February 21, 2016

remote capture packets and analysis in wireshark

make a FIFO pipe mkfifo /tmp/pipe redirect ssh traffic to pipe* ssh REMOTE_HOST "sudo tcpdump -i eth0 -s 0 -U -w - not port 22" > /tmp/pipe open wireshark to analysis pipe wireshark -k -i /tmp/pipe *tcpdump needs root privilege, so make sure the user you logged-in can run this command or give tcpdump the privileges

August 27, 2015

sort and uniq count

I got some logs which recorded someone IP address and the URL it requests, I want to summary how many unique IP addresses request some specified URL, and request counts for one IP address. so I filter out specified URL rows: grep URL_PATH *.log then I got these rows: ... [ 2015-08-26T23:59:59+08:00 ] 14.219.202.241 /xx [ 2015-08-26T23:59:59+08:00 ] 14.219.202.241 /xx [ 2015-08-26T23:59:59+08:00 ] 14.219.202.241 /xx [ 2015-08-26T23:59:59+08:00 ] 14.219.202.241 /xx [ 2015-08-26T23:59:59+08:00 ] 14. Read more

August 16, 2015

checksums functions in MacOS

It’s better to calculate checksum for your downloaded files, it can make sure you download that real file from server, not from the ISP proxy server. In MacOS, you can use md5 and shasum to calculate file checksums. calculate a MD5 checksum md5 xxx.data calculate a SHA-1 checksum shasum -a 1 xxx.data calcuate a SHA-256 checksum shasum -a 256 xxx.data Thanks for here

Powered by Hugo & Kiss.