1. lsof - list open files
List all opened internet sockets and sockets related to port 80:
lsof -i
lsof -i :80
Sometimes this is a handy sanity check. Other times it’s a downright nuisance, because you’re just SURE that no program should legitimately be using that file. It happens to me frequently enough that I figure someone else could benefit from a little UNIX lore. The command-line UNIX program lsof rides to the rescue. This program lists all open files and file-like things. This is very handy, as nearly everything looks like a file in UNIX (and Mac OS X).
$ lsof | grep [whatever]
Where [whatever] is replaced with the filename you’re looking for. With this, you can see which program is desperately holding onto your about-to-be-trashed file. Once you exit that program, your trash will empty
lsof | grep Finder
lsof provides many more options and could be an unvaluable foresinc tool if your system get compromised or as daily basis check tool.
I use it to find out what files are open on a mounted volume that hence will not eject:
$ lsof | grep Volumes [Disk Name]
2. nc (netcat) — use network sockets from the command line
nc -v -w 2 -z
http://m.nu/program/util/netcat/netcat.html
Port Scanning
A scanning example from Hobbit is “nc -v -w 2 -z target 20-30″. Netcat will try connecting to every port between 20 and 30 [inclusive] at the target, and will likely inform you about an FTP server, telnet server, and mailer along the way. The -z switch prevents sending any data to a TCP connection and very limited probe data to a UDP connection, and is thus useful as a fast scanning mode just to see what ports the target is listening on. To limit scanning speed if desired, -i will insert a delay between each port probe. Even though netcat can be used for port scanning it isn�t its strength. A tool such as nmap is better suited for port scanning.
3. launch control
Tiger’s New way of launching daemons:
sudo launchctl unload \
/System/Library/LaunchDaemons/org.openldap.slapd.xml
(stop OpenLDAP Server) {Open Directory}
sudo launchctl load \
/System/Library/LaunchDaemons/org.openldap.slapd.xml
(start OpenLDAP Server) {Open Directory}
4. Monitoring System Usage
Many shell commands exist to help you monitor the system. The last command shows you which users have logged in most recently or when a specified user last logged in to your system.
5. Restart ARD {Apple Remote Desktop} kickstart
artnum=108030
Sun Jul 30 mcapella@platypus : mcapella
[03:00:56] $
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users admin -privs -all -restart -agent -menu
Password:
Starting…
Stopped ARD Helper.
Stopped ARD Agent.
Stopped ARD Database.
Stopped VNC Server.
Started ARD Agent.
Done.
ps -auxc | grep login
kill -9 {login PID}
$ du -hs /path/to/directory
6. Compare directories via diff
I like to keep the home directories on my work (PC) and home (Mac) machines more-or-less in sync using a hard drive that I tote back and forth every few weeks. In addition to rsync, one useful tool is the unix diff command.
diff can not only compare two files, it can, by using the -r option, walk entire directory trees, recursively checking differences between subdirectories and files that occur at comparable points in each tree. The trick is to use the -q option to suppress line-by-line comparisons in files that differ:
diff -rq dirA dirB
This command will provide a nice list of files that occur in dirA but not in dirB, files that occur in dirB, but not in dirA, and files that differ between dirA and dirB. Pipe the output through grep to remove mention of uninteresting files, and sort to tidy it up, e.g.:
diff -qr dirA dirB | grep -v -e ‘DS_Store’ -e ‘Thumbs’ |
sort > diffs.txt
This list gives me a good feel for the big picture before I start overwriting things: which files or subdirectories can be deleted, which can be synced (and in which direction) using rsync, and which should be carefully checked before replacing, in case changes need to be merged.
To forestall some obvious comments, Unison would seem to be the ideal tool, but it lists hundreds of files that only differ in their permissions metadata (not important to me). Although Unison appears to have an option to turn off permission checking (-perms 0, or -perms=0), I couldn’t get it to work. There are, of course, a number of GUI apps that would do the job, too (e.g., FileMerge), many of them shareware.
7. Leopard Firewall
It appears you can turn the Leopard firewall on or from the command line with this command:
sudo defaults write /Library/Preferences/com.apple.alf globalstate -int 1
* The last value represents the state of the firewall,
where:
0 = off
1 = on for specific services
2 = on for essential services
There are other settings in the /Library/Preferences/com.apple.alf.plist file that you can explore and test to control other aspects of the firewall.