grep ‘[$]foo’ file.txt

Regexp negation in Perl

Perl has many non-standard features supported in the regular expression matching. One of these features in the lookahead (?pattern). Furthermore, the lookahead function support negation (?!pattern). To search in Perl for lines that contain foo but are not followed by bar anywhere on the line:

foo(?!.*bar)

Regexp negation in Vim

Vim’s regular expression matching is more flexible that vi’s. Particularly, vim supports the syntax @!. You can find a full description of this feature in vim by typing :help /@!. To search in Vim for lines that contain foo but are not followed by bar anywhere on the line:

foo(.*bar)@!

Regexp in grep

Grep doesn’t support negation of patterns in a regular expression, but it does support two other classes of negation: negation of character classes and negation of matches. Negation of character classes is standard in regular expression matching and the syntax is typically [^abc], which mean match any character other than a, b, and c. Negation of matches is accomplished using the command line option -v. To search in grep for lines that contain foo but are not followed by bar anywhere on the line:

grep -o 'foo.*' file | grep -v 'bar'

Note that this works only in GNU grep and not the standard UNIX grep, because -o is a GNU grep extension that does not exist in UNIX grep.

Regexp negation in vi, ed, and UNIX grep

Basic regular expressions (BRE) and extended regular expressions (ERE) contain only one form of negation: character class negation. This makes it a lot more difficult to construct patterns that include pattern negation. But it is not impossible. One way to achieve this is to first construct a DFA for you pattern, write the formula’s describing the DFA, and then consolidate them into a regular expression. For simplicity, the example below is written in ERE. To search in ERE for lines that contain foo but are not followed by bar anywhere on the line:

foo([^b]|(b(b|(ab))*([^ba]|(a[^br]))))*((b(b|(ab))*a)|(b(b|(ab))*)|$)$

As demonstrated, although negation of pattern can be hard in plain regular expressions, it is not impossible as some might think.

grep 'foo[[:digit:]]*'

grep -E 'foo|bar' file

or

egrep 'foo|bar' file

In GNU grep, you can also force the spcial meaning of | by escaping it. E.g.,

grep 'foo\|bar' file

HTTP proxy is a method to connect to a website by through an intermediate “proxy” server. The way it works is that your browser sends the request for a web page to the proxy server. The proxy server then forwards the request to the website. The website sends the requested page back to the proxy server, which in turn sends it back to your browser.

Uses of HTTP Proxy

HTTP proxy is most commonly used in two cases: (1) you want to fake your identity to the website; and (2) you want to bypass a firewall.

In the first case, since the website is only directly accessed by the proxy server, the website does not know who you are or what your IP address is. Instead, the website believes that the proxy IP address is actually yours. I use this feature to test the IP based authentication on my servers. Say I enable access to a particular webpage only from my home IP. How do I test it to make sure that users from other IP addresses are unable to access the page? HTTP proxy is the solution. This approach also works if a site restricts its service to a particular country, say the USA, then all you need to access that site is to do a proxy through a server located in the USA.

In the second case, say you are in environment that blocks you from accessing certain websites. This could be in an office with tight restrictions on web browsing, or a country that wishes to control your access to information. Using the proxy over ssh, you first establish a secure connection with a machine that is not behind the firewall (e.g., connect to your home PC from the office, or connect to a server at another country), then you use that connection to tunnel your HTTP requests by means of proxy.

How to setup HTTP proxy over ssh:

First establish the ssh connection. Open a terminal or a cygwin windows and enter:
ssh -D 9999 username@mysshserver
where 9999 is the local port number for the proxy server, username is your user name at the remote server that will act as a proxy, and mysshserver is the domain name or the IP address of that proxy server that is running the ssh server.

Now you are all set to configure your browser. Go to the browser option and configure the proxy settings to use localhost as the server and 9999 as the port number. Not that in Firefox you must enter this info in the SOCKS Host field, while leaving all the other blanks. This is uninuitive because there is a field for HTTP proxy. Make sure you leave that one blank!

The book shows the intuition of people who became hackers. It also shows how the hackers’ business works and how they communicate. Many various kinds of hacking techniques and tools are mentioned ranging from social engineering, several kid hacking tool, and good (or I should say bad) uses of available legitimate resources. The authors show how hackers collaborate and make use of different types of networks and security holes to help them accomplish their goal.

The story is developed with real source codes and scripts, and requires background knowledge by readers to be able to understand and follow the consequences of an action. Although, the authors give many introductions and references about tools and techniques that they use, I wish I knew more about system administration and Linux commands before I read this book. On the other hand, I also learned a lot in a short time about those aspects.

Even though not being able to immediately understand what was going on give me a hard time reading through this book, the book is enjoyable to read and to have a feeling about the world of hackers. Moreover, the authors provide many references and resources that you can follow and have fun with techniques that you are interested in.

I recommend this book, “Stealing the Network: How to Own a Continent”, to anyone who is interested in network security. I also recommend that this book will be good for those who work as system administrators.

This book receives 4 out 5.

Book Information:

• Author: Ryan Russell, Joe Grand and Tom Craig
• First Edition May 2004
• ISBN: 978-1-931836-05-0
• 498 pages

“Stealing the Network: How to Own a Continent” is available from Amazon.com for $32.97 USD.

• Approximate Grep: agrep
• Context grep: cgrep
• Structure grep: sgrep
• Nondeterministic reverse grep: nr-grep
• Grouse Grep: ggrep
• GNU grep: grep
• UNIX grep: grep
• Python Grep: grep.py
• Multilingual Grep: lgrep
• BSD-Licensed Grep: grep

Over the years, I have administered several multi-user UNIX, Linux, and FreeBSD servers. I believed that I knew the essentials, because if I did not, I would not have been able to do my job all these years. I wanted to see if the things that I learned by experience, often the hard way, are included in “Essential System Administration”. Sure enough, they were all there. Not only that, but they were laid out simply, without much unnecessary technical details, and accompanied by numerous examples and anecdotal encounters by the author. If you read one section, you would be able to apply the knowledge and skills that it describes right away. For instance, you don’t need to read the entire manual of procmail in order to write some effective mail filters; chapter 9 has a section on “Mail Filtering with procmail” that covers the essentials.

One impressive feature of this book is that it covers how to do things on a variety of operating system including various flavours of UNIX, Linux, and BSD. In the past, I often ran into a situation where I knew how to do something on FreeBSD, but did not know how to accomplish the same task on Solaris. With this book by my side, I will not have this problem again.

Another feature of the book is that it covers a very, VERY, very wide variety of administrative topics: from every day system management, to operating system internals, to various devices, to backing up, to scheduling, to rebuilding the kernel. I am yet to find a task, whether typical or atypical, that is not covered in “Essential System Administration”.

But wait, are not most, if not all, of these topics encountered in a user’s daily life? Are mail filters limited only to system administrators? Of course not! Many users organize their email by defining personal mail filters. And what about devices? Every user who uses a Linux-based desktop computer goes through the frustration of configuring devices at some point. “Essential System Administration” is really written to be useful for any UNIX/Linux/BSD user, not only system administrators.

On a second thought, any one who owns a computer running UNIX/Linux/BSD is the administrator of one’s system. Not only that, but anyone who uses one of these system must still manage their own account and perform tasks such as scheduling tasks, emailing, and printing. “Essential System Administration” was not written for system administrators in the traditional sense — someone who is paid to administer an expensive system with hundreds or thousands of users — but for the administrator in the broad sense — any user who wishes to perform some management tasks on their system.

“Essential System Administration” is an invaluable resource for anyone who wishes to become an expert in system administration, and is a useful resource for users of these systems. I give this book 4.5 out of 5.

Book Information:

• Author: ÆFleen Frisch
• Third Edition August 2002
• ISBN 10: 0-596-00343-9 | ISBN 13:9780596003432
• 1176 pages, $54.95 US, $85.95 CA, £38.95 UK

“Essential System Administration” is available from O’Reilly Media, Inc. Sample chapters can be obtained @ The O’Reilly Catalog.