Frequently used Linux one-liners
This entry was posted on Mar 30 2009
I just submitted a couple of one-liners that I frequently use to Command-line-Fu.
Find brute force attempts on SSHd – Searches the /var/log/secure log file for Failed and/or invalid user log in attempts.
root@empulse:$ cat /var/log/secure | grep sshd | grep Failed | sed 's/invalid//' | sed 's/user//' | awk '{print $11}' | sort | uniq -c | sort -n
List SMTP connections by host – Searches /var/log/secure for smtp connections then lists these by number of connections made and hosts.
root@empulse:$ cat /var/log/secure | grep smtp | awk '{print $9}' | cut -f2 -d= | sort | uniq -c | sort -n | tail