• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

GREP

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux

View previous topic :: View next topic  
Author Message
max_blakk
Just Arrived
Just Arrived


Joined: 29 Oct 2002
Posts: 0
Location: South Wales UK

Offline

PostPosted: Tue Oct 29, 2002 3:27 pm    Post subject: GREP Reply with quote

Anybodz know of some good tutorials (with examples rather than just explantions) for GREP(ing) I can see it is a powerfull tool but the idiot here is still struggling... Sad

General regular expression..??, what like "I'm of to the pub"..?? Laughing
Back to top
View user's profile Send private message MSN Messenger
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Tue Oct 29, 2002 3:41 pm    Post subject: Reply with quote

GREP is much like the windows 'find documents containing' option.

What are you trying to do with it?

I usually use it by piping the output of other commands to it to find stuff in ps and lsof etc.

e.g

ps aux | grep smb

debmac:~# ps aux | grep smb
root 230 0.0 0.2 3632 1384 ? S Oct14 0:00 smbd -D
root 8787 0.0 0.0 1332 424 pts/0 S 13:32 0:00 grep smb
debmac:~#

or if you want to find something in the logs

cat /var/log/messages | grep restart

debmac:~# cat /var/log/messages | grep restart
Oct 27 06:47:04 debmac syslogd 1.4.1#10: restart.
Oct 28 06:25:06 debmac syslogd 1.4.1#10: restart.
Oct 29 06:25:07 debmac syslogd 1.4.1#10: restart.

It's awk that I find complicated..heh

Regular expressions eh..all good fun

Anyway here are some decent tutorials on grep:

http://pegasus.rutgers.edu/~elflord/unix/grep.html

http://www.geocities.com/tipsforlinux/articles/25.html
Back to top
View user's profile Send private message Visit poster's website
max_blakk
Just Arrived
Just Arrived


Joined: 29 Oct 2002
Posts: 0
Location: South Wales UK

Offline

PostPosted: Tue Oct 29, 2002 3:54 pm    Post subject: Reply with quote

Thx ST, this must be the fastest responce time board ever..!!

The second recommended website was more what I am looking for..!!

I just want to get more specific as you demonstrated, with log files (Snort/apache etc) and filesystem searches..!!


Again Thx
Back to top
View user's profile Send private message MSN Messenger
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Tue Oct 29, 2002 4:15 pm    Post subject: Reply with quote

For snort and apache I'd be more inclined to use something like Logwatch..

There are some nice log tools for snort specifically out there aswell such as:

ACID is probably the most popular one: http://www.snort.org/dl/contrib/data_analysis/acid/

http://people.ee.ethz.ch/~dws/software/snort-rep/

http://www.packx.net/packx/html/en/download.php#ids

http://grsecurity.net/download.php

http://www.xato.net/Downloads/snort.panel.zip

Using Snort with MySQL is nice too, can create some reports and things then Smile

http://www.incident.org/snortdb/
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter