jrelo

#Install necessary things
apt-get update
apt-get install kernel-package libncurses5-dev fakeroot wget bzip2 build-essential -y

#Get the kernel
cd /usr/src
wget https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.13.tar.xz
wget https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.13.tar.sign
gpg --verify linux-3.13.tar.sign
tar xpvf linux-3.13.tar.xz

jrelo

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

jrelo

#Handy functions for .bashrc loading.
#
# $ atoi 192.168.1.1
# 3232235777
# $ itoa 3232235777
# 192.168.1.1


function atoi
{

jrelo

Finding

$ grep -rnw 'directory' -e "pattern"

-r is recursive, -n is line number and -w stands match the whole word. Along with these, --exclude or --include parameter could be used for efficient searching. Something like below:

$ grep --include={*.c,*.h} -rnw 'directory' -e "pattern"

This will only search through the files which have .c or .h extensions. Similarly a sample use of --exclude:

jrelo

/*
 *   File:   fanotify-example.c
 *   Date:   Fri Nov 15 14:55:49 2013
 *   Author: Aleksander Morgado <[email protected]>
 *
 *   A simple tester of fanotify in the Linux kernel.
 *
 *   This program is released in the Public Domain.
 *
 *   Compile with:

jrelo

# Gawk version
# Remote
grep -v "rem_address" /proc/net/tcp  | awk  '{x=strtonum("0x"substr($3,index($3,":")-2,2)); for (i=5; i>0; i-=2) x = x"."strtonum("0x"substr($3,i,2))}{print x":"strtonum("0x"substr($3,index($3,":")+1,4))}'

# Local
grep -v "rem_address" /proc/net/tcp | awk  '{x=strtonum("0x"substr($2,index($2,":")-2,2)); for (i=5; i>0; i-=2) x = x"."strtonum("0x"substr($2,i,2))}{print x":"strtonum("0x"substr($2,index($2,":")+1,4))}'

# No Gawk
# Local
grep -v "rem_address" /proc/net/tcp  | awk 'function hextodec(str,ret,n,i,k,c){

jrelo

#!/usr/bin/python

"""
Produces a Linux Netfilter u32 rule to match DNS requests for a given
domain name and/or a given query type.

Typical usage:
% python generate-netfilter-u32-rule.py --qname ripe.net --qtype ANY
Can be embedded in iptables' invocations for instance:
rule=$(python generate-rule.py args...)

jrelo

#!/bin/bash

iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x1010101,0xffffffff,0x4a7d7f66,0x4a7d9b66,0x4a7d2766,0x4a7d2771,0xd155e58a,0x42442b2,0x807c62d,0x253d369e" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x2e52ae44,0x3b1803ad,0x402158a1,0x4021632f,0x4042a3fb,0x4168cafc,0x41a0db71,0x422dfced,0x480ecd68,0x480ecd63" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0x4e10310f,0x5d2e0859,0x80797e8b,0x9f6a794b,0xa9840d67,0xc043c606,0xca6a0102,0xcab50755,0xcba1e6ab,0xcb620741" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xcf0c5862,0xd0381f2b,0xd1913632,0xd1dc1eae,0xd1244921,0xd155e58a,0xd35e4293,0xd5a9fb23,0xd8ddbcb6,0xd8eab30d" -j DROP
iptables -I INPUT -p udp -m udp --sport 53 -m u32 --u32 "0&0x0F000000=0x05000000 && 22&0xFFFF@16=0xf3b9bb03,0xf3b9bb27,0x807c62d,0xf3b9bb1e,0x9f1803ad

jrelo

perl -MPOSIX -MIO::Socket -We '
my $s = IO::Socket::INET->new(
    Proto     => "udp",
    LocalAddr => "0.0.0.0:162"
);
while ( $s->recv( $_, 65535 ) ) {
    print strftime( "%F %T", localtime ), " ", $s->peerhost(), " $_\n";
}'

jrelo

#!/usr/bin/env perl
use strict;
use warnings;
use PerlIO::gzip;

my $pattern = $ARGV[0];
my $file    = $ARGV[1];
open my $z, '<:gzip', $file or die "gunzip failed: $!\n";
while ( <$z> ) {
        print if /$pattern/i;