Graph of system usage

Sometimes managers need info from the servers and they want to see it in a fancy way... like when you want to know the amount of time users spend on a server but you need a graphic... and I know you can just take the values paste them into a spreadsheet and create a graph... but I like more the automated and lovely look of the console... so Here is one solution.

Graphic_Of_System_Usage
{
    set -A resources user1 user2 user3 user4 user5 user6 user7 user8
    for Q in $(echo ${resources[*]})
    do
       rm /tmp/resource.usage
       last | grep $(date +%h) | grep $Q | awk '{print $9}' | grep '(' | sed 's/(//g' | sed 's/)//g' | sed 's/:/ /g' > /tmp/resource.usage
       USAGE=0
       CHART=0
       J=0
       while read MIN SEC
       do
           (( TMIN = MIN * 60 ))
           (( TSEC = TMIN + SEC ))
           (( USAGE = $USAGE + $TSEC ))
       done < /tmp/resource.usage
       (( CHART = $USAGE / 100 ))
       echo "$Q: \c"
       while [ $J -lt $CHART ]
       do
           echo "|\c"
           (( J = $J +1 ))
       done   
       echo "\n"
    done
}

you will see something like this.

Blocking IPs with a blackhole route

A null route or blackhole route is a routing table entry that goes nowhere. Matching packets are dropped (ignored) rather than forwarded, acting as a kind of very limited firewall. The act of using null routes is often called blackhole filtering. 

Null routes are typically configured with a special route flag, but can also be implemented by forwarding packets to an illegal IP address such as 0.0.0.0, or the loopback address.

Null routing has an advantage over classical firewalls since it is available on every potential network router, and adds virtually no performance impact. Due to the nature of high-bandwidth routers, null routing can often sustain higher throughput than conventional firewalls. For this reason, null routes are often used on high-performance core routers to mitigate large-scale denial-of-service attacks before the packets reach a bottleneck, thus avoiding collateral damage from DDoS attacks — although the target of the attack will be inaccessible to anyone. Blackhole filtering can also be abused by malicious attackers on compromised routers to filter out traffic destined to a certain address.

Nullrouting with iproute2 on Linux:

   $ ip route add blackhole 192.168.32.128/32
Nullrouting with 'route' on Solaris and BSD:
   $ route add -host 10.10.0.1 127.0.0.1 -blackhole
   $ route add -net 10.10.64.0/18 127.0.0.1 -blackhole 

Creating a discard route on Juniper Networks' Junos:

    set routing-options static route 192.168.0.0/16 discard 

Routing to the Null0 interface on Cisco IOS:

    ip route 192.168.0.0 255.255.0.0 Null0

Crypt and Decrypt files

Hi I am back, A few days ago I had to change (as regularly we do) the root password of all my servers and consoles because a member leave the team... remember to do that all the time!

Then I had to share the new root password to all my team but I don't like sending password over the network on a plain text email and call them one by one ... well is expensive and exhaustive ... so I found a neat solution and will like to share it!.

Basically what I did was write down the password on a text file inside unix crypt using openssl
and then send an email to my team providing the location and asking them to use the OLD root password to open this file and knew the NEW root password...

so here is the example!

# echo "This is a simple string" > MyNormal.file
# cat MyNormal.file
This is a simple string
# openssl bf -salt -in MyNormal.file > MyCrypted.file
enter bf-cbc encryption password:
Verifying - enter bf-cbc encryption password:
# rm MyNormal.file
# cat MyCrypted.file
Salted__|    qqk��=��r�3 �#DOC��@Ϝ�g�
                                            ��}�@V#
# openssl bf -d -in MyCrypted.file
enter bf-cbc decryption password:   # Example with a wrong password
bad decrypt
1710:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:330:
��q#jR�":�z�� �} ƺ�P�`}#
# openssl bf -d -in MyCrypted.file
enter bf-cbc decryption password:   # Example with the correct password
This is a simple string
#