
NB:- mount point should be an empty folder
//192.168.1.252/videos /home/spowers/server cifs guest,auto 0 0
NB:- mount point should be an empty folder
Saturday, September 19, 2009
Friday, September 18, 2009
swap file vs swap partition
I have read here
(http://www.softpanorama.org/Internals/Filesystems/linux_swap_filesyst...
)
that swapping to a file is slower than swapping to a partition , based
on the following reasons
1) large files(swap file) will be somewhat fragmented forcing additional disk/head movement in some cases and that you will have to deal with metadata describing where on the disk the file blocks are. this eats up both in-system filesystem cache and causes additional disk activity while you load metadata that is not in cache is there any other reason that justifies this claim OR what exactly is the tradeoff between a swap partition and a swap file ??
september storm
This depends, are you using some type of faster raid setup, where the drives run in parallel? In 2.6 kernels, the swap is no longer slower/less efficient. If you have some type of raid for faster access, it could be better than a swap partition and a swap file is something you can recreate, move around, etc. more easily than adjusting a partition. Still, I prefer a swap partition over a file, just because I'm used to it. Most drives these days are not contiguous
anyway, so even a partition isn't what it used to be. Even still, I'll probably use a physical partition for swap for many years to come.
Doug Freyburber
My preference is based on error modes not on performance issues -
Using a swap file if it is not available until the file system
is mounted. If the file system is corrupted or lost the swap file
is not available. A swap file can get included in backups if you
are not careful about exclude lists. Also a swap file is
unavailable if the drive has a hardware problem or corrupt label.
If the file is deleted the inode stays active so the space stays
used but it goes away at the next reboot by which time you may
have forgotten about an accidental deletion. The swap file can
also be renamed making it unavailable at the next reboot.
Using a swap partition none of those issues apply. It's only
unavailable if the drive has hardware problems or if the label
is corrupted. The list of problems that make it unavailable is
much shorter.
(http://www.softpanorama.org/Internals/Filesystems/linux_swap_filesyst...
)
that swapping to a file is slower than swapping to a partition , based
on the following reasons
1) large files(swap file) will be somewhat fragmented forcing additional disk/head movement in some cases and that you will have to deal with metadata describing where on the disk the file blocks are. this eats up both in-system filesystem cache and causes additional disk activity while you load metadata that is not in cache is there any other reason that justifies this claim OR what exactly is the tradeoff between a swap partition and a swap file ??
september storm
This depends, are you using some type of faster raid setup, where the drives run in parallel? In 2.6 kernels, the swap is no longer slower/less efficient. If you have some type of raid for faster access, it could be better than a swap partition and a swap file is something you can recreate, move around, etc. more easily than adjusting a partition. Still, I prefer a swap partition over a file, just because I'm used to it. Most drives these days are not contiguous
anyway, so even a partition isn't what it used to be. Even still, I'll probably use a physical partition for swap for many years to come.
Doug Freyburber
My preference is based on error modes not on performance issues -
Using a swap file if it is not available until the file system
is mounted. If the file system is corrupted or lost the swap file
is not available. A swap file can get included in backups if you
are not careful about exclude lists. Also a swap file is
unavailable if the drive has a hardware problem or corrupt label.
If the file is deleted the inode stays active so the space stays
used but it goes away at the next reboot by which time you may
have forgotten about an accidental deletion. The swap file can
also be renamed making it unavailable at the next reboot.
Using a swap partition none of those issues apply. It's only
unavailable if the drive has hardware problems or if the label
is corrupted. The list of problems that make it unavailable is
much shorter.
Thursday, September 17, 2009
Wednesday, September 16, 2009
swappiness parameter
linux 2.6 kernels added a new kernel parameter called swappiness to let the administrators tweak the way linux swaps. it is a no: from 0-100
in essence, higher values leads to more pages being swapped, and lower values leads to more applications being kept in memory, even if they are idle
the default value of swappiness is 60, you can alter it temporarily(until you next reboot) by typing as root:
echo 50 > /proc/sys/vm/swappiness
if you want to alter it permanently then you need to change the vm.swappiness parameter in the /etc/sysctl.conf file
in essence, higher values leads to more pages being swapped, and lower values leads to more applications being kept in memory, even if they are idle
the default value of swappiness is 60, you can alter it temporarily(until you next reboot) by typing as root:
echo 50 > /proc/sys/vm/swappiness
if you want to alter it permanently then you need to change the vm.swappiness parameter in the /etc/sysctl.conf file
Monday, September 14, 2009
Sunday, September 13, 2009
FTP Program with Built-in Editor (Does it Exist?)
kestal
So I have been on Ubuntu for a while, and I think I may be overlooking something obvious, but I cannot be quite sure.
callan79
I'm not sure how much success you'd have editing multiple files on the fly, but I can tell you that editing one file at a time works fine.
Just install Filezilla or gFTP, configure 'gedit' as the editor, and you'll be right. When you save the file and close gedit, the FTP program will upload the new file to the server.
I do this all the time and it works well. Filezilla works better than gFTP in my experience.
source:- http://ubuntuforums.org/archive/index.php/t-1237026.html
So I have been on Ubuntu for a while, and I think I may be overlooking something obvious, but I cannot be quite sure.
callan79
I'm not sure how much success you'd have editing multiple files on the fly, but I can tell you that editing one file at a time works fine.
Just install Filezilla or gFTP, configure 'gedit' as the editor, and you'll be right. When you save the file and close gedit, the FTP program will upload the new file to the server.
I do this all the time and it works well. Filezilla works better than gFTP in my experience.
source:- http://ubuntuforums.org/archive/index.php/t-1237026.html
Sunday, August 30, 2009
sample samba configuration
netbios name your server name
[Myshare]
comment = Myshare
Path = /myshare
read only = no
guest ok = yes
available = yes
valid users = techno
public = yes
writeable = yes
[Myshare]
comment = Myshare
Path = /myshare
read only = no
guest ok = yes
available = yes
valid users = techno
public = yes
writeable = yes
Thursday, August 27, 2009
Thursday, August 13, 2009
Tuesday, August 11, 2009
Top -100 ubuntu applications
see:- http://ubuntulinuxhelp.com/top-100-of-the-best-useful-opensource-applications/
Monday, August 10, 2009
How To Uninstall VMWare Server: Ubuntu All Versions
see:- http://ubuntu-tutorials.com/2009/03/16/how-to-uninstall-vmware-server-ubuntu-all-versions/
Sunday, August 9, 2009
install safari on linux
http://ubuntu-unleashed.com/2008/03/howto-install-safari-on-ubuntu-with-flash-and-shockwave-hulu-youtube-shockwave-works.html
Wednesday, August 5, 2009
Linux: Should You Use Twice the Amount of Ram as Swap Space?
see :- http://www.cyberciti.biz/tips/linux-swap-space.html
see:-
http://www.softpanorama.org/Internals/Filesystems/linux_swap_filesystem.shtml
http://www.linux.com/news/software/applications/8208-all-about-linux-swap-space?theme=print
see:-
http://www.softpanorama.org/Internals/Filesystems/linux_swap_filesystem.shtml
http://www.linux.com/news/software/applications/8208-all-about-linux-swap-space?theme=print
Thursday, July 23, 2009
APIPA Eqiuvalent for Linux?
Rytron
What is the APIPA equivalent for Linux?
puppywhacky
a zeroconf technique where an interface is asigned an address starting with 169.254 so that at least an ip-address is assigned.
the linux implementation is AVAHI
What is the APIPA equivalent for Linux?
puppywhacky
a zeroconf technique where an interface is asigned an address starting with 169.254 so that at least an ip-address is assigned.
the linux implementation is AVAHI
Sunday, June 21, 2009
Tuesday, June 16, 2009
Sunday, June 14, 2009
Saturday, June 13, 2009
Friday, June 12, 2009
Thursday, June 11, 2009
Tuesday, June 9, 2009
virtual ip addressing
You can use the virtual IP address either within the same IP address range or on a different one. To add a virtual IP address, add where is a number after the name of the network interface. For example, ifconfig eth0:0 10.0.0.10 adds the address 10.0.0.10 as a virtual IP address to eth0 . The number after the colon must be unique, so you can add a second virtual IP address with ifconfig eth0:1 10.0.0.20 , and so on.
Monday, June 8, 2009
killall command
we can use killall to terminate processes that have a specific file open at that time by just mentioning the file name. Some of the most useful options for killall are listed here:
-i : This option puts killall in interactive mode. You’ll have to confirm before any process is killed.
-r : This option allows you to work with regular expressions. This is useful because you won’t have to enter the exact process name.
-u : This option kills only processes that a specific user owns. Useful if you need to terminate everything a user is doing right now.
EX:-
if you need to terminate all http processes, use regular expressions as in the following command:
killall -r http
For example, if you want to kill all processes that a user has currently opened, use the following command:
killall -u username
it is mainly used to kill a process and all its children
ex:- killall pid
-i : This option puts killall in interactive mode. You’ll have to confirm before any process is killed.
-r : This option allows you to work with regular expressions. This is useful because you won’t have to enter the exact process name.
-u : This option kills only processes that a specific user owns. Useful if you need to terminate everything a user is doing right now.
EX:-
if you need to terminate all http processes, use regular expressions as in the following command:
killall -r http
For example, if you want to kill all processes that a user has currently opened, use the following command:
killall -u username
it is mainly used to kill a process and all its children
ex:- killall pid
vipw & pwck
As an administrator, you can manually edit /etc/passwd and /etc/shadow . If you intend to do this use vipw instead. This tailored version of the Vi editor is specifically designed for editing these critical files. Any error can have serious consequences, such as no one being able to log in. Therefore, if you make manual changes to any of these files, you should check their integrity
Besides vipw, another way to do this is to use the pwck command, which you can run without any options to see whether there are any problems you need to fix.
Besides vipw, another way to do this is to use the pwck command, which you can run without any options to see whether there are any problems you need to fix.
find all files that a particular user owns ?:
find / -user username
we can also use find to search for files that have a specific group as their owner. For instance, the following command would search for all files that are owned by the group admin
find / -group admin
we can also use find to search for files that have a specific group as their owner. For instance, the following command would search for all files that are owned by the group admin
find / -group admin
how to write the contents of an optical disk to an ISO file ?
assuming that your optical disk is available via the /dev/cdrom device:
dd if=/dev/cdrom of=/mycd.iso bs=4096
mount -o loop /mycd.iso /mnt
dd if=/dev/cdrom of=/mycd.iso bs=4096
mount -o loop /mycd.iso /mnt
/etc/groups
stores the group information.
The first field in this file is reserved for the name of the group.
The second field stores the password for the group (an ! signifies that no password is allowed for this group). You can see that most groups have an x in the password field, and this refers to the /etc/gshadow file where you can store the encrypted passwords.
the third field provides a unique group id.
last field provides the members of this group.
The first field in this file is reserved for the name of the group.
The second field stores the password for the group (an ! signifies that no password is allowed for this group). You can see that most groups have an x in the password field, and this refers to the /etc/gshadow file where you can store the encrypted passwords.
the third field provides a unique group id.
last field provides the members of this group.
linux partition types
linux partition types
83 (Linux): This is the native Linux partition type. You can use it for any Linux filesystem.
82 (Linux swap): Use this partition type for Linux swap partitions.
8e (Linux LVM): Use this partition type for working with LVM logical volumes
5 (Extended): Use this for extended partitions.
cat /proc/partitions
contains all the list of partitions kernel knows about.
83 (Linux): This is the native Linux partition type. You can use it for any Linux filesystem.
82 (Linux swap): Use this partition type for Linux swap partitions.
8e (Linux LVM): Use this partition type for working with LVM logical volumes
5 (Extended): Use this for extended partitions.
cat /proc/partitions
contains all the list of partitions kernel knows about.
udev device names
udev device names
-----------------
If you need to address the device itself, they will not do. Modern Linux distributions have an alternative. This alternative is created by the udev process, which is started on all modern Linux distributions automatically.
udev is the process that detects device changes on the hardware bus and is responsible for creating device names.
Not only does it create the device names /dev/sdb and so on, but for each storage device it also creates a unique device name in the directory /dev/disk.
the udev device names are all symbolic links, and shows you what device these links are referring to, see ls -RL /dev/disk
-----------------
If you need to address the device itself, they will not do. Modern Linux distributions have an alternative. This alternative is created by the udev process, which is started on all modern Linux distributions automatically.
udev is the process that detects device changes on the hardware bus and is responsible for creating device names.
Not only does it create the device names /dev/sdb and so on, but for each storage device it also creates a unique device name in the directory /dev/disk.
the udev device names are all symbolic links, and shows you what device these links are referring to, see ls -RL /dev/disk
journaling
The journal is used to track changes. This concerns changes to files and changes to metadata as well. The goal of using a journal is to make sure that transactions are processed properly. This is especially the case for situations involving a power outage. In those cases, the file system will check the journal when it comes back up again, and depending on the journaling style that is configured, do a rollback of the original data or a check on the data that was open while the computer crashed. Using a journal is essential on large file systems where lots of files get written to.
When using journaling, you can specify three different journaling modes for the file system. All of these are specified as options while mounting the file system, which allows you to use different journaling modes on different file systems.
1) data=ordered option
mount -o data=ordered /dev/sda3 /data
When using this option, only metadata is journaled, and barriers are enabled by default. This way, data is forced to be written to hard disk as fast as possible, which reduces chances of things going wrong. This journaling mode uses the optimal balance between performance and data security.
In case you want the best possible performance, use the data=writeback option. This option only journals metadata, but does not guarantee data integrity. This means that based on the information in the journal, when your computer crashes, the file system can try to repair the data but may fail, in which case you will end up with the old data after a system crash. At least it guarantees fast recovery after a system crash, and for many environments, that is good enough.
3) data=journal
If you want the best guarantees for your data, use the data=journal option. When using this option, data and metadata are journaled. This ensures the best data integrity, but gives bad performance because all data has to be written twice—first to the journal, and then to the disk when it is committed to disk. If you need this journaling option, you should always make sure that the journal is written to a dedicated disk. Every file system has options to accomplish that.
When using journaling, you can specify three different journaling modes for the file system. All of these are specified as options while mounting the file system, which allows you to use different journaling modes on different file systems.
1) data=ordered option
mount -o data=ordered /dev/sda3 /data
When using this option, only metadata is journaled, and barriers are enabled by default. This way, data is forced to be written to hard disk as fast as possible, which reduces chances of things going wrong. This journaling mode uses the optimal balance between performance and data security.
In case you want the best possible performance, use the data=writeback option. This option only journals metadata, but does not guarantee data integrity. This means that based on the information in the journal, when your computer crashes, the file system can try to repair the data but may fail, in which case you will end up with the old data after a system crash. At least it guarantees fast recovery after a system crash, and for many environments, that is good enough.
3) data=journal
If you want the best guarantees for your data, use the data=journal option. When using this option, data and metadata are journaled. This ensures the best data integrity, but gives bad performance because all data has to be written twice—first to the journal, and then to the disk when it is committed to disk. If you need this journaling option, you should always make sure that the journal is written to a dedicated disk. Every file system has options to accomplish that.
Sunday, June 7, 2009
iptable examples
1) iptable rule to accept ssh
iptables -A INPUT -p tcp -i eth0 --dport 22 -m state --state NEW -j ACCEPT
2) iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
3)iptables -A INPUT -j LOG --log-prefix "FAIL!"
iptables -A INPUT -p tcp -i eth0 --dport 22 -m state --state NEW -j ACCEPT
2) iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
3)iptables -A INPUT -j LOG --log-prefix "FAIL!"
Saturday, June 6, 2009
Friday, June 5, 2009
awk examples
awk examples:-
the global structure of an awk command is as follows:-
awk '/pattern/{action}' filename
displaying lines that contain a given pattern with awk
user@ubuntu:~$ awk '/root/' /etc/passwd
root:x:0:0:root:/root:/bin/bash
user@ubuntu:~$ awk '/root/{print $1}' /etc/passwd
root:x:0:0:root:/root:/bin/bash
the global structure of an awk command is as follows:-
awk '/pattern/{action}' filename
displaying lines that contain a given pattern with awk
user@ubuntu:~$ awk '/root/' /etc/passwd
root:x:0:0:root:/root:/bin/bash
user@ubuntu:~$ awk '/root/{print $1}' /etc/passwd
root:x:0:0:root:/root:/bin/bash
sed examples
sed action [files]
sed -e action1 -e action2 [files]
sed -f scriptfile [files]
actions specified on the command line are almost always enclosed in single quotes to prevent shell interpretation of special characters
Ex:-
cat demofile | sed 's/foo/bar/'
's/foo/bar/g' ---> global substitution
a range of line numbers can be specified
ex:- 1,10s/foo/bar/ 40,$s/foo/bar/
$ means last line in the file
deleting lines:-
11,20d - delete the second 10 lines of input
/hopscotch/d - delete all lines with the word hopscotch
sed '/foo/d' samplefile
sed '99,$!d' samplefile
deleting blank lines:-
sed '/^$/d'
----------------------------------------------------
executable sed script:-
#!/bin/sed -f
s/mvirtue/THe author of this course/
/grumpy/d
----------------------------------------------------
sed examples:-
1) showing the first 2 lines with sed & quiting
user@ubuntu:~$ sed 2q /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
2) sed -n /bash/p /etc/passwd
this command finds all the matching lines in /etc/passwd containing the text bash
/bash/ specifies the text you are looking for.
-p means to print
-n is used to suppress automatic printing of pattern space. Without this option, you would see every matching line twice
eamples
sed -n /^bash/p /etc/passwd
sed -n /./p /etc/passwd
sed -n /\./p /etc/passwd
sed -n /me\/le/p /etc/passwd
who am i | sed 's/ .* / /'
3) sed s/John/myname/g employee.txt
will search for the string John in the file employee.txt and replace it with myname
ex:-
sed ‘s/us.archive.ubuntu.com/mirrors.kernel.org/g’ /etc/apt/sources.list
4) grep == sed -n '/pattern/p'
grep -v == sed -n '/pattern/!p'
sed -e action1 -e action2 [files]
sed -f scriptfile [files]
actions specified on the command line are almost always enclosed in single quotes to prevent shell interpretation of special characters
Ex:-
cat demofile | sed 's/foo/bar/'
's/foo/bar/g' ---> global substitution
a range of line numbers can be specified
ex:- 1,10s/foo/bar/ 40,$s/foo/bar/
$ means last line in the file
deleting lines:-
11,20d - delete the second 10 lines of input
/hopscotch/d - delete all lines with the word hopscotch
sed '/foo/d' samplefile
sed '99,$!d' samplefile
deleting blank lines:-
sed '/^$/d'
----------------------------------------------------
executable sed script:-
#!/bin/sed -f
s/mvirtue/THe author of this course/
/grumpy/d
----------------------------------------------------
sed examples:-
1) showing the first 2 lines with sed & quiting
user@ubuntu:~$ sed 2q /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
2) sed -n /bash/p /etc/passwd
this command finds all the matching lines in /etc/passwd containing the text bash
/bash/ specifies the text you are looking for.
-p means to print
-n is used to suppress automatic printing of pattern space. Without this option, you would see every matching line twice
eamples
sed -n /^bash/p /etc/passwd
sed -n /./p /etc/passwd
sed -n /\./p /etc/passwd
sed -n /me\/le/p /etc/passwd
who am i | sed 's/ .* / /'
3) sed s/John/myname/g employee.txt
will search for the string John in the file employee.txt and replace it with myname
ex:-
sed ‘s/us.archive.ubuntu.com/mirrors.kernel.org/g’ /etc/apt/sources.list
4) grep == sed -n '/pattern/p'
grep -v == sed -n '/pattern/!p'
how to get the inode number of a particular file ?
ls -il /etc/hosts
8906880 -rw-r--r-- 1 root root 265 2009-03-23 13:46 /etc/hosts
user@ubuntu:~$ sudo debugfs /dev/sda1
debugfs 1.40.8 (13-Mar-2008)
debugfs: stat <8906880>
Inode: 8906880 Type: regular Mode: 0644 Flags: 0x0 Generation: 781546731
User: 0 Group: 0 Size: 265
File ACL: 0 Directory ACL: 0
Links: 1 Blockcount: 8
Fragment: Address: 0 Number: 0 Size: 0
ctime: 0x49c74578 -- Mon Mar 23 13:46:56 2009
atime: 0x4a28c163 -- Fri Jun 5 12:25:31 2009
mtime: 0x49c74578 -- Mon Mar 23 13:46:56 2009
BLOCKS:
(0):35631176
TOTAL: 1
8906880 -rw-r--r-- 1 root root 265 2009-03-23 13:46 /etc/hosts
user@ubuntu:~$ sudo debugfs /dev/sda1
debugfs 1.40.8 (13-Mar-2008)
debugfs: stat <8906880>
Inode: 8906880 Type: regular Mode: 0644 Flags: 0x0 Generation: 781546731
User: 0 Group: 0 Size: 265
File ACL: 0 Directory ACL: 0
Links: 1 Blockcount: 8
Fragment: Address: 0 Number: 0 Size: 0
ctime: 0x49c74578 -- Mon Mar 23 13:46:56 2009
atime: 0x4a28c163 -- Fri Jun 5 12:25:31 2009
mtime: 0x49c74578 -- Mon Mar 23 13:46:56 2009
BLOCKS:
(0):35631176
TOTAL: 1
Thursday, June 4, 2009
The tar command trick
suppose we have a directory containing 2 sub directories from-stuff
and to-stuff, from-stuff contains an entire tree of files , symbolic links and so forth. something that is difficult to mirror precisely using a recursive cp. in order to mirror the entire tree beneath from-stuff to to-stuff , we could use the commands:
cd from-stuff
tar cf - . | (cd ../to-stuff; tar xvf -)
source:- Running Linux
Grant edwards
The '-' is in the spot where tar expects to see the filename of the archive to be created/read. Using '-' for a filename tells tar to write the archive to stdout (or stdin when an archive is
being read) instead of a "regular" named file.
One would hope that would be explained on tar's man/info page, but it isn't -- the man/info page only explains options in their "standard" notation like this:
tar c -f -
That said, specifying '-' to use stdout/stdin is a bit redundant since that's the default. The example line would work just as well like this:
tar c . | (cd ../to-stuff; tar xv)
Or this
tar c . | tar xv -C ../to-stuff
But I don't really see why "cp -a" won't work. It handles links, device files, permissions, etc.
kiaaze
Code: tar c . | (cd ../to-stuff; tar xv)
works too, since tar uses standard output/input by default.
robert heller
Depends on the version of tar. For stock commercial UNIX tar, the default is still the tape drive. It appears that GNU Tar defaults to stdin/stdout. Traditionally, tar reads/writes to the tape drive and some versions might still do so by default. If you don't know what version of tar you are using, adding '-f -' will ALWAYS work, even if it is redundant. It certainly does not hurt.
rainer krienke
the problem with this tar-trick is that if you suppose that from-stuff is not just a small directory but say eg 1TByte in size with million of files in it.
Tar of course works but if anything goes wrong in such a tar run, (perhaps the to-stuff filesystem gets full or some files are modified during the run of tar that might take hours for a huge from-stuff dir, then all you can do is to start from scratch i.e. copy all files again.
In such situations its better to use rsync because rsync does only synchronize i.e. copy files that are different in from-stuff and to-stuff. Even if you stop rsync in the middle of its work and start it again it won't copy all files again like tar would, it would only copy those files not already in to-stuff. If you modify a file in from-stuff and start rsync again it will find this file and copy only this one instead of the whole TerraByte of data. Actually rsync is even better. if only a some bytes of one file in from-stuff changed it will transfer only those bytes that changed and insert them into the already existing file in to-stuff. This is important if you eg copy many data across a slow network link.
The command also preserves symlinks, permissions and ownership and using appropiate options also hard links and in its basic form that does all this its really simple:
rsync -av from-stuff to-stuff
thats all. Call it for the first time it will copy all files and directories. Call it a second time it will only copy files that have changed in from-stuff since the last run.
and to-stuff, from-stuff contains an entire tree of files , symbolic links and so forth. something that is difficult to mirror precisely using a recursive cp. in order to mirror the entire tree beneath from-stuff to to-stuff , we could use the commands:
cd from-stuff
tar cf - . | (cd ../to-stuff; tar xvf -)
source:- Running Linux
Grant edwards
The '-' is in the spot where tar expects to see the filename of the archive to be created/read. Using '-' for a filename tells tar to write the archive to stdout (or stdin when an archive is
being read) instead of a "regular" named file.
One would hope that would be explained on tar's man/info page, but it isn't -- the man/info page only explains options in their "standard" notation like this:
tar c -f -
That said, specifying '-' to use stdout/stdin is a bit redundant since that's the default. The example line would work just as well like this:
tar c . | (cd ../to-stuff; tar xv)
Or this
tar c . | tar xv -C ../to-stuff
But I don't really see why "cp -a" won't work. It handles links, device files, permissions, etc.
kiaaze
Code: tar c . | (cd ../to-stuff; tar xv)
works too, since tar uses standard output/input by default.
robert heller
Depends on the version of tar. For stock commercial UNIX tar, the default is still the tape drive. It appears that GNU Tar defaults to stdin/stdout. Traditionally, tar reads/writes to the tape drive and some versions might still do so by default. If you don't know what version of tar you are using, adding '-f -' will ALWAYS work, even if it is redundant. It certainly does not hurt.
rainer krienke
the problem with this tar-trick is that if you suppose that from-stuff is not just a small directory but say eg 1TByte in size with million of files in it.
Tar of course works but if anything goes wrong in such a tar run, (perhaps the to-stuff filesystem gets full or some files are modified during the run of tar that might take hours for a huge from-stuff dir, then all you can do is to start from scratch i.e. copy all files again.
In such situations its better to use rsync because rsync does only synchronize i.e. copy files that are different in from-stuff and to-stuff. Even if you stop rsync in the middle of its work and start it again it won't copy all files again like tar would, it would only copy those files not already in to-stuff. If you modify a file in from-stuff and start rsync again it will find this file and copy only this one instead of the whole TerraByte of data. Actually rsync is even better. if only a some bytes of one file in from-stuff changed it will transfer only those bytes that changed and insert them into the already existing file in to-stuff. This is important if you eg copy many data across a slow network link.
The command also preserves symlinks, permissions and ownership and using appropiate options also hard links and in its basic form that does all this its really simple:
rsync -av from-stuff to-stuff
thats all. Call it for the first time it will copy all files and directories. Call it a second time it will only copy files that have changed in from-stuff since the last run.
how to change ssh port
1) vi /etc/ssh/ssh_config
change the entry port 22 to port 1900 (or any other non privileged port no:)
:wq
2) restart the ssh service
sudo /etc/init.d/ssh restart
3) ssh -p 1900 localhost
NB:- warning untested
change the entry port 22 to port 1900 (or any other non privileged port no:)
:wq
2) restart the ssh service
sudo /etc/init.d/ssh restart
3) ssh -p 1900 localhost
NB:- warning untested
Wednesday, June 3, 2009
Tuesday, June 2, 2009
Monday, June 1, 2009
Sunday, May 31, 2009
banner command
banner command
can anyone give me a practical situation in which banner command is used ?
square gold fish
This question includes the assumption that everything must have a practical use (Try cowsay!)
Anyway, you could have a console script that could post its status ("GOOD", "BAD") in nice big letters so you could see it from across the room....
cmay
it have had a practical use once i think. but the only thing you can use it for now is to print a nice banner on a piece of paper if you redirect the out put to a printer. i read about it some time ago but i can not remember what the original use was and its also a very old program i think. but it is not written just for the fun of it that i am sure of.
xyz
one possible usage i could find is
/usr/games/banner -w50 Happy Birthday! |lpr
can anyone give me a practical situation in which banner command is used ?
square gold fish
This question includes the assumption that everything must have a practical use (Try cowsay!)
Anyway, you could have a console script that could post its status ("GOOD", "BAD") in nice big letters so you could see it from across the room....
cmay
it have had a practical use once i think. but the only thing you can use it for now is to print a nice banner on a piece of paper if you redirect the out put to a printer. i read about it some time ago but i can not remember what the original use was and its also a very old program i think. but it is not written just for the fun of it that i am sure of.
xyz
one possible usage i could find is
/usr/games/banner -w50 Happy Birthday! |lpr
how to lock and un lock terminals in linux ?
to lock just comment the tty entries in /etc/securetty file
and to un lock just un comment the commented entries
and to un lock just un comment the commented entries
Regular expression examples
ls -a | grep '.[a-z]'
rm 'ls | grep '^[ab]$''
ls | grep '^[a-c]$'
ls -a | grep '^[a.]*$'
grep 'lin.x'*
grep -ls '^hosts' *
grep -ls 'hosts$' *
\< and \>
Search for patterns at the beginning of a word or at the end of a word. For instance, the following would show lines that have text beginning with san:
grep \< san *
\{n\} : The preceding character or regular expression occurs at least times. This is useful in a regular expression where you are looking for a number, say, between 100 and 999, as in the following command:
grep -ls '0-9\{3\}' *
rm 'ls | grep '^[ab]$''
ls | grep '^[a-c]$'
ls -a | grep '^[a.]*$'
grep 'lin.x'*
grep -ls '^hosts' *
grep -ls 'hosts$' *
\< and \>
Search for patterns at the beginning of a word or at the end of a word. For instance, the following would show lines that have text beginning with san:
grep \< san *
\{n\} : The preceding character or regular expression occurs at least times. This is useful in a regular expression where you are looking for a number, say, between 100 and 999, as in the following command:
grep -ls '0-9\{3\}' *
Saturday, May 30, 2009
iptable rules file
In ubuntu linux, by default where does the iptable rules gets saved ?
bsd unix
I believe this is what your looking for:
Quote: Save your firewall rules to a file
Code: $ sudo sh -c "iptables-save > /etc/iptables.rules"
spd106
The short answer is... they don't.
You can view the current rules with
iptables -L
Usually you would add the commands to create these rules into the /etc/network/interfaces file or to a shell script file and place that somewhere in the init system.
Since Network Manager took over it's a little bit different and I'm not entirely sure how it works. I think you need to place a script in the /etc/NetworkManager/dispatcher.d/ folder.
See https://help.ubuntu.com/community/IptablesHowTo
NB:- tested on ubuntu 8.04
bsd unix
I believe this is what your looking for:
Quote: Save your firewall rules to a file
Code: $ sudo sh -c "iptables-save > /etc/iptables.rules"
spd106
The short answer is... they don't.
You can view the current rules with
iptables -L
Usually you would add the commands to create these rules into the /etc/network/interfaces file or to a shell script file and place that somewhere in the init system.
Since Network Manager took over it's a little bit different and I'm not entirely sure how it works. I think you need to place a script in the /etc/NetworkManager/dispatcher.d/ folder.
See https://help.ubuntu.com/community/IptablesHowTo
NB:- tested on ubuntu 8.04
Thursday, May 28, 2009
Wednesday, May 27, 2009
The /etc/sysctl.conf directives are important kernel security measures.
This is what the kernel parameters in the file mean:
net.ipv4.ip_forward = 0
This box is not a router, so make sure forwarding is turned off.
net.ipv4.icmp_echo_ignore_broadcasts = 1
Don’t respond to ping broadcasts. Ping broadcasts and multicasts are usually an
attack of some kind, like a Smurf attack. You may want to use a ping broadcast
to see what hosts on your LAN are up, but there are other ways to do this. It is a
lot safer to leave this disabled.
net.ipv4.tcp_syncookies = 1
This helps to protect from a syn flood attack. If your computer is flooded with
SYN packets from different hosts, the syn backlog queue may overflow. So, this
sends out cookies to test the validity of the SYN packets. This is not so useful on
a heavily loaded server, and it may even cause problems, so it’s better to use it
only on workstations and laptops.
net.ipv4.conf.all.rp_filter = 1
This helps to maintain state and protect against source spoofing. It verifies that
packets coming in on an interface also go out on the same interface. Obviously,
this can confuse multihomed routers, which routinely forward packets from one
interface to another, so don’t use it on them.
net.ipv4.ip_forward = 0
This box is not a router, so make sure forwarding is turned off.
net.ipv4.icmp_echo_ignore_broadcasts = 1
Don’t respond to ping broadcasts. Ping broadcasts and multicasts are usually an
attack of some kind, like a Smurf attack. You may want to use a ping broadcast
to see what hosts on your LAN are up, but there are other ways to do this. It is a
lot safer to leave this disabled.
net.ipv4.tcp_syncookies = 1
This helps to protect from a syn flood attack. If your computer is flooded with
SYN packets from different hosts, the syn backlog queue may overflow. So, this
sends out cookies to test the validity of the SYN packets. This is not so useful on
a heavily loaded server, and it may even cause problems, so it’s better to use it
only on workstations and laptops.
net.ipv4.conf.all.rp_filter = 1
This helps to maintain state and protect against source spoofing. It verifies that
packets coming in on an interface also go out on the same interface. Obviously,
this can confuse multihomed routers, which routinely forward packets from one
interface to another, so don’t use it on them.
Sunday, May 24, 2009
nslookup - a command line dns client
It manually retrieve a dns record from the server
zodiac@zodioc:~$ nslookup
>server a.root-servers.net
>server a.gtld-servers.net
> www.vtc.com
>server ns1.quay2.com
>www.vtc.com
nslookup interactive mode:-
> nslookup
>www.vtc.com
to change server
> server ip addr
> set type=mx
> vtc.com
Ex:-
user@ubuntu:~$ nslookup
> server ns4.dnsmadeeasy.com
Default server: ns4.dnsmadeeasy.com
Address: 208.80.127.2#53
> server 208.80.127.2
Default server: 208.80.127.2
Address: 208.80.127.2#53
> www.vtc.com
Server: 208.80.127.2
Address: 208.80.127.2#53
nslookup batch mode:-
nslookup www.ubuntu.com 192.168.1.1
nslookup -type=mx ubuntu.com
nslookup -debug -type=mx ubuntu.com
user@ubuntu:~$ nslookup -type=MX vtc.com
Server: 125.22.47.125
Address: 125.22.47.125#53
Non-authoritative answer:
vtc.com mail exchanger = 30 vtc.com.s8b1.psmtp.com.
vtc.com mail exchanger = 40 vtc.com.s8b2.psmtp.com.
vtc.com mail exchanger = 10 vtc.com.s8a1.psmtp.com.
vtc.com mail exchanger = 20 vtc.com.s8a2.psmtp.com.
Authoritative answers can be found from:
vtc.com nameserver = ns3.dnsmadeeasy.com.
vtc.com nameserver = ns4.dnsmadeeasy.com.
vtc.com nameserver = ns1.dnsmadeeasy.com.
vtc.com nameserver = ns2.dnsmadeeasy.com.
vtc.com nameserver = ns0.dnsmadeeasy.com.
ns3.dnsmadeeasy.com internet address = 208.80.125.2
ns0.dnsmadeeasy.com internet address = 208.94.148.2
ns1.dnsmadeeasy.com internet address = 208.80.124.2
ns4.dnsmadeeasy.com internet address = 208.80.127.2
ns2.dnsmadeeasy.com internet address = 208.80.126.2
zodiac@zodioc:~$ nslookup
>server a.root-servers.net
>server a.gtld-servers.net
> www.vtc.com
>server ns1.quay2.com
>www.vtc.com
nslookup interactive mode:-
> nslookup
>www.vtc.com
to change server
> server ip addr
> set type=mx
> vtc.com
Ex:-
user@ubuntu:~$ nslookup
> server ns4.dnsmadeeasy.com
Default server: ns4.dnsmadeeasy.com
Address: 208.80.127.2#53
> server 208.80.127.2
Default server: 208.80.127.2
Address: 208.80.127.2#53
> www.vtc.com
Server: 208.80.127.2
Address: 208.80.127.2#53
nslookup batch mode:-
nslookup www.ubuntu.com 192.168.1.1
nslookup -type=mx ubuntu.com
nslookup -debug -type=mx ubuntu.com
user@ubuntu:~$ nslookup -type=MX vtc.com
Server: 125.22.47.125
Address: 125.22.47.125#53
Non-authoritative answer:
vtc.com mail exchanger = 30 vtc.com.s8b1.psmtp.com.
vtc.com mail exchanger = 40 vtc.com.s8b2.psmtp.com.
vtc.com mail exchanger = 10 vtc.com.s8a1.psmtp.com.
vtc.com mail exchanger = 20 vtc.com.s8a2.psmtp.com.
Authoritative answers can be found from:
vtc.com nameserver = ns3.dnsmadeeasy.com.
vtc.com nameserver = ns4.dnsmadeeasy.com.
vtc.com nameserver = ns1.dnsmadeeasy.com.
vtc.com nameserver = ns2.dnsmadeeasy.com.
vtc.com nameserver = ns0.dnsmadeeasy.com.
ns3.dnsmadeeasy.com internet address = 208.80.125.2
ns0.dnsmadeeasy.com internet address = 208.94.148.2
ns1.dnsmadeeasy.com internet address = 208.80.124.2
ns4.dnsmadeeasy.com internet address = 208.80.127.2
ns2.dnsmadeeasy.com internet address = 208.80.126.2
Friday, May 22, 2009
netstat examples
To get routing information:-
netstat -rn
protocol statistics
netstat -sP tcp ,
netstat -sP udp
netstat -sP ip
netstat -sP icmp
To determine which daemons are currently running or which daemons will be started by inetd
netstat -ap --inet | LISTEN
connections to hosts outside a masqueraded n/w
netstat -M or netstat --masquerade
to display only listening sockets
netstat -l
to display only unix domain sockets
netstat --unix -l
to display only internet TCP sockets
netstat --inet -l
to get interface information
netstat --interface
( to obtain information similar to what ifconfig returns , use -c to refresh o/p every second)
To display information about programs that are using n/w connections
netstat --program
to display information from route cache
netstat -C
to display Active TCP connections
netstat -natp
to display Active UDP connections
netstat -napu
netstat -rn
protocol statistics
netstat -sP tcp ,
netstat -sP udp
netstat -sP ip
netstat -sP icmp
To determine which daemons are currently running or which daemons will be started by inetd
netstat -ap --inet | LISTEN
connections to hosts outside a masqueraded n/w
netstat -M or netstat --masquerade
to display only listening sockets
netstat -l
to display only unix domain sockets
netstat --unix -l
to display only internet TCP sockets
netstat --inet -l
to get interface information
netstat --interface
( to obtain information similar to what ifconfig returns , use -c to refresh o/p every second)
To display information about programs that are using n/w connections
netstat --program
to display information from route cache
netstat -C
to display Active TCP connections
netstat -natp
to display Active UDP connections
netstat -napu
Thursday, May 21, 2009
rsync examples
If you want to remote-copy a directory or files from one host to another, making a particular backup, you can use rsync, which is designed for network backups of particular directories or files, intelligently copying only those files that have been changed, rather than the contents of an entire directory. In archive mode, it can preserve the original ownership and permissions, providing corresponding users exist on the host system.
The following example copies the /home/george/myproject directory to the /backup directory on the host rabbit, creating a corresponding myproject subdirectory. The -t specifies that this is a transfer. The remote host is referenced with an attached colon, rabbit:.
rsync -t /home/george/myproject rabbit:/backup
If, instead, you want to preserve the ownership and permissions of the files as well as include all subdirectories, you use the -a (archive) option. Adding a -z option will compress the file. The -v option provides a verbose mode (you can leave this out if you wish):
rsync -avz /home/george/myproject rabbit:/backup
The -a option is the equivalent to the following options: r (recursive), l (preserve symbolic links), p (permissions), g (groups), o (owner), t (times), and D (preserve device and special files). The -a option does not preserve hard links, as this can be time consuming.
If you want hard links preserved, you need to add the -H option:
rsync -avzH /home/george/myproject rabbit:/backup
The rsync command is configured to use Secure Shell (SSH) remote shell by default. You can specify it or an alternate remote shell to use with the -e option. For secure transmission, you can encrypt the copy operation with ssh. Either use the -e ssh option or set the RSYNC_RSH variable to ssh:
rsync -avz -e ssh /home/george/myproject rabbit:/backup/myproject
You can also run rsync as a server daemon. This will allow remote users to sync copies of files on your system with versions on their own, transferring only changed files rather than entire directories. Many mirror and software FTP sites operate as rsync servers, letting you update files without having to download the full versions again. Configuration information for rsync as a server is kept in the /etc/rsyncd.conf file. Check the man page documentation for rsyncd.conf for details on how to configure the rsync server. You can start, restart, and shut down the rsync server using the /etc/init.d/rsync script: sudo /etc/init.d/rsync restart
TIP
Though it is designed for copying between hosts, you can also use rsync to make copies within your own system, usually to a directory in another partition or hard drive. In fact, you can use rsync in eight different ways. Check the rsync man page for detailed descriptions of each.
we can add a crontab entry like this:-
crontab -e
35 8 * * * rsync -pavc /home/mydir /backup
source richard petersen
The following example copies the /home/george/myproject directory to the /backup directory on the host rabbit, creating a corresponding myproject subdirectory. The -t specifies that this is a transfer. The remote host is referenced with an attached colon, rabbit:.
rsync -t /home/george/myproject rabbit:/backup
If, instead, you want to preserve the ownership and permissions of the files as well as include all subdirectories, you use the -a (archive) option. Adding a -z option will compress the file. The -v option provides a verbose mode (you can leave this out if you wish):
rsync -avz /home/george/myproject rabbit:/backup
The -a option is the equivalent to the following options: r (recursive), l (preserve symbolic links), p (permissions), g (groups), o (owner), t (times), and D (preserve device and special files). The -a option does not preserve hard links, as this can be time consuming.
If you want hard links preserved, you need to add the -H option:
rsync -avzH /home/george/myproject rabbit:/backup
The rsync command is configured to use Secure Shell (SSH) remote shell by default. You can specify it or an alternate remote shell to use with the -e option. For secure transmission, you can encrypt the copy operation with ssh. Either use the -e ssh option or set the RSYNC_RSH variable to ssh:
rsync -avz -e ssh /home/george/myproject rabbit:/backup/myproject
You can also run rsync as a server daemon. This will allow remote users to sync copies of files on your system with versions on their own, transferring only changed files rather than entire directories. Many mirror and software FTP sites operate as rsync servers, letting you update files without having to download the full versions again. Configuration information for rsync as a server is kept in the /etc/rsyncd.conf file. Check the man page documentation for rsyncd.conf for details on how to configure the rsync server. You can start, restart, and shut down the rsync server using the /etc/init.d/rsync script: sudo /etc/init.d/rsync restart
TIP
Though it is designed for copying between hosts, you can also use rsync to make copies within your own system, usually to a directory in another partition or hard drive. In fact, you can use rsync in eight different ways. Check the rsync man page for detailed descriptions of each.
we can add a crontab entry like this:-
crontab -e
35 8 * * * rsync -pavc /home/mydir /backup
source richard petersen
Sharing remote Directories with samba
To scan your network for SMB hosts
$findsmb
*=DMB
+=LMB
IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION
---------------------------------------------------------------------
192.168.2.25 RENOY [RENOY] [Unix] [Samba 3.0.28a]
192.168.2.27 HOST14 [WORKGROUP] [Unix] [Samba 3.0.28a]
192.168.2.30 USER-DESKTOP [WORKGROUP] [Unix] [Samba 3.0.28a]
192.168.2.31 UBUNTU [WORKGROUP] [Unix] [Samba 3.0.28a]
192.168.2.32 UBUNTU +[UBUNTU] [Unix] [Samba 3.0.28a]
192.168.2.33 ZODIAC-DESKTOP [ZODIAC-DESKTOP] [Unix] [Samba 3.0.28a]
192.168.2.37 UBUNTU [WORKGROUP] [Unix] [Samba 3.0.28a]
192.168.2.43 SAGGAR [SAGGAR] [Unix] [Samba 3.0.28a]
192.168.2.44 AJAI [WORKGROUP] [Unix] [Samba 3.0.28a]
To view a text representation of your network neighbourhood(shared dir & printers)
sudo smbtree
To add an existing linux user as a samba user
sudo smbpasswd -a username
To list services offered by a server to an anonymous user
smbclient -L server
to get o/p from smbclient for a specific user named francois
smbclient -L server -U francois
Mounting Samba Shares
You can mount remote Samba shares on your local file system much as you would a local file
system or remote NFS file system. To mount the share:
$ sudo mount -t smbfs -o username=francois,password=MySecret \
//192.168.1.1/myshare /mnt/mymount/
NOTE The Samba file system (smbfs) is deprecated and should no longer be used in some Linux distributions; however, this is the type supported on Ubuntu. In other distributions, the preferred method is to indicate CIFS (-t cifs) as the file system type when you mount a remote Samba share.
You can see the current connections and file locks on a server using the smbstatus command. This will tell you if someone has mounted your shared directories or is currently using an smbclient connection to your server:
$ sudo smbstatus
Looking Up Samba Hosts
NetBIOS names are used to identify hosts in Samba. You can determine the IP address of a
computer using the nmblookup command to broadcast for a particular NetBIOS name on the local subnet as follows:
$ nmblookup thompson
querying thompson on 192.168.1.255
192.168.1.1 server1<00>
To find the IP address for a server on a specific subnet, use the -U option:
$ nmblookup -U 192.168.1.255 server1
querying server1 on 192.168.1.255
192.168.1.1 server1<00>
Checking Samba Configuration
If you are unable to use a Samba share or if you have other problems communicating with your Samba server, you can test the Samba configuration on the server. The testparm command can be used to check your main Samba configuration file (smb.conf):
$ testparm
Load smb config files from /etc/samba/smb.conf
Processing section “[homes]”
Processing section “[printers]”
Processing section “[myshare]”
Loaded services file OK.
Server role: ROLE_STANDALONE
Press Enter to see a dump of your service definitions
$findsmb
*=DMB
+=LMB
IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION
---------------------------------------------------------------------
192.168.2.25 RENOY [RENOY] [Unix] [Samba 3.0.28a]
192.168.2.27 HOST14 [WORKGROUP] [Unix] [Samba 3.0.28a]
192.168.2.30 USER-DESKTOP [WORKGROUP] [Unix] [Samba 3.0.28a]
192.168.2.31 UBUNTU [WORKGROUP] [Unix] [Samba 3.0.28a]
192.168.2.32 UBUNTU +[UBUNTU] [Unix] [Samba 3.0.28a]
192.168.2.33 ZODIAC-DESKTOP [ZODIAC-DESKTOP] [Unix] [Samba 3.0.28a]
192.168.2.37 UBUNTU [WORKGROUP] [Unix] [Samba 3.0.28a]
192.168.2.43 SAGGAR [SAGGAR] [Unix] [Samba 3.0.28a]
192.168.2.44 AJAI [WORKGROUP] [Unix] [Samba 3.0.28a]
To view a text representation of your network neighbourhood(shared dir & printers)
sudo smbtree
To add an existing linux user as a samba user
sudo smbpasswd -a username
To list services offered by a server to an anonymous user
smbclient -L server
to get o/p from smbclient for a specific user named francois
smbclient -L server -U francois
Mounting Samba Shares
You can mount remote Samba shares on your local file system much as you would a local file
system or remote NFS file system. To mount the share:
$ sudo mount -t smbfs -o username=francois,password=MySecret \
//192.168.1.1/myshare /mnt/mymount/
NOTE The Samba file system (smbfs) is deprecated and should no longer be used in some Linux distributions; however, this is the type supported on Ubuntu. In other distributions, the preferred method is to indicate CIFS (-t cifs) as the file system type when you mount a remote Samba share.
You can see the current connections and file locks on a server using the smbstatus command. This will tell you if someone has mounted your shared directories or is currently using an smbclient connection to your server:
$ sudo smbstatus
Looking Up Samba Hosts
NetBIOS names are used to identify hosts in Samba. You can determine the IP address of a
computer using the nmblookup command to broadcast for a particular NetBIOS name on the local subnet as follows:
$ nmblookup thompson
querying thompson on 192.168.1.255
192.168.1.1 server1<00>
To find the IP address for a server on a specific subnet, use the -U option:
$ nmblookup -U 192.168.1.255 server1
querying server1 on 192.168.1.255
192.168.1.1 server1<00>
Checking Samba Configuration
If you are unable to use a Samba share or if you have other problems communicating with your Samba server, you can test the Samba configuration on the server. The testparm command can be used to check your main Samba configuration file (smb.conf):
$ testparm
Load smb config files from /etc/samba/smb.conf
Processing section “[homes]”
Processing section “[printers]”
Processing section “[myshare]”
Loaded services file OK.
Server role: ROLE_STANDALONE
Press Enter to see a dump of your service definitions
Tuesday, May 19, 2009
ping attack
can any help/explain me to protect my ubuntu machine against
D.O.S ping attacks such as this
ping ip -t -l 65500 ?
Admiral beotch
You can't really protect yourself from this kind of DoS attack if it's coming from the local network. Even if it's coming from the internet to your DSL connected firewall
, there's not much you can do. The problem is that, while you can certainly filter the packets when they get to you, the packets are still there soaking up the bandwidth between your ISP and firewall.
At best, you can simply drop the packets and "halve" the traffic because your host will not be responding.
If someone is DoSing you, you can report it to your ISP (or the owner of the source netblock) and hopefully they can apply the drop further upstream to protect you.
The cog
I think that using a firewall like gufw or guarddog you can block incoming ping requests. You cartainly can if you configure iptables directly (gufw and guarddog are GUI front-ends for driving iptables which is a command-line firewall configurer).
But ignoring pings won't prevent a DDOS from flooding your link with ping requests. You would need help from your ISP if that ever happened. All ignoring the pings would do is to avoid flooding your upload bandwidth with replies.
bodhi zazen
DOS are easy to handle with iptables.
For ping :
Code: sudo iptables -A INPUT -p icmp -m limit --limit 1/sec -j ACCEPT
D.O.S ping attacks such as this
ping ip -t -l 65500 ?
Admiral beotch
You can't really protect yourself from this kind of DoS attack if it's coming from the local network. Even if it's coming from the internet to your DSL connected firewall
, there's not much you can do. The problem is that, while you can certainly filter the packets when they get to you, the packets are still there soaking up the bandwidth between your ISP and firewall.
At best, you can simply drop the packets and "halve" the traffic because your host will not be responding.
If someone is DoSing you, you can report it to your ISP (or the owner of the source netblock) and hopefully they can apply the drop further upstream to protect you.
The cog
I think that using a firewall like gufw or guarddog you can block incoming ping requests. You cartainly can if you configure iptables directly (gufw and guarddog are GUI front-ends for driving iptables which is a command-line firewall configurer).
But ignoring pings won't prevent a DDOS from flooding your link with ping requests. You would need help from your ISP if that ever happened. All ignoring the pings would do is to avoid flooding your upload bandwidth with replies.
bodhi zazen
DOS are easy to handle with iptables.
For ping :
Code: sudo iptables -A INPUT -p icmp -m limit --limit 1/sec -j ACCEPT
Tuesday, March 17, 2009
Sunday, March 8, 2009
whois - a dns client application
whois tool used to query whois servers , which maintains domain registration info about internet dns namespace
what are the informations that can be retrieved using whois ??
who is registered under a specific domain
and the authoritative dns servers for the domain
how to use whois tool ?
1) use the web based tools
ex:- provided at networksolutions.com
2) use command line clients
ex:- zodiac@zodioc:~$ whois ubuntu.com
whois -h whois.markmonitor.com ubuntu.com
why whois ?
1) to check whether authoritative nameservers for your domain are set correctly
2) to find out the ownership details of a domain using this simple command…
whois openjs.com
what are the informations that can be retrieved using whois ??
who is registered under a specific domain
and the authoritative dns servers for the domain
how to use whois tool ?
1) use the web based tools
ex:- provided at networksolutions.com
2) use command line clients
ex:- zodiac@zodioc:~$ whois ubuntu.com
whois -h whois.markmonitor.com ubuntu.com
why whois ?
1) to check whether authoritative nameservers for your domain are set correctly
2) to find out the ownership details of a domain using this simple command…
whois openjs.com
Basic Diff
If you use the diff command, you will be able to see the difference between the files as shown below:
diff file1 file2
diff -y file1 file2 -W 120 #View side by side
diff file1 file2
diff -y file1 file2 -W 120 #View side by side
Saturday, March 7, 2009
curl command examples
FTP using curl
curl -T filename.txt -u username:password ftp://example.cot/filename.txt
curl -T filename.txt -u username:password ftp://example.cot/filename.txt
Change File Encoding
Creates a new from the given input file by assuming it is encoded in fromEncoding and converting it to toEncoding.
iconv -f fromEncoding -t toEncoding inputFile > outputFile
iconv -f fromEncoding -t toEncoding inputFile > outputFile
Encrypt/Decrypt File using OpenSSL in Linux
Works on OS X, Linux, anywhere with OpenSSL installed:
To encrypt a file:
openssl des3 -salt -in infile.txt -out encryptedfile.txt
To decrypt the file:
openssl des3 -d -salt -in encryptedfile.txt -out normalfile.txt
To encrypt a file:
openssl des3 -salt -in infile.txt -out encryptedfile.txt
To decrypt the file:
openssl des3 -d -salt -in encryptedfile.txt -out normalfile.txt
Using Dvorak in Linux Console
If you are a user of the dvorak layout, this command will let you use that layout in the console…
loadkeys dvorak
warning not tested
loadkeys dvorak
warning not tested
spy on SSH users
See what your users are doing using SSH connected to your system - this will show you what happens on the first console. If someone is typing, you’ll be able to get an output of his keystrokes. Substitute cat /dev/vcs1 with cat /dev/vcs2 or cat /dev/vcs3 and so on for other consoles.
cat /dev/vcs1
warning Untested
cat /dev/vcs1
warning Untested
shutdown command examples
Cancel a planned shutdown of the system shutdown -c
Shutdown the system after a specified time. shutdown -h hours:minutes &
Shutdown the system after a specified time. shutdown -h hours:minutes &
Friday, March 6, 2009
LAN type
Recently a friend of mine asked me,on seeing a LAN,how to find its type?, the only answer i could give her was , on seeing the cabling used, we can say whether it is 10 Base T, or fast ethernet etc.
can any one give any other solution/answer ?
Tapio salonsari
# mii-tool
eth0: no link
eth1: negotiated 100baseTx-FD flow-control, link ok
On Debian systems that's found from net-tools package, ymmv. That can give you much more information as well, so check the manpage. Hope this helps.
Maxwell lol
There is also ethtool. I recently downloaded the source, and compiled it.It provides a lot of information, and options to control the NIC card.
can any one give any other solution/answer ?
Tapio salonsari
# mii-tool
eth0: no link
eth1: negotiated 100baseTx-FD flow-control, link ok
On Debian systems that's found from net-tools package, ymmv. That can give you much more information as well, so check the manpage. Hope this helps.
Maxwell lol
There is also ethtool. I recently downloaded the source, and compiled it.It provides a lot of information, and options to control the NIC card.
Thursday, March 5, 2009
permission change without chmod
is it possible to change the permission of a file without using chmod command ?
pk
Sure, just write a C program that does that, give it a name different from "chmod", and call it. Or use a graphical file manager, right click, "properties" -> "permissions..." and change the permissions.
Michael black
You can change permission with lynx, though of course only if you have permission to do it (ie you are the owner of the file, or root). I'm sure MC can do it too.
The natural philosopher
You could remove the disk, and pick through the inode blocks with a hex editor on a hardware emulator..
Or you could recompile the kernel to treat all the file permissions completely differently..or wrote a whole new operating system.
pk
Sure, just write a C program that does that, give it a name different from "chmod", and call it. Or use a graphical file manager, right click, "properties" -> "permissions..." and change the permissions.
Michael black
You can change permission with lynx, though of course only if you have permission to do it (ie you are the owner of the file, or root). I'm sure MC can do it too.
The natural philosopher
You could remove the disk, and pick through the inode blocks with a hex editor on a hardware emulator..
Or you could recompile the kernel to treat all the file permissions completely differently..or wrote a whole new operating system.
Monday, March 2, 2009
nmap examples
ping scan
nmap -v -sP 192.168.2.0/24 or nmap -sP 192.168.2.*
Starting Nmap 4.53 ( http://insecure.org ) at 2009-03-03 10:17 IST
Initiating Ping Scan at 10:17
Scanning 256 hosts [1 port/host]
Completed Ping Scan at 10:17, 0.61s elapsed (256 total hosts)
Initiating Parallel DNS resolution of 256 hosts. at 10:17
Completed Parallel DNS resolution of 256 hosts. at 10:17, 13.63s elapsed
Host 192.168.2.0 appears to be down.
Host 192.168.2.1 appears to be up.
Host 192.168.2.2 appears to be down.
Host 192.168.2.3 appears to be down.
Host 192.168.2.4 appears to be down.
UDP scan
sudo nmap -v -sU 192.168.2.0/24
T.C.P connect scan
Ex:-
sudo nmap -sT -p 80 192.168.2.42
Starting Nmap 4.53 ( http://insecure.org ) at 2009-03-03 10:24 IST
Interesting ports on 192.168.2.42:
PORT STATE SERVICE
80/tcp closed http
MAC Address: 00:1B:38:7D:84:A4 (Compal Information (kunshan) CO.)
Nmap done: 1 IP address (1 host up) scanned in 0.601 seconds
Ex:- nmap -sT 192.168.2.1-254 -p 1433-1435
syn stealth scan
Ex:- sudo nmap -sS -v 192.168.2.42
Starting Nmap 4.53 ( http://insecure.org ) at 2009-03-03 10:25 IST
Initiating ARP Ping Scan at 10:25
Scanning 192.168.2.42 [1 port]
Completed ARP Ping Scan at 10:25, 0.02s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 10:25
Completed Parallel DNS resolution of 1 host. at 10:25, 0.31s elapsed
Initiating SYN Stealth Scan at 10:25
Scanning 192.168.2.42 [1714 ports]
Completed SYN Stealth Scan at 10:26, 33.22s elapsed (1714 total ports)
Host 192.168.2.42 appears to be up ... good.
All 1714 scanned ports on 192.168.2.42 are filtered (1652) or closed (62)
MAC Address: 00:1B:38:7D:84:A4 (Compal Information (kunshan) CO.)
Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 33.809 seconds
Raw packets sent: 3373 (148.410KB) | Rcvd: 63 (2894B)
NB:- syn scan is used when you dont want much traffic sent
O.S Detection scan
Ex:- sudo nmap -O --vv 192.168.2.0/24
nmap -O -v 127.0.0.1
nmap adding decoys
Ex sudo nmap -sS -PN -p80 -n 192.168.2.32 -D 192.168.2.60 -v
Starting Nmap 4.53 ( http://insecure.org ) at 2009-03-04 11:58 IST
Initiating ARP Ping Scan at 11:58
Scanning 192.168.2.32 [1 port]
Completed ARP Ping Scan at 11:58, 0.01s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 11:58
Scanning 192.168.2.32 [1 port]
Discovered open port 80/tcp on 192.168.2.32
Completed SYN Stealth Scan at 11:58, 0.02s elapsed (1 total ports)
Host 192.168.2.32 appears to be up ... good.
Interesting ports on 192.168.2.32:
PORT STATE SERVICE
80/tcp open http
MAC Address: 00:21:97:1C:80:C2 (Unknown)
Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.192 seconds
Raw packets sent: 3 (130B) | Rcvd: 2 (88B)
.........................................................................................
Ex 1 nmap -T Aggressive -vA 192.168.2.* --open
Starting Nmap 4.53 ( http://insecure.org ) at 2009-03-04 11:40 IST
Initiating Ping Scan at 11:40
Scanning 256 hosts [1 port/host]
Completed Ping Scan at 11:40, 0.62s elapsed (256 total hosts)
Initiating Parallel DNS resolution of 256 hosts. at 11:40
Completed Parallel DNS resolution of 256 hosts. at 11:41, 13.64s elapsed
Initiating Connect Scan at 11:41
Scanning 30 hosts [1714 ports/host]
Discovered open port 21/tcp on 192.168.2.32
Discovered open port 21/tcp on 192.168.2.175
Discovered open port 21/tcp on 192.168.2.180
Discovered open port 1723/tcp on 192.168.2.1
Discovered open port 22/tcp on 192.168.2.11
Discovered open port 80/tcp on 192.168.2.11
Discovered open port 22/tcp on 192.168.2.13
Discovered open port 80/tcp on 192.168.2.13
Discovered open port 80/tcp on 192.168.2.14
............................................
...........................................
T - gives you the kind of scan , it could be aggressive,paranoid etc.
Ex 2 nmap -T Aggressive --packet-trace 192.168.2.32
Ex 3 nmap -F 192.168.2.32
-F: Fast mode - Scan fewer ports than the default scan
nmap -v -sP 192.168.2.0/24 or nmap -sP 192.168.2.*
Starting Nmap 4.53 ( http://insecure.org ) at 2009-03-03 10:17 IST
Initiating Ping Scan at 10:17
Scanning 256 hosts [1 port/host]
Completed Ping Scan at 10:17, 0.61s elapsed (256 total hosts)
Initiating Parallel DNS resolution of 256 hosts. at 10:17
Completed Parallel DNS resolution of 256 hosts. at 10:17, 13.63s elapsed
Host 192.168.2.0 appears to be down.
Host 192.168.2.1 appears to be up.
Host 192.168.2.2 appears to be down.
Host 192.168.2.3 appears to be down.
Host 192.168.2.4 appears to be down.
UDP scan
sudo nmap -v -sU 192.168.2.0/24
T.C.P connect scan
Ex:-
sudo nmap -sT -p 80 192.168.2.42
Starting Nmap 4.53 ( http://insecure.org ) at 2009-03-03 10:24 IST
Interesting ports on 192.168.2.42:
PORT STATE SERVICE
80/tcp closed http
MAC Address: 00:1B:38:7D:84:A4 (Compal Information (kunshan) CO.)
Nmap done: 1 IP address (1 host up) scanned in 0.601 seconds
Ex:- nmap -sT 192.168.2.1-254 -p 1433-1435
syn stealth scan
Ex:- sudo nmap -sS -v 192.168.2.42
Starting Nmap 4.53 ( http://insecure.org ) at 2009-03-03 10:25 IST
Initiating ARP Ping Scan at 10:25
Scanning 192.168.2.42 [1 port]
Completed ARP Ping Scan at 10:25, 0.02s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 10:25
Completed Parallel DNS resolution of 1 host. at 10:25, 0.31s elapsed
Initiating SYN Stealth Scan at 10:25
Scanning 192.168.2.42 [1714 ports]
Completed SYN Stealth Scan at 10:26, 33.22s elapsed (1714 total ports)
Host 192.168.2.42 appears to be up ... good.
All 1714 scanned ports on 192.168.2.42 are filtered (1652) or closed (62)
MAC Address: 00:1B:38:7D:84:A4 (Compal Information (kunshan) CO.)
Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 33.809 seconds
Raw packets sent: 3373 (148.410KB) | Rcvd: 63 (2894B)
NB:- syn scan is used when you dont want much traffic sent
O.S Detection scan
Ex:- sudo nmap -O --vv 192.168.2.0/24
nmap -O -v 127.0.0.1
nmap adding decoys
Ex sudo nmap -sS -PN -p80 -n 192.168.2.32 -D 192.168.2.60 -v
Starting Nmap 4.53 ( http://insecure.org ) at 2009-03-04 11:58 IST
Initiating ARP Ping Scan at 11:58
Scanning 192.168.2.32 [1 port]
Completed ARP Ping Scan at 11:58, 0.01s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 11:58
Scanning 192.168.2.32 [1 port]
Discovered open port 80/tcp on 192.168.2.32
Completed SYN Stealth Scan at 11:58, 0.02s elapsed (1 total ports)
Host 192.168.2.32 appears to be up ... good.
Interesting ports on 192.168.2.32:
PORT STATE SERVICE
80/tcp open http
MAC Address: 00:21:97:1C:80:C2 (Unknown)
Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.192 seconds
Raw packets sent: 3 (130B) | Rcvd: 2 (88B)
.........................................................................................
Ex 1 nmap -T Aggressive -vA 192.168.2.* --open
Starting Nmap 4.53 ( http://insecure.org ) at 2009-03-04 11:40 IST
Initiating Ping Scan at 11:40
Scanning 256 hosts [1 port/host]
Completed Ping Scan at 11:40, 0.62s elapsed (256 total hosts)
Initiating Parallel DNS resolution of 256 hosts. at 11:40
Completed Parallel DNS resolution of 256 hosts. at 11:41, 13.64s elapsed
Initiating Connect Scan at 11:41
Scanning 30 hosts [1714 ports/host]
Discovered open port 21/tcp on 192.168.2.32
Discovered open port 21/tcp on 192.168.2.175
Discovered open port 21/tcp on 192.168.2.180
Discovered open port 1723/tcp on 192.168.2.1
Discovered open port 22/tcp on 192.168.2.11
Discovered open port 80/tcp on 192.168.2.11
Discovered open port 22/tcp on 192.168.2.13
Discovered open port 80/tcp on 192.168.2.13
Discovered open port 80/tcp on 192.168.2.14
............................................
...........................................
T - gives you the kind of scan , it could be aggressive,paranoid etc.
Ex 2 nmap -T Aggressive --packet-trace 192.168.2.32
Ex 3 nmap -F 192.168.2.32
-F: Fast mode - Scan fewer ports than the default scan
Sunday, March 1, 2009
Incremental Backup using dump
Make a incremental backup of directory ‘/home/binnyva’
dump -1aj -f home.bak /home/binnyva/
Make a full backup of directory ‘/home’
dump -0aj -f home.bak /home
warning untested
dump -1aj -f home.bak /home/binnyva/
Make a full backup of directory ‘/home’
dump -0aj -f home.bak /home
warning untested
Saturday, February 28, 2009
cat command examples
Concatenate Files and Number the Lines
cat -n file1 file2
When working with poems and source code, it's really nice to have numbered lines so that references are clear. If you want to generate line numbers when you use cat, add the -n option (or --number).
$ cat -n housman_-_rue.txt quarles_-_the_world.txt
1 WITH rue my heart is laden
2 For golden friends I had,
3 For many a rose-lipt maiden
4 And many a lightfoot lad.
5 By brooks too broad for leaping
6 The lightfoot boys are laid;
7 The rose-lipt girls are sleeping
8 In fields where roses fade.
9 The world's an Inn; and I her guest.
10 I eat; I drink; I take my rest.
11 My hostess, nature, does deny me
12 Nothing, wherewith she can supply me;
13 Where, having stayed a while, I pay
14 Her lavish bills, and go my way.
Line numbers can be incredibly useful, and cat provides a quick and dirty way to add them to a file.
Note
For a vastly better cat, check out dog (more information is available at http://opensource.weblogsinc.com/2005/02/17/why-dogs-are-betters-than-cats). Instead of local files, you can use dog to view the HTML source of web pages on stdout, or just a list of images or links on the specified web pages. The dog command converts all characters to lowercase or vice versa; converts line endings to Mac OS, DOS, or Unix; and even allows you to specify a range of characters to output (lines 525, for instance). Not to mention, the man page for dog is one of the funniest ever. This is one dog that knows a lot of new tricks!
source scott granemann
cat -n file1 file2
When working with poems and source code, it's really nice to have numbered lines so that references are clear. If you want to generate line numbers when you use cat, add the -n option (or --number).
$ cat -n housman_-_rue.txt quarles_-_the_world.txt
1 WITH rue my heart is laden
2 For golden friends I had,
3 For many a rose-lipt maiden
4 And many a lightfoot lad.
5 By brooks too broad for leaping
6 The lightfoot boys are laid;
7 The rose-lipt girls are sleeping
8 In fields where roses fade.
9 The world's an Inn; and I her guest.
10 I eat; I drink; I take my rest.
11 My hostess, nature, does deny me
12 Nothing, wherewith she can supply me;
13 Where, having stayed a while, I pay
14 Her lavish bills, and go my way.
Line numbers can be incredibly useful, and cat provides a quick and dirty way to add them to a file.
Note
For a vastly better cat, check out dog (more information is available at http://opensource.weblogsinc.com/2005/02/17/why-dogs-are-betters-than-cats). Instead of local files, you can use dog to view the HTML source of web pages on stdout, or just a list of images or links on the specified web pages. The dog command converts all characters to lowercase or vice versa; converts line endings to Mac OS, DOS, or Unix; and even allows you to specify a range of characters to output (lines 525, for instance). Not to mention, the man page for dog is one of the funniest ever. This is one dog that knows a lot of new tricks!
source scott granemann
host command examples
To quickly find the IP address associated with a domain name, use the host command:
$ host www.granneman.com
www.granneman.com is an alias for granneman.com.
granneman.com has address 216.23.180.5
www.granneman.com is an alias for granneman.com.
www.granneman.com is an alias for granneman.com.
granneman.com mail is handled by 30 bhoth.pair.com.
$ host 65.214.39.152
152.39.214.65.in-addr.arpa domain name pointer web.bloglines.com.
$ host www.granneman.com
www.granneman.com is an alias for granneman.com.
granneman.com has address 216.23.180.5
www.granneman.com is an alias for granneman.com.
www.granneman.com is an alias for granneman.com.
granneman.com mail is handled by 30 bhoth.pair.com.
$ host 65.214.39.152
152.39.214.65.in-addr.arpa domain name pointer web.bloglines.com.
tail command examples
View the Constantly Updated Last Lines of a File or Files
tail -f
tail -f --pid=PID# terminates after PID dies.
The great thing about log files is that they constantly change as things happen on your system. The tail command shows you a snapshot of a file, and then deposits you back on the command line. Want to see the log file again? Then run tail again...and again...and again. Blech!
With the -f (or --follow) option, tail doesn't close. Instead, it shows you the last 10 lines of the file (or a different number if you add -n to the mix) as the file changes, giving you a way to watch all the changes to a log file as they happen. This is wonderfully useful if you're trying to figure out just what is happening to a system or program.
For instance, a web server's logs might look like this:
Note
In order to save space, I've removed the IP address, date, and time of the access.
$ tail -f /var/log/httpd/d20srd_org_log_20051201
"GET /srd/skills/bluff.htm HTTP/1.1"...
"GET /srd/skills/senseMotive.htm HTTP/1.1"...
"GET /srd/skills/concentration.htm HTTP/1.1"...
"GET /srd/classes/monk.htm HTTP/1.1"...
"GET /srd/skills/escapeArtist.htm HTTP/1.1"...
tail -f
tail -f --pid=PID# terminates after PID dies.
The great thing about log files is that they constantly change as things happen on your system. The tail command shows you a snapshot of a file, and then deposits you back on the command line. Want to see the log file again? Then run tail again...and again...and again. Blech!
With the -f (or --follow) option, tail doesn't close. Instead, it shows you the last 10 lines of the file (or a different number if you add -n to the mix) as the file changes, giving you a way to watch all the changes to a log file as they happen. This is wonderfully useful if you're trying to figure out just what is happening to a system or program.
For instance, a web server's logs might look like this:
Note
In order to save space, I've removed the IP address, date, and time of the access.
$ tail -f /var/log/httpd/d20srd_org_log_20051201
"GET /srd/skills/bluff.htm HTTP/1.1"...
"GET /srd/skills/senseMotive.htm HTTP/1.1"...
"GET /srd/skills/concentration.htm HTTP/1.1"...
"GET /srd/classes/monk.htm HTTP/1.1"...
"GET /srd/skills/escapeArtist.htm HTTP/1.1"...
spoofing MAC addresses
You can even change (or "spoof") the hardware MAC address for your network device. This is usually only necessary to get around some ISPs' attempts to link Internet service to a specific machine. Be careful with spoofing your MAC address because a mistake can conflict with other network devices, causing problems. If you do decide to spoof your MAC, make sure you use ifconfig by itself to first acquire the default MAC address so you can roll back to that later (by the way, the MAC address shown in this command is completely bogus, so don't try to use it).
# ifconfig eth0 hw ether 00:14:CC:00:1A:00
# ifconfig eth0 hw ether 00:14:CC:00:1A:00
lsof examples
List a User's Open Files
lsof -u
If you want to look at the files a particular user has open (and remember that those include network connections and devices, among many others), add the -u option to lsof, followed by the username (remember that lsof must be run as root).
Note
In order to save space, some of the data you'd normally see when you run lsof has been removed in this and further examples.
# lsof -u scott
List Users for a Particular File
lsof [file]
In the previous section, you saw what files a particular user had open. Let's reverse that, and see who's using a particular file. To do so, simply follow lsof with the path to a file on your system. For instance, let's take a look at who's using the SSH daemon, used to connect remotely to this computer (remember that lsof must be run as root).
List Processes for a Particular Program
To find out the full universe of other files associated with a particular running program, follow lsof with the -c option, and then the name of a running (and therefore "open") program
lsof -c [program]
Ex:
# lsof -c sshd
COMMAND PID USER NAME
sshd 10542 root /lib/ld-2.3.5.so
sshd 10542 root /dev/null
sshd 10542 root 192.168.0.170:ssh->192.168.0.100:4577 (ESTABLISHED)
sshd 10548 scott /usr/sbin/sshdp
sshd 10548 scott 192.168.0.170:ssh->192.168.0.100:4577 (ESTABLISHED)
source scott granemann
lsof -u
If you want to look at the files a particular user has open (and remember that those include network connections and devices, among many others), add the -u option to lsof, followed by the username (remember that lsof must be run as root).
Note
In order to save space, some of the data you'd normally see when you run lsof has been removed in this and further examples.
# lsof -u scott
List Users for a Particular File
lsof [file]
In the previous section, you saw what files a particular user had open. Let's reverse that, and see who's using a particular file. To do so, simply follow lsof with the path to a file on your system. For instance, let's take a look at who's using the SSH daemon, used to connect remotely to this computer (remember that lsof must be run as root).
List Processes for a Particular Program
To find out the full universe of other files associated with a particular running program, follow lsof with the -c option, and then the name of a running (and therefore "open") program
lsof -c [program]
Ex:
# lsof -c sshd
COMMAND PID USER NAME
sshd 10542 root /lib/ld-2.3.5.so
sshd 10542 root /dev/null
sshd 10542 root 192.168.0.170:ssh->192.168.0.100:4577 (ESTABLISHED)
sshd 10548 scott /usr/sbin/sshdp
sshd 10548 scott 192.168.0.170:ssh->192.168.0.100:4577 (ESTABLISHED)
source scott granemann
Subscribe to:
Comments (Atom)