starred/hardening
1
0
Fork 0
mirror of https://github.com/konstruktoid/hardening.git synced 2026-04-25 16:55:53 +03:00
Code Issues 6 Projects Releases 4 Packages Wiki Activity

[GH-ISSUE #78] Possible mistake with 'w' command getting IP #35

New issue
Closed
opened 2026-03-03 13:58:34 +03:00 by kerem · 15 comments
kerem commented 2026-03-03 13:58:34 +03:00
Owner
Copy link

Originally created by @hellresistor on GitHub (Jun 22, 2020).
Original GitHub issue: https://github.com/konstruktoid/hardening/issues/78

Well.. I have installed "physically" on vm machine with AUTOFIL=Y
noW

Detected 'w' command will not get the IP, because exist no connections/sessions active.

maybe should change this line: USERIP="$($WBIN -ih | awk '{print $3}' | head -n1)"

Originally created by @hellresistor on GitHub (Jun 22, 2020). Original GitHub issue: https://github.com/konstruktoid/hardening/issues/78 Well.. I have installed "physically" on vm machine with `AUTOFIL=Y` ![noW](https://user-images.githubusercontent.com/50468493/85329221-00522b80-b4ca-11ea-826f-7eed5b5f8de7.png) Detected 'w' command will not get the IP, because exist no connections/sessions active. maybe should change this line: `USERIP="$($WBIN -ih | awk '{print $3}' | head -n1)"`
kerem 2026-03-03 13:58:34 +03:00
  • closed this issue
  • added the
    Stale
         label
kerem commented 2026-03-03 13:58:35 +03:00
Author
Owner
Copy link

@konstruktoid commented on GitHub (Jun 23, 2020):

Thanks for catching this, I believe it's fixed with github.com/konstruktoid/hardening@f4a9c30126

<!-- gh-comment-id:647983018 --> @konstruktoid commented on GitHub (Jun 23, 2020): Thanks for catching this, I believe it's fixed with https://github.com/konstruktoid/hardening/commit/f4a9c30126d925840109e73756f2d2f4fb383488
kerem commented 2026-03-03 13:58:35 +03:00
Author
Owner
Copy link

@hellresistor commented on GitHub (Jun 25, 2020):

nop. Getting the Gateway IP ;)
machine IP: 192.168.52.128
getting ip: 192.168.52.1

for me just. why use sed ?!
ADMINIP="$(hostname -I)"

<!-- gh-comment-id:649754974 --> @hellresistor commented on GitHub (Jun 25, 2020): nop. Getting the Gateway IP ;) machine IP: 192.168.52.128 getting ip: 192.168.52.1 for me just. why use sed ?! `ADMINIP="$(hostname -I)"`
kerem commented 2026-03-03 13:58:35 +03:00
Author
Owner
Copy link

@konstruktoid commented on GitHub (Jun 26, 2020):

https://github.com/konstruktoid/hardening/blob/master/ubuntu.sh#L50 is the correctly updated version.

can you run hostname -I | sed -E 's/\.[0-9]+ /.0\/24 /g'?
it's overkill, but it's a crude way to catch all local networks if w doesn't get anything useful

~$ hostname -I
10.0.2.15 
~$ hostname -I | sed -E 's/\.[0-9]+ /.0\/24 /g'
10.0.2.0/24
<!-- gh-comment-id:650025848 --> @konstruktoid commented on GitHub (Jun 26, 2020): https://github.com/konstruktoid/hardening/blob/master/ubuntu.sh#L50 is the correctly updated version. can you run `hostname -I | sed -E 's/\.[0-9]+ /.0\/24 /g'`? it's overkill, but it's a crude way to catch all local networks if `w` doesn't get anything useful ``` ~$ hostname -I 10.0.2.15 ~$ hostname -I | sed -E 's/\.[0-9]+ /.0\/24 /g' 10.0.2.0/24 ```
kerem commented 2026-03-03 13:58:35 +03:00
Author
Owner
Copy link

@hellresistor commented on GitHub (Jun 26, 2020):

After installation.. YES. you get right IP during installation. Getting 192.168.52.1
wronip
wronip2

<!-- gh-comment-id:650311747 --> @hellresistor commented on GitHub (Jun 26, 2020): After installation.. YES. you get right IP during installation. Getting 192.168.52.1 ![wronip](https://user-images.githubusercontent.com/50468493/85885784-d1df9380-b7dc-11ea-837a-d71c52d47a5f.png) ![wronip2](https://user-images.githubusercontent.com/50468493/85885787-d2782a00-b7dc-11ea-89f7-06ea344ae62b.png)
kerem commented 2026-03-03 13:58:35 +03:00
Author
Owner
Copy link

@hellresistor commented on GitHub (Jun 29, 2020):

works with this line (I think we have this discussion before ?! no? )

USERIP="$(ip route get 8.8.8.8 | awk -F"src " 'NR==1{split($2,a," ");print a[1]}')"

<!-- gh-comment-id:650943580 --> @hellresistor commented on GitHub (Jun 29, 2020): works with this line (I think we have this discussion before ?! no? ) `USERIP="$(ip route get 8.8.8.8 | awk -F"src " 'NR==1{split($2,a," ");print a[1]}')"`
kerem commented 2026-03-03 13:58:35 +03:00
Author
Owner
Copy link

@konstruktoid commented on GitHub (Jun 29, 2020):

yeah, and that requires access to an external resource which I'm trying to avoid.

<!-- gh-comment-id:651022438 --> @konstruktoid commented on GitHub (Jun 29, 2020): yeah, and that requires access to an external resource which I'm trying to avoid.
kerem commented 2026-03-03 13:58:35 +03:00
Author
Owner
Copy link

@hellresistor commented on GitHub (Jun 29, 2020):

Try this!
USERIP="$(hostname --all-ip-addresses)"

or this
USERIP="$(ip -o addr show up primary scope global | while read -r num dev fam addr rest; do echo ${addr%/*}; done)"

<!-- gh-comment-id:651362335 --> @hellresistor commented on GitHub (Jun 29, 2020): Try this! `USERIP="$(hostname --all-ip-addresses)"` or this `USERIP="$(ip -o addr show up primary scope global | while read -r num dev fam addr rest; do echo ${addr%/*}; done)"`
kerem commented 2026-03-03 13:58:35 +03:00
Author
Owner
Copy link

@konstruktoid commented on GitHub (Jun 29, 2020):

https://manpages.ubuntu.com/manpages/focal/en/man1/hostname.1.html
-I, --all-ip-addresses

<!-- gh-comment-id:651385402 --> @konstruktoid commented on GitHub (Jun 29, 2020): https://manpages.ubuntu.com/manpages/focal/en/man1/hostname.1.html `-I, --all-ip-addresses`
kerem commented 2026-03-03 13:58:36 +03:00
Author
Owner
Copy link

@hellresistor commented on GitHub (Jul 4, 2020):

and about 2nd line?

<!-- gh-comment-id:653768499 --> @hellresistor commented on GitHub (Jul 4, 2020): and about 2nd line?
kerem commented 2026-03-03 13:58:36 +03:00
Author
Owner
Copy link

@konstruktoid commented on GitHub (Jul 6, 2020):

USERIP="$(ip -o addr show up primary scope global | while read -r num dev fam addr rest; do echo ${addr%/*}; done)"?
Overly complicated.

<!-- gh-comment-id:654046446 --> @konstruktoid commented on GitHub (Jul 6, 2020): `USERIP="$(ip -o addr show up primary scope global | while read -r num dev fam addr rest; do echo ${addr%/*}; done)"`? Overly complicated.
kerem commented 2026-03-03 13:58:36 +03:00
Author
Owner
Copy link

@hellresistor commented on GitHub (Jul 12, 2020):

USERIP="$(ip -o addr show up primary scope global | while read -r num dev fam addr rest; do echo ${addr%/*}; done)"?
Overly complicated.

well. but does what is needed :octocat:

<!-- gh-comment-id:657233316 --> @hellresistor commented on GitHub (Jul 12, 2020): > `USERIP="$(ip -o addr show up primary scope global | while read -r num dev fam addr rest; do echo ${addr%/*}; done)"`? > Overly complicated. well. but does what is needed :octocat:
kerem commented 2026-03-03 13:58:36 +03:00
Author
Owner
Copy link

@konstruktoid commented on GitHub (Jul 13, 2020):

hostname -I | sed -E 's/\.[0-9]+ /.0\/24 /g' doesn't work?

<!-- gh-comment-id:657386693 --> @konstruktoid commented on GitHub (Jul 13, 2020): `hostname -I | sed -E 's/\.[0-9]+ /.0\/24 /g'` doesn't work?
kerem commented 2026-03-03 13:58:36 +03:00
Author
Owner
Copy link

@hellresistor commented on GitHub (Jul 13, 2020):

like command "says"
will replace the ip to a subnet ip 192.168.1.0/24

<!-- gh-comment-id:657820709 --> @hellresistor commented on GitHub (Jul 13, 2020): like command "says" will replace the ip to a subnet ip` 192.168.1.0/24`
kerem commented 2026-03-03 13:58:36 +03:00
Author
Owner
Copy link

@konstruktoid commented on GitHub (Jul 14, 2020):

Yes, and that's the point, if we don't get a valid address from the w command, e.g. when installing locally, we'll allow the /24 subnet so we can administer the machine afterwards of ssh.

https://github.com/konstruktoid/hardening/blob/master/ubuntu.sh#L47-L51

    USERIP="$($WBIN -ih | awk '{print $3}' | head -n1)"

    if [[ "$USERIP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
      ADMINIP="$USERIP"
    else
      ADMINIP="$(hostname -I | sed -E 's/\.[0-9]+ /.0\/24 /g')"
    fi
<!-- gh-comment-id:658017701 --> @konstruktoid commented on GitHub (Jul 14, 2020): Yes, and that's the point, if we don't get a valid address from the `w` command, e.g. when installing locally, we'll allow the `/24` subnet so we can administer the machine afterwards of ssh. https://github.com/konstruktoid/hardening/blob/master/ubuntu.sh#L47-L51 ``` USERIP="$($WBIN -ih | awk '{print $3}' | head -n1)" if [[ "$USERIP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then ADMINIP="$USERIP" else ADMINIP="$(hostname -I | sed -E 's/\.[0-9]+ /.0\/24 /g')" fi ```
kerem commented 2026-03-03 13:58:36 +03:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (Sep 3, 2020):

This issue is stale because it has been open 30 days with no activity, without any activity this will be closed in 5 days.

<!-- gh-comment-id:686157810 --> @github-actions[bot] commented on GitHub (Sep 3, 2020): This issue is stale because it has been open 30 days with no activity, without any activity this will be closed in 5 days.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
renovate/github-codeql-action-4.x
v2.2.0
v2.1.0
v2.0.0
v1.0.0
v1.0
Labels
Clear labels   
Stale

   
bug

   
bug

   
bug

   
pull-request

Mirrored from GitHub Pull Request

No labels
Stale
bug
bug
bug
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/hardening#35
No description provided.