shell scripting

Need help with C, C++, perl, python, etc?

shell scripting

Postby rubeus » 2007-04-18 08:13

hi. i'm new in this forum and need some help with shellscripting. I have to check if there is a conection from a machine to a dterminated port and from a determinated program. I use the netstat -pn command with some greps piped. the problem is you need to be root. If don't, you can't see the program creating the conection. Somebody knows how to check this without being root? Another command, another options? Whatever

I have another problem. I'm checking for the number of process of some aplications. I use the ps -e and it works in all the machines but two, old debian distributions. In these machines the ps -e gives me the clidren of the process too, so it always rise an alarm (more than 1 process running)
What can i do?

Thank you very much
rubeus
 
Posts: 3
Joined: 2007-04-17 11:34

Postby Dargor » 2007-04-18 09:47

why not use nmap for your port scanning.
User avatar
Dargor
 
Posts: 671
Joined: 2006-08-14 08:54
Location: New Zealand, Hamilton

Postby rubeus » 2007-04-18 09:55

i can't. Nmap is not a program a client would like us to use against them....that's why i need to use the commands not being a root. Furthermore sometimes the connections are from a machine to itself (the database is installed in the same machine than the snort).
The scrips are for Nagios, a program that check for remote services. I program the scripts to check what i want and gives me the response i need and in the format nagios need
rubeus
 
Posts: 3
Joined: 2007-04-17 11:34

Postby shoof » 2007-04-18 13:59

You could use Perl, the Socket module is quite nice and works well for Nagios plugins.
shoof
 
Posts: 379
Joined: 2006-09-08 20:41
Location: My chair

Postby germain » 2007-04-19 01:10

I wrote a Nagios script using Python and the socket module as well, tomorrow I'll post it.
User avatar
germain
 
Posts: 90
Joined: 2006-09-25 23:10
Location: Mexico. Ajuuuua!!!

Postby rubeus » 2007-04-20 09:05

thank you very much. But nobody kows how to use the ps command in order to get only the number of process running for a program without the children and that works for every debian? (or at least from sarge version).

About the form to check for a connection for snort with the port 3306 ESTABLISHED without being root I suposse is more complex or even imposible.
rubeus
 
Posts: 3
Joined: 2007-04-17 11:34

Postby Dargor » 2007-04-20 09:51

I dont know about the ps thing, but without being root nmap can tell you what app(not every app) is running on a particular port.

not a program a client would like us to use against them
Ill tell them to get stuffed, sounds like there being stupidly picky.
User avatar
Dargor
 
Posts: 671
Joined: 2006-08-14 08:54
Location: New Zealand, Hamilton


Return to Programming

Who is online

Users browsing this forum: No registered users and 6 guests

fashionable