Very Computer

Hi - I have a college assignment with some typically college like vague
requirements...

One of them is to write a shell script that will do the following:

Find Dormant Accounts

Monitoring of key system files to make sure all is well(doesn't say which
and the lecturer isn't interested in telling!)

Parse and format it all in a suitable way....

I *think* it may be able to be done using the following:

to check for dormant accounts :

maybe use find and the -atime (?) switch to see if the files INSIDE the
account have been accessed within a given time limit.

for the monitoring of system files :

create a log file containing a list of all key system files and thier size,
use SED or AWK to strip out the useless infomation. Should give a log file
with all the correct sizes in. Now write a script to take each line of the
log file and compare the logged size with the actual size

Parseing and Formatting should be more of the above using AWK and SED

Trouble is - I really don't know how to do this stuff - I'm very new with
linux - especially scripting.... are there any websites with scripts that
will do this sort of thing? Or are there any people out there who just
*love* writing scripts and are feeling generous <g>

Any help is much appreciated!

Happy to oblige....RTFM!

--
Hal Burgiss

Just like the real world.

Quote:> One of them is to write a shell script that will do the following:

> Find Dormant Accounts

> Monitoring of key system files to make sure all is well(doesn't say which
> and the lecturer isn't interested in telling!)

> Parse and format it all in a suitable way....

> I *think* it may be able to be done using the following:

> to check for dormant accounts :

> maybe use find and the -atime (?) switch to see if the files INSIDE the
> account have been accessed within a given time limit.

> for the monitoring of system files :

> create a log file containing a list of all key system files and thier size,
> use SED or AWK to strip out the useless infomation. Should give a log file
> with all the correct sizes in. Now write a script to take each line of the
> log file and compare the logged size with the actual size

> Parseing and Formatting should be more of the above using AWK and SED

> Trouble is - I really don't know how to do this stuff - I'm very new with
> linux - especially scripting.... are there any websites with scripts that
> will do this sort of thing? Or are there any people out there who just
> *love* writing scripts and are feeling generous <g>

But if we give you the fish to eat, you will never learn how to
catch the fish.

So, here are your fishing tools

        man man
        man ksh  or   man bash
        man awk
        man sed
http://www.linuxdoc.org/     for your fishing line

Here is a minnow to bait your hook.
http://www.linuxdoc.org/LDP/abs/html/index.html

Hey, Hal Burgiss, usually look forward to your posts.
That was pretty cold. You could have at lease told him where the
manual is.

On Tue, 18 Dec 2001 00:23:55 GMT, Bit Twister

Yea, I guess. I suspect his teacher has given where, and probably a
little about how. Getting someone to write the script defeats the entire
purpose of the exercise, which is to *learn* some simple scripting.
Besides, he needs to know 'RTFM' right off the bat :)

--
Hal Burgiss

Try "man find" and look for the atime and name parameters.

Quote:> Monitoring of key system files to make sure all is well(doesn't say which
> and the lecturer isn't interested in telling!)

Make sure all have the proper format.
/etc/passwd: name:pwd:uid:gid:gecos:home:shell

Obviously, pwd should be either a crypt output or an x. (hopefully the latter).
uid/gid must be numbers. Awk and regexp are your friend.

Other interesting files: /etc/group, /etc/inetd.conf, and many things in /etc.

Quote:> Parse and format it all in a suitable way....

Can you use Perl or it must be shell/awk/sed?

Vilmos

On Mon, 17 Dec 2001 22:42:57, "Earth Angel"

+ Hi - I have a college assignment with some typically college like
+ vague requirements...

Sure, glad to help. What's your name? What college? What professor?

I have a set of tests like your "college assignment" that any
prospective employee of mine is *required* to ace. One of the tests
is *extremely* vague and requires an Occam's Razor approach to
problem solving to get it right. If they can't answer the questions
while sitting in my office then they get a nice pat on the back and a
suggestion that 1st level tech support at an ISP would be perfect for
them. Do the work yourself, you'll be a better person for it.

FWIW, I didn't get authorized on the products I sell by cheating on
the manufacturer's tests.

BTW, multi-posting across several NG's with a "do my homework for me"
request with "Urgent" in the subject line is unlikely to get you
anything but grief.

Caldera Authorized Partner - OpenServer 5+, UnixWare 7+ & OpenLinux
--
   Owner and C.E.O. - ERA Computer Consulting - Jackson, TN USA    .
  OS/2, UnixWare, OpenServer & Linux Business Computing Solutions  .
     Please visit our www pages at http://eracc.hypermart.net/     .
               We run IBM OS/2 v.4.00, Revision 9.036                
  Sysinfo: 39 Processes, 158 Threads, uptime is 2d 8h 46m 24s 715ms  

Isn't the world a lovely place.... I have no hard feelings here other than
the joy people appear to derive from making snide comments at others.

Sorry you couldn't offer me any help. I wouldn't have asked if I knew the
answer or if I hadn't attempted to find ways to do the tasks I needed (I did
mention my ideas for achieving my goals intelligent feedback on these ideas
would have been appreciated) I certainly did read the f-ing man pages.... I
could not work out how to do the things I required... a small amount of
obvservation may have revealed the light hearted way I suggested someone
write the program for me - I certainly wasn't really expecting anyone to do
so - which is why I asked if there was anywhere with examples of scripts
that do this type of thing.

Once again... no hard feelings... I'm not that kind of guy - I really don't
see the point in being purposefully * in anyway to anyone.... put me
down in a further reply if it makes you feel good... whatever...

Cheers.

Hm, I'm not at all good at shell-scripting. Same holds true for
the security-business. Therefore my ideas might be bullshit.
Still:

Quote:> Hi - I have a college assignment with some typically college like vague
> requirements...

> One of them is to write a shell script that will do the following:

> Find Dormant Accounts

> Monitoring of key system files to make sure all is well(doesn't say which
> and the lecturer isn't interested in telling!)

> Parse and format it all in a suitable way....

> I *think* it may be able to be done using the following:

> to check for dormant accounts :

> maybe use find and the -atime (?) switch to see if the files INSIDE the
> account have been accessed within a given time limit.

This would give You *exactly* that. But of what possible use
would it be? A cracker owning one account would probably fake
some activity once and again. If You set the time interval
too narrow, You will get a bunch of employees on holidays.
Might be a good start, but if I were You I would include a
possibility to feed some sort of table into the script (which You'd
receive from the HR-Dept. in the real world) which lists the guys
that work in Your company. The remains would be easier to overlook.
You could sell that to Your prof, I suppose.

Quote:

> for the monitoring of system files :

> create a log file containing a list of all key system files and thier
size,
> use SED or AWK to strip out the useless infomation. Should give a log file
> with all the correct sizes in. Now write a script to take each line of the
> log file and compare the logged size with the actual size

> Parseing and Formatting should be more of the above using AWK and SED

Hm, do You want to test whether someone tampered with Your logs
or do You want to get a message when sth. phony is going on? To
accomplish the first You would normally set up a dedicated log-
server without real IP-address, non-reachable from the outside
world (look at, I think, Linux Gazette to see how to do that).
For the second: Make a list of things You want to watch, write a
script and cron it, make htmled output and lynx it on the screen.
You can even have more than one file then, giving the admin the
possibility to take a look at strange log-ins, irregular
packages, snort-alarms or all-in-one.

Now, that's what I'd think of as useful, but it might not meet
Your profs requirements.

Quote:

> Trouble is - I really don't know how to do this stuff - I'm very new with
> linux - especially scripting.... are there any websites with scripts that
> will do this sort of thing? Or are there any people out there who just
> *love* writing scripts and are feeling generous <g>

http://www.linuxdoc.org/HOWTO/Bash-Prog-Intro-HOWTO.html
http://linuxdoc.org/LDP/abs/html/

(Just in Case)

Dirk

Quote:

> Any help is much appreciated!

Quote:> Hm, I'm not at all good at shell-scripting. Same holds true for
> the security-business. Therefore my ideas might be bullshit.
> Still:

<snip>

thanks for the advice...

Nobody has been * that I have seen. Just honest and frank with
opinions. Don't take a lack 'please/sorry/thanks' for nastiness.

You probably would have gotten more help by now if you had shown
examples of scripts you did,  that did not work to give us a starting
point. And what docs you had read, that maybe made no sense. Some
specifics are always good. The way you presented it, it sounded like you
were looking for someone to do your homework for you, without you having
to do much at all.

I find that the quality of the answers in _Linux_ groups, is
often proportionate to the quality of the question(s) being asked, and
how they are asked. This in itself is a learning experience. So all is
not lost :)

.02

--
Hal Burgiss