FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 12-27-2007, 04:54 PM
"John Toliver"
 
Default Looking for a program that analyzes a file and makes a "best guess" attempt to identify or provide information

Thanks Corey.

Looking at the MAN pages for this command makes me think it's probably not the one to try and do a script on.

Appreciate the help.

On Dec 27, 2007 12:33 PM, Corey Bettenhausen <
corey@31415926535.com> wrote:

*>What I would
> like, is a CLI program (no need for gui) I can script and add to my
> context menu so that when I encounter a file I don't recognize I can
> simply right click and say "analyze file", and the system will tell me

> what it can about the file.
Try the 'file' command.
-Corey

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com

Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users



--
Patience yields far greater results than brute force or rage ever could so relax......it's just life !!!
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-27-2007, 08:20 PM
Felipe Figueiredo
 
Default Looking for a program that analyzes a file and makes a "best guess" attempt to identify or provide information

Em Thursday 27 December 2007 15:24:11 John Toliver escreveu:
> Does a program exist which you can call, then point to a specific
> file, and then makes an attempt at analyzing what the file is?
> Searching in synaptic reveals many very specific analyzers, primarily
> for things like log files, or packet analyzers etc. What I would
> like, is a CLI program (no need for gui) I can script and add to my
> context menu so that when I encounter a file I don't recognize I can
> simply right click and say "analyze file", and the system will tell me
> what it can about the file.
>
> If my approach is wrong, how does one go about analyzing files when
> they don't know what they are?
>

It really depends on what you mean by 'analyse' the file. Do you intend to
actually screen the file content's, to discover something specific on that
file? If you only want a generic description of "file type", based on a mime
list, Corey' s suggestion (the 'file' command) should do.

If not, maybe you can be more specific on what kind of information your script
expects.

regards
FF

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-27-2007, 08:37 PM
"John Toliver"
 
Default Looking for a program that analyzes a file and makes a "best guess" attempt to identify or provide information

> It really depends on what you mean by 'analyse' the file. Do you intend to
> actually screen the file content's, to discover something specific on that
> file? If you only want a generic description of "file type", based on a mime
> list, Corey' s suggestion (the 'file' command) should do.

What I mean is if I happen to be working on my system and I uncover a
file I don't recognize, and I'm not sure where it came from alarms go
up. I'll probably want to scan the daylights out of it for viruses,
but also I would want to know what information it has in it. What
program created it. etc. And I might not feel comfortable submitting
it to an online service to analyze it. Maybe it was a data store for
my passwords and I just don't know it etc....

ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-27-2007, 09:25 PM
Felipe Figueiredo
 
Default Looking for a program that analyzes a file and makes a "best guess" attempt to identify or provide information

Em Thursday 27 December 2007 19:37:05 John Toliver escreveu:
> > It really depends on what you mean by 'analyse' the file. Do you intend to
> > actually screen the file content's, to discover something specific on that
> > file? If you only want a generic description of "file type", based on a
mime
> > list, Corey' s suggestion (the 'file' command) should do.
>
> What I mean is if I happen to be working on my system and I uncover a
> file I don't recognize, and I'm not sure where it came from alarms go
> up. I'll probably want to scan the daylights out of it for viruses,
> but also I would want to know what information it has in it. What
> program created it. etc. And I might not feel comfortable submitting
> it to an online service to analyze it. Maybe it was a data store for
> my passwords and I just don't know it etc....
>

Ok, so maybe you can work around your needs using a set of pre-existing
utilities, instead of working on a script (that's probably never going to be
sufficiently generic so as not to be updated very frequently).

As I said, the "file" command should be the first step - it uses magic numbers
and mime types (check google or wikipedia, if you want details on them) to
give generic concise descriptions.

If it's a text file, you can just open it with any text editor (nano, vim,
emacs, gedit, etc) or pager (less, more, most, etc). If it's binary, you can
use the 'strings' command to see what strings it has.

If you are concerned that strange files might appear at random in
otherwise 'secure' directories, you should consider using a IDS
like 'tripwire', 'aide', or others (check the dependencies
of 'harden-environment' for a list of interesting packages).

If they (the strange files) might appear in your home dir, or any dir your
account has write access to, you should even be able to see what program is
using it, if it's still open (even in background). To this, you use the
command 'lsof'. AFAIK, there's no way of accurately knowing what program
accessed a file in a 'normal' installation. Maybe if you use SElinux or
AppArmor, they have some advanced logging system, but I have zero information
on that. The 'old' way of knowing what programs have been run, is by process
accounting (package acct, command 'lastcomm'), but I don't think you can know
which files they created, unless you know the programs themselves and know
what to expect from them).

Beware that any such logging system you enable that logs individual process
information to disk will probably use huge ammounts of space, and if you use
a GUI, many of it will be useless messagens of gui apps and widgets opening
and closing.

Of course, none of these measures are useful if the file is encrypted.

regards
FF

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-29-2007, 07:45 AM
Peter Garrett
 
Default Looking for a program that analyzes a file and makes a "best guess" attempt to identify or provide information

On Thu, 27 Dec 2007 12:54:19 -0500
"John Toliver" <john.toliver@gmail.com> wrote:

> Looking at the MAN pages for this command makes me think it's probably not
> the one to try and do a script on.

I don't know how sophisticated you want to be about it, but I just put
this in ~/.gnome2/nautilus-scripts/ , to see what would happen, and it
works... it appears in the nautilus right-click scripts menu , and gives
the output in a pop-up text box. Obviously, there are many other options
to "file" that could be included or scripted.

#----------------------------------------------------------------------------#
#!/bin/bash

file -kr "$@" > /tmp/file.output

zenity --title "File Information" --text-info $FILE < /tmp/file.output

#-----------------------------------------------------------------------------#

Peter
--
"INX Is Not X" based on Ubuntu 7.04 Live CD: http://inx.maincontent.net
Screenshots slideshow: http://inx.maincontent.net/album/1.png.html
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-29-2007, 08:15 PM
"John Toliver"
 
Default Looking for a program that analyzes a file and makes a "best guess" attempt to identify or provide information

Thanks to all for the input. I think the 'file' command is perfect
for what I needed.

I plan on adding what you all mentioned to my own personal notes(I'll
make sure I give credit of course :-p ), because I know I'll need to
reference this again. The script works perfectly but I plan on
becoming intimately familiar with the 'file' command.

Thanks again to all.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-29-2007, 11:41 PM
NoOp
 
Default Looking for a program that analyzes a file and makes a "best guess" attempt to identify or provide information

On 12/29/2007 01:15 PM, John Toliver wrote:
> Thanks to all for the input. I think the 'file' command is perfect
> for what I needed.
>
> I plan on adding what you all mentioned to my own personal notes(I'll
> make sure I give credit of course :-p ), because I know I'll need to
> reference this again. The script works perfectly but I plan on
> becoming intimately familiar with the 'file' command.
>
> Thanks again to all.
>

I'd like to find one that works like the Windows version, whereby you
could see the version, author/company etc. Using 'file' doesn't give
much info (unless I'm missing a option). For example:

$ file vanGoghtest.odp
vanGoghtest.odp: data
[OpenOffice Impress file]

$ file vanGoghtest2.ppt
vanGoghtest2.ppt: Microsoft Office Document
[MS Office PowerPoint file]

$ file SimpleText.odt
SimpleText.odt: Zip archive data, at least v2.0 to extract
[OpenOffice Write file]

$ file AccessTestDatabase.odb
AccessTestDatabase.odb: data
[OpenOffice Base file)









--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-30-2007, 03:39 AM
"John Toliver"
 
Default Looking for a program that analyzes a file and makes a "best guess" attempt to identify or provide information

> I'd like to find one that works like the Windows version, whereby you
> could see the version, author/company etc. Using 'file' doesn't give
> much info (unless I'm missing a option). For example:

Aren't those features specific to NTFS? I can't find anywhere other
than inside openoffice where you can enter in that kind of information
and access it.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-30-2007, 03:52 AM
thomas fisher
 
Default Looking for a program that analyzes a file and makes a "best guess" attempt to identify or provide information

On Saturday 29 December 2007 17:41:18 NoOp wrote:
> On 12/29/2007 01:15 PM, John Toliver wrote:
> > Thanks to all for the input. I think the 'file' command is perfect
> > for what I needed.

> > becoming intimately familiar with the 'file' command.
> >
> > Thanks again to all.
>
> I'd like to find one that works like the Windows version, whereby you
> could see the version, author/company etc. Using 'file' doesn't give
> much info (unless I'm missing a option). For example:
>
> $ file vanGoghtest.odp
> vanGoghtest.odp: data
> [OpenOffice Impress file]
I'm not certain as to what it is that you are desiring but a couple of hints
could be:
---> " locate " command works from the database that " updatedb " creates. I
believe it is part of the default install. I am not certain in Ubuntu how
often the updatedb runs in the background but that is open for change
or "updatedb& " can be run at any time. The " & " causes the command to be
run in the background.

---> " grep " command comes in several forms for special purposes. Can look
into the content of files. Learn the " regular expressions " and you have a
power tool at your disposal. Note: the " regular expressions " for perl is a
little different.

---> learn about " pipes " and other command connectors in bash and the output
of one command can serve as input to another command.

---> " sort " can be really handy.

---> http://www.ss64.com/bash/ common bash commands.

---> http://lowfatlinux.com/ Quick and {relatively} easy linux. Please
remember when learning Unix / Linux that this system can play tic tac toe or
coordinate a nations phone system. Scale from a wrist watch to a 1000
processor super parallel machine.

---> http://www.tutorialized.com/view/tutorial/Ten-Neat-Tricks-With-Perl/4576
quick little no brainers using perl

---> Really want to make your computer into a automation device that behaves
to your tailored command?
http://tldp.org/LDP/abs/html/ HTML version Advanced Bash-Scripting Guide
http://www.tldp.org/LDP/abs/abs-guide.pdf PDF ver.

---> want some rocket fuel learn basic PERL & more?
http://www.oreilly.com/pub/topic/perl

I know this is way beyond the initial question.

Tom

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 12-30-2007, 03:43 PM
Hal Burgiss
 
Default Looking for a program that analyzes a file and makes a "best guess" attempt to identify or provide information

On Sat, Dec 29, 2007 at 04:41:18PM -0800, NoOp wrote:
> I'd like to find one that works like the Windows version, whereby you
> could see the version, author/company etc. Using 'file' doesn't give
> much info (unless I'm missing a option). For example:
>
> $ file vanGoghtest.odp
> vanGoghtest.odp: data
> [OpenOffice Impress file]

Does the windows version handle open office documents? Does it handle
anything beyond MS office document formats? I ask out of ignorance
because while it sounds useful, my guess is it is extremely limited,
and thus only useful in isolated situations, and probably would not
handle cases like:

$file 87a09eb5a965893b1311534b646657f2c825ee78_medium

87a09eb5a965893b1311534b646657f2c825ee78_medium: JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"



--
Hal


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 10:57 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org