Security Basics mailing list archives
Re: Egreping for Addressed
From: Richard Arends <richard () unixguru nl>
Date: Mon, 4 Aug 2003 23:37:11 +0200 (CEST)
On Mon, 4 Aug 2003, Spamme Herefool wrote:
I'm looking at writing my own script for auditing a few different boxes with a number of services. I'm having trouble with something as simple as greping for IP addresses. In short, I'm looking to ensure that particular Apache servers are being accessed only from inside our classB. Given that: Assume the ClassB is "abc.def.X.X" Assume the ClassC is "123.456.789.Y", What would be the easiest way to grep out all allowed classB and classC addresses (from our remote sites) from the logs before parsing further? Seems this can be done on one, maybe two statements
Something like this? egrep 'abc\.def\.[A-Z]*\.[A-Z]*|123\.456\.789\.[A-Z]*' or egrep 'abc\.def\.[0-9]*\.[0-9]*|123\.456\.789\.[0-9]*' Regards, Richard. ---- Paul Vixie in an interview with Sendmail.net: Now that the Internet has the full spectrum of humanity as users, the technology is showing its weakness: it was designed to be used by friendly, smart people. Spammers, as an example of a class, are neither friendly nor smart. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Egreping for Addressed Spamme Herefool (Aug 04)
- Re: Egreping for Addressed Michael Patrick (Aug 04)
- Re: Egreping for Addressed Richard Arends (Aug 04)