Louwrentius

Inotify is a mechanism in the Linux kernel that reports when a file system event occurs.

The inotifywait comand line utility can be used in shell scripts to monitor directories for new files. It can also be used to monitor files for changes. Inotifywait must be installed and is often not part of the base installation of your Linux distro. However, if you need to monitor a directory or some task like that, it is worth the effort. (apt-get install inotify-tools).

Here is how you use it:

inotifywait -m -r -e close_write /tmp/ | while read LINE; do echo $LINE | awk '{ print $1 $3 }'; done

Let's dissect this example one part at a time. The most interesting part is this:

inotifywait -m -r -e close_write /tmp/

What happens here? First, inotifywait monitors the /tmp directory. The monitoring mode is specified with the -m option, otherwise inotifywait would exit after the first event. The -r option specifies recursion, beware of large directory trees. The -e option is the most important part. You only want to be notified of new files if they are complete. So only after a close_write event should your script be notified of an event. A 'create' event for example, should not cause your script to perform any action, because the file would not be ready yet.

The remaining part of the example is just to get output like this:

/tmp/test1234/blablaf

/tmp/test123

/tmp/random.bin

This output can be used to use as an argument to other scripts or functions, in order to perform some kind of action on this file.

This mechanism is specific to Linux. So it is not a OS independent solution.

Scanning a large number of hosts using Nmap often takes a lot of time. During this time, no output is written to a file or disk. Only when Nmap is finished, is all output written to the output file. Often, I want to start processing results of hosts that have already been scanned. Often, the trick is to split the input file with all the hosts and start multiple Nmap instances by hand using the different input files. This is rather cumbersome. Now what I really want is that I get the results of a scan of a particular host immediately available as soon as it's finished. Here is where PPSS comes in. PPSS can start Nmap scans and proces a list of hosts as contained in an input file. PPSS will only start a predefined max number of simultaneous scans in parallel, as not to overwhelm the scanner, network or target hosts. This is an example on how PPSS can be used to obtain results immediately:

./ppss -f hosts.txt -c 'nmap -n -v -sS -A -p- -oN "$ITEM" "$ITEM"' -p 4

Where hosts.txt contains IP-addresses, networks or domain names like:

192.168.0.1

192.168.0.2

192.168.0.3

192.168.1.1-254

www.google.nl

The 'ITEM' part is the fun bit. In this example, multiple instances of Nmap will scan a single hosts. The output is written to a file called "$ITEM", which is of course substituted for the IP-address or domain name as read from hosts.txt. The second "$ITEM" is the argument to Nmap which tells which host to scan. The -p 4 option tells PPSS to run 4 nmap scans simultaneously at all times.

You will end up with a large number of output files, one per host. As soon as a scan is finished on one host, you can start processing the results, instead of waiting for that big scan to finish.

I had to replace my Coolermaster PSU and after some searching on the interweb, I chose the Corsair CMPSU-750HX. One of the reasons is that Corsair states that this PSU can withstand 50 degree Celcius in continuous operation on full load.

The package is very, clean, with all the cables in some neat pouch and the PSU itself also in a neat bag. You pay quite some money, but it at least suggest quality. The modular design with the modular kables is excellent.

Personally, I think that PSUs with multiple 12v rails are not that usefull. This particular PSU has just one single 12v rail that can be loaded up to full capacity of the PSU. I think this makes the design easier and if you are running heavy systems that have short spikes (starting al drives) this is ideal.

I hope this one lasts longer.