Linux

Monitoring /var/log/secure for break-in attempts

date >> ssh-intruders.log ; cat /var/log/secure | grep -i “sshd.*authentication failure” | sort | awk ‘{FS=”rhost=”; print $2}’ | awk ‘{FS=”user=”; print $1}’ | grep “.*\..*\.” | grep -v “knownhost.com” | grep -v “knownhost2.com” | sort | uniq | while read i; do counter=`grep -i “$i” /var/log/secure | wc -l` ; echo “$counter attempts by […]

Read More
Linux

vim search and replace text

Different ways of replacing text etc. Replace every occurrence of pattern1 (pat1) with pat2 :g/pat1/s//pat2/g Replace every occurence of pattern1 (pat1) with a newline :g/pat1/s//\r/g In practice this inserts a newline after every occurence of pat1.

Read More