Find (large) file on Linux systems

Posted: January 25, 2013 in TipTrick

1. Find 10MiB files in /var/log directory

find /var/log -size +10M -ls


2. Find 10MiB – 50MiB files

find /var/log -size +10M -size -12M -ls


3. Find in / (root) directory (Debian/Ubuntu)

find / -type f -size +10000k -exec ls -lh {} \; | awk '{ print $8 ": " $5 }'

When tried to install teamviewer on my Ubuntu 12.04 64bit, the system complaining about unmet dependencies and can not install ia32-libs, but when I tried to install ia32-libs, here’s what I got:

rumy@cbug-nest:~$ sudo apt-get install ia32-libs
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 ia32-libs : Depends: ia32-libs-multiarch
E: Unable to correct problems, you have held broken packages.

An attemp to install ia32-libs-multiarch failed too

After some dig on internet I found the solution:

(1) Edit /etc/apt/preferences

rumy@cbug-nest~$ sudo pico /etc/apt/preferences

(2) Add this 3 line code

Package: *       
Pin: release a=precise*
Pin-Priority: 2012

(3) Do dist-upgrade

rumy@cbug-nest~$ sudo apt-get dist-upgrade

It will ask you to downgrade some package, just answer (Y)es

(4) Install ia32-libs-multiarch and/or ia32-libs

rumy@cbug-nest~$ sudo apt-get install ia32-libs-multiarch

(5) Delete /etc/apt/preferences, after you finished updating

rumy@cbug-nest~$ rm /etc/apt/preferences

Other solution that work too:

sudo apt-get install librtmp0/precise

I want to have BackTrack 5 R3 on one of my Desktop computer but it already has Ubuntu 12.04 64bit in it and I like it that way.
BackTrack 5 basically is an Ubuntu distro with a kernel patch that will granted it’s user (a hacker) with packet injection for WiFi hacking but since I don’t need that kernel patch (I don’t have to hack into my home WiFi, do I?) I guess I can just add a BackTrack 5 repository onto the existing Ubuntu 12.04 64bit repository list and use the default Ubuntu kernel instead ;)

So here’s what I do

(1) Adding BackTrack 5 Repository to Ubuntu 12.04 64bit repository

rumy@cbug-nest:~$ sudo su
 root@cbug-nest:/home/rumy# cat >> /etc/apt/sources.list <<
 > deb revolution main microverse non-free testing
 > deb revolution main microverse non-free testing
 > deb revolution main microverse non-free testing
 > eof

(2) Add gpg key

rumy@cbug-nest:~$ wget -q -O- | sudo apt-key add - 

(3) Update repository

rumy@cbug-nest:~$ sudo apt-get update

(4) Got this error when updating the 64 bit section

Fetched 13.2 MB in 8min 59s (24.6 kB/s) 
 W: Failed to fetch Unable to find expected entry 'main/binary-i386/Packages' in Release file (Wrong sources.list entry or malformed file)
E: Some index files failed to download. They have been ignored, or old ones used instead.

(5) Download apt_0.7.25.3ubuntu9.13_amd64.deb  and downgrading apt to the one BackTrack have

rumy@cbug-nest:~$ sudo dpkg -i Programs/Linux/apt_0.7.25.3ubuntu9.13_amd64.deb 
 dpkg: warning: downgrading apt from 0.8.16~exp12ubuntu10.5 to
 (Reading database ... 237850 files and directories currently installed.)
 Preparing to replace apt 0.8.16~exp12ubuntu10.5 (using .../apt_0.7.25.3ubuntu9.13_amd64.deb) ...
 Unpacking replacement apt ...
 Setting up apt ( ...
 Installing new version of config file /etc/apt/apt.conf.d/01autoremove ...
 Installing new version of config file /etc/cron.daily/apt ...
 Processing triggers for man-db ...
 Processing triggers for libc-bin ...
 ldconfig deferred processing now taking place

(6) Increase cache limit

rumy@cbug-nest:~$ sudo su
 root@cbug-nest:/home/rumy# echo APT::Cache-Limit "60000000"; >> /etc/apt/apt.conf.d/70debconf
 APT::Cache-Limit 60000000

(7) Update again and I have BackTrack on my Ubuntu 12.04 64bit

Here’s if you want to boot your Ubuntu 12.04 machine without typing a password :

1. Put your command on /etc/sudoers.d/shutdown

sudo visudo -f /etc/sudoers.d/shutdown


2. Type this :

# Cmnd alias specification
 Cmnd_Alias SHUTDOWN_CMDS = /sbin/shutdown, /sbin/halt, /sbin/reboot
# User privilege specification

3. Save it

4. Execute it like this :

rumy@cbug-lair:~$ sudo /sbin/reboot

While assisting someone from the web forum who was infected by Trojan/Malware (it’s Windows machine FYI), I deliberately browsed on suspected IP address knowing that Windows Trojan and/or Malware won’t harm my Ubuntu Linux Machine. Won’t it?
Well … my machine got infected! Immediately after I browse that IP address, my outbound internet connection suddenly full with strange connection to some local (Indonesian) IP Address and some other IP from outside Indonesia.

netstat -a reveal nothing when no browser open, but suddenly full of establish ongoing connection to port 443 (ssl) and other port when I open Chrome of Firefox on my Ubuntu Machine, some connection were legit (namely the infamous Google’s sin01*-site) but many are just rouge connection, and it steal(!) my bandwidth.

I’ve installed avg antivirus for linux (the deb version for debian/ubuntu) and clamav which I never thought I’d have on my Linux Machine but all the scan revealed nothing, rkhunter and chkrootkit says nada – no infection whatsoever, but the weird establish outbound connection is still there.

So I retraced my step to the IP address I browsed before I got the problem: and compared it to some of the IP list on my netstat output: It seemed that all the connection to the suspected IP always forwarded to and some other rouge site.

Further research revealed that the culprit was my dns cache, it seemed that the rouge site manipulate my dns cache so it can control my outbound connection, that was why I can’t find any infected file on my system ;) … and worse, dnsmasq was ran by default on my Ubuntu 12.04 because it’s build in NetworkManager (with all the DNS Poisoning threat lately I guess Canonical should disable it in 12.10).

Here’s what I do to fix my problem :

1. Clear all my browser cache

2. Edit NetworkManager.conf

sudo pico /etc/NetworkManager/NetworkManager.conf

3. Disable dnsmasq.


4. Restart Network Manager

sudo restart network-manager

5. Clear the dns cache

sudo /etc/init.d/dns-clean start

and just to be sure I installed nscd too

sudo apt-get install nscd

sudo /etc/init.d/nscd start

6. Done!

New toy ;)

Posted: September 6, 2012 in Android

Got a new toy : it’s Axioo PicoPad 5 GEA with Android ICS 4.0.3

Form Factor

2G: GSM 850/900/1800/1900 Mhz
3G: WCDMA 850/2100 Mhz

480 x 800 pixels (WVGA)
187 ppi pixel density
Capacitive multi-touch touchscreen (5 points)

MTK6575 1 GHz

RAM & Storage
512 MB RAM
microSD up to 32 GB

Operating System
Android 4.0.3 (Ice Cream Sandwich)

5 MP rear camera
0.3 MP (VGA) front-facing camera

GPRS Class 12, EGDE Class 12, WCDMA 7.2 Mbps
Wi-Fi 802.11b/g/n
micro USB 2.0

Lithium-Ion 1800 mAh
Stand-by Time: up to 48 hours
Work Time: up to 360 minutes

Dimensions and Weight
146 mm x 82 mm x 11.3 mm
223 gram

Black, white

Browser: HTML, Flash
Supported Audio Formats: AAC, AAC+, eAAC+, MP3, MIDI, WMA, PCM
Supported Video Formats: AVC, H.263, H.264, MPEG-4 SP
3.5mm audio jack
GPS with A-GPS

The bad news for ROM enthusiast like me is it was pack with Android system recovery <3e> which so far made me unable to install CWM Recovery >.< let alone rooting it, so am still working on it ;)

Want to use Ubuntu Network Manager instead of wicd Network Manager on Backtrack5R2?

Try this :

1. Install Network Manager

sudo apt-get install network-manager

2. Edit /etc/network/interfaces

sudo pico /etc/network/interfaces

So it’s just contain this:

rumy@cbug-lair:~$ cat /etc/network/interfaces
auto lo
iface lo inet loopback

3. Edit /etc/NetworkManager/nm-system-settings.conf

pico /etc/NetworkManager/nm-system-settings.conf

So it’s contain:

rumy@cbug-lair:~$ cat /etc/NetworkManager/nm-system-settings.conf
# This file is installed into /etc/NetworkManager, and is loaded by
# NetworkManager by default. To override, specify: ‘–config file’
# during NM startup. This can be done by appending to DAEMON_OPTS in
# the file:
# /etc/default/NetworkManager



4. Reboot