Re: Net::EasyTCP

2006-12-05 Thread Derek B. Smith 

--- zentara <[EMAIL PROTECTED]> wrote:

> On Sat, 2 Dec 2006 08:08:22 -0800 (PST),
> [EMAIL PROTECTED]
> ("Derek B. Smith") wrote:
> 
> >I dont understand > "there is no xs component" and
> I
> >dont understand > "So you could actually include
> the
> >EasyTCP code, as a package right into your script."
> >
> >Will u explain?
> >derek
> 
> Well, its the same thing as putting a module into
> your
> scripts running directory.
> 
> For instance, instead of installing Net::EasyTcp
> system-wide,
> you could ( in your script's working directory) ,
> make a dir
> called Net, then in Net, copy EasyTcp.pm into it.
> Then in your
> script, put a 
> 
> #/usr/bin/perl
> use lib '.'
> use Net::EasyTcp;
> 
> and that will find your local copy.
> This is done all the time.
> 
> To extend it even further, you could just copy
> EasyTcp.pm
> to a package in your script
> 
> #/usr/bin/perl
> 
> package EasyTcp;
> 
> ... include EasyTCP.pm here, and edit it to remove
> the Net::
> 
> 1;
> 
> package main;
> 
> ... the real script
> 
> 
> zentara

yes I understand now. thx.
So moving on, I was able to gat all the files using an
scp script and for those w/out an ssh client I used
ftp. That was a freak-in pain!
Now I need to parse through all 238 files to pull
certain fields out delimited by :
My question is what does everyone think the most
practical way to go about this in terms of a data
structure?  No necessarily the best but most ideal. To
me ideal means most practical in an efficient way.

My 1st thought was a hash for each file wherein the
key would be the hostname and the values the fields.
I know there is a way to create dynamic hash's on the
fly but need some guidance on docs?

I then thought what about a hash containing a glob of
the files. 
my @diraray = glob("/home/dbsmith/draft_files.*");
The keys would be the filenames and the values would
be the fields after successive opens.  

In both situations, my goal is to attain the UID
fields that DO NOT match then print out the remaining
selected fields.

The file sizes range from 700 (18 lines) bytes to
50574k (614 lines).

thank you
derek



-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[OT] Re: Net::EasyTCP

2006-12-02 Thread D. Bolliger 
Derek B. Smith am Samstag, 2. Dezember 2006 17:08:
> --- zentara <[EMAIL PROTECTED]> wrote:
> > On Fri, 1 Dec 2006 20:31:11 -0800 (PST),
> > [EMAIL PROTECTED]
> >
> > ("Derek B. Smith") wrote:
> > >I was hoping for socket data transfers to mimic an
> > >sftp/ftp get without having to deploy code to the
> > >clients and or deploying this module on the
> >
> > clients.
> >
> > Think about it, how could that work?  You need some
> > sort of code on the clients, whether it's your
> > custom
> > script, or existing server code.
> >
> > Do the clients run a web server? You could place
> > the files in a htaccess password protected
> > directory,
> > and get them thru https?
> >
> > There are many ways to go, http, ftp, ssh2, etc.
> >
> > You don't have to install the Net::EasyTCP module
> > on the clients. There is no xs component, it's pure
> > perl.
> > So you could actually include the EasyTCP code, as
> > a package right into your script.
> >
> > zentara

Hello Derek
(and I hope it's ok for you zentara when I answer [too])

> ok thanks 4 the advise, but I have thought about it.
> All the clients do not have the same access routes.
> For example, some have ssh turned on while others do
> not.

Is it possible that you mean sshd (ssh *server*) 
by "ssh turned on"?

> Those that do not, have ftp and the majority of 
> all the clients do not allow root login over ssh.

Do they, on the other side, have installed an ssh *client*?

> So 
> now u see my dilemma... I have begun to use an scp
> script, but I knew there was a way to use sockets to
> xfer files so I thought I would learn something new
> while I was getting all the files together.

As far as I could follow this thread, you have to install something *anyway* 
on some (or even all - Net::EasyTCP) client boxes.

> I dont understand > "there is no xs component"
> and I 
> dont understand > "So you could actually include the
> EasyTCP code, as a package right into your script."

I think zentara meant that it's sufficient to 'copy over' perl script/modules 
not involving compiling/installing/using software parts based on C.

Some perl modules implement their functionality in C. The glue between perl 
and the C code is called 'XS' (hm, more or less at least). Have a look at 
XML::LibXML for example, that uses the libxml2 library.

===

My advice to you is to present your requirements to the secureshell and/or a 
security ML, and not yet thinking about which perl module to use.

Assume that a box does not allow remote logins (could be, according to your 
descriptions). Now you want to bypass these restrictions only to transfer a 
file? I doubt this being a good idea.

A more secure plan (in my eyes not belonging to a security guru) could be to 
let the clients initiate the file transfer. 
  You'd have to run an sshd server on your main box. There are several 
possibilities to customize and secure ssh(d).

Referring to another answer to one of my posts: Did you consider permissions 
of parent directories, the presence of a sniffer in your multifirewalled 
network, and other worst case scenarios? Did you analyse the risks involved 
throughly?

These are all important non-perl-related questions that have earnestly to 
be taken into accound before anything else. Please somebody correct me if I'm 
wrong.

Dani

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Net::EasyTCP

2006-12-02 Thread Derek B. Smith 

--- zentara <[EMAIL PROTECTED]> wrote:

> On Fri, 1 Dec 2006 20:31:11 -0800 (PST),
> [EMAIL PROTECTED]
> ("Derek B. Smith") wrote:
> 
> >I was hoping for socket data transfers to mimic an
> >sftp/ftp get without having to deploy code to the
> >clients and or deploying this module on the
> clients.
> 
> Think about it, how could that work?  You need some
> sort of code on the clients, whether it's your
> custom
> script, or existing server code. 
> 
> Do the clients run a web server? You could place
> the files in a htaccess password protected
> directory,
> and get them thru https?
> 
> There are many ways to go, http, ftp, ssh2, etc.
> 
> You don't have to install the Net::EasyTCP module
> on the clients. There is no xs component, it's pure
> perl.
> So you could actually include the EasyTCP code, as
> a package right into your script.
> 
> zentara
> 

ok thanks 4 the advise, but I have thought about it.
All the clients do not have the same access routes.
For example, some have ssh turned on while others do
not. Those that do not, have ftp and the majority of
all the clients do not allow root login over ssh. So
now u see my dilemma... I have begun to use an scp
script, but I knew there was a way to use sockets to
xfer files so I thought I would learn something new
while I was getting all the files together.

I dont understand > "there is no xs component" and I
dont understand > "So you could actually include the
EasyTCP code, as a package right into your script."

Will u explain?

derek

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Net::EasyTCP

2006-12-01 Thread Derek B. Smith 

--- "D. Bolliger" <[EMAIL PROTECTED]> wrote:

> Derek B. Smith am Freitag, 1. Dezember 2006 20:31:
> > --- zentara <[EMAIL PROTECTED]> wrote:
> > > On Thu, 30 Nov 2006 13:34:16 -0800 (PST),
> > > [EMAIL PROTECTED]
> > > >I need to gather a single filename on hundreds
> of
> > > >servers ranging in *UX flavors from AIX, HP,
> [snip]
> > > >I was initially thinking an scp command like so
> > > >foreach my $server in (@servers)
> > > > scp /etc/passwd /tmp/passwd.$SERVER
> > > >
> > > >but not all clients have ssh running and other
> > > nuances
> > > >such as no root ssh sign-in, no ftp, and
> > > /etc/passwd
> > > >is protected from downloads and reads by anyone
> but
> > > >root.
> [snip]
> > > See:
> > > http://perlmonks.org?node_id=198680
> > >
> > > Here is a version with a Tk front end:
> > > http://perlmonks.org?node_id=387351
> >
> > ok but is it possible to emulate an ftp get from
> the
> > master to retreive files from all clients w/out
> > deploying the client code to all clients using
> this module?
> 
> Hi Derek, 
> 
> Sorry for not providing an answer to your question
> (I *think* your question is 
> answered by the manual. If not, wait for zentara :-)
> )
> 
> I may miss something but it may make the person(s)
> who are responsible for  
> security nervous to hear of plans/thoughts
> 
> - to transfer hundreds of passwd files unencrypted
> over the network
> - to place them in the /tmp directory with
> predictable file names
> - of seeing disallowed root login, locked down
> files, and missing
>   ftp as a problem
> 
> At least I would get nervous (although not having
> access to hundreds of 
> boxes...)
> 
> Dani
> 
> 

I can understand you comments, but I am behind several
firewalls, I changed it from /tmp to my home dir with
permissions of 400. scp is being used as a work-around
while a manual login will have to be done for those
systems that do not have ssh turned on.
I was hoping for socket data transfers to mimic an
sftp/ftp get without having to deploy code to the
clients and or deploying this module on the clients.

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Net::EasyTCP

2006-12-01 Thread Bill Jones 

On 11/30/06, Derek B. Smith <[EMAIL PROTECTED]> wrote:

but not all clients have ssh running and other nuances
such as no root ssh sign-in, no ftp, and /etc/passwd
is protected from downloads and reads by anyone but
root.


Well, since we seem to be going down this path -- you could try
hacking around with the fish protocol:

http://linuxmafia.com/faq/Security/fish-protocol.html

Maybe make it work even if ssh doesn't ...

--
WC (Bill) Jones -- http://youve-reached-the.endoftheinternet.org/

--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Net::EasyTCP

2006-12-01 Thread D. Bolliger 
Derek B. Smith am Freitag, 1. Dezember 2006 20:31:
> --- zentara <[EMAIL PROTECTED]> wrote:
> > On Thu, 30 Nov 2006 13:34:16 -0800 (PST),
> > [EMAIL PROTECTED]
> > >I need to gather a single filename on hundreds of
> > >servers ranging in *UX flavors from AIX, HP,
[snip]
> > >I was initially thinking an scp command like so
> > >foreach my $server in (@servers)
> > > scp /etc/passwd /tmp/passwd.$SERVER
> > >
> > >but not all clients have ssh running and other
> > nuances
> > >such as no root ssh sign-in, no ftp, and
> > /etc/passwd
> > >is protected from downloads and reads by anyone but
> > >root.
[snip]
> > See:
> > http://perlmonks.org?node_id=198680
> >
> > Here is a version with a Tk front end:
> > http://perlmonks.org?node_id=387351
>
> ok but is it possible to emulate an ftp get from the
> master to retreive files from all clients w/out
> deploying the client code to all clients using this module?

Hi Derek, 

Sorry for not providing an answer to your question (I *think* your question is 
answered by the manual. If not, wait for zentara :-) )

I may miss something but it may make the person(s) who are responsible for  
security nervous to hear of plans/thoughts

- to transfer hundreds of passwd files unencrypted over the network
- to place them in the /tmp directory with predictable file names
- of seeing disallowed root login, locked down files, and missing
  ftp as a problem

At least I would get nervous (although not having access to hundreds of 
boxes...)

Dani

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Net::EasyTCP

2006-12-01 Thread Derek B. Smith 

--- zentara <[EMAIL PROTECTED]> wrote:

> On Thu, 30 Nov 2006 13:34:16 -0800 (PST),
> [EMAIL PROTECTED]
> ("Derek B. Smith") wrote:
> 
> >Hello... : )
> >
> >I need to gather a single filename on hundreds of
> >servers ranging in *UX flavors from AIX, HP,
> Solaris,
> >RH Linux and Tru64 then store them on on HPUX
> server.
> >
> >I was initially thinking an scp command like so
> >foreach my $server in (@servers)
> > scp /etc/passwd /tmp/passwd.$SERVER
> >
> >but not all clients have ssh running and other
> nuances
> >such as no root ssh sign-in, no ftp, and
> /etc/passwd
> >is protected from downloads and reads by anyone but
> >root.
> >
> >I then looked at Net::EasyTCP for a socket
> download.
> >As I read the CPAN info and after reading 
> 
> >
> >For this to happen do I need to create server and
> >client or just client? What do you recommend?
> >
> >server A would be "server" which houses gathered
> files
> >server B would be "client" which is where unique
> >passwd files live. 
> >
> >thank you
> >derek
> 
> It just so happens I played with this awhile back.
> Net::EasyTCP is a great time saver, because it
> handles port passwords, encryption, and
> serialization
> of hashes. It's neat to be able to send a hash thru
> a socket.
> 
> You have 2 choices. 
> 1. You can have the server RECEIVE files uploaded
> by the clients. This only requires 1 server to keep
> a port open, and the clients connect at random and
> upload their
> file, like thru a cron job.
>  This is preferable because you only need 1
> constantly
> running socket open to the internet.
> 
> #OR
> 
> 2. You can have each client running an open socket,
> and your "collector" connects to them and collects
> the
> file.
> 
> I have working examples of both below. 
> 
> Just remember, that Net::EasyTCP uses IO::Select,
> and if the files are big, the socket will block
> until
> the file is uploaded. This wouldn't be a problem
> if you use option 1.
> P.S. Use a port password, which Net::EasyTCP makes
> easy.
> 
> See:
> http://perlmonks.org?node_id=198680
> 
> Here is a version with a Tk front end:
> http://perlmonks.org?node_id=387351
> 
> 
> 


ok but is it possible to emulate an ftp get from the
master to retreive files from all clients w/out
deploying the client code to all clients using this module?

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Net::EasyTCP

2006-12-01 Thread Derek B. Smith 
--- zentara <[EMAIL PROTECTED]> wrote:

> On Thu, 30 Nov 2006 13:34:16 -0800 (PST),
> [EMAIL PROTECTED]
> ("Derek B. Smith") wrote:
> 
> >Hello... : )
> >
> >I need to gather a single filename on hundreds of
> >servers ranging in *UX flavors from AIX, HP,
> Solaris,
> >RH Linux and Tru64 then store them on on HPUX
> server.
> >
> >I was initially thinking an scp command like so
> >foreach my $server in (@servers)
> > scp /etc/passwd /tmp/passwd.$SERVER
> >
> >but not all clients have ssh running and other
> nuances
> >such as no root ssh sign-in, no ftp, and
> /etc/passwd
> >is protected from downloads and reads by anyone but
> >root.
> >
> >I then looked at Net::EasyTCP for a socket
> download.
> >As I read the CPAN info and after reading 
> 
> >
> >For this to happen do I need to create server and
> >client or just client? What do you recommend?
> >
> >server A would be "server" which houses gathered
> files
> >server B would be "client" which is where unique
> >passwd files live. 
> >
> >thank you
> >derek
> 
> It just so happens I played with this awhile back.
> Net::EasyTCP is a great time saver, because it
> handles port passwords, encryption, and
> serialization
> of hashes. It's neat to be able to send a hash thru
> a socket.
> 
> You have 2 choices. 
> 1. You can have the server RECEIVE files uploaded
> by the clients. This only requires 1 server to keep
> a port open, and the clients connect at random and
> upload their
> file, like thru a cron job.
>  This is preferable because you only need 1
> constantly
> running socket open to the internet.
> 
> #OR
> 
> 2. You can have each client running an open socket,
> and your "collector" connects to them and collects
> the
> file.
> 
> I have working examples of both below. 
> 
> Just remember, that Net::EasyTCP uses IO::Select,
> and if the files are big, the socket will block
> until
> the file is uploaded. This wouldn't be a problem
> if you use option 1.
> P.S. Use a port password, which Net::EasyTCP makes
> easy.
> 


Isn't there rules for sending hashes or any data
structure over sockets? Does anyone have docs that
explain these?

thx
derek

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Net::EasyTCP

2006-12-01 Thread Derek B. Smith 
--- zentara <[EMAIL PROTECTED]> wrote:

> On Thu, 30 Nov 2006 13:34:16 -0800 (PST),
> [EMAIL PROTECTED]
> ("Derek B. Smith") wrote:
> 
> >Hello... : )
> >
> >I need to gather a single filename on hundreds of
> >servers ranging in *UX flavors from AIX, HP,
> Solaris,
> >RH Linux and Tru64 then store them on on HPUX
> server.
> >
> >I was initially thinking an scp command like so
> >foreach my $server in (@servers)
> > scp /etc/passwd /tmp/passwd.$SERVER
> >
> >but not all clients have ssh running and other
> nuances
> >such as no root ssh sign-in, no ftp, and
> /etc/passwd
> >is protected from downloads and reads by anyone but
> >root.
> >
> >I then looked at Net::EasyTCP for a socket
> download.
> >As I read the CPAN info and after reading 
> 
> >
> >For this to happen do I need to create server and
> >client or just client? What do you recommend?
> >
> >server A would be "server" which houses gathered
> files
> >server B would be "client" which is where unique
> >passwd files live. 
> >
> >thank you
> >derek
> 
> It just so happens I played with this awhile back.
> Net::EasyTCP is a great time saver, because it
> handles port passwords, encryption, and
> serialization
> of hashes. It's neat to be able to send a hash thru
> a socket.
> 
> You have 2 choices. 
> 1. You can have the server RECEIVE files uploaded
> by the clients. This only requires 1 server to keep
> a port open, and the clients connect at random and
> upload their
> file, like thru a cron job.
>  This is preferable because you only need 1
> constantly
> running socket open to the internet.
> 
> #OR
> 
> 2. You can have each client running an open socket,
> and your "collector" connects to them and collects
> the
> file.
> 
> I have working examples of both below. 
> 
> Just remember, that Net::EasyTCP uses IO::Select,
> and if the files are big, the socket will block
> until
> the file is uploaded. This wouldn't be a problem
> if you use option 1.
> P.S. Use a port password, which Net::EasyTCP makes
> easy.
> 
> See:
> http://perlmonks.org?node_id=198680
> 
> Here is a version with a Tk front end:
> http://perlmonks.org?node_id=387351
> 
> 
> 
> And finally, here is another client server pair to
> use
> as descibed in option 2 above. (Probably not the
> best way).


I did remember u posting this and saved that email
which is why I posted my question. : )
I will probably go with option 1.

thank you
derek

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Net::EasyTCP

2006-11-30 Thread Jeff Pang 

>
>For this to happen do I need to create server and
>client or just client? What do you recommend?
>

Yes,after I looked through the docs roughly,I think you should create two 
scripts,one is socket server running on the host from where you fetch the 
file,another is socket client you use it to get that file.
This module can do the thing you needed -- only condition is that the server 
script should have priliviges to read that file.

--
Books below translated by me to Chinese.
Practical mod_perl: http://home.earthlink.net/~pangj/mod_perl/
Squid the Definitive Guide: http://home.earthlink.net/~pangj/squid/

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]