YOUR FIRST SCRIPT

You'll write a small script to list out who's been most recently unsuccessfully trying to login to your server, using the entries in /var/log/auth.log.

Use vim to create a file, attacker, in your home directory with this content:

!/bin/bash

#

attacker - prints out the last failed login attempt

#
echo "The last failed login attempt came from IP address:"
grep -i "disconnected from" /var/log/auth.log|tail -1| cut -d: -f4| cut -f7 -d" "

Putting comments at the top of the script like this isn't strictly necessary (the computer ignores them), but it's a good professional habit to get into.

To make it executable type:

chmod +x attacker

Now to run this script, you just need to refer to it by name - but the current directory is (deliberately) not in your $PATH, so you need to do this either of two ways:

/home/support/attacker
./attacker

Once you're happy with a script, and want to have it easily available, you'll probably want to move it somewhere on your $PATH - and /usr/local/bin is a normally the appropriate place, so try this:

sudo mv attacker /usr/local/bin/attacker

...and now it will Just Work whenever you type attacker