Type the following on your cmd line (or make into an alias)

cat ~/.bash_history | sort | uniq -c | sort -r | head

In my case they are (for this week)

ls
fg
svnSync (script I created)
stats_fetch; stats_display (other scripts)
cd
crontab -e
ps aux | grep
ssh_map_command (another script)
python
emacs -nw

I often want to see how much bandwidth is consumed by my network interfaces and how this is happening. There’s plenty of tools available in the linux world to monitor your network activity.

If you’re a Ubuntu or Debian user you can try the ones I use by installing the following packages.

sudo apt-get install iptraf ethstatus dstat iftop ifstat nload bwm-ng

Then try each one of those on your command line and have fun exploring what they can do.

If they’re not on the path of your user account, then try them using sudo.
eg. sudo iftop

If this short list of the tools I use does not satisfy you, I suggest you read this more comprehensive list of monitoring tools

After I received comments from ispak on Flickr I made a few fixes.

ispak pointed out that it was a bad idea reading one byte at the time, also I had a gay ass try/catch that didn’t catch any exception :p

So now I read 16 byte chunks, and I also take care of the file ending. The previous version used to print the file ending with a bunch of null bytes. Now it stops reading at the end, and formats the output accordingly.

Here’s the new source:

//HexViewer.java
import java.io.*;

public final class HexViewer {
    public final static void printFile(String filePath) {
        try {
            File f = new File(filePath);
            BufferedInputStream bis =
                new BufferedInputStream(new FileInputStream(f));

            byte[] chunk = null;
            int readStatus = 0;
            while (true) {
                chunk = new byte[16];
                readStatus = bis.read(chunk, 0, 16);
                char[] line = new char[16];

                if (readStatus == -1)
                    break;

                for (byte i=0; i < readStatus; i++) {
                    int readByte = (chunk[i] < 0) ? (-1 * (int) chunk[i]) : chunk[i];
                    String paddingZero = (readByte < 16) ? "0" : "";
                    System.out.print(paddingZero + Integer.toHexString(readByte).toUpperCase() + " ");
                    line[i] = (readByte >= 33 && readByte <= 126) ? (char) readByte : '.';
                }

                //We add some padding to print the text line right below the one above.                      
                String padding = new String();
                if (readStatus < 16) {
                    for (byte i=0; i < 16-readStatus; i++) {
                        padding += "   ";
                    }
                }

                System.out.println(padding + new String(line));
            }
        } catch (Exception e1) { e1.printStackTrace(); }
    }

    public final static void main(String[] args) {
        if (args.length == 0)
            return;

        printFile(args[0]);
    }
}

And see how it now handles file endings when the file size is not a multiple of 16 :p

I recently requested an upgrade on one of our dedicated server’s uplink speed, we only had a 10Mbps Uplink, we requested an upgrade to 100Mbps to serve a lot more.

How do you verify the upgrade has been done correctly?

As root, issue the following comand:

# mii-tool
eth0: negotiated 10baseT-FD, link ok

If it doesn’t work (for debian or ubuntu), make sure you have installed the net-tools package (The NET-3 networking toolkit)

We’ve noticed that most of our servers have been under heavy attack from random IP addresses to break via SSH.

With the help of the last post on how to ban an IP, and the following python script, you’ll be able to have a cronjob that runs once or twice a day and automagically bans all the offending ips from ever trying to brute force their way in ever again.

touch and make executable a file called “detect_ssh_hostiles”

touch detect_ssh_hostiles
chmod +x detect_ssh_hostiles

Then copy the following code inside:

# Usage:
# python detect_ssh_hostiles [auth.log file path]
#
# Requirement: There should be "ban_ip" and "unban_ip" command availability on the path
#
# Note: you gotta have read permissions on the auth.log file and sudo
#       permissions for the script to ban the ips.

#If an IP meets this number of failed login attemmpts it will be banned
BAN_THRESHOLD = 7
SUSPECTS = {}

#Put here IP addresses you trust, could be making genuine login errors
SAFE_IPS = ['81.73.111.49','101.73.111.160','72.31.171.235','72.36.23.234','82.36.180.210','202.132.82.16']

import os
import sys
import re

BANNED = {}
def loadBanned():
  '''
  This function will load all the banned IPS into the BANNED Dict.
  It will also count how many times (by mistake) the same IP has
  been banned, and it will unban it, so that it will appear only once.
  '''
  global BANNED
  command = 'sudo iptables --list --numeric'
  try:
    p = os.popen(command,'rb')
  except Exception,e:
    print e
    sys.exit(1)

  line = '-'

  while line != '':
    line = p.readline().strip()

    if line.startswith("DROP"):
      parts = line.split()
      ip = parts[3]

      #add hit or register banned ip
      if BANNED.has_key(ip):
        BANNED[ip]+=1
      else:
        BANNED[ip]=1

  #Make sure banned IPs are banned only once
  for ip in BANNED:
    if BANNED[ip] > 1:
      print "IP %s has been banned %d times" % (ip, BANNED[ip])
      n=BANNED[ip]-1
      while n > 0:
        os.system("unban_ip %s" % ip)
        print ("unban_ip %s" % ip)
        n=n-1

  p.close()

# ---- here we go ----
loadBanned()

#read auth log
logfile = '/var/log/auth.log'

if len(sys.argv)==2:
  logfile = sys.argv[1]

command = 'grep "Failed password for " %s' % logfile
#print command

try:
  p = os.popen(command,'rb')
except Exception,e:
  print e
  sys.exit(1)

line = "123"

while line != '':
  line = p.readline()

  #Sample line:
  # May 25 03:29:49 main sshd[6933]: Failed password for root from 202.118.236.132 port 54863 ssh2
  pattern = "(.*)(froms)(d+.d+.d+.d+)(.*)"
  matchObject = re.match(pattern, line)

  suspect = None
  if matchObject is not None:
    suspect = matchObject.groups()[2]

    #skip safe IPs
    if suspect in SAFE_IPS:
      continue

    if SUSPECTS.has_key(suspect):
      #add a hit
      SUSPECTS[suspect] += 1
    else:
      #add first hit
      SUSPECTS[suspect] = 1

p.close() #close the pipe

print "=="*30

import time
t = time.localtime()
#(2008, 6, 6, 9, 35, 21, 4, 158, 1)

timestr = "%d-%d-%d@%d:%d:%d" % (t[0],t[1],t[2],t[3],t[4],t[5])
print timestr
print "--"*30
if len(SUSPECTS) > 0:
  for suspect in SUSPECTS:
    if SUSPECTS[suspect] >= BAN_THRESHOLD and not BANNED.has_key(suspect):
      print "Banning %s with %d attempts" % (suspect,SUSPECTS[suspect])
      BANNED[suspect]=1
      os.system("ban_ip %s" % suspect)
    elif BANNED.has_key(suspect):
      print "Ip %s has already been banned" % (suspect)
    else:
      print "Suspect candidate? %s with %d attempts" % (suspect,SUSPECTS[suspect])
else:
  print "Found no suspects to ban"

print "=="*30

Then add this as a cronjob of your root user, and it will automatically ban all those IPs that have tried to break in. See the script for configuration. You can always make some IPs immune to banning by adding them on the SAFE_IPS list.

In case you’re not an iptables guru, you might want to create a couple scripts and put em somewhere on your $PATH. I’ve created two scripts called ban_ip and unban_ip.

Create a file called ban_ip

touch ban_ip
chmod +x ban_ip

Edit it and copy the following code inside:

#!/bin/bash
sudo iptables -A INPUT -s $1 -j DROP
echo IP Address $1 has been banned
echo

To ban an IP, you must invoke

ban_ip <someIpAddressHere>

e.g.

ban_ip 211.32.44.111

And the IP will be banned.

Do the same now for the unban_ip script

touch unban_ip
chmod +x unban_ip

Open your fav. text editor and copy the following code inside:

#!/bin/bash
iptables -D INPUT -s $1 -j DROP
echo Unbanned ip $1
echo

Save it, and use it.

To unban an IP, you must invoke

unban_ip <someIpAddressHere>

e.g.

unban_ip 211.32.44.111

Requirements
Have sudo access, have iptables installed.

We want to give thanks to William L. Thomson Jr from Gentoo for making FrostWire available to people running Gentoo ~arch or unstable ~x86 or ~amd64.

If you are a Gentoo Linux user you can now just do:

emerge frostwire

And as William says:

it will bring in all deps, compile, install, make desktop menu entries, launcher, etc

If you’re interested here’s the package

About Gentoo

The Gentoo Linux operating system (pronounced /ˈdÊ’É›ntuː/) is a Linux distribution based on the Portage package management system. The development project and its products are named after the Gentoo penguin. Gentoo package management is designed to be modular, portable, easy to maintain, flexible, and optimized for the user’s machine. Packages are normally built from source code, continuing the tradition of the ports collection, although for convenience, some large software packages are also available as precompiled binaries for various architectures.

Source: Wikipedia

FOR IMMEDIATE RELEASE:

FrostWire 4.13.5 is now available for MS Windows, Mac OSX and Linux. Major updates improve network bootstraping and peer discovery. 4.13.5 includes improvements on the Chatroom tab, Audio Previews and more.

Other improvements have taken place for the FrostWire build process (for developers this means true One-Step builds for all versions). Updates on translations have been made thanks to the feedback from users in Poland and throughout Latin America. .

In more detail users can expect the following:

• Faster peer discovery on connection bootstraping. No more “Starting Connection…” problems, first time users will connect faster without using the official FixConnecting.zip patch.

• Smiley Support to the chatroom

Users can see the available smileys by entering the command
/smileys

Now its possible to see and use Smileys from the Community Chat tab, Smiley display can be enabled or disabled from the view menu:

Users can also toggle Smiley display directly from the chat window by typing the command
/tsmileys

• Fixed wording on Spanish and Polish translations.

Bug Fixes and other improvements for this release also include:

• FrostWire Message Update System improved. Per community request, some announcements will not be shown more than once so the user is not annoyed upon every application launch
• Fixed bugs on the media player and playlists on Preview.
• Fixed bug on search box auto-focusing while a search was running.
• Fixed i18n system error for systems which default language is not english
• Potential bugs related to deprecated code gone

Users can find now by details without the auto-focusing problem.

FrostWire 4.13.5 is expected to be the last of the 4.13.x series.

About FrostWire

FrostWire, a Gnutella Peer-to-Peer client, is a collaborative effort from many Open Source and freelance developers located from all around the world. In late 2005, concerned developers of LimeWire’s open source community announced the start of a new project fork “FrostWire” that would protect the developmental source code of the LimeWire client and any improvements to the Gnutella protocol design. The developers of FrostWire give high regard and respect to the GNU General Public License and consider it to be the ideal foundation of a creative and free enterprise market.

• Media Kit / Link Us
• Contact the Team

Aqui hay un Google talk por el mismisimo Linus, quien habla sobre su nuevo sistema de control de versiones distribuido. El cual promete se mas rapido, distribuido, y ocupar menos espacio. Algunos claman que pudiera utilizarse como un sistema de archivos distribuidos que nos permitira crear sistemas que antes eran inconcebibles.

keychain not working for ya…
you run ssh-agent but ssh-add won’t add the keys.

This is probably because your SSH_AGENT_PID and SSH_AUTH_SOCK variables are incorrect…

so I recommend you put something like this on your .bashrc to initialize your ssh-agent correctly:

export SSH_AGENT_PID=
export SSH_AUTH_SOCK=

#make sure no old agents are running
killall ssh-agent

#grab the text output of ssh-agent and evaluate it 
#so the correct variables are exported
eval `ssh-agent`

#add your private key(s) to the agent
ssh-add ~/.ssh/id_dsa
#ssh-add ~/.ssh/my_other_dsa_key

#at this point the script will ask you for the passwords of your keys
#if you protected them with passwords (recommended)

#list the available keys to make sure they were added
ssh-add -l

After this, you should be able to login without a password, on whatever other hosts you put the public keys (at .ssh/authorized_keys or .ssh/authorized_keys2)