Check These Out
order the files by modification (thanks stanishjohnd) time, one file per output line and filter first 10
Here is a command line to run on your server if you think your server is under attack. It prints our a list of open connections to your server and sorts them by amount.
BSD Version:
$ netstat -na |awk '{print $5}' |cut -d "." -f1,2,3,4 |sort |uniq -c |sort -nr
Based on capsule8 agent examples, not rigorously tested
If you don't have netcat, you can use curl.
Ever needed to test firewalls but didn't have netcat, telnet or even FTP?
Enter /dev/tcp, your new best friend. /dev/tcp/(hostname)/(port) is a bash builtin that bash can use to open connections to TCP and UDP ports.
This one-liner opens a connection on a port to a server and lets you read and write to it from the terminal.
How it works:
First, exec sets up a redirect for /dev/tcp/$server/$port to file descriptor 5.
Then, as per some excellent feedback from @flatcap, we launch a redirect from file descriptor 5 to STDOUT and send that to the background (which is what causes the PID to be printed when the commands are run), and then redirect STDIN to file descriptor 5 with the second cat.
Finally, when the second cat dies (the connection is closed), we clean up the file descriptor with 'exec 5>&-'.
It can be used to test FTP, HTTP, NTP, or can connect to netcat listening on a port (makes for a simple chat client!)
Replace /tcp/ with /udp/ to use UDP instead.
So I had this 2TB Seagate external disk/USB enclosure which by default would spin-down its internal drive (it enters a standby mode) after four minutes of inactivity.. Spinning-up the inactive drive was an annoying delay when accessing files and also it severely interfered with NFS.. SCT stands for "Standby Condition Timer".
To completely disable SCT:
$ sdparm --clear STANDBY -6 /dev/sdb
To return to original (default) SCT settings:
$ sdparm -D -p 0x1a -6 /dev/sdb
To verify the settings (before and after):
$ sdparm -a /dev/sdb
No need for vendor-provided MSWIN tools, etc.
Uses the command ts in order to add a timestamp on each line. This command is provided in the moreutils package on Debian, and you may need libtime-duration-perl to be able to format the date.
Get information of volume labels of bitlocker volumes, even if they are encrypted and locked (no access to filesystem, no password provided). Note that the volume labels can have spaces, but only if you name then before encryption. Renaming a bitlocker partition after being encrypted does not have the same effect as doing it before.