Archive for the ‘software’ Category
Thursday, August 18th, 2005 |
So you probably have the same issue as I do – you see ‘[sshd] … Invalid user … ‘, a couple of hundred times a day. And would like to stop that, well you could write a script which scannes the /var/log/secure every couple of seconds, or you could do as I did.
First I figured out how to read from syslog in realtime. Next came the big one, how to make the whole thing work. Well I knew that my pipe was working, and the daemon thing – well it was running, but howto make it work. After some hours the result is actually working, and I only see one entry in my secure syslog per attempt to break in, and also only one entry in iptables (timing is the issue here).
If you’re interested in the code download it block_idiots_ssh.pl
It should be self explaining, otherwise use www.google.com to find out what it does (there are some pretty good perl sites out there) – not the most pretty perl code ever produced, but hey it is working.
Posted in computers, howto, software | No Comments »
Wednesday, August 17th, 2005 |
Perl have never been something I’ve looked in to as it is not as easy (I think as) as what I’m used to, which is C/C++, PHP, Shell scripts, etc. But I’ve found out that there are a few things where nothing beats Perl, and one of them is to create small deamons (and also programs) which only exist because I got an "excelent" idea.
Having my own server, one of the most anoying things I see everyday is people who is trying to login to my server with SSH, so I get my log filled up with stuff like "Aug 17 01:54:22 blabla sshd[9821]: Invalid user blabla from ::ffff:123.456.789.123", and in some cases hundreds of them every day. So looking into how syslog works, it turned out that one can actually have multible log facilities pointing to diffrent targets. But more about that later, read another blog entry
The problem is that a daemon is require in an enviroment where one wants to monitor events which happens now. Writing deamon’s is possible in almost every programming language, but Perl *) is good at one thing, it have everything, and then a bit. Especially the way one can use regular expressions directly in the language helps.
*) Yes I could do it in C or C++ (which probably would make more sense), but I could not be bothered, and this was a good excercise in learning Perl.
So I set up trying to figure out how to do this, and found that it is not too difficult (I’m a great believer in cut ‘n paste), and a skeleton would look like this:
#!/bin/perl
#
use strict;
use POSIX qw(setsid);
use LWP::Simple;
# flush the buffer
$| = 1;
# daemonize the program
&daemonize;
while(1) {
#
# Do interesting stuff here…….
#
}
# here is where we make ourself a daemon
sub daemonize {
chdir ‘/’ or die “Can’t chdir to /: $!”;
open STDIN, ‘/dev/null’ or die “Can’t read /dev/null: $!”;
open STDOUT, ‘>>/dev/null’ or die “Can’t write to /dev/null: $!”;
open STDERR, ‘>>/dev/null’ or die “Can’t write to /dev/null: $!”;
defined(my $pid = fork) or die “Can’t fork: $!”;
exit if $pid;
setsid or die “Can’t start a new session: $!”;
umask 0;
}
See that is not to difficult, I will continue my saga about how to stop idiots trying to access my box.
Posted in howto, software | 3 Comments »
Friday, August 12th, 2005 |
Ok, I did not end up using WordPress, I found that Serendipity would be able to almost everything I need.
Now I only need to customize it….
Posted in software | No Comments »
Sunday, March 21st, 2004 |
I am very keen user of ssh, and what can frustrate me, is that I have to type passwords again and again. So after some digging around I found a solution.
Add the following to you .bash_profile
if [ ! -f $HOME/.ssh-agent.sh ]; then
ssh-agent -s > $HOME/.ssh-agent.sh
chmod o+x $HOME/.ssh-agent.sh
. $HOME/.ssh-agent.sh
# I don’t have the ssh-add myself as I don’t always need to have a password
# (don’t ask me why)
# ssh-add
else
. $HOME/.ssh-agent.sh
fi
trap "$HOME/.bash_logout" 0
And this to your .bash_logout
if [ "`ps aux | grep $UID | grep @pts | grep -v grep | wc -l | xargs printf "%d"`" -le 1 -a -f $HOME/.ssh-agent.sh ] ; then
echo "This appears to be your last login on this machine, removing agent"
ssh-add -D 2>&1 > /dev/null
ssh-agent -k 2>&1 > /dev/null
rm $HOME/.ssh-agent.sh
fi
I know that it could be done with ‘who’ but as I have usernames which are longer than 8 characters this was what I could come up with.
Happy hacking…..
Posted in computers, software | No Comments »
Thursday, January 1st, 2004 |
I have been used to build software from source for I don’t know how many years, actually I think since I started using Linux, which was in 1993-94 (Slackware 1).
But as I have to maintain more than one server, with the same packages on them, I have started looking into how to build <a href="rpm">rpm</a>’s. And now I’m at it why not make them yum
fedoranews.org is a good place to start if you want to build your own rpm’s. Thomas Chung have some very good tutorials on how to build rpm’s from binary distributions (which do not provide rpm’s).
Oh, year Happy New Year.
Posted in computers, software | No Comments »
Thursday, November 27th, 2003 |
I don’t know when this started, but sometime back in the happy 80′es someone had this wonderfull idea that it should be possible to anoy other people when ever they wanted, actually I think it was AOL – and they sat down and wrote an application which everyone should have on their workstation, and it was a must that it was running, and they had an internet connection (permently active!!). The name of that program is AOL Messenger – yep you guessed it – I really dislike it most of the time, that is as long as I can use it to anoy other people I’m quite happy – it’s just when they interrupt me in my work it goes wrong.
Well some year later, or was it earlier (we will probably never know) someone figured out that cell phones could be used to other things than to call people (as no one had the money to talk for hours on these beasts) – you now had the option to send short messages – this was then called SMS (the last S is Service). I actually like it, the same way as I like AOL Messenger (or others of the same type), but at some point in my life I got to the point that: a) God made the woman out of a male rib (as we know he was called Adam, and she was Eve), b) Someone gave the cell phone to women (and it didn’t take long for the women to figure out that it was way to expensive to talk for hours on it – as they like to do), c) Someone invented SMS…. I really like a) and b), but c) is a big no, no.
I really like to be told that I’m needed, and so, but frankly it can get to the point where it is too much.
BTW: There is now I don’t how many diffrent implementation of Internet messaging services, even MS has one (which is know for being good for viruses), and some are used for telling you that someone would really like you to visit this website (…).
And even I depend on some of these programs, as I said I really like to anoy other people once in a while.
Posted in computers, rant, software | No Comments »
Saturday, November 22nd, 2003 |
New redesigned web site.
My software is still available on <a href=”www.c-note.dk/software”>www.c-note.dk/software</a>, but I will probably release which is ready for release on forge.novell.com – I only have a limited amout of bandwidth, and I would like to use if for something else that “uploading” software.
I was reading something about weblogs sometime agoe, and after thinking about it – I decided that this is the best place in the world to let other people know about what one think, and a very good place to rant:-) And then I was looking at primates.ximian.com, and saw that they where using this system, which has a nice design, and very eary to install – so why not…..
Also I have removed alot of unusefull inforrmation – which was outdated…..
Posted in software | No Comments »