>>> "JC" == Juergen Christoffel <[email protected]> writes:
> On Fri, Aug 05, 2022 at 05:45:53PM +0200, Uwe Brauer via Gnupg-users wrote:
>> 1. just for the first very rough analysis what is a convenient command to
>> get a list of files that have high entropy?
> The first step might be to install tripwire and only check files, which
> tripwire reports as changed. See "man tripwire" after installing it.
Thanks very much!
> Regarding your attempt to find candidate files:
>> find . -iname '*.*' -follow -print -exec ent {} \;
> Files don't need to have a dot in their name. But they might have unusual
> characters in their names instead. So you might actually want to use
> find -type f -print0 | xargs -0 ent
Well thanks again, but this does not work as expected.
I obtain
,----
| Duplicate file name.
| ent -- Calculate entropy of file. Call
| with ent [options] [input-file]
|
| Options: -b Treat input as a stream of bits
| -c Print occurrence counts
| -f Fold upper to lower case letters
| -t Terse output in CSV format
| -u Print this message
|
| By John Walker
| http://www.fourmilab.ch/
| January 28th, 2008
`----
And adding and of these suggested options does not help
> Tip: "man find" and "man xargs" describe what those zeroes mean.
I try it.
>> So I am not sure what is the best line, but the question boils down to
>> this, anybody know enough sed or awk or whatsoever to tell me how ot filter
>> the ent output?
> Gentle suggestion: you'd need to learn such basic usage yourself, before
> you rely on them as a tool. especially when attempting to secure your
> systems.
> Tips (for example):
> https://www.amazon.de/Learning-Perl-Making-Things-Possible/dp/1492094951 or
> https://www.amazon.de/Effective-awk-Programming-Universal-Processing/dp/1491904615
Thanks my encounters with perl were well unpleasant.
I might, again, try to understand awk better.
Uwe Brauer
--
I strongly condemn Putin's war of aggression against the Ukraine.
I support to deliver weapons to Ukraine's military.
I support the ban of Russia from SWIFT.
I support the EU membership of the Ukraine.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
