≡ Menu

Tip of the day

I already wrote about nohup command, which allows you to ignore HUP (hangup) signal and keep running the command after user logged out. You can accomplish the same behavior using screen or disown command.

setsid is another program that runs a program in a new session. For example run a script called ~/scripts/mirror.site:
ssh you@remote-box.com
setsid ~/scripts/mirror.site
logout

You can also pass argument to command or script:
setsid /usr/bin/beep-media-player '/nas/mp3/xyz.mp3'

Please note that setsid included in miscellaneous system utilities package called util-linux under Debian / Ubuntu Linux.

Generally you use ps command to find out all running process. You may also pipe out ps command output via grep command to pickup desired output.

Basically you don't want display grep command as the process.

Let us run combination of ps and grep command to find out all perl processes:
$ ps aux | grep perl
Output:

vivek      4611  0.0  0.7  10044  6068 ?        Ss   02:40   0:00 /usr/bin/perl apps/monitor/gwl.pl
root      4853  0.0  0.7  10044  6068 ?        Ss   02:40   0:00 /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
vivek      5166  0.0  0.0   2884   748 pts/0    R+   03:06   0:00 grep perl

In above example you are getting the grep process itself. To ignore grep process from output, type any one of the following:
$ ps aux | grep perl | grep -v grep
OR
$ ps aux | grep '[p]erl'

By hiding out DNS server version number you can improve server security. fpdns is a program that remotely determines DNS server versions. It does this by sending a series of borderline DNS queries which are compared against a table of responses and server versions. (just like nmap command’s remote OS detection facility).

A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behavior of different DNS implementations is expected to be the same.

Install fpdns

Debian / Ubuntu user, enter the following command:
$ sudo apt-get install fpdns
FreeBSD user, either use ports or binary package:
$ pkg_add -v -r fpdns
Alternatively grab source code from official web site.

Howto remotely determine DNS server version

To determine DNS server version for domain nixcraft.com, enter:
$ fpdns -D nixcraft.com
Output:

fingerprint (nixcraft.com, 64.202.165.116): bboy MyDNS
fingerprint (nixcraft.com, 208.109.80.52): bboy MyDNS 

You can easily find out if recursion enabled or not:
$ fpdns ns1.vnsl.com.
Output:

fingerprint (ns1.vnsl.com., 69.60.111.228): ISC BIND 9.2.3rc1 -- 9.4.0a0 [recursion enabled]  

To read list of servers from key board, enter:
$ fpdns -
Output:

ns2.vnsl.com
fingerprint (ns2.vnsl.com, 64.85.160.11): ISC BIND 9.2.3rc1 -- 9.4.0a0 [recursion enabled]
ns1.softlayer.com
fingerprint (ns1.softlayer.com, 66.228.118.8): ISC BIND 9.2.3rc1 -- 9.4.0a0
ns.yahoo.com
fingerprint (ns.yahoo.com, 66.218.71.63): ISC BIND 8.3.0-RC1 -- 8.4.4
ns1.google.com
fingerprint (ns1.google.com, 216.239.32.10): ISC BIND 8.3.0-RC1 -- 8.4.4 

Further readings

=> Read fpdns man page.

Linux and Unix like operating systems comes with z* commands. These commands allow you to read gzip compressed text files using zless, zcat, zmore and friends commands. The gzip command reduces the size of the files using Lempel-Ziv coding (LZ77). Whenever possible, each file is replaced by one with the extension .gz, while keeping the same ownership modes, access and modification times. z* commands has some cool usage too; such as display the current time in different zonename.
[click to continue…]

Domain Expiration Check Shell Script

I've already written about a shell script to check / monitor domain renew / expiration date here. Now I’ve modified matt’s domain-check script to support additional C/TLDs .in, .biz, .org and .info domains. I've also added 5 seconds delay to avoid whois server rejecting query. This script checks to see if a domain has expired. It can be run in interactive and batch mode, and provides facilities to alarm if a domain is about to expire in advance.

Sample usage

Display expiration date and registrar for theos.in domain:
domain-check-2 -d {domain-name}

$ domain-check-2 -d theos.in
Output:

Domain                              Registrar         Status   Expires     Days Left
----------------------------------- ----------------- -------- ----------- ---------
theos.in                            et4India (R7-AFIN Valid    28-Oct-2009   799  

You can also get an email if theos.in going to expire in 30 days
$ domain-check-2 -a -d theos.in -q -x 30 -e vivek@nixcraft.com

However most killer feature is you can read list of domain names from a file such as mydomains.txt (list each domain on a new line):
$ domain-check-2 -a -f mydomains.txt -q -x 30 -e vivek@nixcraft.com
OR
$ domain-check-2 -f mydomains.txt

Output:

Domain                              Registrar         Status   Expires     Days Left
----------------------------------- ----------------- -------- ----------- ---------
theos.in                            et4India (R7-AFIN Valid    28-Oct-2009   799
nixcraft.org                        oDaddy.com, Inc.  Valid    13-Aug-2009   723
vivekgite.com                       MONIKER ONLINE SE Valid    18-aug-2010   1093
cyberciti.biz                                         Valid    30-Jun-2009   679
nixcraft.info                       oDaddy.com Inc. ( Valid    26-Jun-2009   675
nixcraft.net                        GODADDY.COM, INC. Valid    11-dec-2009   843  

Download

=> Download modified domain-check-2 script here.

Quick installation

Use wget command to download and install domain-check script:
$ wget http://www.cyberciti.biz/files/scripts/domain-check-2.txt
$ mv domain-check-2.txt domain-check
$ chmod +x domain-check
$ ./domain-check -d vivekgite.com

Make sure your run domain-check script using a cron job.

I’m little surprised to find that Ubuntu Linux skips development man pages by default. A quick search using apt-cache pointed out to manpages-dev package. It includes manual pages about using GNU/Linux for development.

Install development man pages

Use apt-get command:
$ sudo apt-get install manpages-dev
To view library calls (functions within program libraries), enter:
$ man 3 function-name
$ man 3 putc

You need to verify that that downloaded Linux DVD or ISO images are intact before you burn and use them. This is security feature. But how do you verify ISO images?

Answer is quite simple use md5sum command to compute and check MD5 message digest.

Why verify ISO images?

a) To protect yourself
b) Verify that a file has not changed as a result of file transfer, disk error, cracker attacks, etc.

How does it work?

When you run md5sum command on ISO file, you get checksum (or hash) on screen. You need to compare this checksum with original. It works as a compact digital fingerprint of a file. You can then compare the MD5 hash of your download ISO file, to the known good hash of the file you are checking. If the two values match, you are safe and use the ISO image.

Example

Let us download FreeBSD ISO image:
$ cd /tmp
$ wget ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/ISO-IMAGES/6.2/6.2-RELEASE-i386-bootonly.iso

Next download MD5 checksum:
$ wget ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/ISO-IMAGES/6.2/CHECKSUM.MD5

Generate MD5 hash for ISO image

$ md5sum 6.2-RELEASE-i386-bootonly.iso
Output:

4e8701ac951bc4537f8420fdac7efbb5  6.2-RELEASE-i386-bootonly.iso

Verify ISO image

See the known good hash of the file (6.2-RELEASE-i386-bootonly.iso):
$ md5sum -c CHECKSUM.MD5
Output:

6.2-RELEASE-i386-bootonly.iso: OK

You can also use following command for the same purpose:

A note for Windows XP / Vista users