OS Profiling
Trying out p0f along with Splunk..
p0f allows you to determine the OS of the remote machine based on the TCP fields characteristics. It can also tell whether the machine is behind a firewall, what kind of internet connection it is running from...pretty useful for information junkies like me 
Here's what I did:
./p0f -t -u MyUseridHere -i eth0 'src not MyIPAddressHere' | tee -a p0f.log
Runs p0f, logging with actual timestamps (-t), chroot and setuid to MyUserIdHere (-u), listening on eth0 (-i), and filtering out packets for connections initiated from my machine itself (since I'm not interested in profiling my own machine).
tee is a (really nifty!) linux command. What it does is to "split" the input (stdin) to two parts: stdout and the file specified. The -a option tells it to append to the file instead of overwriting it.
Using this, p0f outputs logs like this one:
<Sat Jul 3 07:03:56 2010> 175.40.12.47:1095 - Windows 2000 SP2+, XP SP1+ (seldom 98)
-> 74.207.229.183:80 (distance 12, link: sometimes DSL (2))
One of the Splunk queries that I poked around with:
| file /path/to/p0f.log | rex field=_raw "> (?<srcip>[^:]+):(?<srcport>[^ ]+) - (?<srcos>.+?) \(" | rex field=_raw "-> (?<dstip>[^:]+):(?<dstport>[^ ]+) " | regex srcos!="UNKNOWN" | top limit=0 srcos
This query extracts out the source and destination IP and port, and the source OS. Then after filtering out the OS tagged with UNKNOWN, the remaining entries are ranked...
The resulting chart, of not much real interest by itself, just shows that other than that the connections are predominantly from linux machines (hurhur), and there's a connection from a really old Netware machine (5 was released in Oct 1998!).
A good way to aim for
Make sure you disciple them so that at the end of their lives they will not hear the words, “You fool”.
Run the race in the same way yourself.
End of hiatus
After the exceedingly long undeclared hiatus, have finally decided to "come back". Am definitely far from being compared (literally) with the prodigal son though. Realized that I now know what it's like to have some head knowledge still, but have the heart and everything else dying.
Though some of the problems remain, it is not true that time is necessary to solve them. Some problems take more than just time to be resolved. In fact, other issues start to creep in from "stopping" for extended periods of time.
No teacher today will ever be able to boast a perfect life (on a clear conscience), but it is important to change ways and thoughts that are wrong as they encounter the Word for themselves.
Some goals that are set for the short and long term:
- to turn back to being serious about understanding what God has to say via Scriptures.
- to take repentance seriously. Hearing but not doing doesn't cut it.
- to see how teaching can be done as accurately as possible to what the Author intended. Involves both the bible study, and the living it out and interactions with others too.
May God help me not continue to make a mockery of Jesus' substitutionary death for us.