16:29:02
|
#cd net/arp
arp-sk/ arpd/ arping/ arprelease/ |
| /l3/trainings/xg-ids/2005-12-19/fbsd2.linux.nt/user :1 :2 :3 :4 :5 :6 :7 :8 :9 :10 :11 :12 :13 :14 :15 :16 :17 :18 :19 :20 :21 :22 |
|
|
#make search name=farpd
|
|
#make search name=arpd
Port: arpd-0.2_1 Path: /usr/ports/net/arpd Info: A daemon to service arp replies Maint: yb@bashibuzuk.net B-deps: libdnet-1.10 libevent-1.1a R-deps: libdnet-1.10 libevent-1.1a WWW: http://www.citi.umich.edu/u/provos/ |
|
#cd net/arp
arp-sk/ arpd/ arping/ arprelease/ |
|
#cd net/arpd
|
|
#cat pkg-descr
Arpd can be used to direct all Arp queries for an interface into a single IP address or network. WWW: http://www.citi.umich.edu/u/provos/ - Dominic <dominic_marks@btinternet.com> |
|
#pkg_add -r arpd
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/Latest/arpd.tbz... Done. |
|
#man arpd
|
|
#strings `which arpd`
/libexec/ld-elf.so.1 libdnet.so.1 intf_get ioctl memmove snprintf _DYNAMIC getpid memcpy perror ... calloc: %m %s: %s is allocated %s: %s still discovering (%d) pcap_dispatch: %s exiting on signal %d di:h? fopen daemon signal $FreeBSD: src/lib/csu/i386-elf/crtn.S,v 1.6 2005/05/19 07:31:06 dfr Exp $ |
|
#strings `which arpd` | grep conf
bad interface configuration: not IP or Ethernet |
|
#strings `which arpd` | grep etc
|
|
#pkg_info -Lx arpd
Information for arpd-0.2_1: Files: /usr/local/sbin/arpd /usr/local/man/man8/arpd.8.gz |
|
#vi /usr/local/etc/
|
|
#strings `which arpd`
/libexec/ld-elf.so.1 libdnet.so.1 intf_get ioctl memmove snprintf _DYNAMIC getpid memcpy perror ... calloc: %m %s: %s is allocated %s: %s still discovering (%d) pcap_dispatch: %s exiting on signal %d di:h? fopen daemon signal $FreeBSD: src/lib/csu/i386-elf/crtn.S,v 1.6 2005/05/19 07:31:06 dfr Exp $ |
|
#which arpd
/usr/local/sbin/arpd |
|
#arpd -i rl0 -net 192.168.15.110-192.168.15.112
arpd: illegal option -- n Usage: arpd [-d] [-i interface] [net] |
|
#arpd -i rl0 net 192.168.15.110-192.168.15.112
arpd: arpd_expandips: Invalid network range: net |
|
#man arpd
|
|
#arpd -i rl0 net 192.168.15.110-192.168.15.112
arpd: arpd_expandips: Invalid network range: net |
|
#arpd -i rl0 net 192.168.15.110
arpd: arpd_expandips: Invalid network range: net |
|
#arpd -i rl0 192.168.15.110-192.168.15.112
arpd[65041]: listening on rl0: arp and (dst net 192.168.15.110/31 or dst net 192.168.15.112/32) and not ether src 00:13:8f:2f:ac:5e |
|
#ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes ping: sendto: Host is down ping: sendto: Host is down ^C --- 192.168.15.110 ping statistics --- 8 packets transmitted, 0 packets received, 100% packet loss |
|
#ssh user@m04
The authenticity of host 'fbsd4.linux.nt (192.168.15.24)' can't be established.
DSA key fingerprint is f1:af:18:9e:9d:67:3c:95:e2:13:6f:91:f3:33:14:98.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'fbsd4.linux.nt' (DSA) to the list of known hosts.
Password:
Last login: Fri Dec 23 09:30:26 2005
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-RELEASE (GENERIC) #0: Thu Nov 3 09:36:13 UTC 2005
Welcome to FreeBSD!
...
along with the mailing lists, can be searched by going to
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they're also available formatted in /usr/share/doc.
If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
manual page. If you are not familiar with manual pages, type `man man'.
You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.
|
|
#sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root arpd 65042 4 udp4 *:* *:* root sshd 62752 3 tcp4 192.168.15.22:22 192.168.15.254:59910 root sshd 61248 3 tcp4 192.168.15.22:22 192.168.15.25:1108 root sshd 60739 3 tcp4 192.168.15.22:22 192.168.15.24:60272 root sshd 57409 3 tcp4 192.168.15.22:22 192.168.15.254:59903 www httpd 32112 16 tcp4 *:80 *:* www httpd 32111 16 tcp4 *:80 *:* www httpd 32110 16 tcp4 *:80 *:* www httpd 32107 16 tcp4 *:80 *:* ... root syslog-ng 557 8 udp4 192.168.15.22:52817 192.168.15.3:514 www httpd 548 16 tcp4 *:80 *:* www httpd 547 16 tcp4 *:80 *:* www httpd 546 16 tcp4 *:80 *:* www httpd 545 16 tcp4 *:80 *:* www httpd 544 16 tcp4 *:80 *:* mysql mysqld 543 3 tcp4 *:3306 *:* root httpd 471 16 tcp4 *:80 *:* root sendmail 435 3 tcp4 127.0.0.1:25 *:* root sshd 429 4 tcp4 *:22 *:* |
|
#killall arpd
|
|
#sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root sshd 62752 3 tcp4 192.168.15.22:22 192.168.15.254:59910 root sshd 61248 3 tcp4 192.168.15.22:22 192.168.15.25:1108 root sshd 60739 3 tcp4 192.168.15.22:22 192.168.15.24:60272 root sshd 57409 3 tcp4 192.168.15.22:22 192.168.15.254:59903 www httpd 32112 16 tcp4 *:80 *:* www httpd 32111 16 tcp4 *:80 *:* www httpd 32110 16 tcp4 *:80 *:* www httpd 32107 16 tcp4 *:80 *:* root nessusd 32060 4 tcp4 *:1241 *:* ... root syslog-ng 557 8 udp4 192.168.15.22:52817 192.168.15.3:514 www httpd 548 16 tcp4 *:80 *:* www httpd 547 16 tcp4 *:80 *:* www httpd 546 16 tcp4 *:80 *:* www httpd 545 16 tcp4 *:80 *:* www httpd 544 16 tcp4 *:80 *:* mysql mysqld 543 3 tcp4 *:3306 *:* root httpd 471 16 tcp4 *:80 *:* root sendmail 435 3 tcp4 127.0.0.1:25 *:* root sshd 429 4 tcp4 *:22 *:* |
|
#arpd -d rl0 192.168.15.110-192.168.15.112
arpd[65152]: listening on rl0: arp and (dst net 192.168.15.110/31 or dst net 192.168.15.112/32) and not ether src 00:13:8f:2f:ac:5e arpd[65152]: arpd_lookup: no entry for 192.168.15.110 arpd[65152]: arpd_send: who-has 192.168.15.110 tell 192.168.15.22 arpd[65152]: arpd_recv_cb: 192.168.15.110 still discovering (1) arpd[65152]: arpd_send: who-has 192.168.15.110 tell 192.168.15.22 arpd[65152]: arpd_recv_cb: 192.168.15.110 still discovering (2) arpd[65152]: arpd_recv_cb: 192.168.15.110 still discovering (2) arpd[65152]: arp reply 192.168.15.110 is-at 00:13:8f:2f:ac:5e arpd[65152]: arp reply 192.168.15.110 is-at 00:13:8f:2f:ac:5e arpd[65152]: arp reply 192.168.15.110 is-at 00:13:8f:2f:ac:5e arpd[65152]: arp reply 192.168.15.110 is-at 00:13:8f:2f:ac:5e arpd[65152]: arp reply 192.168.15.110 is-at 00:13:8f:2f:ac:5e arpd[65152]: arp reply 192.168.15.110 is-at 00:13:8f:2f:ac:5e arpd[65152]: arp reply 192.168.15.110 is-at 00:13:8f:2f:ac:5e arpd[65152]: arp reply 192.168.15.110 is-at 00:13:8f:2f:ac:5e arpd[65152]: arp reply 192.168.15.110 is-at 00:13:8f:2f:ac:5e ^Carpd[65152]: exiting on signal 2 |
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes ^C --- 192.168.15.110 ping statistics --- 3 packets transmitted, 0 packets received, 100% packet loss |
|
$exit
exit Connection to fbsd4.linux.nt closed. |
|
#arpd -i rl0 192.168.15.110-192.168.15.112
arpd[65164]: listening on rl0: arp and (dst net 192.168.15.110/31 or dst net 192.168.15.112/32) and not ether src 00:13:8f:2f:ac:5e |
|
#ifconfig
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 fe80::213:8fff:fe2f:ac5e%rl0 prefixlen 64 scopeid 0x1
inet 192.168.15.22 netmask 0xffffff00 broadcast 192.168.15.255
ether 00:13:8f:2f:ac:5e
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
inet 127.0.0.1 netmask 0xff000000
|
|
#vi /usr/local/etc/honeyd.conf
|
|
#ping 192.168.11.110
PING 192.168.11.110 (192.168.11.110): 56 data bytes ^C --- 192.168.11.110 ping statistics --- 3 packets transmitted, 0 packets received, 100% packet loss |
|
#arng 192.168.11.110
ARPING 192.168.11.110 60 bytes from 00:04:75:75:46:c1 (192.168.11.110): index=0 time=9.950 msec 60 bytes from 00:04:75:75:46:c1 (192.168.11.110): index=1 time=9.965 msec 60 bytes from 00:04:75:75:46:c1 (192.168.11.110): index=2 time=9.960 msec 60 bytes from 00:04:75:75:46:c1 (192.168.11.110): index=3 time=9.961 msec 60 bytes from 00:04:75:75:46:c1 (192.168.11.110): index=4 time=28.258 msec ^C --- 192.168.11.110 statistics --- 7 packets transmitted, 5 packets received, 29% unanswered |
|
#arping 192.168.11.120
ARPING 192.168.11.120 60 bytes from 00:04:75:75:46:c1 (192.168.11.120): index=0 time=9.966 msec 60 bytes from 00:04:75:75:46:c1 (192.168.11.120): index=1 time=9.943 msec ^C --- 192.168.11.120 statistics --- 4 packets transmitted, 2 packets received, 50% unanswered |
|
#vi /usr/local/etc/honeyd.conf
|
|
#sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root arpd 65165 4 udp4 *:* *:* root sshd 62752 3 tcp4 192.168.15.22:22 192.168.15.254:59910 root sshd 61248 3 tcp4 192.168.15.22:22 192.168.15.25:1108 root sshd 60739 3 tcp4 192.168.15.22:22 192.168.15.24:60272 root sshd 57409 3 tcp4 192.168.15.22:22 192.168.15.254:59903 www httpd 32112 16 tcp4 *:80 *:* www httpd 32111 16 tcp4 *:80 *:* www httpd 32110 16 tcp4 *:80 *:* www httpd 32107 16 tcp4 *:80 *:* ... root syslog-ng 557 8 udp4 192.168.15.22:52817 192.168.15.3:514 www httpd 548 16 tcp4 *:80 *:* www httpd 547 16 tcp4 *:80 *:* www httpd 546 16 tcp4 *:80 *:* www httpd 545 16 tcp4 *:80 *:* www httpd 544 16 tcp4 *:80 *:* mysql mysqld 543 3 tcp4 *:3306 *:* root httpd 471 16 tcp4 *:80 *:* root sendmail 435 3 tcp4 127.0.0.1:25 *:* root sshd 429 4 tcp4 *:22 *:* |
|
#man honeyd
|
|
#honeyd -f /usr/local/etc/honeyd.conf
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos honeyd[65929]: started with -f /usr/local/etc/honeyd.conf Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0" Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3" honeyd[65929]: listening promiscuously on rl0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip )) and not ether src 00:13:8f:2f:ac:5e /usr/local/etc/honeyd.conf:3: Unknown personality "Windows NT 4.0 Server SP5-SP6" honeyd: parsing configuration file failed |
|
#sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root arpd 65165 4 udp4 *:* *:* root sshd 62752 3 tcp4 192.168.15.22:22 192.168.15.254:59910 root sshd 61248 3 tcp4 192.168.15.22:22 192.168.15.25:1108 root sshd 60739 3 tcp4 192.168.15.22:22 192.168.15.24:60272 root sshd 57409 3 tcp4 192.168.15.22:22 192.168.15.254:59903 www httpd 32112 16 tcp4 *:80 *:* www httpd 32111 16 tcp4 *:80 *:* www httpd 32110 16 tcp4 *:80 *:* www httpd 32107 16 tcp4 *:80 *:* ... root syslog-ng 557 8 udp4 192.168.15.22:52817 192.168.15.3:514 www httpd 548 16 tcp4 *:80 *:* www httpd 547 16 tcp4 *:80 *:* www httpd 546 16 tcp4 *:80 *:* www httpd 545 16 tcp4 *:80 *:* www httpd 544 16 tcp4 *:80 *:* mysql mysqld 543 3 tcp4 *:3306 *:* root httpd 471 16 tcp4 *:80 *:* root sendmail 435 3 tcp4 127.0.0.1:25 *:* root sshd 429 4 tcp4 *:22 *:* |
|
#vi /usr/local/etc/honeyd.conf
|
|
### yd -i rl0 /local/etc/honeyd.conf
|
|
#sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root arpd 65165 4 udp4 *:* *:* root sshd 62752 3 tcp4 192.168.15.22:22 192.168.15.254:59910 root sshd 61248 3 tcp4 192.168.15.22:22 192.168.15.25:1108 root sshd 60739 3 tcp4 192.168.15.22:22 192.168.15.24:60272 root sshd 57409 3 tcp4 192.168.15.22:22 192.168.15.254:59903 www httpd 32112 16 tcp4 *:80 *:* www httpd 32111 16 tcp4 *:80 *:* www httpd 32110 16 tcp4 *:80 *:* www httpd 32107 16 tcp4 *:80 *:* ... root syslog-ng 557 8 udp4 192.168.15.22:52817 192.168.15.3:514 www httpd 548 16 tcp4 *:80 *:* www httpd 547 16 tcp4 *:80 *:* www httpd 546 16 tcp4 *:80 *:* www httpd 545 16 tcp4 *:80 *:* www httpd 544 16 tcp4 *:80 *:* mysql mysqld 543 3 tcp4 *:3306 *:* root httpd 471 16 tcp4 *:80 *:* root sendmail 435 3 tcp4 127.0.0.1:25 *:* root sshd 429 4 tcp4 *:22 *:* |
|
#man honeyd
|
|
#man honeyd
|
|
#honeyd -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos honeyd[66268]: started with -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110 Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0" Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3" honeyd[66268]: listening promiscuously on rl0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 192.168.15.110))) and not ether src 00:13:8f:2f:ac:5e /usr/local/etc/honeyd.conf:3: Unknown personality "Windows NT 4.0 Server SP5-SP6" honeyd: parsing configuration file failed |
|
#ps -waux | grep hon
user 64151 0.0 3.1 37240 32056 ?? S 4:17PM 0:21.40 kpdf /home/user/Desktop/simulating_networks_with_honeyd.pdf -icon kpdf - |
|
#honeyd -d rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos honeyd[66369]: started with -d -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110 Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0" Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3" honeyd[66369]: listening promiscuously on rl0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 192.168.15.110))) and not ether src 00:13:8f:2f:ac:5e /usr/local/etc/honeyd.conf:3: Unknown personality "Windows NT 4.0 Server SP5-SP6" honeyd: parsing configuration file failed |
|
#honeyd -d -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110/32
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos honeyd[66478]: started with -d -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110/32 Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0" Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3" honeyd[66478]: listening promiscuously on rl0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 192.168.15.110/32))) and not ether src 00:13:8f:2f:ac:5e honeyd: bad pcap filter: Mask syntax for networks only |
|
#honeyd -d -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos honeyd[66487]: started with -d -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110 Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0" Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3" honeyd[66487]: listening promiscuously on rl0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 192.168.15.110))) and not ether src 00:13:8f:2f:ac:5e /usr/local/etc/honeyd.conf:3: Unknown personality "Windows NT 4.0 Server SP5-SP6" honeyd: parsing configuration file failed |
|
#pkg_info -Lx honeyd
Information for honeyd-1.0_1: Files: /usr/local/man/man1/honeydctl.1.gz /usr/local/man/man8/honeyd.8.gz /usr/local/bin/honeyd /usr/local/bin/honeydctl /usr/local/include/honeyd/debug.h /usr/local/include/honeyd/hooks.h /usr/local/include/honeyd/plugins.h /usr/local/include/honeyd/plugins_config.h ... /usr/local/share/honeyd/scripts/mydoom.pl /usr/local/share/honeyd/scripts/README.mydoom /usr/local/share/honeyd/scripts/cmdexe.pl /usr/local/share/honeyd/scripts/README.cmdexe /usr/local/share/honeyd/scripts/README.kuang2 /usr/local/share/honeyd/scripts/INSTALL.kuang2 /usr/local/share/honeyd/scripts/kuang2.pl /usr/local/share/honeyd/scripts/kuang2.conf /usr/local/share/honeyd/scripts/smtp.pl /usr/local/share/honeyd/scripts/proxy.pl |
|
#vi /usr/local/share/honeyd/nmap.prints
|
|
#vi /usr/local/etc/honeyd.conf
|
|
#honeyd -d -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos honeyd[66602]: started with -d -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110 Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0" Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3" honeyd[66602]: listening promiscuously on rl0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 192.168.15.110))) and not ether src 00:13:8f:2f:ac:5e honeyd[66602]: Demoting process privileges to uid 32767, gid 32767 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 ... honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[66602]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 ^Choneyd[66602]: exiting on signal 2 |
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes ^C --- 192.168.15.110 ping statistics --- 3 packets transmitted, 0 packets received, 100% packet loss |
|
$ssh user@m04
The authenticity of host 'fbsd4.linux.nt (192.168.15.24)' can't be established.
DSA key fingerprint is f1:af:18:9e:9d:67:3c:95:e2:13:6f:91:f3:33:14:98.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'fbsd4.linux.nt' (DSA) to the list of known hosts.
Password:
Last login: Fri Dec 23 16:39:54 2005 from fbsd2.linux.nt
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-RELEASE (GENERIC) #0: Thu Nov 3 09:36:13 UTC 2005
Welcome to FreeBSD!
...
along with the mailing lists, can be searched by going to
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they're also available formatted in /usr/share/doc.
If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
manual page. If you are not familiar with manual pages, type `man man'.
You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.
|
|
$nmap &
[1] 66688
Nmap 3.81 Usage: nmap [Scan Type(s)] [Options] <host or net list>
Some Common Scan Types ('*' options require root privileges)
* -sS TCP SYN stealth port scan (default if privileged (root))
-sT TCP connect() port scan (default for unprivileged users)
* -sU UDP port scan
-sP ping scan (Find any reachable machines)
* -sF,-sX,-sN Stealth FIN, Xmas, or Null scan (experts only)
-sV Version scan probes open ports determining service & app names/versions
-sR RPC scan (use with other scan types)
...
-6 scans via IPv6 rather than IPv4
-T <Paranoid|Sneaky|Polite|Normal|Aggressive|Insane> General timing policy
-n/-R Never do DNS resolution/Always resolve [default: sometimes resolve]
-oN/-oX/-oG <logfile> Output normal/XML/grepable scan logs to <logfile>
-iL <inputfile> Get targets from file; Use '-' for stdin
* -S <your_IP>/-e <devicename> Specify source address or network interface
--interactive Go into interactive mode (then press h for help)
Example: nmap -v -sS -O www.my.com 192.168.0.0/16 '192.88-90.*.*'
SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES
[1]+ Exit 255 nmap
|
|
$sudo nmap &
[1] 66697 Password: [1]+ Stopped sudo nmap |
|
$fg 1
sudo nmap Password: |
|
$ping 192.168.15.100
PING 192.168.15.100 (192.168.15.100): 56 data bytes ^C --- 192.168.15.100 ping statistics --- 4 packets transmitted, 0 packets received, 100% packet loss |
|
$ssh user@m04
Password:
Last login: Fri Dec 23 17:07:50 2005 from fbsd2.linux.nt
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-RELEASE (GENERIC) #0: Thu Nov 3 09:36:13 UTC 2005
Welcome to FreeBSD!
Before seeking technical support, please use the following resources:
o Security advisories and updated errata information for all releases are
at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
for your release first as it's updated frequently.
o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,
along with the mailing lists, can be searched by going to
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they're also available formatted in /usr/share/doc.
If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
manual page. If you are not familiar with manual pages, type `man man'.
You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.
|
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes 64 bytes from 192.168.15.110: icmp_seq=0 ttl=64 time=0.486 ms 64 bytes from 192.168.15.110: icmp_seq=1 ttl=64 time=0.414 ms 64 bytes from 192.168.15.110: icmp_seq=2 ttl=64 time=0.455 ms 64 bytes from 192.168.15.110: icmp_seq=3 ttl=64 time=0.442 ms 64 bytes from 192.168.15.110: icmp_seq=4 ttl=64 time=0.431 ms 64 bytes from 192.168.15.110: icmp_seq=5 ttl=64 time=0.436 ms 64 bytes from 192.168.15.110: icmp_seq=6 ttl=64 time=0.442 ms 64 bytes from 192.168.15.110: icmp_seq=7 ttl=64 time=0.427 ms 64 bytes from 192.168.15.110: icmp_seq=8 ttl=64 time=0.438 ms ... 64 bytes from 192.168.15.110: icmp_seq=23 ttl=64 time=0.423 ms 64 bytes from 192.168.15.110: icmp_seq=24 ttl=64 time=0.467 ms 64 bytes from 192.168.15.110: icmp_seq=25 ttl=64 time=0.443 ms 64 bytes from 192.168.15.110: icmp_seq=26 ttl=64 time=0.440 ms 64 bytes from 192.168.15.110: icmp_seq=27 ttl=64 time=0.445 ms 64 bytes from 192.168.15.110: icmp_seq=28 ttl=64 time=0.424 ms ^C --- 192.168.15.110 ping statistics --- 29 packets transmitted, 29 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.414/0.440/0.486/0.015 ms |
|
$exit
exit Connection to fbsd4.linux.nt closed. |
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes ^C --- 192.168.15.110 ping statistics --- 31 packets transmitted, 0 packets received, 100% packet loss |
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes ^C --- 192.168.15.110 ping statistics --- 9 packets transmitted, 0 packets received, 100% packet loss |
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes ^C --- 192.168.15.110 ping statistics --- 22 packets transmitted, 0 packets received, 100% packet loss |
|
#arpd -i rl0 192.168.15.110-192.168.15.112
arpd[66803]: listening on rl0: arp and (dst net 192.168.15.110/31 or dst net 192.168.15.112/32) and not ether src 00:13:8f:2f:ac:5e |
|
#killall arpd
|
|
#arpd -d rl0 192.168.15.110-192.168.15.112
arpd[66822]: listening on rl0: arp and (dst net 192.168.15.110/31 or dst net 192.168.15.112/32) and not ether src 00:13:8f:2f:ac:5e arpd[66822]: arpd_lookup: 192.168.15.110 at 00:04:75:75:46:c1 arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated ... arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated arpd[66822]: arpd_recv_cb: 192.168.15.110 is allocated ^Carpd[66822]: exiting on signal 2 |
|
$arp -da
arp: writing to routing socket: Operation not permitted arp: writing to routing socket: Operation not permitted arp: writing to routing socket: Operation not permitted arp: writing to routing socket: Operation not permitted arp: writing to routing socket: Operation not permitted arp: writing to routing socket: Operation not permitted |
|
$sudo da
Password: 192.168.15.3 (192.168.15.3) deleted 192.168.15.22 (192.168.15.22) deleted 192.168.15.25 (192.168.15.25) deleted 192.168.15.100 (192.168.15.100) deleted 192.168.15.110 (192.168.15.110) deleted 192.168.15.254 (192.168.15.254) deleted |
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes ping: sendto: Host is down ping: sendto: Host is down ping: sendto: Host is down ^C --- 192.168.15.110 ping statistics --- 9 packets transmitted, 0 packets received, 100% packet loss |
|
$arng 192.168.15.110
bash: arping: command not found |
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes ^C --- 192.168.15.110 ping statistics --- 4 packets transmitted, 0 packets received, 100% packet loss |
|
$host.168.15.110
Host 110.15.168.192.in-addr.arpa not found: 3(NXDOMAIN) |
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes ping: sendto: Host is down ping: sendto: Host is down ping: sendto: Host is down ^C --- 192.168.15.110 ping statistics --- 5 packets transmitted, 0 packets received, 100% packet loss |
|
#arpd -i rl0 192.168.15.110-192.168.15.112
arpd[66858]: listening on rl0: arp and (dst net 192.168.15.110/31 or dst net 192.168.15.112/32) and not ether src 00:13:8f:2f:ac:5e |
|
#honeyd -d -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos honeyd[66868]: started with -d -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110 Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0" Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3" honeyd[66868]: listening promiscuously on rl0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 192.168.15.110))) and not ether src 00:13:8f:2f:ac:5e honeyd[66868]: Demoting process privileges to uid 32767, gid 32767 ^Choneyd[66868]: exiting on signal 2 |
|
$sudo g 192.168.15.110
sudo: arping: command not found |
|
$pkg_add -r arping
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/Latest/arping.tbz... Done. sbin/arping: Can't open 'sbin/arping': Permission denied man/man8/arping.8.gz: Can't open 'man/man8/arping.8.gz': Permission denied pkg_add: extract_plist: can not invoke 93 byte tar pipeline: /usr/bin/tar cf - sbin/arping man/man8/arping.8.gz|/usr/bin/tar --unlink -xpf - -C /usr/local |
|
$sudo dd -r arping
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.0-release/Latest/arping.tbz... Done. |
|
$sudo arping 192.168.15.110
ARPING 192.168.15.110 ^C --- 192.168.15.110 statistics --- 45 packets transmitted, 0 packets received, 100% unanswered |
|
#honeyd -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos honeyd[66877]: started with -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110 Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0" Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3" honeyd[66877]: listening promiscuously on rl0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 192.168.15.110))) and not ether src 00:13:8f:2f:ac:5e Honeyd starting as background process |
|
#ping 192.168.15.140
PING 192.168.15.140 (192.168.15.140): 56 data bytes ^C --- 192.168.15.140 ping statistics --- 4 packets transmitted, 0 packets received, 100% packet loss |
|
#cat /usr/local/etc/honeyd.conf
### Windows computers create windows set windows personality "Microsoft Windows Server 2003 Standard Edition" add windows tcp port 80 "perl scripts/iis-0.95/iisemul8.pl" add windows tcp port 139 open add windows tcp port 137 open add windows udp port 137 open add windows udp port 135 open set windows default tcp action reset set windows default udp action reset bind 192.168.11.110 windows #bind 10.0.0.52 windows |
|
#viusr/local/etc/honeyd.conf
set windows personality "Microsoft Windows Server 2003 Standard Edition" add windows tcp port 80 "perl scripts/iis-0.95/iisemul8.pl" add windows tcp port 139 open add windows tcp port 137 open add windows udp port 137 open add windows udp port 135 open set windows default tcp action reset set windows default udp action reset bind 192.168.15.110 windows #bind 10.0.0.52 windows ... ~ ~ ~ ~ ~ ~ ~ ~ ~ /usr/local/etc/honeyd.conf: 13 lines, 417 characters |
|
$sudo arping 192.168.15.110
ARPING 192.168.15.110 ^C --- 192.168.15.110 statistics --- 12 packets transmitted, 0 packets received, 100% unanswered |
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes ^C --- 192.168.15.110 ping statistics --- 3 packets transmitted, 0 packets received, 100% packet loss |
|
#sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root arpd 66859 4 udp4 *:* *:* user ssh 66746 3 tcp4 192.168.15.22:56158 192.168.15.24:22 root sshd 61248 3 tcp4 192.168.15.22:22 192.168.15.25:1108 root sshd 60739 3 tcp4 192.168.15.22:22 192.168.15.24:60272 root sshd 57409 3 tcp4 192.168.15.22:22 192.168.15.254:59903 www httpd 32112 16 tcp4 *:80 *:* www httpd 32111 16 tcp4 *:80 *:* www httpd 32110 16 tcp4 *:80 *:* www httpd 32107 16 tcp4 *:80 *:* ... root syslog-ng 557 8 udp4 192.168.15.22:52817 192.168.15.3:514 www httpd 548 16 tcp4 *:80 *:* www httpd 547 16 tcp4 *:80 *:* www httpd 546 16 tcp4 *:80 *:* www httpd 545 16 tcp4 *:80 *:* www httpd 544 16 tcp4 *:80 *:* mysql mysqld 543 3 tcp4 *:3306 *:* root httpd 471 16 tcp4 *:80 *:* root sendmail 435 3 tcp4 127.0.0.1:25 *:* root sshd 429 4 tcp4 *:22 *:* |
|
#killall arpd
|
|
#sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS user ssh 66746 3 tcp4 192.168.15.22:56158 192.168.15.24:22 root sshd 61248 3 tcp4 192.168.15.22:22 192.168.15.25:1108 root sshd 60739 3 tcp4 192.168.15.22:22 192.168.15.24:60272 root sshd 57409 3 tcp4 192.168.15.22:22 192.168.15.254:59903 www httpd 32112 16 tcp4 *:80 *:* www httpd 32111 16 tcp4 *:80 *:* www httpd 32110 16 tcp4 *:80 *:* www httpd 32107 16 tcp4 *:80 *:* root nessusd 32060 4 tcp4 *:1241 *:* ... root syslog-ng 557 8 udp4 192.168.15.22:52817 192.168.15.3:514 www httpd 548 16 tcp4 *:80 *:* www httpd 547 16 tcp4 *:80 *:* www httpd 546 16 tcp4 *:80 *:* www httpd 545 16 tcp4 *:80 *:* www httpd 544 16 tcp4 *:80 *:* mysql mysqld 543 3 tcp4 *:3306 *:* root httpd 471 16 tcp4 *:80 *:* root sendmail 435 3 tcp4 127.0.0.1:25 *:* root sshd 429 4 tcp4 *:22 *:* |
|
#arpd -i rl0 192.168.15.110-192.168.15.112
arpd[67131]: listening on rl0: arp and (dst net 192.168.15.110/31 or dst net 192.168.15.112/32) and not ether src 00:13:8f:2f:ac:5e |
|
#honeyd -d rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos honeyd[67141]: started with -d -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110 Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0" Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3" honeyd[67141]: listening promiscuously on rl0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 192.168.15.110))) and not ether src 00:13:8f:2f:ac:5e honeyd[67141]: Demoting process privileges to uid 32767, gid 32767 honeyd[67141]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 honeyd[67141]: Sending ICMP Echo Reply: 192.168.15.110 -> 192.168.15.24 q ^Choneyd[67141]: exiting on signal 2 |
|
#honeyd -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110
Honeyd V1.0 Copyright (c) 2002-2004 Niels Provos honeyd[67161]: started with -i rl0 -f /usr/local/etc/honeyd.conf 192.168.15.110 Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2M0" Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3" honeyd[67161]: listening promiscuously on rl0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip and (host 192.168.15.110))) and not ether src 00:13:8f:2f:ac:5e Honeyd starting as background process |
|
#sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root arpd 67132 4 udp4 *:* *:* user ssh 66746 3 tcp4 192.168.15.22:56158 192.168.15.24:22 root sshd 61248 3 tcp4 192.168.15.22:22 192.168.15.25:1108 root sshd 60739 3 tcp4 192.168.15.22:22 192.168.15.24:60272 root sshd 57409 3 tcp4 192.168.15.22:22 192.168.15.254:59903 www httpd 32112 16 tcp4 *:80 *:* www httpd 32111 16 tcp4 *:80 *:* www httpd 32110 16 tcp4 *:80 *:* www httpd 32107 16 tcp4 *:80 *:* ... root syslog-ng 557 8 udp4 192.168.15.22:52817 192.168.15.3:514 www httpd 548 16 tcp4 *:80 *:* www httpd 547 16 tcp4 *:80 *:* www httpd 546 16 tcp4 *:80 *:* www httpd 545 16 tcp4 *:80 *:* www httpd 544 16 tcp4 *:80 *:* mysql mysqld 543 3 tcp4 *:3306 *:* root httpd 471 16 tcp4 *:80 *:* root sendmail 435 3 tcp4 127.0.0.1:25 *:* root sshd 429 4 tcp4 *:22 *:* |
|
#top
last pid: 67209; load averages: 0.00, 0.03, 0.02 up 0+07:59:21 17:22:08
123 1 22
122 processe 0.0 running 0.08 sleepi 1.5 0.0 98.5
2 7
CPU states: % user, % nice, % system, % interrupt, % idle
Mem: 202M Active, 382M Inact, 163M Wired, 1144K Cache, 111M Buf, 248M Free
06 78556K 68044 select 11:34 0.00% Xorg
Swa42 2007M Total, 2007M Free29488K 24120K select 3:38 0.00 kdeinit
4 20 20K kserel
RUN
...
510 scanlogd 1 -58 0 1444K 1136K bpf 0:01 0.00% scanlogd
739 user 1 96 0 24132K 17928K select 0:01 0.00% kdeinit
752 user 1 96 0 24836K 20260K select 0:01 0.00% kdeinit
765 user 1 96 0 24028K 18832K select 0:00 0.00% kdeinit
762 user 1 96 0 23952K 18820K select 0:00 0.00% kdeinit
63574 root 1 96 0 2232K 1936K select 0:00 0.00% screen
60742 root 1 96 0 1260K 820K select 0:00 0.00% script
61251 root 1 96 0 1260K 820K select 0:00 0.00% script
788 user 1 96 0 1260K 816K select 0:00 0.00% script
66746 user 1 96 0 3284K 2784K select 0:00 0.00% ssh
|
|
$ping 192.168.15.110
PING 192.168.15.110 (192.168.15.110): 56 data bytes 64 bytes from 192.168.15.110: icmp_seq=2 ttl=128 time=0.954 ms 64 bytes from 192.168.15.110: icmp_seq=3 ttl=128 time=0.457 ms ^C --- 192.168.15.110 ping statistics --- 4 packets transmitted, 2 packets received, 50% packet loss round-trip min/avg/max/stddev = 0.457/0.706/0.954/0.248 ms |
|
$arng 192.168.15.110
arping: must run as root |
|
$sudo g 192.168.15.110
ARPING 192.168.15.110 60 bytes from 00:13:8f:2f:ac:5e (192.168.15.110): index=0 time=9.755 msec 60 bytes from 00:13:8f:2f:ac:5e (192.168.15.110): index=1 time=9.956 msec 60 bytes from 00:13:8f:2f:ac:5e (192.168.15.110): index=2 time=9.958 msec ^C --- 192.168.15.110 statistics --- 3 packets transmitted, 3 packets received, 0% unanswered |
### Windows computers create windows set windows personality "Microsoft Windows Server 2003 Standard Edition" add windows tcp port 80 "perl scripts/iis-0.95/iisemul8.pl" add windows tcp port 139 open add windows tcp port 137 open add windows udp port 137 open add windows udp port 135 open set windows default tcp action reset set windows default udp action reset bind 192.168.11.110 windows #bind 10.0.0.52 windows
Arpd can be used to direct all Arp queries for an interface into a single IP address or network. WWW: http://www.citi.umich.edu/u/provos/ - Dominic <dominic_marks@btinternet.com>
| Время первой команды журнала | 16:28:44 2006-12-23 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Время последней команды журнала | 17:21:32 2006-12-23 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Количество командных строк в журнале | 101 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Процент команд с ненулевым кодом завершения, % | 34.65 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Процент синтаксически неверно набранных команд, % | 1.98 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Суммарное время работы с терминалом *, час | 0.88 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Количество командных строк в единицу времени, команда/мин | 1.91 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Частота использования команд |
|
В журнал автоматически попадают все команды, данные в любом терминале системы.
Для того чтобы убедиться, что журнал на текущем терминале ведётся, и команды записываются, дайте команду w. В поле WHAT, соответствующем текущему терминалу, должна быть указана программа script.
Команды, при наборе которых были допущены синтаксические ошибки, выводятся перечёркнутым текстом:
$ l s-l bash: l: command not found |
Если код завершения команды равен нулю, команда была выполнена без ошибок. Команды, код завершения которых отличен от нуля, выделяются цветом.
$ test 5 -lt 4 |
Команды, ход выполнения которых был прерван пользователем, выделяются цветом.
$ find / -name abc find: /home/devi-orig/.gnome2: Keine Berechtigung find: /home/devi-orig/.gnome2_private: Keine Berechtigung find: /home/devi-orig/.nautilus/metafiles: Keine Berechtigung find: /home/devi-orig/.metacity: Keine Berechtigung find: /home/devi-orig/.inkscape: Keine Berechtigung ^C |
Команды, выполненные с привилегиями суперпользователя, выделяются слева красной чертой.
# id uid=0(root) gid=0(root) Gruppen=0(root) |
Изменения, внесённые в текстовый файл с помощью редактора, запоминаются и показываются в журнале в формате ed. Строки, начинающиеся символом "<", удалены, а строки, начинающиеся символом ">" -- добавлены.
$ vi ~/.bashrc
|
Для того чтобы изменить файл в соответствии с показанными в диффшоте изменениями, можно воспользоваться командой patch. Нужно скопировать изменения, запустить программу patch, указав в качестве её аргумента файл, к которому применяются изменения, и всавить скопированный текст:
$ patch ~/.bashrc |
Для того чтобы получить краткую справочную информацию о команде, нужно подвести к ней мышь. Во всплывающей подсказке появится краткое описание команды.
Если справочная информация о команде есть, команда выделяется голубым фоном, например: vi. Если справочная информация отсутствует, команда выделяется розовым фоном, например: notepad.exe. Справочная информация может отсутствовать в том случае, если (1) команда введена неверно; (2) если распознавание команды LiLaLo выполнено неверно; (3) если информация о команде неизвестна LiLaLo. Последнее возможно для редких команд.
Большие, в особенности многострочные, всплывающие подсказки лучше всего показываются браузерами KDE Konqueror, Apple Safari и Microsoft Internet Explorer. В браузерах Mozilla и Firefox они отображаются не полностью, а вместо перевода строки выводится специальный символ.
Время ввода команды, показанное в журнале, соответствует времени начала ввода командной строки, которое равно тому моменту, когда на терминале появилось приглашение интерпретатора
Имя терминала, на котором была введена команда, показано в специальном блоке. Этот блок показывается только в том случае, если терминал текущей команды отличается от терминала предыдущей.
Вывод не интересующих вас в настоящий момент элементов журнала, таких как время, имя терминала и других, можно отключить. Для этого нужно воспользоваться формой управления журналом вверху страницы.
Небольшие комментарии к командам можно вставлять прямо из командной строки. Комментарий вводится прямо в командную строку, после символов #^ или #v. Символы ^ и v показывают направление выбора команды, к которой относится комментарий: ^ - к предыдущей, v - к следующей. Например, если в командной строке было введено:
$ whoami
user
$ #^ Интересно, кто я?в журнале это будет выглядеть так:
$ whoami
user
| Интересно, кто я? |
Если комментарий содержит несколько строк, его можно вставить в журнал следующим образом:
$ whoami
user
$ cat > /dev/null #^ Интересно, кто я?
Программа whoami выводит имя пользователя, под которым мы зарегистрировались в системе. - Она не может ответить на вопрос о нашем назначении в этом мире.В журнале это будет выглядеть так:
$ whoami user
|
Комментарии, не относящиеся непосредственно ни к какой из команд, добавляются точно таким же способом, только вместо симолов #^ или #v нужно использовать символы #=
1
2
3
4
Группы команд, выполненных на разных терминалах, разделяются специальной линией.
Под этой линией в правом углу показано имя терминала, на котором выполнялись команды.
Для того чтобы посмотреть команды только одного сенса,
нужно щёкнуть по этому названию.
LiLaLo (L3) расшифровывается как Live Lab Log.
Программа разработана для повышения эффективности обучения Unix/Linux-системам.
(c) Игорь Чубин, 2004-2008