Simple Tshark script to dump MAC and IP address pairs to file

Blog tags: 

For the S4x19 competition, I needed a simple script to go through several hundred GB of pcaps and dump out a list of IP and MAC address pairings to prepare elements for the challenge. Here is a simple BASH script that can achieve that simply with tshark (sudo apt-get install tshark):

Pure BASH to remove spaces line by line

Blog tags: 

Here is a neat little script I wrote to remove spaces in CSVs recursively line by line using only pure Bash


set IFS=,
set oldIFS = $IFS
readarray -t arry < ${INPUT_CSV}

for i in "${arry[@]}"
        res="${i//[^ ]}"
        while [ ${cnt} -gt 0 ]; do
                i=${i/, /,}
        echo $i

A few notes about CPU load and resource consumption

Blog tags: 

A few observations about looking at TOP that I hear people asking are regarding what does the % mean, and why can I have over 100% when looking at CPU usage.

Well, its sort of simple. Load averages are the average of the load number for a process in a given period of time. A load number is merely a metric that is an average that takes into account CPU usage (or consumed time-slices) by the process. These could be:

Quick script to generate XML for each network interface

Blog tags: 

# @file
# @author Ron Brash (<a href=""></a>)
# @date Jan 2017
# @purpose Collect network interface statistics and other information and output
# it in XML format instead of arbitrary formatting


OpenSSH Signing a File and appending to Signing to File + Verification

Blog tags: 

Create the signing keys

openssl req -nodes -x509 -sha256 -newkey rsa:4096 -keyout "signing.key" \
-out "signingKey.crt" -days 365 -subj "/C=NL/ST=QC CA/L=Montreal/O=PacificSimplicity \
/OU=Dev/CN=Dev Signing Key"

Then sign the file with the following command

Reverse SSH Tunnel

Blog tags: 

Recently went to setup a reverse SSH tunnel and had a few issues such as connections not being allowed, or otherwise. There is also a strong gotcha not documented clearly on the Internet, you can only have one connection per port on the intermediary host. If you want more than one host, you need to use multiple ports; sorry this is the way it is.

Before starting, make sure on BOTH hosts, install:

sudo apt-get install -y openssh-server


Subscribe to RSS - Linux