Tag Archives: SysAdmin

CLI – find

serveimage

CLI – We all find ourselves searching our Mac looking for a particular file or files that satisfy certain criteria. Certainly, you can use Spotlight for that, but there are also methods of searching through the command line. Those options give you much better control over your search criteria. The find command is a very flexible way of searching your machine for files.

The description of find in the macOS man page is:

NAME

find — walk a file hierarchy

SYNOPSIS

find [-H | -L | -P] [-EXdsx] [-f path] path … [expression]

find [-H | -L | -P] [-EXdsx] -f path [path …] [expression]

DESCRIPTION

The find utility recursively descends the directory tree for each path listed, evaluating an expression (composed of the “primaries” and “operands” listed below) in terms of each file in the tree.

I didn’t attempt to list the switches, primaries and operands. There are nine switches and over 60 primaries. I suggest checking out the man  page for find on your macOS machine (or on the web) to see all of your options.

Screen Shot 2019-02-28 at 5.24.37 PM

One of the ways I have used find is to look for large files. In the example above, I searched a directory for all files larger than 10 megabytes. This could easily be used to search your entire disk for large files (use +1G instead of +10M to find files larger than 1 Gagabyte in length).

Screen Shot 2019-02-28 at 5.36.43 PM

You can also search for files older than (or newer than) a specific date. I have used this feature of the find command many times. In the example above I have used cd to move to a directory that contains Science Fiction images I use for one of my Desktops. I am searching that directory looking for files that were modified (in my use case this means added) more than 10 days ago.

Those ae just two simple examples of using the find command. There are many other examples of how find can be used in the references listed at the end of this article. Because of the flixibility of the find command, it can be put to use for many tasks by the SysAdmin as well as the macOS/Linux/UNIX user.

To learn a lot more about how to use find, take a look at “Finding Files On The Command Line“. Yes, this is a Linux article, but the find command as implemented on macOS is fundamentally the same.

Check the macOS man page for cd for all of the available options.

References

  1. 25 simple examples of Linux find command
  2. 14 Practical Examples of Linux Find Command for Beginners
  3. Finding Files On The Command Line

See my other CLI and macOS articles


Advertisements

Quad 9, a Better Choice For Your DNS

Tech Tip – As you know if you follow my posts, I listen to a lot of podcasts. While nearly it is nearly 10 months old (I have quite a podcast episode backlog), I listened to episode #638 of the Security Now podcast as I went on a walk earlier today. The primary subject of this podcast was Quad9.

So what is Quad9? From their web page:

Quad9 is a free, recursive, anycast DNS platform that provides end users robust security protections, high-performance, and privacy.

Why would you want to switch to Quad9? The video above gives a short (2:29) overview of how DNS works to resolve Domain Names into IP addresses, and how Quad9 can provide you with more protection. The Quad9 claims:

  • Quad9 blocks against known malicious domains, preventing your computers and IoT devices from connecting to malware or phishing sites (Quad9 pulls in security intelligence from 19 partners including: IBM’s X-Force, Abuse.ch, the Anti-Phishing Working Group, Bambenek Consulting, F-Secure, Netlab, and Proofpoint)
  • Quad9 systems are distributed worldwide for quick response with servers in more than 128 locations at present. More than 150 locations in total are scheduled for 2018 (published tests demonstrate Quad9’s response time [1,5,7,8])
  • No personally-identifiable information is collected by the system [4]

The founders of Quad9 include IBM, PCH (Packet Clearing House), and the Global Cyber Alliance (GCA). Quad9 works with several partnering groups to make Quad9 a safer, more secure and private way to do DNS lookup. While they have extensive tech in place to block malware domains, Quad9 also has whitelisting in place to prevent known valid domains from being accidentally blocked [1,4].

After listening to Steve Gibson talk about Quad9 on Security Now I decided to switch to Quad9. Shortly after I returned to my apartment I logged on to my MacBook and set up Quad9. If you are not sure how to change your DNS provider on your Mac, the video above shows you how.

You should make the change to Quad9 on your Mac too! You can also set the DNS on your iOS device.

 

References

  1. What is Quad9 DNS and is it Better Than OpenDNS
  2. Quad9 on Wikipedia
  3. New “Quad9” DNS service blocks malicious domains for everyone
  4. A Deeper Dive Into Public DNS Resolver Quad9
  5. DNS Resolvers Performance compared: CloudFlare x Google x Quad9 x OpenDNS
  6. What is Quad9?
  7. DNS Performance Comparison: Google, Quad9, OpenDNS, Norton, CleanBrowsing, and Yandex
  8. Quad9 DNS
  9. Free Quad9 DNS service aims to make threat intel more accessible
  10. New Quad9 DNS Service Makes the Internet Safer and More Private

See my other Mac and OS X articles


 

CLI – sed

Screen Shot 2018-08-06 at 7.16.16 PM.png

CLI – Sometimes you have a file that you wish to scan for every instance of a phrase and replace it with another phrase. The sed or stream editor command is just what you are looking for. In the above screen shot I first display a file with the cat command, then use se to replace all appearances of the word ‘Emma’ with the word ‘Bambi’. The sed command syntax for that is:

sed  ‘s/Emma/Bambi/g’ Review_Four\ Dominions\ copy.txt

The ‘s/Emma/Bambi/g’ says to do a global search and replace of Bambi for every instance of Emma. The name of the file being operated on is ‘Review_Four\ Dominions\ copy.txt’.

The description of sed in the macOS man page is:

The sed utility reads the specified files, or the standard input if no files are specified, modifying the input as specified by a list of commands.  The input is then written to the standard output.

A single command may be specified as the first argument to sed.  Multiple commands may be specified by using the -e or -f options.  All commands are applied to the input in the order they are specified regardless of  their origin.

This can be a very powerful and useful command when processing text files. In the SysAdmin world it can be very useful for updating configuration files.

To learn a lot more about how to use sed, take a look at “‘Sed’ Command In Linux: Useful Applications Explained“. Yes, this is a Linux article, but the sed command as implemented on macOS is fundamentally the same.


See my other CLI and macOS articles


 

CLI – zcat

Screen Shot 2018-07-24 at 11.06.57 AM

CLI – Sometimes you want to view the content of a compressed file. The zcat  Command Line  command allows you to do that. What does zcat do:

zcat uncompresses either a list of files on the command line or its standard
input and writes the uncompressed data on standard output.

The zcat command is like cat, but for compressed files.

To learn a lot more about how to use zcat, take a look at “Linux zcat Command Tutorial for Beginners (5 Examples)“. Yes, this is a Linux article, but the zcat command as implemented on macOS is fundamentally the same.


See my other CLI and macOS articles


 

Networking Cheatsheet for Linux (and macOS)

cheat_sheet_cover_sysadmin_networking

Whether you are a Unix/Linux/macOS Sys Admin or just a user, you often have to deal with various network issues. There are several ‘built-in’ utilities that can be used through the Command Line to help solve these issues. While this is not a full networking tutorial, the cheat sheet PDF file does give you some of the essential networking commands and examples of how you can put them to use.

While the cheat sheet is targeted at Linux, many of the commands listed will also work on your macOS system. This may be something you want to print out and add to your notes, or just download it and have it available for reference. I downloaded the PDF and put it in my iCoud Drive so that I can reference it from my Mac, MacBook or my iPad.

CLI – apropos

Screen Shot 2018-07-12 at 12.37.28 PM

You know what you want to do, but you are not sure what the command line command is that you should use. This is where the apropos command may help. While the man command gives you the details of a command, apropos searches the descriptions of all of the commands for the keyword used (in the example image above I used ‘apropos disk’ to obtain the list shown) and gives you a list of all commands that contain that keyword.

The macOS man page for apropos says:

apropos searches a set of database files containing short descriptions of system commands for keywords and displays the result on the standard output.

To learn a lot more about how to use apropos, take a look at “Linux apropos Command Tutorial for Beginners (5 Examples)“. Yes, this is a Linux article, but the top command as implemented on macOS is fundamentally the same.


See my other CLI and macOS articles


 

CLI – top

Screen Shot 2018-07-10 at 11.49.10 AM

If your system seems to be slow or there are running Apps (processes) that you want to know more about, you can enter top at the command line to see more. This command is part of almost every Unix, Linux, and macOS system.

This is similar to the Apple Utility “Activity Monitor”, though there are options you can invoke at the command line to give you more control over what you are seeing. This is a good tool to use if you are wanting to know why your Mac seems to bog down (which process is consuming CPU cycles and/or memory).

The macOS man page for top says:

The top program periodically displays a sorted list of system processes. The default sorting key is pid, but other keys can be used instead.  Various output options are available.

To learn a lot more about how to use top, take a look at “Linux top Command Tutorial for Beginners (8 Examples)” and “Tips for using the top command in Linux“. Yes, those are Linux articles, but the top command as implemented on macOS is fundamentally the same.


See my other CLI articles


CLI – Netstat

If you are having problems with your network or just want to learn a little more about it, the netstat command is a good way to start. The netstat command lets you print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.

The macOS man page for netstat says:

The netstat command symbolically displays the contents of various net-work-related data structures.  There are a number of output formats, depending on the options for the information presented.  The first form of the command displays a list of active sockets for each protocol.  The second form presents the contents of one of the other network data struc- tures according to the option selected. Using the third form, with a wait interval specified, netstat will continuously display the information regarding packet traffic on the configured network interfaces.  The fourth form displays statistics for the specified protocol or address family. If a wait interval is specified, the protocol information over  the last interval seconds will be displayed.  The fifth form displays per-interface statistics for the specified protocol or address family. The sixth form displays mbuf(9) statistics.  The seventh form displays routing table for the specified address family.  The eighth form displays routing statistics.

To learn a lot more about how to use netstat, take a look at “Linux netstat Command Tutorial for Beginners (8 Examples)“. Yes, this is a Linux article, but the netstat command as implemented on macOS is fundamentally the same.

See Apple’s Mac OS X Manual Pages for further command details.


See my other CLI articles


 

In-depth Crytography Book Available for FREE!

Screen Shot 2017-09-08 at 9.37.36 AM

As I have mentioned before, I routinely listen to the Security Now podcast. In episode #600 Steve Gibson talked about the book “A Graduate Course in Applied Cryptography“. This book is being compiled by noted Cyber Security researchers Stanford University Professor Dan Boney and New York University Professor Victor Shoup.

While the book is still in development, you can download the most recent version (December 9, 2016 version 0.3) as  PDF file. The book provides high level overviews of many cryptography subject areas, as well as a deep-dive into the technology. As the authors say in their Preface:

A beginning reader can read though the book to learn how cryptographic systems work and why they are secure. Every security theorem in the book is followed by a proof idea that explains at a high level why the scheme is secure. On a first read one can skip over the detailed proofs without losing continuity. A beginning reader may also skip over the mathematical details sections that explore nuances of certain definitions.

An advanced reader may enjoy reading the detailed proofs to learn how to do proofs in cryptog- raphy. At the end of every chapter you will find many exercises that explore additional aspects of the material covered in the chapter. Some exercises rehearse what was learned, but many exercises expand on the material and discuss topics not covered in the chapter.

If you are interested in computer security, you may want to add this 710 page book to add to your library.


See my other Cyber Security articles


 

Podcast – Security Now

Security_Now_cover_art

Podcasts – I have been listening to the Security Now podcast since it began. It has been published weekly now for over 10 years. The latests episode as of this writing is #626. While they began as short programs of under 30 minutes, they have rapidly grown to around two hours per episode.

The show is presented on the TWiT Network and features Leo Laporte and Steve Gibson. While, as the name implies, the focus is on computer security, they also will talk about Tech in general and Science Fiction from time to time. The more recent episodes cover the security news that has occurred over the past week (almost always something new). They sometimes address questions from their large international audience, with occasional deep-dives into an issue of computer technology or security.

The program is well done and I recommend it to anyone interested in computer security, or who simply uses a computer, tablet or smart phone.


See my other Cyber Security articles