[ править ]

Журнал лабораторных работ

Содержание

Файлы
Статистика
Справка
О программе

Журнал

Пятница (09/05/08)

/dev/pts/3

19:25:28

#zcat /usr/share/doc/xen-utils-common/examples/xmexample1.gz | grep -v ^# | grep -vx ''

19:25:28

#vi /etc/xen/debian1

19:25:28

#iptables -l

iptables v1.4.1.1: Unknown arg `-l'
Try `iptables -h' or 'iptables --help' for more information.

19:29:03

#iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
REJECT     tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN reject-with tcp-reset
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

19:29:05

#nessus-useradd

l3script: nessus-useradd: command not found

19:29:16

#nessus-adduser

Using /var/tmp as a temporary file holder
Add a new nessusd user
----------------------
Login : user
Authentication (pass/cert) [pass] : password
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :
Passwords do not match !
Login password :
...
him to be able to scan his own host only.
Please see the nessus-adduser(8) man page for the rules syntax
Enter the rules for this user, and hit ctrl-D once you are done :
(the user can have an empty rules set)
Login             : user
Password          : ***********
DN                :
Rules             :
Is that ok ? (y/n) [y] y
user added.

19:32:06

#iptables -L -v

Chain INPUT (policy ACCEPT 3458 packets, 442K bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     all  --  lo     any     anywhere             anywhere
 1801  145K ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:ssh
    0     0 REJECT     tcp  --  any    any     anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN reject-with tcp-reset
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
Chain OUTPUT (policy ACCEPT 3000 packets, 326K bytes)
 pkts bytes target     prot opt in     out     source               destination

19:32:40

#nessus

(nessus:4347): Gtk-WARNING **: cannot open display:

19:32:56

#ps aux | grep ness

root      4377  0.0  0.1   1848   520 pts/4    R+   16:34   0:00 grep ness

19:34:40

#/etc/init.d/nessusd start

Starting Nessus daemon:
nessusd.

19:35:16

#ps aux | grep ness

root      4394  0.0  1.0   8632  5528 ?        Ss   16:35   0:00 nessusd: waiting for incoming connections
root      4417  0.0  0.1   1848   532 pts/4    S+   16:35   0:00 grep ness

19:35:24

#nessus

(nessus:4425): Gtk-WARNING **: cannot open display:

19:35:26

#pwd

/root

19:39:50

## http://osdir.com/ml/network.mrtg.user/2003-06/msg00016.html

прошло 45 минут

20:25:40

#ping google.com

PING google.com (192.168.15.254) 56(84) bytes of data.
64 bytes from sky.local (192.168.15.254): icmp_seq=1 ttl=64 time=0.257 ms
--- google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.257/0.257/0.257/0.000 ms

Суббота (09/06/08)

13:01:17

#dig linux.org.ru ns

; <<>> DiG 9.5.0-P2 <<>> linux.org.ru ns
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17623
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;linux.org.ru.                  IN      NS
;; ANSWER SECTION:
linux.org.ru.           84434   IN      NS      ns1.linuxhacker.ru.
linux.org.ru.           84434   IN      NS      ns.bat.ru.
;; ADDITIONAL SECTION:
ns1.linuxhacker.ru.     84429   IN      A       217.76.32.61
ns.bat.ru.              8829    IN      A       193.0.0.161
;; Query time: 1 msec
;; SERVER: 192.168.15.254#53(192.168.15.254)
;; WHEN: Sat Sep  6 10:01:49 2008
;; MSG SIZE  rcvd: 113

13:01:49

#dig @ns.bat.ru linux.org.ru ns

; <<>> DiG 9.5.0-P2 <<>> @ns.bat.ru linux.org.ru ns
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14475
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;linux.org.ru.                  IN      NS
;; ANSWER SECTION:
linux.org.ru.           86400   IN      NS      ns1.linuxhacker.ru.
linux.org.ru.           86400   IN      NS      ns.bat.ru.
;; ADDITIONAL SECTION:
ns.bat.ru.              10800   IN      A       193.0.0.161
;; Query time: 61 msec
;; SERVER: 193.0.0.161#53(193.0.0.161)
;; WHEN: Sat Sep  6 10:02:16 2008
;; MSG SIZE  rcvd: 97

13:02:16

#dig @ns.bat.ru linux.org.ru ns

; <<>> DiG 9.5.0-P2 <<>> @ns.bat.ru linux.org.ru ns
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20349
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;linux.org.ru.                  IN      NS
;; ANSWER SECTION:
linux.org.ru.           86400   IN      NS      ns1.linuxhacker.ru.
linux.org.ru.           86400   IN      NS      ns.bat.ru.
;; ADDITIONAL SECTION:
ns.bat.ru.              10800   IN      A       193.0.0.161
;; Query time: 58 msec
;; SERVER: 193.0.0.161#53(193.0.0.161)
;; WHEN: Sat Sep  6 10:02:57 2008
;; MSG SIZE  rcvd: 97

13:02:57

#dig linux.org.ru ns

; <<>> DiG 9.5.0-P2 <<>> linux.org.ru ns
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7528
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;linux.org.ru.                  IN      NS
;; ANSWER SECTION:
linux.org.ru.           84340   IN      NS      ns.bat.ru.
linux.org.ru.           84340   IN      NS      ns1.linuxhacker.ru.
;; ADDITIONAL SECTION:
ns.bat.ru.              8735    IN      A       193.0.0.161
ns1.linuxhacker.ru.     84335   IN      A       217.76.32.61
;; Query time: 5 msec
;; SERVER: 192.168.15.254#53(192.168.15.254)
;; WHEN: Sat Sep  6 10:03:22 2008
;; MSG SIZE  rcvd: 113

13:03:22

#dig @ns1.linuxhacker.ru linux.org.ru ns

; <<>> DiG 9.5.0-P2 <<>> @ns1.linuxhacker.ru linux.org.ru ns
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63992
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;linux.org.ru.                  IN      NS
;; ANSWER SECTION:
linux.org.ru.           86400   IN      NS      ns1.linuxhacker.ru.
linux.org.ru.           86400   IN      NS      ns.bat.ru.
;; ADDITIONAL SECTION:
ns1.linuxhacker.ru.     86400   IN      A       217.76.32.61
;; Query time: 83 msec
;; SERVER: 217.76.32.61#53(217.76.32.61)
;; WHEN: Sat Sep  6 10:03:44 2008
;; MSG SIZE  rcvd: 97

13:03:44

#dig @ns1.linuxhacker.ru linux.org.ru a

; <<>> DiG 9.5.0-P2 <<>> @ns1.linuxhacker.ru linux.org.ru a
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5668
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;linux.org.ru.                  IN      A
;; ANSWER SECTION:
linux.org.ru.           3600    IN      A       217.76.32.61
;; AUTHORITY SECTION:
linux.org.ru.           86400   IN      NS      ns1.linuxhacker.ru.
linux.org.ru.           86400   IN      NS      ns.bat.ru.
;; ADDITIONAL SECTION:
ns1.linuxhacker.ru.     86400   IN      A       217.76.32.61
;; Query time: 83 msec
;; SERVER: 217.76.32.61#53(217.76.32.61)
;; WHEN: Sat Sep  6 10:03:54 2008
;; MSG SIZE  rcvd: 113

13:03:54

#ifconfig

eth1      Link encap:Ethernet  HWaddr 00:07:e9:0a:45:87
          inet addr:192.168.15.111  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::207:e9ff:fe0a:4587/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:74022 errors:0 dropped:0 overruns:0 frame:0
          TX packets:71451 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:16362261 (15.6 MiB)  TX bytes:8007930 (7.6 MiB)
          Base address:0x1100 Memory:f0200000-f0220000
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1782 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1782 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2718700 (2.5 MiB)  TX bytes:2718700 (2.5 MiB)

13:05:08

#tcpdump -i eth1 -n port 53 and host 192.168.15.254

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
0 packets captured
0 packets received by filter
0 packets dropped by kernel

13:05:35

#tcpdump -i eth1 -n port 53 and host 192.168.15.254 &

[1] 13068

13:05:37

#tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes

13:05:37

#dig @192.168.15.254 unix.nt ns

; <<>> DiG 9.5.0-P2 <<>> @192.168.15.254 unix.nt ns
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7993
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;unix.nt.                       IN      NS
;; ANSWER SECTION:
unix.nt.                3600    IN      NS      sky.unix.nt.
;; ADDITIONAL SECTION:
sky.unix.nt.            3600    IN      A       10.0.35.1
;; Query time: 6 msec
;; SERVER: 192.168.15.254#53(192.168.15.254)
;; WHEN: Sat Sep  6 10:05:40 2008
;; MSG SIZE  rcvd: 59
10:05:40.333943 IP 192.168.15.111.32956 > 192.168.15.254.53: 7993+ NS? unix.nt. (25)
10:05:40.339756 IP 192.168.15.254.53 > 192.168.15.111.32956: 7993* 1/0/1 NS sky.unix.nt. (59)

13:05:40

#10:05:47.114308 IP 192.168.15.111.32956 > 192.168.15.254.53: 54266+ A? xgu.ru. (24)

10:05:47.114648 IP 192.168.15.254.53 > 192.168.15.111.32956: 54266 1/3/3 A 194.150.93.78 (154)

13:05:49

#10:05:57.198866 IP 192.168.15.111.32956 > 192.168.15.254.53: 9548+ A? xgu.ru. (24)

10:05:57.199288 IP 192.168.15.254.53 > 192.168.15.111.32956: 9548 1/3/3 A 194.150.93.78 (154)
10:06:01.965060 IP 192.168.15.111.32956 > 192.168.15.254.53: 51733+ AAAA? linux1.unix.nt. (32)
10:06:01.965401 IP 192.168.15.254.53 > 192.168.15.111.32956: 51733* 0/1/0 (84)
10:06:01.965576 IP 192.168.15.111.32956 > 192.168.15.254.53: 23393+ A? linux1.unix.nt. (32)
10:06:01.966274 IP 192.168.15.254.53 > 192.168.15.111.32956: 23393* 1/1/1 A 192.168.15.202 (82)
10:06:01.977886 IP 192.168.15.111.32956 > 192.168.15.254.53: 54471+ AAAA? linux1.unix.nt. (32)
10:06:01.979143 IP 192.168.15.254.53 > 192.168.15.111.32956: 54471* 0/1/0 (84)
10:06:01.979425 IP 192.168.15.111.32956 > 192.168.15.254.53: 31210+ A? linux1.unix.nt. (32)
10:06:01.987138 IP 192.168.15.254.53 > 192.168.15.111.32956: 31210* 1/1/1 A 192.168.15.202 (82)

13:06:08

#10:06:17.324465 IP 192.168.15.111.32956 > 192.168.15.254.53: 4849+ A? xgu.ru. (24)

10:06:17.324845 IP 192.168.15.254.53 > 192.168.15.111.32956: 4849 1/3/3 A 194.150.93.78 (154)

13:06:19

#10:06:27.408562 IP 192.168.15.111.32956 > 192.168.15.254.53: 4643+ A? xgu.ru. (24)

10:06:27.409111 IP 192.168.15.254.53 > 192.168.15.111.32956: 4643 1/3/3 A 194.150.93.78 (154)

13:06:28

#kill %1

18 packets captured
18 packets received by filter
0 packets dropped by kernel
[1]+  Done                    tcpdump -i eth1 -n port 53 and host 192.168.15.254

13:06:32

#kill %1

l3script: kill: %1: no such job

13:06:34

#ssh user@192.168.15.254

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10005
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;ya.ru.                         IN      NS
;; ANSWER SECTION:
ya.ru.                  5996    IN      NS      ns5.yandex.ru.
ya.ru.                  5996    IN      NS      ns1.yandex.ru.
;; ADDITIONAL SECTION:
ns1.yandex.ru.          221319  IN      A       213.180.193.1
...
webserver.ukrstat.gov.ua. 84278 IN      A       195.230.128.98
;; Query time: 52 msec
;; SERVER: 193.151.252.1#53(193.151.252.1)
;; WHEN: Sat Sep  6 10:51:05 2008
;; MSG SIZE  rcvd: 136
sky:/home/user# exit
exit
user@sky:~$ exit
logout
Connection to 192.168.15.254 closed.

прошла 51 минута

13:58:16

#apt-get install xbill

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
  xbill
0 upgraded, 1 newly installed, 0 to remove and 16 not upgraded.
1 not fully installed or removed.
Need to get 54.4kB of archives.
After this operation, 471kB of additional disk space will be used.
Get:1 http://192.168.15.254 sid/main xbill 2.1-7 [54.4kB]
...
Setting up linux-image-2.6.18-6-xen-686 (2.6.18.dfsg.1-22) ...
update-initramfs: Generating /boot/initrd.img-2.6.18-6-xen-686
Searching for GRUB installation directory ... found: /boot/grub
dpkg: error processing linux-image-2.6.18-6-xen-686 (--configure):
 subprocess post-installation script returned error exit status 1
Setting up xbill (2.1-7) ...
Processing triggers for menu ...
Errors were encountered while processing:
 linux-image-2.6.18-6-xen-686
E: Sub-process /usr/bin/dpkg returned an error code (1)

13:58:48

#apt-cache search djb

dbndns - Debian fork of djbdns, a collection of Domain Name System tools
djbdns - a collection of Domain Name System tools
djbdoc2man - Convert DJB html documentation to man pages
dnscache-run - djbdns dnscache service
dnsproxy - proxy for DNS queries
ldap2dns - LDAP based DNS management system.
libdjbdns1 - DNS client library designed to replace the BIND res_*/dn_* library
libdjbdns1-dev - DNS client library designed to replace the BIND res_*/dn_* library
libowfat-dev - A reimplementation of libdjb
skksearch - SKK dictionary server handling multiple dictionaries
skktools - SKK dictionary maintenance tools
tinydyndns - pop-before-dyndns service using djbdns
djbdns-installer - Source only package for building djbdns

14:02:57

#apt-get install djbdns-installer

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  build-essential daemontools-installer debhelper dpkg-dev g++ g++-4.3 html2text intltool-debian
  libdigest-hmac-perl libdigest-sha1-perl libfile-remove-perl libmail-box-perl libmail-sendmail-perl
  libmime-types-perl libobject-realize-later-perl libstdc++6-4.3-dev libsys-hostname-long-perl
  libuser-identity-perl patch po-debconf
Suggested packages:
  dh-make ucspi-tcp-src debian-keyring g++-multilib g++-4.3-multilib gcc-4.3-doc libstdc++6-4.3-dbg
...
If installation fails at this time, you can attempt
to download djbdns at a later time by running
         get-djbdns
Trying to download djbdns...
download succeeded!
To build djbdns binary package, you have to run
         build-djbdns
Errors were encountered while processing:
 linux-image-2.6.18-6-xen-686
E: Sub-process /usr/bin/dpkg returned an error code (1)

14:06:34

#apt-cache search nsed

cl-sql-tests - Testing suite for CLSQL
cvsnt - A better CVS
dav-text - A minimalist ncurses-based text editor
freedoom - free game files for the 3D game DOOM
gnomoradio - free peer to peer music application
gtkglarea5 - Gimp Toolkit OpenGL area widget shared library
gtkglarea5-dev - Gimp Toolkit OpenGL area widget include files and static library
libcoin20 - high-level 3D graphics kit - runtime
libcoin40-dev - high-level 3D graphics devkit with Open Inventor and VRML97 support
libcoin40c2 - high-level 3D graphics kit with Open Inventor and VRML97 support - runtime
...
cpp-4.1-doc - documentation for the GNU C preprocessor (cpp)
gcc-4.1-doc - documentation for the GNU compilers (gcc, gobjc, g++)
gfortran-4.1-doc - documentation for the GNU Fortran Compiler (gfortran)
rubybook - the "Programming Ruby" book
t1-xfree86-nonfree - non-free Postscript Type 1 fonts from XFree86
tar-doc - documentation for the tar package
tetex-doc-nonfree - teTeX documentation that is non-free
treelang-4.1-doc - documentation for the GNU Treelang
ttf-xfree86-nonfree - non-free TrueType fonts from XFree86
ttf-xfree86-nonfree-syriac - non-free syriac OpenType fonts from XFree86

прошло 54 минуты

15:01:17

#apt-cache search nsed | less

15:02:17

#apt-cache search traffic editor

bittwist - libpcap-based Ethernet packet generator

15:02:23

## http://bittwist.sourceforge.net/doc.html

15:05:43

#apt-cache search nemesis

nemesis - TCP/IP Packet Injection Suite

15:07:03

#apt-get install nemesis

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  libnet0
The following NEW packages will be installed:
  libnet0 nemesis
0 upgraded, 2 newly installed, 0 to remove and 16 not upgraded.
1 not fully installed or removed.
Need to get 83.3kB of archives.
...
Setting up linux-image-2.6.18-6-xen-686 (2.6.18.dfsg.1-22) ...
update-initramfs: Generating /boot/initrd.img-2.6.18-6-xen-686
Searching for GRUB installation directory ... found: /boot/grub
dpkg: error processing linux-image-2.6.18-6-xen-686 (--configure):
 subprocess post-installation script returned error exit status 1
Setting up libnet0 (1.0.2a-7) ...
Setting up nemesis (1:1.4-1) ...
Errors were encountered while processing:
 linux-image-2.6.18-6-xen-686
E: Sub-process /usr/bin/dpkg returned an error code (1)

15:07:45

#man nemesis

15:08:12

#man nemesis-dns

15:10:13

#man dnsspoof

15:10:30

#cat /usr/share/dsniff/dnsspoof.hosts

# $Id: dnsspoof.hosts,v 1.2 2000/08/28 13:28:21 dugsong Exp $
#
# Sample hosts file for dnsspoof - kill web banner ads for Niels. :-)
#
127.0.0.1       ad.*
127.0.0.1       ads*.*
127.0.0.1       adbot*.*
127.0.0.1       adcount*.*
127.0.0.1       adfinity*.*
127.0.0.1       adforce*.*
...
127.0.0.1       *.link*.com
127.0.0.1       *.memory.net
127.0.0.1       *.preferences.com
127.0.0.1       *.smartclicks.com
127.0.0.1       *.sponsorpool.net
127.0.0.1       *.stats.net
127.0.0.1       *.stattrax.com
127.0.0.1       *.*tracker.com
127.0.0.1       *.valueclick.com
127.0.0.1       *.wisewire.com

15:10:31

#vi spoof.vkontakte

--- /dev/null	2008-09-05 15:58:05.384034615 +0000
+++ spoof.vkontakte	2008-09-06 12:12:05.000000000 +0000
@@ -0,0 +1 @@
+192.168.15.254 ya.ru

15:12:05

#dnsspoof -f spoof.vkontakte

dnsspoof: listening on eth1 [udp dst port 53 and not src 192.168.15.111]

15:12:44

#cat spoof.vkontakte

192.168.15.254 ya.ru

15:12:47

#ping ya.ru

PING ya.ru (192.168.15.254) 56(84) bytes of data.
64 bytes from ya.ru (192.168.15.254): icmp_seq=1 ttl=64 time=0.277 ms
--- ya.ru ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.277/0.277/0.277/0.000 ms

15:13:12

#ping google.com

PING google.com (64.233.187.99) 56(84) bytes of data.
64 bytes from jc-in-f99.google.com (64.233.187.99): icmp_seq=1 ttl=240 time=155 ms
--- google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 155.038/155.038/155.038/0.000 ms

15:13:15

#man dnsspoof

15:15:09

#which dnsspoof

/usr/sbin/dnsspoof

15:15:11

#ls -l /usr/sbin/dnsspoof

-rwxr-xr-x 1 root root 9904 Aug 11  2007 /usr/sbin/dnsspoof

15:15:18

## socat TCP4-LISTEN:80,reuseaddr,fork TCP4:ya.ru:80

15:18:44

l3script: s: command not found

15:24:54

#ssh user@192.168.15.254

Ð Ð»ÑÐ±Ð¾Ð¼ Ð¸Ð· ÑÑÐ¸Ñ ÑÐ»ÑÑÐ°Ðµ ''ÑÐ·Ð»Ð¾Ð¼ A'' Ð±ÑÐ´ÐµÑ Ð¸ÑÐ¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÑÑÑ-
Ð¿ÑÐ¾ÑÐ¾ÐºÐ¾Ð» ARP, ÑÐ¾Ð»ÑÐºÐ¾ Ð² Ð¿ÐµÑÐ²Ð¾Ð¼ ÑÐ»ÑÑÐ°Ðµ Ð´Ð»Ñ Ð¾Ð¿ÑÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ
MAC-Ð°Ð´ÑÐµÑÐ° ''ÑÐ·Ð»Ð° B'', Ð° Ð²Ð¾ Ð²ÑÐ¾ÑÐ¾Ð¼ â Ð´Ð»Ñ Ð¾Ð¿ÑÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ
MAC-Ð°Ð´ÑÐµÑÐ° ''Ð¼Ð°ÑÑÑÑÑÐ¸Ð·Ð°ÑÐ¾ÑÐ° R''.
Ð Ð¿Ð¾ÑÐ»ÐµÐ´Ð½ÐµÐ¼ ÑÐ»ÑÑÐ°Ðµ Ð¿Ð°ÐºÐµÑ Ð±ÑÐ´ÐµÑ Ð¿ÐµÑÐµÐ´Ð°Ð½ Ð¼Ð°ÑÑÑÑÑÐ¸Ð·Ð°ÑÐ¾ÑÑ
Ð´Ð»Ñ Ð´Ð°Ð»ÑÐ½ÐµÐ¹ÑÐµÐ¹ ÑÐµÑÑÐ°Ð½ÑÐ»ÑÑÐ¸Ð¸.</para><para>ÐÐ°Ð»ÐµÐµ Ð´Ð»Ñ Ð¿ÑÐ¾ÑÑÐ¾ÑÑ ÑÐ°ÑÑÐ¼Ð°ÑÑÐ¸Ð²Ð°ÐµÑÑÑ Ð¿ÐµÑÐ²ÑÐ¹ ÑÐ»ÑÑÐ°Ð¹,-
ÐºÐ¾Ð³Ð´Ð° Ð¸Ð½ÑÐ¾ÑÐ¼Ð°ÑÐ¸ÐµÐ¹ Ð¾Ð±Ð¼ÐµÐ½Ð¸Ð²Ð°ÑÑÑÑ ÑÐ·Ð»Ñ, Ð½Ð°ÑÐ¾Ð´ÑÑÐ¸ÐµÑÑ Ð½ÐµÐ¿Ð¾ÑÑÐµÐ´ÑÑÐ²ÐµÐ½Ð½Ð¾Ð¼ Ð² Ð¾Ð´Ð½Ð¾Ð¹ ÑÐµÑÐ¸.
(Ð¡Ð»ÑÑÐ°Ð¹ ÐºÐ¾Ð³Ð´Ð° Ð¿Ð°ÐºÐµÑ Ð°Ð´ÑÐµÑÐ¾Ð²Ð°Ð½ ÑÐ·Ð»Ñ Ð½Ð°ÑÐ¾Ð´ÑÑÐµÐ¼ÑÑÑ Ð·Ð° Ð¼Ð°ÑÑÑÑÑÐ¸Ð·Ð°ÑÐ¾ÑÐ¾Ð¼
Ð¾ÑÐ»Ð¸ÑÐ°ÐµÑÑÑ ÑÐ¾Ð»ÑÐºÐ¾ ÑÐµÐ¼, ÑÑÐ¾ Ð² Ð¿Ð°ÐºÐµÑÐ°Ñ
Ð¿ÐµÑÐµÐ´Ð°Ð²Ð°ÐµÐ¼ÑÑ Ð¿Ð¾ÑÐ»Ðµ ÑÐ¾Ð³Ð¾ ÐºÐ°Ðº ARP-Ð¿ÑÐµÐ¾Ð±ÑÐ°Ð·Ð¾Ð²Ð°Ð½Ð¸Ðµ Ð·Ð°Ð²ÐµÑÑÐµÐ½Ð¾,
...
ÐºÐ¾Ð³Ð´Ð° Ð² ÑÑÐ¾Ð¼ (Ñ ÑÐ¾ÑÐºÐ¸ Ð·ÑÐµÐ½Ð¸Ñ Ð¿Ð¾Ð»ÑÑÐ°ÑÐµÐ»Ñ) Ð½ÐµÑ Ð¾ÑÐ¾Ð±Ð¾Ð¹ Ð½ÐµÐ¾Ð±ÑÐ¾Ð´Ð¸Ð¼Ð¾ÑÑÐ¸.
''Ð¡Ð°Ð¼Ð¾Ð¿ÑÐ¾Ð¸Ð·Ð²Ð¾Ð»ÑÐ½ÑÐ¹ ARP-Ð¾ÑÐ²ÐµÑ ÑÑÐ¾ Ð¿Ð°ÐºÐµÑ-Ð¾ÑÐ²ÐµÑ ARP, Ð¿ÑÐ¸ÑÐ»Ð°Ð½Ð½ÑÐ¹ Ð±ÐµÐ· Ð·Ð°Ð¿ÑÐ¾ÑÐ°.''
ÐÐ½ Ð¿ÑÐ¸Ð¼ÐµÐ½ÑÐµÑÑÑ Ð´Ð»Ñ Ð¾Ð¿ÑÐµÐ´ÐµÐ»ÐµÐ½Ð¸Ñ ÐºÐ¾Ð½ÑÐ»Ð¸ÐºÑÐ¾Ð² IP-Ð°Ð´ÑÐµÑÐ¾Ð² Ð² ÑÐµÑÐ¸:-
Ð¸Ðµ ÐºÐ¾Ð¼Ð¼ÑÑÐ°ÑÐ¾ÑÐ¾Ð²;</para></li><li><para> ÐÐ·Ð²ÐµÑÐµÐ½Ð¸Ðµ Ð¾ Ð²ÐºÐ»ÑÑÐµÐ½Ð¸Ð¸ ÑÐµÑÐµÐ²Ð¾Ð³Ð¾ Ð¸Ð½ÑÐµÑÑÐµÐ¹ÑÐ°.</para></li></ul></para><paa
ra>ÐÐµÑÐ¼Ð¾ÑÑÑ Ð½Ð° ÑÑÑÐµÐºÑÐ¸Ð²Ð½Ð¾ÑÑÑ ÑÐ°Ð¼Ð¾Ð¿ÑÐ¾Ð¸Ð·Ð²Ð¾Ð»ÑÐ½Ð¾Ð³Ð¾ ARP,Ð¿ÑÐ¸ÑÐ²Ð°Ð¸Ð²Ð°ÐµÑÑÑ Ð²ÑÑÑÐ½ÑÑ, ÑÐ°ÑÑÑÐ»Ð°ÐµÑÑÑ-
Ð¾Ð½ ÑÐ²Ð»ÑÐµÑÑÑ Ð¾ÑÐ¾Ð±ÐµÐ½Ð½Ð¾ Ð½ÐµÐ±ÐµÐ·Ð¾Ð¿Ð°ÑÐ½ÑÐ¼,-¾Ð»ÑÐ½ÑÐ¹ ARP Ð¼Ð¾Ð¶ÐµÑ Ð±ÑÑÑ Ð¿Ð¾Ð»ÐµÐ·ÐµÐ½-
Ð¿Ð¾ÑÐºÐ¾Ð»ÑÐºÑ Ñ ÐµÐ³Ð¾ Ð¿Ð¾Ð¼Ð¾ÑÑÑ Ð¼Ð¾Ð¶Ð½Ð¾ ÑÐ²ÐµÑÐ¸ÑÑ
ÑÐ´Ð°Ð»ÑÐ½Ð½ÑÐ¹ ÑÐ·ÐµÐ» Ð² ÑÐ¾Ð¼, ÑÑÐ¾ MAC-Ð°Ð´ÑÐµÑ°ÑÑÐ½Ð¾ÑÑÐ¸, Ð² ÐºÐ»Ð°ÑÑÐµÑÐ½ÑÑ ÑÐ¸ÑÑÐµÐ¼Ð°Ñ;</para></li><li><para> ÐÐ½ÑÐ¾ÑÐ¼Ð¸ÑÐ¾Ð²Ð°Ð½
ÐºÐ°ÐºÐ¾Ð¹-Ð»Ð¸Ð±Ð¾ ÑÐ¸ÑÑÐµÐ¼Ñ, Ð½Ð°ÑÐ¾Ð´ÑÑÐµÐ¹ÑÑ Ñ Ð½ÐµÐ¹ Ð² Ð¾Ð´Ð½Ð¾Ð¹ ÑÐµÑÐ¸,-
Ð¸Ð·Ð¼ÐµÐ½Ð¸Ð»ÑÑ Ð¸ ÑÐºÐ°Ð·Ð°ÑÑ, ÐºÐ°ÐºÐ¾Ð¹ Ð°Ð´ÑÐµÑ Ð¸ÑÐ¿Ð¾Ð»ÑÐ·ÑÐµÑÑÑ ÑÐµÐ¿ÐµÑÑ.</para><para>ÐÐ¾Ð´ÑÐ¾Ð±Ð½ÐµÐµ:-Ð¾Ð¸Ð·Ð²Ð¾Ð»ÑÐ½ÑÐ¹ ARP'' â ÑÐ°Ðº

15:27:49

#snmpget -v2c -c public 192.168.15.99 sysName.0

SNMPv2-MIB::sysName.0 = STRING: sw_1_2510

15:37:22

#apt-cache search acid

acidbase - Basic Analysis and Security Engine
acidlab - Analysis Console for Intrusion Databases
acidlab-doc - Analysis Console for Intrusion Databases (documentation)
acidlab-mysql - Analysis Console for Intrusion Databases for MySQL
acidlab-pgsql - Analysis Console for Intrusion Databases for Postgres
glam2 - gapped protein motifs from unaligned sequences
kalzium - chemistry teaching tool for KDE
libghc6-happs-state-dev - Global in memory Haskell state with ACID guarantees
mafft - Multiple alignment program for amino acid or nucleotide sequences
melting - computing the melting temperature of nucleic acid duplex
...
postgresql-client-common - manager for multiple PostgreSQL client versions
postgresql-common - PostgreSQL database-cluster manager
proda - multiple alignment of protein sequences
rasmol - Visualize biological macromolecules
trackballs - An OpenGL-based game of marbles through a labyrinth
ttf-aenigma - 465 free TrueType fonts by Brian Kent
postgresql-7.4 - object-relational SQL database, version 7.4 server
postgresql-8.1 - object-relational SQL database, version 8.1 server
clustalw - [Biology] Global multiple nucleotide or peptide sequence alignment
molphy - [Biology] Program Package for MOLecular PHYlogenetics

прошло 13 минут

15:51:13

#apt-get install acidbase

    x Please provide a password for acidbase to register with the database server.  If left blank, a   x
    x random password will be generated for you.                                                       x
    x                                                                                                  x
    x MySQL application password for acidbase:                                                         x
    x                                                                                                  x
    x ________________________________________________________________________________________________ x
    x                                                                                                  x
    x                           <Ok>                               <Cancel>                            x
    x                                                                                                  x
    mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj
dbconfig-common: writing config to /etc/dbconfig-common/acidbase.conf
Creating config file /etc/dbconfig-common/acidbase.conf with new version
Creating config file /etc/acidbase/database.php with new version
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES).
unable to connect to mysql server.
error encountered creating user:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)

прошло 94 минуты

17:25:20

#sudo apt-get -f install

Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 16 not upgraded.
1 not fully installed or removed.
After this operation, 0B of additional disk space will be used.
Setting up linux-image-2.6.18-6-xen-686 (2.6.18.dfsg.1-22) ...
update-initramfs: Generating /boot/initrd.img-2.6.18-6-xen-686
Searching for GRUB installation directory ... found: /boot/grub
dpkg: error processing linux-image-2.6.18-6-xen-686 (--configure):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 linux-image-2.6.18-6-xen-686
E: Sub-process /usr/bin/dpkg returned an error code (1)

17:25:46

#vi /boot/grub/menu.lst

--- /tmp/l3-saved-3439.4126.6196	2008-09-06 14:26:00.000000000 +0000
+++ /boot/grub/menu.lst	2008-09-06 14:27:05.000000000 +0000
@@ -10,6 +10,8 @@
 module /boot/vmlinuz-2.6.18-6-xen-686 root=/dev/sda1
 module /boot/initrd.img-2.6.18-6-xen-686
 
+### BEGIN AUTOMAGIC KERNELS LIST
+### END DEBIAN AUTOMAGIC KERNELS LIST

17:27:05

#apt-get -f install

Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 16 not upgraded.
1 not fully installed or removed.
After this operation, 0B of additional disk space will be used.
Setting up linux-image-2.6.18-6-xen-686 (2.6.18.dfsg.1-22) ...
update-initramfs: Generating /boot/initrd.img-2.6.18-6-xen-686
Searching for GRUB installation directory ... found: /boot/grub
dpkg: error processing linux-image-2.6.18-6-xen-686 (--configure):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 linux-image-2.6.18-6-xen-686
E: Sub-process /usr/bin/dpkg returned an error code (1)

17:27:51

#dpkg-reconfigure linux-image-2.6.18-6-xen-686

/usr/sbin/dpkg-reconfigure: linux-image-2.6.18-6-xen-686 is broken or not fully installed

17:28:02

#apt-get -f install

Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 16 not upgraded.
1 not fully installed or removed.
After this operation, 0B of additional disk space will be used.
Setting up linux-image-2.6.18-6-xen-686 (2.6.18.dfsg.1-22) ...
update-initramfs: Generating /boot/initrd.img-2.6.18-6-xen-686
Searching for GRUB installation directory ... found: /boot/grub
dpkg: error processing linux-image-2.6.18-6-xen-686 (--configure):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 linux-image-2.6.18-6-xen-686
E: Sub-process /usr/bin/dpkg returned an error code (1)

17:28:29

#apt-get -f install -v

apt 0.7.14 for i386 compiled on Jun  8 2008 12:27:50
Supported modules:
*Ver: Standard .deb
*Pkg:  Debian dpkg interface (Priority 30)
 S.L: 'deb' Standard Debian binary tree
 S.L: 'deb-src' Standard Debian source tree
 Idx: Debian Source Index
 Idx: Debian Package Index
 Idx: Debian Translation Index
 Idx: Debian dpkg status file

17:28:33

#ls /boot/

System.map-2.6.18-6-xen-686  config-2.6.26-1-686          initrd.img-2.6.26-1-686      vmlinuz-2.6.26-1-686
System.map-2.6.26-1-686      grub                         initrd.img-2.6.26-1-686.bak  xen-3.2-1-i386.gz
config-2.6.18-6-xen-686      initrd.img-2.6.18-6-xen-686  vmlinuz-2.6.18-6-xen-686

17:28:45

#vi /boot/grub/

17:28:52

timeout 10
title Linux
title Xen+Linux
kernel /boot/xen-3.2-1-i386.gz dom0_mem=512000
module /boot/vmlinuz-2.6.18-6-xen-686 root=/dev/sda1
module /boot/initrd.img-2.6.18-6-xen-686
module /boot/initrd.img-2.6.18-6-xen-686
title Xen+Linux
kernel /boot/xen-3.2-1-i386.gz dom0_mem=512000
module /boot/vmlinuz-2.6.18-6-xen-686 root=/dev/sda1
...
~
~
~
~
~
~
~
~
~
"/boot/grub/menu.lst" 24L, 513C written

17:29:04

#apt-get -f install

Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 16 not upgraded.
1 not fully installed or removed.
After this operation, 0B of additional disk space will be used.
Setting up linux-image-2.6.18-6-xen-686 (2.6.18.dfsg.1-22) ...
update-initramfs: Generating /boot/initrd.img-2.6.18-6-xen-686
Searching for GRUB installation directory ... found: /boot/grub
dpkg: error processing linux-image-2.6.18-6-xen-686 (--configure):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 linux-image-2.6.18-6-xen-686
E: Sub-process /usr/bin/dpkg returned an error code (1)

17:29:22

#dpkg --configure -a

Setting up linux-image-2.6.18-6-xen-686 (2.6.18.dfsg.1-22) ...
update-initramfs: Generating /boot/initrd.img-2.6.18-6-xen-686
Searching for GRUB installation directory ... found: /boot/grub
dpkg: error processing linux-image-2.6.18-6-xen-686 (--configure):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 linux-image-2.6.18-6-xen-686

17:32:15

#man dpkg

17:35:14

#mv /boot/grub/menu.lst{,.SAVE}

17:35:21

#dpkg --configure -a

Setting up linux-image-2.6.18-6-xen-686 (2.6.18.dfsg.1-22) ...
update-initramfs: Generating /boot/initrd.img-2.6.18-6-xen-686
Searching for GRUB installation directory ... found: /boot/grub
dpkg: error processing linux-image-2.6.18-6-xen-686 (--configure):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 linux-image-2.6.18-6-xen-686

17:35:33

#apt-get remove grub

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
  grub-common
Use 'apt-get autoremove' to remove them.
The following packages will be REMOVED:
  grub
0 upgraded, 0 newly installed, 1 to remove and 16 not upgraded.
1 not fully installed or removed.
After this operation, 778kB disk space will be freed.
Do you want to continue [Y/n]?
(Reading database ... 162439 files and directories currently installed.)
Removing grub ...
Processing triggers for man-db ...
dpkg: fork failed: Cannot allocate memory
E: Sub-process /usr/bin/dpkg returned an error code (2)

17:36:07

#free

             total       used       free     shared    buffers     cached
Mem:        512148     497276      14872          0       1432      35388
-/+ buffers/cache:     460456      51692
Swap:            0          0          0

17:36:13

#apt-get remove grub

E: dpkg was interrupted, you must manually run 'dpkg --configure -a' to correct the problem.

17:36:22

#dpkg --configure -a

Setting up man-db (2.5.2-2) ...
Updating database of manual pages ...
Setting up linux-image-2.6.18-6-xen-686 (2.6.18.dfsg.1-22) ...
update-initramfs: Generating /boot/initrd.img-2.6.18-6-xen-686

17:36:38

#apt-get install grub

Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
  grub-legacy-doc multiboot-doc mdadm
The following NEW packages will be installed:
  grub
0 upgraded, 1 newly installed, 0 to remove and 16 not upgraded.
Need to get 0B/387kB of archives.
After this operation, 778kB of additional disk space will be used.
Selecting previously deselected package grub.
(Reading database ... 162390 files and directories currently installed.)
Unpacking grub (from .../archives/grub_0.97-47_i386.deb) ...
dpkg: error processing /var/cache/apt/archives/grub_0.97-47_i386.deb (--unpack):
 fork failed: Cannot allocate memory
dpkg: error while cleaning up:
 fork failed: Cannot allocate memory
Errors were encountered while processing:
 /var/cache/apt/archives/grub_0.97-47_i386.deb
Processing was halted because there were too many errors.
E: Sub-process /usr/bin/dpkg returned an error code (1)

17:37:07

#dpkg --configure -a

17:37:12

#ls /boot/grub/

default     e2fs_stage1_5  jfs_stage1_5   minix_stage1_5     stage1  xfs_stage1_5
device.map  fat_stage1_5   menu.lst.SAVE  reiserfs_stage1_5  stage2

17:37:17

#mv /boot/grub/menu.lst{.SAVE,}

17:37:29

#apt-get -f install

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
  grub-common
Use 'apt-get autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 16 not upgraded.

17:37:38

#apt-get install grub

Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
  grub-legacy-doc multiboot-doc mdadm
The following NEW packages will be installed:
  grub
0 upgraded, 1 newly installed, 0 to remove and 16 not upgraded.
Need to get 0B/387kB of archives.
After this operation, 778kB of additional disk space will be used.
(Reading database ... 162390 files and directories currently installed.)
Unpacking grub (from .../archives/grub_0.97-47_i386.deb) ...
dpkg: error processing /var/cache/apt/archives/grub_0.97-47_i386.deb (--unpack):
 fork failed: Cannot allocate memory
dpkg: error while cleaning up:
 fork failed: Cannot allocate memory
Errors were encountered while processing:
 /var/cache/apt/archives/grub_0.97-47_i386.deb
Processing was halted because there were too many errors.
E: Sub-process /usr/bin/dpkg returned an error code (1)

17:38:21

#free

             total       used       free     shared    buffers     cached
Mem:        512148     506296       5852          0        736      38784
-/+ buffers/cache:     466776      45372
Swap:            0          0          0

17:38:40

#ps aux | less

17:38:55

#/etc/init.d/snort stop

Stopping Network Intrusion Detection System : snort (eth1 ...done).

17:39:02

#free

             total       used       free     shared    buffers     cached
Mem:        512148     364292     147856          0       1212      41180
-/+ buffers/cache:     321900     190248
Swap:            0          0          0

17:39:07

#apt-get install grub

Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
  grub-legacy-doc multiboot-doc mdadm
The following NEW packages will be installed:
  grub
0 upgraded, 1 newly installed, 0 to remove and 16 not upgraded.
Need to get 0B/387kB of archives.
After this operation, 778kB of additional disk space will be used.
(Reading database ... 162390 files and directories currently installed.)
Unpacking grub (from .../archives/grub_0.97-47_i386.deb) ...
Processing triggers for man-db ...
Setting up grub (0.97-47) ...

17:39:30

#vi /boot/grub/menu.lst

--- /tmp/l3-saved-3439.27143.26475	2008-09-06 14:39:36.000000000 +0000
+++ /boot/grub/menu.lst	2008-09-06 14:39:52.000000000 +0000
@@ -6,17 +6,12 @@
 initrd /boot/initrd.img-2.6.26-1-686
 
 title Xen+Linux
-kernel /boot/xen-3.2-1-i386.gz dom0_mem=512000
+kernel /boot/xen-3.2-1-i386.gz dom0_mem=1024000
 module /boot/vmlinuz-2.6.18-6-xen-686 root=/dev/sda1
 module /boot/initrd.img-2.6.18-6-xen-686
 
 ### BEGIN AUTOMAGIC KERNELS LIST
 
-title Xen+Linux
-kernel /boot/xen-3.2-1-i386.gz dom0_mem=512000
-module /boot/vmlinuz-2.6.18-6-xen-686 root=/dev/sda1
-module /boot/initrd.img-2.6.18-6-xen-686
-
 ### END DEBIAN AUTOMAGIC KERNELS LIST

17:39:52

#vi /tmp/alias

прошло 33 минуты

18:13:49

/etc/acidbase/base_conf.php
/usr
/usr/share
/usr/share/acidbase
/usr/share/acidbase/base_logout.php
/usr/share/acidbase/base_db_common.php
/usr/share/acidbase/base_hdr1.php
/usr/share/acidbase/base_qry_main.php
/usr/share/acidbase/base_ag_common.php
/usr/share/acidbase/base_denied.php
...
/usr/share/doc/acidbase/sql/create_base_tbls_mysql.sql.gz
/usr/share/doc/acidbase/sql/create_base_tbls_pgsql_extra.sql
/usr/share/doc/acidbase/sql/acid2base_tbls_mssql.sql
/usr/share/doc/acidbase/sql/create_base_tbls_oracle.sql.gz
/usr/share/doc/acidbase/sql/acid2base_tbls_mysql.sql
/usr/share/doc/acidbase/sql/create_base_tbls_pgsql.sql.gz
/usr/share/doc/acidbase/sql/create_base_tbls_mssql.sql.gz
/usr/share/doc/acidbase/sql/upgrade_0.9.x_to_1.0-mysql.sql
/usr/share/doc/acidbase/sql/acid2base_tbls_pgsql.sql
/usr/share/acidbase/base_conf.php

18:13:57

#dpkg -L acidbase | less

18:14:20

#zless /usr/share/doc/acidbase/README.gz

18:14:48

#apt-cache search snort mysql

snort - flexible Network Intrusion Detection System
snort-mysql - flexible Network Intrusion Detection System [MySQL]

18:14:56

#apt-get install snort-mysql

E: Could not get lock /var/lib/dpkg/lock - open (11 Resource temporarily unavailable)
E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?

18:15:07

#/usr/local/share/adodb

прошло 11 минут

18:26:55

#ping -f 192.168.15.3

PING 192.168.15.3 (192.168.15.3) 56(84) bytes of data.
................................................................................................................................................................................................................................................................................................................................................................................................................
--- 192.168.15.3 ping statistics ---
5878 packets transmitted, 4179 received, 28% packet loss, time 21480ms
rtt min/avg/max/mdev = 0.072/0.185/0.312/0.057 ms, ipg/ewma 3.655/0.156 ms

18:27:22

#man hping3

18:27:38

#hping3 -p22 192.168.15.3

hping3: option requires an argument -- p
Try hping3 --help

18:27:44

#hping3 -p 22 192.168.15.3

len=180 ip=192.168.15.3 ttl=64 DF id=19408 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=19415 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=19421 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=19428 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=19434 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=19441 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=19447 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=19454 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=19460 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=19467 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
...
len=180 ip=192.168.15.3 ttl=64 DF id=20312 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=20318 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=20325 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=20331 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=20339 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=20344 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=20351 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=20357 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=20364 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms
len=180 ip=192.168.15.3 ttl=64 DF id=20370 sport=22 flags=AP seq=0 win=8326 rtt=0.0 ms

Файлы

/usr/share/dsniff/dnsspoof.hosts

spoof.vkontakte

/usr/share/dsniff/dnsspoof.hosts

# $Id: dnsspoof.hosts,v 1.2 2000/08/28 13:28:21 dugsong Exp $
#
# Sample hosts file for dnsspoof - kill web banner ads for Niels. :-)
#
127.0.0.1       ad.*
127.0.0.1       ads*.*
127.0.0.1       adbot*.*
127.0.0.1       adcount*.*
127.0.0.1       adfinity*.*
127.0.0.1       adforce*.*
127.0.0.1       adimage*.*
127.0.0.1       adlink*.*
127.0.0.1       adserv*.*
127.0.0.1       adremote*.*
127.0.0.1       adv.*
127.0.0.1       advert*.*
127.0.0.1       banner*.*
127.0.0.1       count*.*
127.0.0.1       promo*.*
127.0.0.1       werbung*.*
127.0.0.1       *ads*.*.com
127.0.0.1       *.adbot.com
127.0.0.1       *.adone.com
127.0.0.1       *.adforce.com
127.0.0.1       *.ad-up.com
127.0.0.1       *.advert*.*
127.0.0.1       *.banner*.*
127.0.0.1       *.bfast.com
127.0.0.1       *.burstnet.com
127.0.0.1       *.doubleclick.net
127.0.0.1       *.focalink.com
127.0.0.1       *.flycast.com
127.0.0.1       *.freestats.com
127.0.0.1       *.hitbox.com
127.0.0.1       *.globaltrack.com
127.0.0.1       *.globaltrak.net
127.0.0.1       *.imagine-inc.com
127.0.0.1       *.imgis.com
127.0.0.1       *.link*.com
127.0.0.1       *.memory.net
127.0.0.1       *.preferences.com
127.0.0.1       *.smartclicks.com
127.0.0.1       *.sponsorpool.net
127.0.0.1       *.stats.net
127.0.0.1       *.stattrax.com
127.0.0.1       *.*tracker.com
127.0.0.1       *.valueclick.com
127.0.0.1       *.wisewire.com

spoof.vkontakte

192.168.15.254 ya.ru

Статистика

Время первой команды журнала 19:25:28 2008- 9- 5

Время последней команды журнала 18:27:44 2008- 9- 6

Количество командных строк в журнале 101

Процент команд с ненулевым кодом завершения, % 23.76

Процент синтаксически неверно набранных команд, % 1.98

Суммарное время работы с терминалом ^*, час 1.77

Количество командных строк в единицу времени, команда/мин 0.95

Частота использования команд

`apt-get`	16	\|==============\| 14.29%
`dig`	7	\|======\| 6.25%
`apt-cache`	7	\|======\| 6.25%
`man`	6	\|=====\| 5.36%
`vi`	6	\|=====\| 5.36%
`dpkg`	5	\|====\| 4.46%
`192.168.15.254.53:`	4	\|===\| 3.57%
`ping`	4	\|===\| 3.57%
`#`	3	\|==\| 2.68%
`free`	3	\|==\| 2.68%
`ls`	3	\|==\| 2.68%
`ps`	3	\|==\| 2.68%
`iptables`	3	\|==\| 2.68%
`less`	3	\|==\| 2.68%
`grep`	3	\|==\| 2.68%
`hping3`	2	\|=\| 1.79%
`cat`	2	\|=\| 1.79%
`~`	2	\|=\| 1.79%
`mv`	2	\|=\| 1.79%
`tcpdump`	2	\|=\| 1.79%
`nessus`	2	\|=\| 1.79%
`kill`	2	\|=\| 1.79%
`ssh`	2	\|=\| 1.79%
`ifconfig`	1	\|\| 0.89%
`dnsspoof`	1	\|\| 0.89%
`zless`	1	\|\| 0.89%
`/etc/init.d/nessusd`	1	\|\| 0.89%
`dpkg-reconfigure`	1	\|\| 0.89%
`snmpget`	1	\|\| 0.89%
`/etc/init.d/snort`	1	\|\| 0.89%
`sudo`	1	\|\| 0.89%
`nessus-useradd`	1	\|\| 0.89%
`adodb`	1	\|\| 0.89%
`pwd`	1	\|\| 0.89%
`10:05:47.114308`	1	\|\| 0.89%
`s`	1	\|\| 0.89%
`nessus-adduser`	1	\|\| 0.89%
`tcpdump:`	1	\|\| 0.89%
`10:06:27.408562`	1	\|\| 0.89%
`10:06:17.324465`	1	\|\| 0.89%
`zcat`	1	\|\| 0.89%
`10:05:57.198866`	1	\|\| 0.89%
`which`	1	\|\| 0.89%

____
*) Интервалы неактивности длительностью 30 минут и более не учитываются

Справка

Для того чтобы использовать LiLaLo, не нужно знать ничего особенного: всё происходит само собой. Однако, чтобы ведение и последующее использование журналов было как можно более эффективным, желательно иметь в виду следующее:

В журнал автоматически попадают все команды, данные в любом терминале системы.
Для того чтобы убедиться, что журнал на текущем терминале ведётся, и команды записываются, дайте команду w. В поле WHAT, соответствующем текущему терминалу, должна быть указана программа script.
Команды, при наборе которых были допущены синтаксические ошибки, выводятся перечёркнутым текстом:
$ l s-l

bash: l: command not found
Если код завершения команды равен нулю, команда была выполнена без ошибок. Команды, код завершения которых отличен от нуля, выделяются цветом.
$ test 5 -lt 4
Обратите внимание на то, что код завершения команды может быть отличен от нуля не только в тех случаях, когда команда была выполнена с ошибкой. Многие команды используют код завершения, например, для того чтобы показать результаты проверки

Команды, ход выполнения которых был прерван пользователем, выделяются цветом.

$ find / -name abc

find: /home/devi-orig/.gnome2: Keine Berechtigung find: /home/devi-orig/.gnome2_private: Keine Berechtigung find: /home/devi-orig/.nautilus/metafiles: Keine Berechtigung find: /home/devi-orig/.metacity: Keine Berechtigung find: /home/devi-orig/.inkscape: Keine Berechtigung ^C

Команды, выполненные с привилегиями суперпользователя, выделяются слева красной чертой.
# id

uid=0(root) gid=0(root) Gruppen=0(root)
Изменения, внесённые в текстовый файл с помощью редактора, запоминаются и показываются в журнале в формате ed. Строки, начинающиеся символом "<", удалены, а строки, начинающиеся символом ">" -- добавлены.
$ vi ~/.bashrc

2a3,5 > if [ -f /usr/local/etc/bash_completion ]; then > . /usr/local/etc/bash_completion > fi
Для того чтобы изменить файл в соответствии с показанными в диффшоте изменениями, можно воспользоваться командой patch. Нужно скопировать изменения, запустить программу patch, указав в качестве её аргумента файл, к которому применяются изменения, и всавить скопированный текст:
$ patch ~/.bashrc
В данном случае изменения применяются к файлу ~/.bashrc
Для того чтобы получить краткую справочную информацию о команде, нужно подвести к ней мышь. Во всплывающей подсказке появится краткое описание команды.

Если справочная информация о команде есть, команда выделяется голубым фоном, например: vi. Если справочная информация отсутствует, команда выделяется розовым фоном, например: notepad.exe. Справочная информация может отсутствовать в том случае, если (1) команда введена неверно; (2) если распознавание команды LiLaLo выполнено неверно; (3) если информация о команде неизвестна LiLaLo. Последнее возможно для редких команд.
Большие, в особенности многострочные, всплывающие подсказки лучше всего показываются браузерами KDE Konqueror, Apple Safari и Microsoft Internet Explorer. В браузерах Mozilla и Firefox они отображаются не полностью, а вместо перевода строки выводится специальный символ.
Время ввода команды, показанное в журнале, соответствует времени начала ввода командной строки, которое равно тому моменту, когда на терминале появилось приглашение интерпретатора
Имя терминала, на котором была введена команда, показано в специальном блоке. Этот блок показывается только в том случае, если терминал текущей команды отличается от терминала предыдущей.
Вывод не интересующих вас в настоящий момент элементов журнала, таких как время, имя терминала и других, можно отключить. Для этого нужно воспользоваться формой управления журналом вверху страницы.
Небольшие комментарии к командам можно вставлять прямо из командной строки. Комментарий вводится прямо в командную строку, после символов #^ или #v. Символы ^ и v показывают направление выбора команды, к которой относится комментарий: ^ - к предыдущей, v - к следующей. Например, если в командной строке было введено:
```
$ whoami
```
```
user
```
```
$ #^ Интересно, кто я?
```
в журнале это будет выглядеть так:
```
$ whoami
```
```
user
```
Интересно, кто я?

Если комментарий содержит несколько строк, его можно вставить в журнал следующим образом:

$ whoami

user

$ cat > /dev/null #^ Интересно, кто я?

Программа whoami выводит имя пользователя, под которым 
мы зарегистрировались в системе.
-
Она не может ответить на вопрос о нашем назначении 
в этом мире.

В журнале это будет выглядеть так:

$ whoami

user

Интересно, кто я?

Программа whoami выводит имя пользователя, под которым
мы зарегистрировались в системе.

Она не может ответить на вопрос о нашем назначении
в этом мире.

Для разделения нескольких абзацев между собой используйте символ "-", один в строке.

Комментарии, не относящиеся непосредственно ни к какой из команд, добавляются точно таким же способом, только вместо симолов #^ или #v нужно использовать символы #=

Содержимое файла может быть показано в журнале. Для этого его нужно вывести с помощью программы cat. Если вывод команды отметить симоволами #!, содержимое файла будет показано в журнале в специально отведённой для этого секции.

Для того чтобы вставить скриншот интересующего вас окна в журнал, нужно воспользоваться командой l3shot. После того как команда вызвана, нужно с помощью мыши выбрать окно, которое должно быть в журнале.

Команды в журнале расположены в хронологическом порядке. Если две команды давались одна за другой, но на разных терминалах, в журнале они будут рядом, даже если они не имеют друг к другу никакого отношения.
```
1
    2
3   
    4
```
Группы команд, выполненных на разных терминалах, разделяются специальной линией. Под этой линией в правом углу показано имя терминала, на котором выполнялись команды. Для того чтобы посмотреть команды только одного сенса, нужно щёкнуть по этому названию.

О программе

LiLaLo (L3) расшифровывается как Live Lab Log.
Программа разработана для повышения эффективности обучения Unix/Linux-системам.
(c) Игорь Чубин, 2004-2008

$Id$