Presentation is loading. Please wait.

Presentation is loading. Please wait.

System Administration HW2 Shell Script xclin. Computer Center, CS, NCTU 2 Requirements  Xferlog statistics (15%) use one-line command to show FTP transfer.

Published byBarbara Jones Modified over 8 years ago

Similar presentations

Presentation on theme: "System Administration HW2 Shell Script xclin. Computer Center, CS, NCTU 2 Requirements  Xferlog statistics (15%) use one-line command to show FTP transfer."— Presentation transcript:

1 System Administration HW2 Shell Script xclin

2 Computer Center, CS, NCTU 2 Requirements  Xferlog statistics (15%) use one-line command to show FTP transfer statistics  watch script (35%) execute program periodically and show output fullscreen  A simple log analyzer (100%)

3 Computer Center, CS, NCTU 3 Xferlog statistics  Use one-line command to show FTP transfer statistics  For each file in xferlog Print transfers counts and total byte Result should be sorted by count and byte descending  Output format (count bytes path) 12 121231 /path-to-file1 11 1213 /path-to-file2 11 121 /path-to-file3 10 12345 /path-to-file4  Only cmd | cmd or `cmd` are allowed  No && || > >> < and temp file

4 Computer Center, CS, NCTU 4 Watch  Execute a program periodically, showing output fullscreen  Easy to monitor some information “systat –ifstat” shows network interface statistics When copy a file, there is no built-in command to show progress Use “watch ls” to find out how may byte has copied  Watch is a built-in command in Linux but FreeBSD’s watch command has another functionality

5 Computer Center, CS, NCTU 5 Watch script  Write a script to execute program periodically  Syntax watch.sh [ -i interval ] cmd | -f file-to-cmd-list Basic function ………………………10% Portinstall stat script …………………5% customized monitoring script ………..5% Anti-blank …………………………..10% Cut off out-of-screen data ……………5%  No temp files are allowed

6 Computer Center, CS, NCTU 6 Watch portinstall  Portinstall can gather port dependency and show install progress in proctitle  Write a script to monitor portinstall and run by watch.sh –f cmd-file

7 Computer Center, CS, NCTU 7 A simple log analyzer  Write a user-friendly log analyser by using dialog(1)  Use menubox to choose which log file to read (all.log, messages, xferlog, user input path) and which filter to apply 1.Show all ………………………………………..5% 2.Search keyword ………………………………..5% 3.User specified filiting command and replace inputted %file% to real path …….10% 4.Show sshd bruteforce attempt ………………..20% 5.Syslog priority selection ……………………..10% 6.Merge with archived log files ………………..10%

8 Computer Center, CS, NCTU 8 A simple log analyzer 7.Give a option of IP lists that shown in 4. and generate a firewall script that block user selected IPs ………………10% 8.Customized filiter …………………………..max 30%  Your script should provide basic functions (1~4)  Must delete temp file when exit

9 Computer Center, CS, NCTU 9 SSH bruteforce  Oct 15 12:33:24 NASA sshd[93293]: error: PAM: authentication error for root from 124.107.32.54  Oct 15 12:33:52 NASA sshd[93296]: error: PAM: authentication error for root from 220.165.9.232  Oct 15 12:34:43 NASA sshd[93299]: error: PAM: authentication error for root from 76.70.31.196  Oct 15 12:35:22 NASA sshd[93304]: error: PAM: authentication error for root from 114.143.242.51  Oct 15 12:36:08 NASA sshd[93307]: error: PAM: authentication error for root from 82.160.33.5  Oct 15 12:37:04 NASA sshd[93310]: error: PAM: authentication error for root from 85.185.74.218  Oct 15 12:37:59 NASA sshd[93313]: error: PAM: authentication error for root from 74.239.115.130  Oct 15 12:39:50 NASA sshd[93316]: error: PAM: authentication error for root from 65.33.2.11  Oct 15 12:40:44 NASA sshd[93321]: error: PAM: authentication error for root from 84.74.21.119  Oct 15 12:41:58 NASA sshd[93326]: error: PAM: authentication error for root from 207.250.220.196  Oct 15 12:42:46 NASA sshd[93329]: error: PAM: authentication error for root from 125.244.82.2  Oct 20 01:50:46 NASA sshd[5991]: Invalid user raimundo from 61.152.201.74  Oct 20 01:50:54 NASA sshd[5993]: Invalid user joan from 61.152.201.74  Oct 20 01:51:03 NASA sshd[5995]: Invalid user johan from 61.152.201.74  Oct 20 01:51:11 NASA sshd[5997]: Invalid user sebastian from 61.152.201.74  Oct 20 01:51:19 NASA sshd[5999]: Invalid user agata from 61.152.201.74  Oct 20 01:51:26 NASA sshd[6001]: Invalid user administrator from 61.152.201.74  Oct 20 01:51:43 NASA sshd[6006]: Invalid user alexandre from 61.152.201.74

10 Computer Center, CS, NCTU 10 Syslog priority selection  Oct 6 04:08:49 XXXX sshd[80329]: error: PAM: authentication error for root from 123.231.37.127  Oct 6 04:10:12 XXXX sshd[80465]: warning: /etc/hosts.allow, line 2: can't verify hostname: getaddrinfo(5.72-43-196.Musoma.juasun.net, AF_INET) failed  Oct 15 10:04:51 XXXX proftpd[26985]: yyyyyyy (218.25.25.206[218.25.25.206]) - Session timed out, disconnected  Oct 15 12:40:37 XXXX sshd[27228]: fatal: Read from socket failed: Connection reset by peer  Syslog has different priority e.g. critical, error…  Use checklist to choose which priority to display  Some log message has no priority

11 Computer Center, CS, NCTU 11 How to collect all log  Uncomment #*.* /var/log/all.log in /etc/syslog.conf  touch & chmod /var/log/all.log to 600  Restart syslogd

12 Computer Center, CS, NCTU 12 Merge with archived log files  Once a user selected a log file, search for archived log  Use checklist to determine which file to read

13 Computer Center, CS, NCTU 13 How to hand-in  Due 2009-11-10 18:30:00  Demo & How: TBD

14 Computer Center, CS, NCTU 14 Penalty  1 week 80%  2 week 70%  3 week 60%  …….

Download ppt "System Administration HW2 Shell Script xclin. Computer Center, CS, NCTU 2 Requirements  Xferlog statistics (15%) use one-line command to show FTP transfer."

Similar presentations

Managing logs with syslog-ng and SWATCH AfNOG 11, Kigali/Rwanda.

Managing logs with syslog-ng and SWATCH AfNOG 11, Kigali/Rwanda.
CIS 193A – Lesson3 Vigilance! Logging & Monitoring Syslog Logrotate Logwatch Accounting.

CIS 193A – Lesson3 Vigilance! Logging & Monitoring Syslog Logrotate Logwatch Accounting.
FILE TRANSFER PROTOCOL Short for File Transfer Protocol, the protocol for exchanging files over the Internet. FTP works in the same way as HTTP for transferring.

FILE TRANSFER PROTOCOL Short for File Transfer Protocol, the protocol for exchanging files over the Internet. FTP works in the same way as HTTP for transferring.
Chapter 21 Security. Computer Center, CS, NCTU 2 Firewall (1)  Using ipfw 1.Add these options in kernel configuration file and recompile the kernel 2.Edit.

Chapter 21 Security. Computer Center, CS, NCTU 2 Firewall (1)  Using ipfw 1.Add these options in kernel configuration file and recompile the kernel 2.Edit.
Introducing the Command Line CMSC 121 Introduction to UNIX Much of the material in these slides was taken from Dan Hood’s CMSC 121 Lecture Notes.

Introducing the Command Line CMSC 121 Introduction to UNIX Much of the material in these slides was taken from Dan Hood’s CMSC 121 Lecture Notes.
Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.

Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.
Guide To UNIX Using Linux Third Edition

Guide To UNIX Using Linux Third Edition
Lecture 02CS311 – Operating Systems 1 1 CS311 – Lecture 02 Outline UNIX/Linux features – Redirection – pipes – Terminating a command – Running program.

Lecture 02CS311 – Operating Systems 1 1 CS311 – Lecture 02 Outline UNIX/Linux features – Redirection – pipes – Terminating a command – Running program.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
NOC TOOLS syslog AfNOG 2009 - Cairo, SI-E, 2 of 5 Sunday Folayan.

NOC TOOLS syslog AfNOG Cairo, SI-E, 2 of 5 Sunday Folayan.
Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.

Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.
1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.

1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.
Eucalyptus Virtual Machines Running Maven, Tomcat, and Mysql.

Eucalyptus Virtual Machines Running Maven, Tomcat, and Mysql.
Advanced File Processing

Advanced File Processing
Thrive Installation.

Thrive Installation.
Help session: Unix basics Keith 9/9/2011. Login in Unix lab  User name: ug0xx Password: ece321 (initial)  The password will not be displayed on the.

Help session: Unix basics Keith 9/9/2011. Login in Unix lab  User name: ug0xx Password: ece321 (initial)  The password will not be displayed on the.
Copyright 2000 eMation SECURITY - Controlling Data Access with

Copyright 2000 eMation SECURITY - Controlling Data Access with
Agenda User Profile File (.profile) –Keyword Shell Variables Linux (Unix) filters –Purpose –Commands: grep, sort, awk cut, tr, wc, spell.

Agenda User Profile File (.profile) –Keyword Shell Variables Linux (Unix) filters –Purpose –Commands: grep, sort, awk cut, tr, wc, spell.
Chapter Four UNIX File Processing. 2 Lesson A Extracting Information from Files.

Chapter Four UNIX File Processing. 2 Lesson A Extracting Information from Files.
Guide To UNIX Using Linux Fourth Edition

Guide To UNIX Using Linux Fourth Edition

Similar presentations

Ads by Google