#!/bin/bash
FILE=/usr/local/apache/logs/access_log;
for ip in `cat $FILE |cut -d ' ' -f 1 |sort |uniq`;
do { COUNT=`grep ^$ip $FILE |wc -l`;
if [[ "$COUNT" -gt "10" ]]; then echo "$COUNT: $ip";
fi }; done
find / -size +10000000c -printf "%15s %pn"
find / -mtime 2 -o -ctime 2
Exemple sur le port 80:
tcpdump -ne dst port 80 and ‘tcp[13] & 2 == 2′
Pratique pour detecter un SYN FLOOD
Exemple sur le port 80
netstat -tan | grep ‘:80 ‘ | awk ‘{print $6}’ | sort | uniq -c
ALL: ALL :SPAWN echo “Service %d IP %a Utilisateur %c” | /bin/mail -s “Alerte tcpd” user@domain.fr : DENY
DELETE sc_bookmarks,
sc_tags FROM sc_tags,
sc_bookmarks WHERE sc_tags.bId = sc_bookmarks.bId AND sc_tags.tag = "tag_des_signets_à_supprimer"
dpkg-query -W –showformat=’${Installed-Size} ${Package}n’ | sort -n [administration] [bash] [debian] [linux]
UPDATE user SET user_password = MD5(CONCAT(user_id, ‘-’, MD5(‘somepass’))) WHERE user_name = ‘someuser’; [administration] [mediawiki] [mysql]
#ajouter une route par defaut
route add default gw 192.168.0.1
#afficher les routes
route -n
# supprimer une route
route del -net 192.168.0.1/24 [administration] [linux] [reseau] [routage]
