|
Hacker Challenge: Using grep, nl, tail, and headBog'liq linuxbasicsforhackers23
Hacker Challenge: Using grep, nl, tail, and head
Let’s say you want to display the five lines immediately before a line that
says
# Step #6: Configure output plugins
using at least four of the commands
you just learned. How would you do it? (Hint: there are many more options
to these commands than those we’ve discussed. You can learn more com-
mands by using the built-in Linux command
man
. For example,
man tail
will
show the help file for the
tail
command.)
There are many ways to solve this challenge; here, I show you which
lines to change to do it one way, and your job is to find another method.
Step 1
kali >nl /etc/snort/snort.conf | grep output
34 # 6) Configure output plugins
512 # Step #6: Configure output plugins
518 # output unified2: filename merged.log, limit 128, nostamp,
mpls_event_types, vlan_event_types
520 # output unified2: filename snort.log, limit 128, nostamp,
mpls_event_types, vlan_event_types
521 # output alert_unified2: filename snort.alert, limit 128, nostamp
522 # output log_unified2: filename snort.log, limit 128, nostamp
525 # output alert_syslog: LOG_AUTH LOG_ALERT
528 # output log_tcpdump: tcpdump.log
N O T E
Your line numbers may differ slightly as the snort.conf file gets updated.
We can see that the line
# Step #6: Configure output plugins
is line 512,
and we know we want the five lines preceding line 512 as well as line 512
itself (that is, lines 507 to 512).
Step 2
kali >tail -n+507 /etc/snort/snort.conf | head -n 6
nested_ip inner, \
whitelist $WHITE_LIST_PATH/white_list.rules, \
blacklist $BLACK_LIST_PATH/black_list.rules
###################################################
# Step #6: Configure output plugins
Here, we use
tail
to start at line 507 and then output into
head
, and we
return just the top six lines, giving us the five lines preceding the
Step #6
line, with that line included.
|
| |
