asr.tech.notes

OSSEC: Invalid integrity message in the database To clear this message, clear the syscheck database #/var/ossec/bin/ossec-control stop #/var/ossec/bin/syscheck_update -a #/var/ossec/bin/ossec-control start

Created a new Twitter  account to publish tweets about the notes published on this site.

Code to check SSL Client Certificate Expiration remotely Language: C# (C Sharp) using MS Visual Studio Express 2010 Reference:  System.Net.ServicePointManager , another sample code from stackOverflow Code: using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Net; using System.Diagnostics; namespace CertCheck {     class Program     {         static void Main(string[] args)         {             //Get URL from command line to check             if (args.Length==0)             {                 Console.WriteLine("Usage: CertCheck <https://url> [-v]");                 Console.WriteLine("Enter an url with https prefix");                 Console.WriteLine("Add -v for verbose output.  By default, this will print just the number of days on the console");                 return;             }             string https_url = args[0];             bool bVerbose=false;             if (args.Length > 1)         

sed regular expression to extract message part of the syslog (AIX): #>sed 's/\(...\) \(..\) \(..\:..\:..\) \(.*\)/\4/' /var/adm/syslog myhost auth|security:err|error tsm: : 3004-025 - tcgetattr  failed errno "25".  myhost auth|security:notice su: from dude to root at /dev/pts/109 myhost daemon:err|error root: Msg from Err Log: A924A5FC 0524165910 P S SYSPROC SOFTWARE PROGRAM ABNORMALLY TERMINATED  myhost daemon:err|error last message repeated 2 times myhost user:info syslog: libtt[1224956]: _Tt_rpc_client::init(): fcntl(F_SETFD) failed for socket =  20 myhost user:info last message repeated 10 times myhost user:info syslog: libtt[3125324]: _Tt_rpc_client::init(): fcntl(F_SETFD) failed for socket =  20 myhost user:info last message repeated 10 times myhost auth|security:info sshd[946242]: Received disconnect from 127.0.0.1: 0:  myhost auth|security:info sshd[946178]: Accepted password for dude from 127.0.0.1 port 4341 ssh2 will print everything after the date

AIX: kill all the processes started by an user You can kill all the processes started by an specific user using the following methods: 1.  login as the user (su if you are a root) and execute killall 2.  form the kill command using a ps/awk/ksh combination       ps -u <user> | awk '{print "kill -9 "$2""}' | ksh 3.  use xargs to do the same      ps -u <user> | awk '{print $2}' | xargs -t kill -9 I prefer the (3) as it takes care of long listing of processes and it does the executes on kill command for all the processes. Additional notes: find . -name "*.bak" -print0 | xargs -0 -I file  mv file ~/old.files

Resetting gnome-panel in ubuntu While trying to customize the gnome panel on ubuntu I lost access to the panel (after enabling the auto-hide feature).  After trying several things to reset the gnome panel to its original setting (or disable the auto-hide), nothing brought the panel back.  Finally, figured out a way to reset everything to the factory defaults for the gnome-panel with a single command:  gconftool-2 --recursive-unset /apps/panel Also restarted the gnome-panel by killing it from the command prompt killall gnome-panel