adam shand

2019

# 
# 
# 
# clamscan -r ~/Downloads/_scanme/

Use ClamAV to recursively scan ~/Downloads/_scanme for infected files. 

# docker cp 01c7b7a07733:/var/lib/mysql.tbz /tmp

Copy /var/lib/mysql.tbz from the container to /tmp. 

# docker-compose down; docker-compose up -d; docker-compose logs -f

Use docker-compose to stop the container, start the container and then show the logs (remember docker-compose has to be run from the directory with the docker-compose.yml file. 

# sudo apt list --upgradable |grep "$(lsb_release -cs)-security"

get list of outstanding security updates 

# docker container rm gifted_villani

Delete a stopped container (remember that stopped containers will only show up with a “ls -a”). 

# docker container prune

Delete all containers which aren't running 

# docker run --name zabbix-appliance -t -p 10051:10051 -p 81:80 -d zabbix/zabbix-appliance:latest

Download (if necessary) the zabbix/zabbix-appliance:latest image and name it zabbix-appliance locally. Map container ports 10051/80 to 1051/81 respectively (so that external port 81 routes to internal container port 80) 

# docker exec -i -t zabbix-appliance /bin/bash

open a shell on a running container 

# docker exec zabbix-appliance /usr/bin/mysql -h localhost -u zabbix -pzabbix zabbix -e "show tables;"

Open a shell on the container zabbix-appliance, and use the mysql binary in the container to connect to containers MySQL and run the “show tables;” command. 

# docker exec -i -t zabbix-appliance /usr/bin/mysql -h localhost -u zabbix -pzabbix zabbix

open an interactive mysql shell on the container 

# docker exec zabbix-appliance /usr/bin/mysqldump --add-drop-table -u zabbix --password=zabbix zabbix > /tmp/zabbix.sql; docker exec -i zabbix-appliance /usr/bin/mysql -u zabbix --password=zabbix zabbix < /tmp/zabbix.sql

Dump and restore MySQL (“drop tables” means you don't have to delete the db or tables before restoring) 

# docker update --restart=always zabbix

Change settings on an existing container (eg can't use docker run on an existing container) 

# snmpwalk -v2c -c public localhost

Talk to the SNMP daemon on macOS 10.14. 

# sftp -q backup@spack.org:/backup.zip /vol/backups/

Silently download /backup/zip from spack.org and save it /vol/backups. Good for cron. 

# docker cp /usr/bin/telnet.netkit  zabbix-appliance_zabbix_1:/tmp

Copy the telnet binary to a docker instance which doesn't have it for debugging. 

# grep security /etc/apt/sources.list > /tmp/security.list; sudo apt-get -s upgrade -oDir::Etc::Sourcelist=/tmp/security.list

Create a temporary sources.list file which only contains security related updates. Then run apt-get in simulation mode to show what those updates are. Run without the -s to actually install security updates. 

# ansible-playbook -K -l joker.spack.org stuff.yml

Only run the playbook stuff.yml on the host joker.spack.org and prompt of a sudo password before running. 

# ansible all -m setup

Gather facts from all configured hosts (replace all with a hostname to run against a single host). 

# ansible all  -m shell -a 'echo $TERM'

Get the value of $TERM from all hosts. 

# hostname -I

A way to get the IP address of a host which doesn't have ifconfig or ip installed. 

# ps --no-headers -o "rss,cmd" -C php-fpm | awk '{ sum+=$1 } END { printf ("%d%s\n", sum/NR/1024,"Mb") }'

Print the total MB used of php-fpm processes. 

# git remote add origin git@bitbucket.org:adamshand/ansible.git; git push -u origin master

Connects a local repository to a remote one and pushes contents of local repo. 

# git remote set-url origin git@bitbucket.org:spackorg/ansible.git

Changes the remote repo that the local repo is connected to. 

# curl https://github.com/adamshand.keys

Download adamshand's ssh public key from Github. 

# curl https://api.github.com/users/adamshand/keys

Download adamshand's ssh public key from Github in JSON. 

# lsbom -fls /private/var/db/receipts/org.insecure.nmap.*bom

[Mac] show all files installed as part of a package. 

# log show -predicate '(processImagePath contains "configd") && (eventMessage contains "en0: SSID pekapeka")' -style compact -last 1d | awk '{print $1,$2,$6,$8}' | sed 's/:[0-9][0-9].[0-9][0-9][0-9]//' | uniq

[mac] uses the new log subsystem to print a tidy list of the connections to the “pekapeka” Wi-Fi network in the last day. 

# networksetup -listallhardwareports | awk '/Wi-Fi/ {getline; print $2}'

[mac]Prints the name of the Wi-Fi interface on a Mac. 

# nettop -m tcp -t wifi -d -p java -p httpd

Provides a top-like view of network traffic. Shows only TCP traffic on WiFi interfaces from processes named “java” or “httpd”. 

# nc -z foo.example.com 80-90

Scan ports 80 to 90 on host foo.example.com to see if they are listening and report.

2014 by adam shand. sharing is an act of love, please share.