texnatse

To change the MAC address of your ethernet adapter:

sudo ifconfig en0 ether <new MAC address>

And then check if the address has been successfully overridden:

ifconfig en0

If you attempt to do the same for your Airport Extreme wireless adapter en1 the command will not show an error, but it will not have changed the MAC address either, which you can verify with ifconfig en1. There are tools that allow you to do this, but all involve patching the Airport Extreme kernel extension — the existing tools basically only differ in their user interface, they range from sourcecode to full GUI. This sounds too much like a hack and might result in more problems than it’s worth, so I won’t post links.

While researching this I found the shiftzwei blog, which seems like a great place to keep up to date with the current state of MAC address spoofing and related networking/security issues. Note: It’s in German.

I use screen on both Linux and OS X shells. The .screenrc shown here is a collection of standard techniques you’ll find all over the net. Absolute must-have: the “alternative hardstatus”, which uses ANSI colors and displays a list of active windows, the host name and the local date/time.

I just started using screen on OS X and found that the function key binding does not work; but I’m not using them anyway, so I didn’t look for a workaround. But it’s nice to be able to use the same configuration for vastly different systems.

# kill startup message
startup_message off
	
# detach on hangup
autodetach on
	
# define a bigger scrollback, default is 100 lines
defscrollback 1024
	
# shell
#shell -bash
	
# putty bindings
#bindkey \"^[OC\" next
#bindkey \"^[OD\" prev
	
# other bindings
#bindkey -k F1 select 0 ## F11 = screen 0... avoid this screen :/
#bindkey -k k1 select 1 ## F1 = screen 1
#bindkey -k k2 select 2 ## F2 = screen 2
#bindkey -k k3 select 3 ## F3 = screen 3
#bindkey -k k4 select 4 ## F4 = screen 4
#bindkey -k k5 select 5 ## F5 = screen 5
#bindkey -k k6 select 6 ## F6 = screen 6
#bindkey -k k7 select 7 ## F7 = screen 7
#bindkey -k k8 select 8 ## F8 = screen 8
#bindkey -k k9 select 9 ## F9 = screen 9
#bindkey -k k0 select 10 # F10 = screen 10
#bindkey -k F2 command  ## F12 = do a command
	
# An alternative hardstatus to display a bar at the bottom listing the
# windownames and highlighting the current windowname in blue. (This is only
# enabled if there is no hardstatus setting for your terminal)
hardstatus on
hardstatus alwayslastline
hardstatus string \"%{.bW}%-w%{.rW}%n %t%{-}%+w %=%{..G} %H %{..Y} %m/%d %C%a \"

I needed to parse Apache logfiles to get a list of IP addresses and dates for requests matching a list of specific patterns, and found that you can do this easily from within the shell:

cat */*access.log.200?.?? | grep -i <pattern> | sed -e \"s/\\"GET.*$//g\"

This reads all logfiles, extracts those lines that match the pattern, and then cuts off each line starting from the HTTP request, leaving only the fields IP, IdentUser (usually empty), AuthUser (also usually empty), and Date/Time.

OS X users can append the pbcopy command, so that the output will not be printed but copied to the clipboard (PasteBoard):

cat */*access.log.200?.?? | grep -i <pattern> | sed -e \"s/\\"GET.*$//g\" | pbcopy

Context:

• The logfiles were distributed among several subdirectories (hence cat */*access…. instead of the simpler cat *access….)
• The filename convention used was <subdomain>.<domain>-access.log.YYYY.MM (e.g. “cow.bull-access.log.2005.08″)
• The patterns I was searching for could be expressed with a simple regular expression
• Sort order of the output didn’t matter (otherwise I would have needed to use a more verbose loop instead of relying on filename globbing)

Thanks to Stephanie for the nice hosted blog platform comparison. I nearly would have gone the easy route (Blogger), but Blogsome looks nice, is hosted in Ireland, and I wanted to check out WordPress anyway.