#!/bin/bash
# A simple shell to build and install suhosin as module for PHP under 
# CentOS, Fedora and RHEL / Redhat Enterprise Linux servers.
# ----------------------------------------------------------------------------
# Written by Vivek Gite <http://www.cyberciti.biz/>
# (c) 2009 nixCraft under GNU GPL v2.0+
# ----------------------------------------------------------------------------
# Home page: http://www.hardened-php.net
# Last updated: 15/June/2010 
# ----------------------------------------------------------------------------
VERSION="-${2:-0.9.31}"
 
URL="http://download.suhosin.org/suhosin${VERSION}.tgz"
vURL="http://download.suhosin.org/suhosin${VERSION}.tgz.sig"
FILE="${URL##*/}"
vFILE="${vURL##*/}"
DLHOME="/opt"
SOFTWARE="suhosin"
DEST="${FILE%.tgz}"
 
[[ $(id -u) -ne 0 ]] && { echo "$0: You must be root user to run this script. Run it as 'sudo $0'"; exit 1; }
 
getsoftware(){
	wget $URL -O "${DLHOME}/$FILE"
        wget $vURL -O "${DLHOME}/$vFILE"
}
 
buildsoftware(){
        [[ ! -f "${DLHOME}/$FILE" ]] &&  getsoftware
        cd "${DLHOME}"
        tar -zxvf $FILE
        cd "$DEST"
	phpize --clean && phpize && ./configure && make && read -p "Update/Install $SOFTWARE [Y/n] ? " answer
	shopt -s nocasematch
	[[ $answer =~ y|es  ]] && make install 
	shopt -u nocasematch
}
 
verifyfile(){
        cd "${DLHOME}"
	[ ! -f ${DLHOME}/$vFILE ] && getsoftware
	md5sum -c $vFILE
	read -p "Continue to build [Y/n] ? " answer
	shopt -s nocasematch
	case "$answer" in
		y|yes) buildsoftware;;
		*) echo "";
	esac
	shopt -u nocasematch
}
 
case "$1" in
    download) 
	getsoftware 
        ;;
    build) 
	#verifyfile
	buildsoftware
	;;
    verify)
	#verifyfile
	buildsoftware
	;;	
    *) echo "Usage: $0 {download|verify|build|upgrade} version"
esac
#!/bin/bash
# A simple shell script to rip audio cd and create mp3 using lame 
# and cdparanoia utilities.
# ----------------------------------------------------------------------------
# Written by Vivek Gite <http://www.cyberciti.biz/>
# (c) 2006 nixCraft under GNU GPL v2.0+
# ----------------------------------------------------------------------------
read -p "Starting in 5 seconds ( to abort press CTRL + C ) " -t 5
cdparanoia -B
for i in *.wav
do
	lame --vbr-new -b 360 "$i" "${i%%.cdda.wav}.mp3"
	rm -f "$i"
done

How Do I Use This Script?

Download the script. Put audio cd into drive. Create directory to store mp3s, enter:
mkdir music
cd music
mkdir "Album name"
cd !!:1
/path/to/ripcd.sh

See HowTo: Linux Rip and Encode Audio CDs

#!/bin/bash
set -e
# Use this script to copy shared (libs) files to nginx chrooted 
# jail server. This is tested on 64 bit Linux (Redhat and Friends only)
# ----------------------------------------------------------------------------
# Written by Vivek Gite <http://www.cyberciti.biz/>
# (c) 2006 nixCraft under GNU GPL v2.0+
# Last updated on: Apr/06/2010 by Vivek Gite
# ----------------------------------------------------------------------------
# + Added ld-linux support
# + Added error checking support
# + Added nginx suupport
# + Added for loop so that we can process all files on cmd
# ----------------------------------------------------------------------------
# See url for usage:
# https://www.cyberciti.biz/faq/howto-run-nginx-in-a-chroot-jail/
# ----------------------------------------------------------------------------
# Set CHROOT directory name
BASE="/nginx"
file="$@"
 
sync_suppot_libs(){
	local d="$1"         	# JAIL ROOT
	local pFILE="$2"        # copy bin file libs
	local files=""
	local _cp="/bin/cp"
 
	# get rid of blanks and (0x00007fff0117f000)
	files="$(ldd $pFILE |  awk '{ print $3 }' | sed -e '/^$/d' -e '/(*)$/d')"
 
	for i in $files
	do 
	  dcc="${i%/*}"	# get dirname only
	  [ ! -d ${d}${dcc} ] && mkdir -p ${d}${dcc}
	  ${_cp} -f $i ${d}${dcc}
	done
 
	# Works with 32 and 64 bit ld-linux
	sldl="$(ldd $pFILE | grep 'ld-linux' | awk '{ print $1}')"
	sldlsubdir="${sldl%/*}"
	[ ! -f ${d}${sldl} ] && ${_cp} -f ${sldl} ${d}${sldlsubdir}
}
 
usage(){
	echo "Syntax : $0 /usr/local/nginx/sbin/nginx"
	echo "Example: $0 /usr/bin/php5-cgi"
	exit 1
}
 
[ $# -eq 0 ] && usage
[ ! -d $BASE ] && mkdir -p $BASE
 
# copy all files
for f in $file
do
	sync_suppot_libs "${BASE}" "${f}"
done
#!/bin/bash
# A sample shell script to print domain ip address hosting information such as
# Location of server, city, ip address owner, country and network range.  
# This is useful to track spammers or research purpose. 
# -------------------------------------------------------------------------
# Copyright (c) 2006 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Last updated on Mar/05/2010
# -------------------------------------------------------------------------
 
# Get all domains
_dom=$@
 
# Die if no domains are given
[ $# -eq 0 ] && { echo "Usage: $0 domain1.com domain2.com ..."; exit 1; }
for d in $_dom
do
	_ip=$(host $d | grep 'has add' | head -1 | awk '{ print $4}')
	[ "$_ip" == "" ] && { echo "Error: $d is not valid domain or dns error."; continue; }
	echo "Getting information for domain: $d [ $_ip ]..."
	whois "$_ip" | egrep -w 'OrgName:|City:|Country:|OriginAS:|NetRange:'
	echo ""
done

Run script as follows:
./script.sh cyberciti.biz google.com
Sample outputs:

Getting information for domain: cyberciti.biz [ 74.86.48.99 ]...
OrgName:    SoftLayer Technologies Inc. 
City:       Dallas
Country:    US
NetRange:   74.86.0.0 - 74.86.255.255 
OriginAS:   AS36351

Getting information for domain: google.com [ 209.85.231.104 ]...
OrgName:    Google Inc. 
City:       Mountain View
Country:    US
NetRange:   209.85.128.0 - 209.85.255.255 
#!/bin/bash
# A shell script to build dnstop utility to displays various tables 
# of DNS traffic on your network including bind 9 server stats.
# -------------------------------------------------------------------------
# Tested under CentOS / RHEL / Fedora Linux only.
# -------------------------------------------------------------------------
# Copyright (c) 2008 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Last updated on Mar/05/2010
# -------------------------------------------------------------------------
# Home page: http://dns.measurement-factory.com/tools/dnstop/
VERSION="-20090128"
URL="http://dns.measurement-factory.com/tools/dnstop/src/dnstop${VERSION}.tar.gz"
FILE="${URL##*/}"
DLHOME="/opt"
SOFTWARE="dnstop"
DEST="${FILE%.tar.gz}"
ETH="eth0"
 
[[ "$2" != "" ]] && ETH="$2"
 
[[ `id -u` -ne 0 ]] && { echo "$0: You must be root user to run this script. Run it as 'sudo $0'"; exit 1; }
 
case "$1" in
    download) 
        wget $URL -O "${DLHOME}/$FILE"
        ;;
    build) 
        echo "Building ${SOFTWARE}...."
        # this needs some improvements, bur right now I am just gonna try to install it ;( 
	yum -y install libpcap-devel ncurses-devel &>/dev/null
        [[ ! -f "${DLHOME}/$FILE" ]] &&  wget $URL -O "${DLHOME}/$FILE"
        cd "${DLHOME}"
        tar -zxvf $FILE
        cd "$DEST"
        ./configure
        make
        make install
        grep -q 'alias dnstop' $HOME/.bashrc        
        [ $? -ne 0 ] && echo "alias dnstop='/usr/local/bin/dnstop -l 6 ${ETH}'" >> $HOME/.bashrc
        ;;
    *) echo "Usage: $0 {download|build} [eth0|eth1]"
esac

dnstop

From the man page:

dnstop is a small tool to listen on device or to parse the file savefile and collect and print statistics on the local network’s DNS traffic. You must have read access to /dev/bpf*.

How Do I Use This Script?

Download type the following command:
./script.sh build
/usr/local/bin/dnstop -l 6 eth0

#!/bin/bash
# A Shell Script To Build vnstat software which is act as a console-based 
# network traffic monitor without using 3rd party repo.
# -------------------------------------------------------------------------
# Tested under CentOS / RHEL / Fedora Linux only.
# -------------------------------------------------------------------------
# Copyright (c) 2008 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Last updated on Mar/05/2010
# -------------------------------------------------------------------------
# Software Home page: http://humdi.net/vnstat/
# -------------------------------------------------------
VERSION="-1.10"
URL="http://humdi.net/vnstat/vnstat${VERSION}.tar.gz"
FILE="${URL##*/}"
DLHOME="/opt"
SOFTWARE="vnstat"
DEST="${FILE%.tar.gz}"
ETH="eth0"
 
[[ "$2" != "" ]] && ETH="$2"
 
[[ `id -u` -ne 0 ]] && { echo "$0: You must be root user to run this script. Run it as 'sudo $0'"; exit 1; }
 
case "$1" in
    download) 
        wget $URL -O "${DLHOME}/$FILE"
        ;;
    build) 
        echo "Building ${SOFTWARE}...."
        [[ ! -f "${DLHOME}/$FILE" ]] &&  wget $URL -O "${DLHOME}/$FILE"
        cd "${DLHOME}"
        tar -zxvf $FILE
        cd "$DEST"
        make
        make install
        [[ ! -f /etc/cron.d/vnstat.cron ]] && /bin/cp -f example/vnstat.cron /etc/cron.d/vnstat
        for i in $ETH
        do
            /usr/bin/vnstat -u -i "$i"
        done
        ;;
    *) echo "Usage: $0 {download|build} [eth0|eth1|eth2|ppp0]"
esac

vnstat

From the man page:

vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network traffic for the selected interface(s). However, it isn’t a packet sniffer. The traffic information is analyzed from the proc(5) and sys filesystems depending on availability. That way vnStat can be used even without root permissions on most systems.

How Do I Use This Script?

Simply download and runt it as follows:
./script.sh download
./script.sh build
vnstat

#!/bin/bash
# A Nginx Shell Script To Block Spamhaus Lasso Drop Spam IP Address
# Run this script once a day and drop all spam network IPs (netblock) with http 403 client error.
# The script will get executed every day via /etc/cron.daily (make sure crond
# is running).
# -------------------------------------------------------------------------
# Copyright (c) 2008 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Last updated on Jan/11/2010
# -------------------------------------------------------------------------
# tmp file
FILE="/tmp/drop.lasso.txt.$$"
 
# nginx config file - path to nginx drop conf file
OUT=/usr/local/nginx/conf/drop.lasso.conf
 
URL="http://www.spamhaus.org/drop/drop.lasso"
# reload command
NGINX="/usr/local/nginx/sbin/nginx -s reload"
 
# remove old file
[[ -f $FILE ]] && /bin/rm -f $FILE
 
# emply nginx deny file
>$OUT
 
# get database
/usr/bin/wget --output-document=$FILE "$URL"
 
# format in nginx deny netblock; format
/bin/egrep -v '^;' $FILE  | awk '{ print "deny " $1";"}' >>$OUT
 
# reload nginx
/bin/sync && ${NGINX}

How Do I Use This Script?

Download and save this script to /etc/cron.daily/, enter:

cd /etc/cron.daily/
wget http://bash.cyberciti.biz/dl/500.sh.zip
unzip 500.sh.zip
mv 500.sh nginx.drop.lasso
chmod +x nginx.drop.lasso
rm 500.sh.zip

Edit nginx.conf (/usr/local/nginx/conf/nginx.conf) and add the following line:

## Block lasso spammers ##
  include drop.lasso.conf;
## Block lasso spammers ##

Save and close the file. Run the script:

/etc/cron.daily/nginx.drop.lasso
#!/bin/bash
# A shell script to add mysql database, username and password. 
# It can also grant remote access on fly while creating the database.
# -------------------------------------------------------------------------
# Copyright (c) 2007 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Last updated on Jan/09/2010
# -------------------------------------------------------------------------
_db="$1"
_user="$2"
_pass="$3"
_dbremotehost="$4"
_dbrights="$5"
 
## Path to mysql bins ##
mysql="/usr/bin/mysql"
## Mysql root settings ##
_madminuser='root'
_madminpwd='MySQL-PassWord'
_mhost='localhost'
 
# make sure we get at least 3 args, else die
[[ $# -le 2 ]] && { echo "Usage: $0 'DB_Name' 'DB_USER' 'DB_PASSORD' ['remote1|remote2|remoteN'] ['DB_RIGHTS']"; exit 1; }
 
# fallback to ALL rights 
[[ -z "${_dbrights}" ]] && _dbrights="ALL"
 
# build mysql queries 
_uamq="${mysql} -u "${_madminuser}" -h "${_mhost}" -p'${_madminpwd}' -e 'CREATE DATABASE ${_db};'"
_upermq1="${mysql} -u "${_madminuser}" -h "${_mhost}" -p'${_madminpwd}' -e \"GRANT ${_dbrights} ON ${_db}.* TO ${_user}@localhost IDENTIFIED BY '${_pass}';\""
 
 
# run mysql queries
$_uamq
$_upermq1
 
 
# read remote host ip in a bash loop
# build queires to grant permission to all remote webserver or hosts via ip using the same username
IFS='|'
for  i in ${_dbremotehost}
do
	_upermq2="${mysql} -u "${_madminuser}" -h "${_mhost}" -p'${_madminpwd}' -e \"GRANT ${_dbrights} ON ${_db}.* TO ${_user}@${i} IDENTIFIED BY '${_pass}';\""
	$_upermq2
done

How Do I Use This Script?

Add a database called bar with username tom and password jerry, enter:
./script.sh bar tom jerry
Add a database called bar with username tom, password jerry and allow remote access from 192.168.1.5 and 192.168.1.11, enter:
./script.sh bar tom jerry '192.168.1.5|192.168.1.11'
Add a database called bar with username tom, password jerry, allow remote access from 192.168.1.5 & 192.168.1.11, and only grant SELECT,INSERT,UPDATE,DELETE, enter:
./script.sh bar tom jerry '192.168.1.5|192.168.1.11' 'SELECT,INSERT,UPDATE,DELETE'

#!/bin/bash
# A simply shell script to update all remote Redhat Enterprise Linux 5 / CentOS Linux 5 servers
# You must have ssh public and private key installed. This will save a lot of time if you
# have 5-7 servers. The last example shows how to login as a normal user and run sudo 
# to update the same.
# -------------------------------------------------------------------------
# Copyright (c) 2008 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
 
# an array to store all ssh commands
hosts=(
	"ssh root@server1.nixcraft.in -p222 yum update -y"
	"ssh root@server2.nixcraft.in -p333 yum update -y"
	"ssh root@server3.nixcraft.in yum update -y"
	"ssh user1@192.168.1.254 -t sudo  '/usr/bin/yum update -y' "
      )
# simply run array item
for c in "${hosts[@]}"
do
	$c
done

See how to install ssh-keys .