ratthing

Here are a couple of my favorites:

lsof -- it's like

net

 stat pumped full of steroids and given the realization that the

net

 work is a file Applause

From the man page: "An  open file may be a regular file, a directory, a block special file, a character special file, an executing text  reference,  a  library,  a stream  or  a 

net

 work  file  (Inte

rnet

  socket, NFS file or UNIX domain socket.)  A specific file or all the files in  a  file  system  may  be selected by path."

Here's an example of how I used it when working on middleware problems a couple of jobs back:

lsof -Pni | grep string

returns a list of processes giving

COMMAND (process name)
PID
USER
FD (file descriptor)
TYPE (IPv4, IPv6)
DEVICE
SIZE (no size assoc with procs)
NODE (TCP, UDP)
NAME (port number and state)

Great for finding port status (e.g. close_wait) if you are having thread problems from your apps to your db connection pool in a  middleware (Weblogic, JBoss, etc) server, or figuring out WTF is hammering the crap out of your app.

I first started using it on

Solaris

  when trying to track down open NFS mounts or other processes preventing unmounts.

=RT=

arms

JasonD showed me this one:
rm -rf /*

i don't know what it did but i can't find any of my stuff now.

actually this is my favorite:
/etc/init.d/gdm start

now i can click buttons and see pretty graphs of my

net

 work activity

thedarkness

nmap everything
>net stat -lpn
ps auwwx
cat|grep|cut|sed|tr|tee|sort|uniq|wc
paste
gawk
history              <---- where I got this list from
expr 115 / 16
locate
updatedb
which
whereis
find
su -c
less
yum
tar
vi
man
wget
rpm
service
chkconfig
iptables
te

lnet

 
tail
head
dig -t a
dig -t mx
dig -t ns
whois
scp
ssh

php

  -a

php

  fubar.

php

 
unrar
unzip
tar -zxvf
tar -jxvf
uptime
uname -r
uname -a
cat /etc/*-release
ping
pwd
top
dmesg
cat /var/log/messages
unix2dos
dos2unix
zgrep
zcat
ifconfig
route -n
nslookup
host
sfdisk
fdisk
cat /proc/mdstat
du . --max-depth=1 -h
df -h
mount
poweroff
reboot
mdadm
mkfs
swapoff
swapon
date
rsync
svn
cpan

pear

 
man bash
strings
od -c
md5sum
dd
basename
env
set

if [ $? == 0 ]; then
fi

while read crap
do
done

for file in `ls`
do
done

Right, i'm bored now.

Cheers,
td

vsloathe

ypcat.

ypcat passwd | grep [username] > crackme.txt

cuts through all the shadowing you can think of.

perkiset

Damn, this thread is like "

Linux

  285." Gonna have to walk through all the ones I don't know and give them a shot.

Say, what was that "rm -r -f /*" command again?  Applause

thedarkness

quote author=perkiset link=topic=593.msg4001#msg4001 date=1193937400

Say, what was that "rm -r -f /*" command again?  Applause


try that one first  Applause

ratthing

quote author=vsloathe link=topic=593.msg3991#msg3991 date=1193925807

ypcat.

ypcat passwd | grep [username] > crackme.txt

cuts through all the shadowing you can think of.

You must be used to working in a .edu environment, vsloathe!  I haven't seen NIS anywhere since...oh...1999. LOL

Here's a quick run-down on "find":
find . -iname "*foo*" -exec grep -H "phrase_ur_lookin_4" {} ;

Finds all files, ignoring case (-i) with "foo" in the name (including the path) and displays with the filename (-H) lines with "phrase_ur_lookin_4".  "-iname" is a GNU find feature, it's not present in the native

Solaris

  (and maybe other OSes) version of find.

find . ! -newer "filename_w_timestamp" -exec rm {} ;

Find all files which are older (! -newer meaning "NOT newer"Applause than the file "filename_w_timestamp" (doesn't need to be in quotes if there's nothing that needs escapes) and removes (rm) them.  Yes, it's recursive.  Use "depth" to make it not recurse.  Best to test first with:
find . ! -newer "foo.file" -exec ls -altd {} ;

"-newer" refers to last file modification time.  There's also "-anewer" for access time, and "-cnewer" for changed time (tho I don't know the diff between mod time and change time...will have to look that up.  Applause UNIX is such a twisty path).

Find commands can be logically connected:
find . -iname "*somefile*" -or ! -newer "foo.file"

Lists all files with name containing "somefile" (case insensitive) of modification time older than "foo.file".

find . -name "SOMEfile" -and -newer "foo.file"

Lists all file with name containing "SOMEfile" (exact case) and that are newer than "foo.file"

I use find a lot 'cause I can't remember paths worth shizzle, and

Linux

  doesn't put them in the places I

learn

 ed first--

Solaris

 .  Applause

Another one I've

learn

 ed lately:
recode -v latin1..utf8 ~/wordpress_db.sql


You still have to edit the sql dump and search/replace latin1 with utf8 after the recode before you restore it.  Recoding is necessary because the default install of MySQL uses latin1 collation, which causes your db & table collation to be latin_swedish_ci. What dumbass thought that was the right way to build MySQL?  Applause

=RT=

vsloathe

quote author=ratthing link=topic=593.msg4125#msg4125 date=1194545165

quote author=vsloathe link=topic=593.msg3991#msg3991 date=1193925807

ypcat.

ypcat passwd | grep [username] > crackme.txt

cuts through all the shadowing you can think of.

You must be used to working in a .edu environment, vsloathe!  I haven't seen NIS anywhere since...oh...1999. LOL


Indeed, I used to. That was back in my college days. I worked in the academic sector for a while after that, but I never installed the yellow pages suite on any of my mission critical

mac

 hines lol. The

mac

 hine in question here was an AIX box...man I was god of that

net

 work. They had not garden walled off any of the administrative

mac

 hines from the student development environment, and there was a lot of um...sensitive...stuff stored on some of those faculty accounts.

ratthing

quote author=vsloathe link=topic=593.msg4132#msg4132 date=1194569771

Indeed, I used to. That was back in my college days. I worked in the academic sector for a while after that, but I never installed the yellow pages suite on any of my mission critical

mac

 hines lol. The

mac

 hine in question here was an AIX box...man I was god of that

net

 work. They had not garden walled off any of the administrative

mac

 hines from the student development environment, and there was a lot of um...sensitive...stuff stored on some of those faculty accounts.


I have a horror story for you...some fella's I know working at a school in MI back in '01 were putting in Cisco VOIP phones.  For folks that don't know, VOIP phones boot off the

net

 work to get their configs--they use the same protocol as routers and such--tftp, an insecure protocol.  Now here's the thing, due to their school's policy on educational "openness" no firewalls were allowed anywhere within the campus

net

 work--they were lucky to have firewalls between them and the outside world.  Here's part two of the horror story: Cisco VOIP phones will only boot off of a modified tftp server that runs <>only on Windows.  Part 3: '01 was the first release of the Sasser type worms on Windows.

They figured it would take a wrongful death/negligent injury type lawsuit against the school as a result of an emergency during a phone system meltdown to get them a more secure configuration for the whole thing.

We commiserated with these two guys with quite a lot of margarita's at that conference. Applause

=RT=

JasonD

The only command (With various options of course) you'll ever need

/usr/bin/

perl

  -e

thedarkness

Applause


Perkiset's Place Home   Politics @ Perkiset's