From Tim's website
Jump to: navigation, search

Saving space by compressing images

The following line finds .JPG files (case sensitive) below the current directory between 3MB and 4MB and passes them to a compression script in /srv/:

find . -name '*.JPG' -size 4M -execdir /srv/compress_jpg "{}" \;

My script tries compressing to 90% quality (very high), and keeps the result if it saves more than 30%

#!/bin/sh
# This script requires one argument - the image to compress

convert "$1" -quality 90 temp.JPG

ratio=$(echo "`stat -c%s temp.JPG`*100/`stat -c%s \"$1\"`" | bc)
useful=$(echo "$ratio<70" | bc)

if [ $useful == 0 ]; then
  echo "Image \'$1\' is already compressed efficiently"
  rm temp.JPG
else
  echo "Compressing \'$1\' at 90% quality to $ratio% of original size"
  mv temp.JPG "$1"
fi

Saving space by compressing videos

The following line finds .AVI files (case sensitive) below the current directory and passes them to a compression script in /srv/:

find . -name '*.AVI' -execdir /srv/compress_avi "{}" \;

My script works on videos that are not already x264 compressed, uses 500kbps for 320x240 video and 1500kbps for all other sizes

#!/bin/sh
# This script requires one argument - the video to re-encode using x264
file $1 | grep H.264 > /dev/null
if [ $? == 0 ]; then
  echo "Video $1 is already compressed with x264"
else
  file $1 | grep "320 x 240" > /dev/null
  if [ $? == 0 ]; then
     echo "Video $1 is 320 x 240, using 500 bps"
     bitrate=500
  else
     echo "Video $1 is not 320 x 240, using 1500 bps"
     bitrate=1500
  fi

  mkdir recoded
  nice mencoder -ovc x264 -x264encopts pass=1:threads=auto:frameref=3:turbo=1:bitrate=$bitrate -nosound -o /dev/null $1
  nice mencoder -ovc x264 -x264encopts pass=2:threads=auto:frameref=6:subq=6:qcomp=0.8:me=umh:bitrate=$bitrate -oac copy -o recoded/$1 $1
  rm divx2pass.log

fi

Creating index images

The following command will using the imagemagick command to resize and recompress images to a small file:

mogrify -resize 800x800 -quality 10 -monitor *

Investigating Hidden Processes reported by rkhunter

The following was written by Hal Pomeranz here: http://ubuntuforums.org/archive/index.php/t-796192.html

When rkhunter tells you that there are hidden processes, try to cd to the /proc/<pid> directory for the process (where <pid> is one of the process ID numbers output by rkhunter). If you can't cd into the directory, then the process isn't really hidden, it was just in the middle of exiting when the rkhunter check ran and rkhunter was confused and you probably have nothing to worry about.

If you do manage to cd into the /proc/<pid> directory, then it's likely you have a problem. Interesting things to do once you're in the /proc/<pid> directory include:

  1. "cat cmdline" should give you the name the process is running under
  2. "sudo cat environ | perl -pe 's/\000/\n/g'" gets you the environment variable settings for the process
  3. "sudo ls -l fd" shows you what files the process currently has open
  4. "sudo ls -l cwd" shows you the current working directory of the process (which could be interesting if the process was started by the attacker from their rootkit installation directory)

There's plenty of other cool stuff you can do with the various bits of information under /proc, but the above should be enough to help you figure out what the process(es) are doing and how much trouble you're in.