One interesting command is called last – to see who logged in last.

[root@centos ~]# last
root pts/3 peregrin.lan Wed Feb 6 19:21 still logged in
knutt pts/1 :0.0 Wed Feb 6 19:12 still logged in
knutt pts/2 :0.0 Wed Feb 6 16:29 still logged in
knutt pts/1 :0.0 Wed Feb 6 16:28 - 19:12 (02:43)
knutt :0 Wed Feb 6 16:27 still logged in
root tty2 Wed Feb 6 16:14 still logged in
root tty1 Wed Feb 6 15:54 still logged in
reboot system boot 2.6.18-53.1.6.el Wed Feb 6 15:51 (03:29)
root tty1 Wed Feb 6 06:44 - crash (09:07)

last with no arguments gives you a log list of the last entries. last username tells you when that particular user logged in the last time – and a side effect here is the fact that since there is a pseudo user called reboot that logs in just before your system goes down, you can also write last reboot and get a comprehensive listing of when you rebooted. FreeBSD use a similar command with a slightly different output.

Under UNIX like operating systems, you can choose your own shell. Not like Windows where you essentially have had command or cmd to use out of the box and that’s it. Personally, I prefer bash – Bourne Again Shell. The history command there has a few more tricks to it than typing history and see all your past commands fly by on the screen. Write

history|grep -i "olldandlongcommandyouonlyrememberpartof"

and you get one or more lines with this command, preceded by a number. This number is the line number for your command in the history file. Let’s say the number of your command is 207. To re-run this command, type:

!207

Clever, eh? Well, it gets better. If you know what you wrote and need to repeat the last command you typed of that kind, just start typing a few characters after the exclamation mark and bash retrieves the correct entry for you and runs it, like this:

[root@bilbo ~]# !dat
date "+%Y-%m-%d %H:%M:%S"
2007-04-25 18:35:01

Now, we start talkin’… The most elegant way of finding something is the Ctrl-R command: Start typing and it will autocomplete as you type until you find the one you want:

(reverse-i-search)`d': date "+%Y-%m-%d %H:%M:%S"

But what about all the duplicates that keep piling up? And what about the teeny weeny commands that you wish would go away? Try setting a colon delimited environment variable – HISTIGNORE – like this:

export HISTIGNORE="&:ls:[bf]g:exit"

The & removes duplicates. The next one will remove all single ls. Then, we remove bg and fg, before removing all exit commands. I tested using [???] to remove all three-letter-commands, but I was not able to accomplish that.

In case you wonder why the Thunderbird mailbox format is so easy to handle, here is why: It follows the standard and, thus, is in UNIX mailbox format. The mail file mbox on a UNIX, Linux, FreeBSD, you name it, is in excactly the same format. This makes the format highly portable. You can convert to/from UNIX/Windows newline and be up and running on a totally different OS with your mail file in mere minutes. For some mail readers you might have to rename the file too. Big deal.

Annoying, isn’t it, when your ISP decides it is high time you change your public IP and since you are at work/on holiday or whatever, you can just forget getting that file you need. If you don’t want to use DynDNS or whatever services is out there you can use one particular external web page to get your IP – http://ipid.shat.net/iponly/ – your own handy, dandy script, and an external web page to display the results of your script.

Here is the script:

#!/bin/sh
HOST='ftp.whatever.com'
USER='myusername'
PASSWD='mypassword'
FILE='index.html'
echo "">$FILE
echo " ">>$FILE
echo "">>$FILE
echo "">>$FILE
date "+%Y-%m-%d %H:%M:%S">>$FILE
/usr/local/bin/lynx -dump http://ipid.shat.net/iponly/|grep [0-9]>>$FILE
echo "">>$FILE
ftp -vn $HOST < quote USER $USER
quote PASS $PASSWD
cd /var/www/html/ip/
pwd
put $FILE
quit
END_SCRIPT
exit 0

This script does two things:

• It writes your index.html file
• It uploads index.html via ftp to your web server

You can then watch the output by going to the web address you saved it to. If you put the script into a cron job, you will always be up-to-date as of your IP address.

If you make a custom script you automate via crontab, make sure all paths are absolute. Some paths work and some do not, as crontab sets up a mini environment for itself:

SHELL=/bin/sh
PATH=/usr/bin:/bin
LOGNAME=
HOME=

This means that any command not expanding to /usr/bin/ or /bin/ will not work.

Wanna know a bit about your UNIX/Linux system? On DOS and Windows you can run the ver command and the shell will happily return the operating system and version number. Unfortunately (for you) ver is not present on UNIX and Linux. The replacement, however, is a worthy alternative: uname.

With uname you can get info about the operating system, about the kernel and what hardware you run it on. A simple uname returns the name of the operating system to standard output like this:

[root@bilbo /usr/ports/security/nmap]# uname
FreeBSD

This is the same as writing uname -s. uname -a types a space delimited list to standard out with all of the info it can provide:

[root@bilbo /usr/ports/security/nmap]# uname -a
FreeBSD bilbo.lan 6.2-RELEASE-p2 FreeBSD 6.2-RELEASE-p2 #0: Tue Feb 27 22:41:06 UTC 2007 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386

For more info, check the manpage for your system. And if you run more than one version, check them all. There are significant differences between many of them.

Want to make sure what is open or not on your system? Install nmap. The source is already there (at least, it was on mine). Log in as root and then navigate to

[root@bilbo /usr/ports/security/nmap]#

and execute

[root@bilbo /usr/ports/security/nmap]# make

The PC will run a make and then return control to you. Then, run

[root@bilbo /usr/ports/security/nmap]# make install

to move everything into its proper locations.