Feb 162022
 

I have a friend of mine, a small business owner, who manages his own linux server.  Its a simple web server using plain jane html … and he loves to manage the server himself.  Except, when he gets locked out because his home ip is dynamic and he is using lfd/csf as a security layer.  He calls me, we chat, the chats always end up with something like “hey, can you reset my ip when you get time” and i love talking to him … he is a great friend, but third time is a charm … meaning, I love helping friends out but if I have to fix the same problem more than once, I am likely going to find a more permanent solution.  And this is what I came up with ….

Continue reading »

Feb 012020
 

I write this script originally in 2014, updated it in 2015, forgot about it and needed it recently again … so its updated current to 2020.  A few things about this script … I don’t recommend you just “block tor exit nodes” unless you have a good reason.  Why have I used this script in the past?  During DDOS attacks that seemed to be using tor addresses, to block hackers from using tor, etc.  When I have blocked tor, it was only for short periods of time maybe a few hours or a day or 2.  If you are under an attack via tor, the attacker can just pivot somewhere else or use some other proxied method so just keep in mind this isn’t a solve-all either.

Continue reading »

May 012017
 

This is another way to quickly analyze nginx logs.  It will spit out the top 25 ip’s, domains, requests and some other data.  You may need to change the array value to match the format of your nginx logs.

It uses perl so it is very fast and takes just seconds to analyze hundreds of thousands of lines in a log file.  It can also be used for apache too or other column whitespaced logs.

Continue reading »

May 012017
 

I’ve wrote about this before in Using Sed to search between dates and offered a ad-hoc solution but the other day I came up with a much better solution using a little known option of ‘date’ command.  Using this new method, you just pass the time in minutes prior to current time.  I.e. if you want the last hour, you would simply type ‘./sed_time.sh 60’ and it will spit out the correctly formatted sed command like this:

$ ./sed_time.sh 60
sed -n '/01\/May\/2017\:07\:16\:15/,/01\/May\/2017\:08\:16\:15/ p'

Continue reading »

Feb 172016
 

This is a silly script but you would be surprised how many times a day I have to do this and no matter how many times I type the command, I always get it wrong (or more than likely I forget to escape something).  Its also interesting to note that the scripts I find silly are usually the ones that are the most popular on this site….so here it is.

Basically, if you copy and paste this script into a file and run it, it will give you the exact date and time in the sed command to run to search all lines in a log file from the previous hour to now and save it to another file.

Continue reading »

Mar 072014
 

I love irc.  I love tor.  I love freenode via tor.  But one thing I hate is that sometimes I can’t connect and I would have to open up my torrc file and change the MapAddress cname.  So, I created a script today which randomly cycles through the names and changes it for me…..it uses a bash array to accomplish this.

Continue reading »

Feb 262014
 

I generally do most everything from a shell. I also generally script things when I can. However, I wanted to see changes made to arachni web interface and it had been a while since I used it. I’m not sure if this is automated via the links included in kali linux or not, I just know that when I went to fire up arachni_web it failed and this is how I fixed it.
Continue reading »

Dec 122013
 

I have been using this script for a long time (maybe 13 years) with only very slight changes.  It was probably one of the first cool ideas I had for a way to track laptops issued to employees that might possibly be stolen.  Granted, today, we use full disk encryption and other cool things that almost makes this script obsolete….but in the event something does get stolen, we can always track it.

The script only requires a crontab entry and a way to send mail (I use ssmtp btw).

Continue reading »