Grepping ip address accurately

Let's say we have one log file named logfile.log that contains a few lines like below:

192.168.1.1
192.168.1.10
192.168.1.11
192.168.1.111

When we want to search for 192.168.1.1, we usually will use:

$ grep 192.168.1.1 logfile.log
192.168.1.1
192.168.1.10
192.168.1.11
192.168.1.111

But unfortunately the result is not as what we expected(I assume we expect only 192.168.1.1 will come out) because grep will show to us all results "containing" the pattern given by us.

To overcome this problem, we have to use grep like this:

$ grep "192.168.1.1\>" logfile.log
192.168.1.1

Do not forget to put the double quotes, if not the command will not show any result.

That's all :)

Update:

Credit to sharuzzaman.blogspot.com for below technique, you can find the original post here

An alternative way to achive above result is by using -w flag of grep. So, instead of using grep "192.168.1.1\>" logfile.log, you can also use grep -w 192.168.1.1 logfile.log

Running windows cmd from linux

To run windows cmd from linux box, there is one tool you could use, which is winexe. You can download the installer from here. There are 2 ways to install this tool:

1. Use the preinstalled version.

• Download from here
• Unpack the bz2 file: # bunzip2 winexe-static-081123.bz2
• Change mod to allow execute: # chmod +x winexe-static-081123
• Make soft link in your /usr/local/bin: # ln -s winexe-static-081123 /usr/local/bin/winexe

2. Compile from source

• Install necessary packages (gcc, svn, *-devel....)
• Get sources from here
• Unpack the source file: # tar -xvjf winexe-source-081123.tar.bz2
• Compile according to README file:
  • cd to unpacked tar.bz2 sources
  • ./autogen.sh
  • ./configure
  • make proto bin/winexe
• Compiled file will be located in wmi/Samba/source/bin/winexe
• Install winexe:

  install -s wmi/Samba/source/bin/winexe /usr/local/bin/winexe

  
  

To use it is very simple:

# winexe -U foo -W WORKGROUP -n FOO-PC //10.0.0.61 "cmd.exe"

where -U for username, -W for workgroup, -n for target machine netbios name, 10.0.0.61 is the ip address of the target machine and cmd.exe is to start windows command prompt.

Once connected, you will get command prompt like below:

Microsoft Windows [Version 5.2.3790]

(C) Copyright 1985-2003 Microsoft Corp.

C:\WINDOWS\system32>

To quit, just type exit at the windows command prompt.

That's all :)

Logging your terminal activity

When typing on the terminal, sometimes we need to record what commands we have typed for later reference. Sure, we can simply copy the .bash_history file, but that file only shows what you have typed and not the result of the commands that you have typed. To do these kind of jobs, there are two applications that you can use:


1. script

To use script, simply run script before you start using your terminal

# script -f logfile.log

where -f is to flush output after each write, and logfile.log is the file to write whatever script has recorded.

After finish using script, simply type exit or logout to quit script


2. rootsh

Please install rootsh first if it is not installed. To use rootsh, run rootsh before start using your terminal similar to script

# rootsh -f logfile.log --no-syslog

where -f is to show which file will be used to record the session, in this case logfile.log and --no-syslog is to tell rootsh not to log to /var/log/messages. To quit from rootsh, type exit or logout. All the commands and output will be written to logfile.log.closed to show that rootsh has closed the session.

To view the output file of rootsh and script, more command can be used.