scripting languages 1
DevOps, cloud deployment, test- driven development and continuous integration – the demands on a sysadmin change and evolve, but the requirement to learn something new is constant. Everyone uses Bash to some extent but, you’ll need to learn Bash plus one other. Perl was the traditional Swiss Army chainsaw of Unix admins through the ‘80s and ‘90s, gradually losing ground to Python and then Ruby over the last decade or so.
Anyone who started work in the ‘90s or earlier will be comfortable with it, so finding someone to help with your scripts is often not a problem. However, the world doesn’t stand still, and many tech businesses have standardised on Python, which is used extensively at Google, for example.
Much of the software necessary for modern sysadmin work is Python based although the same can be said of Ruby. Ruby benefits from being the basis of Chef and Puppet, as well as Vagrant and Travis CI, meaning a little familiarity will be helpful anywhere that uses them for deployment.
The web frameworks and testing tools written in Ruby have popularised the language at many of the younger web companies. NewLISP has a much smaller community supporting it, and there aren’t many ready made solutions and you may know no-one who uses it. The keenness of the online community goes some way to ameliorate this deficiency, but you have to ask who will maintain your tools when you leave a company?
Before reaching 1,000 lines of code, Bash scripts become unmanageable. Despite its procedural nature, there are attempts to make an object-orientated (OO) Bash .
We don’t recommend it, we think it’s better to modularise. Functional programming (FP) in Bash (http://bit. ly/BashFunsh) is also impractical. Perl’s bolted on OO won’t be to everyone’s taste, but does the job. Perl has fully functional closures, and despite syntactical issues, can be persuaded into FP – just don’t expect it to be pretty. For that you should wait for Perl 6.
Python is equally happy with imperative, OO and also manages FP. Functions are first class objects but other features are lacking, even if its list comprehension is very good. Mochi, the FP language (http://bit.ly/FPMochi), uses an interpreter written in Python 3. Ruby is designed as a pure OO language, and is perhaps the best since Smalltalk. It can also be persuaded to support a functional style of programming.
But to get FP code out of Ruby, you’ll have to go so far from best practices that you should be using another language entirely. This brings us neatly to NewLISP, an elegant and powerful language with all the functional features at your fingertips. NewLISP uses a pseudo OO implementation in the form of functional-object oriented programming (FOOP), but this doesn’t mean, however, that it can cut it for real OO programming.
Extending the language
None of these scripting languages are as bloated with classes as, for example, Java so that you’ll need to use non-core libraries (or modules as they are sometimes called) for writing many scripts. How comprehensive these are, and how easy they are to manage with your script varies greatly.
Perl continues to impress with the mind-boggling choice to be found on CPAN, but its ‘there’s more than one way to do it’ approach can leave you easily overwhelmed. Less obvious, is the magnitude of Bash extensions created to solve problems that are perhaps not best suited to any sh implementation.
Python has excellent library support, with rival choices considered very carefully by the community before being included in the core language. The concern to “do the right thing” is evident in every decision, yet alternate solutions remain within easy reach. At least the full adoption of the pip package manager, with Python 3.4, has ensured parity with Ruby. RubyGems provide the gem distribution format for Ruby libraries and programs, and Bundler which manages all of the gems for dependencies and correct versions. Your only problem will be finding the best guide through Ruby’s proliferation of libraries.
Read around carefully. NewLisp is not a large language, but it’s an expressive one, accomplishing much without the need of add-ons. What modules and libraries that there are address key needs, such as database and web connectivity. There’s enough to make NewLISP a useful language for the admin, but not in comparison to the other four choices.
Penetration testing and even forensic examination after an attack will fall under the remit of the hard-pressed sysadmin in smaller organisations. There are enough ready made tools available that you can roll everything you may need into a neat shell script, kept handy for different situations, but writing packet sniffers or tools for a forensic examination of your filesystem in Bash isn’t a serious option.
Perl has lost some security community mindshare since the early days of Metasploit, but the tools are still there, and are actively maintained by a large user group who aren’t about to jump ship to another language. Perl has tools like pWeb – a collection of tools for web application security and vulnerability testing – which is included in distros, such as Kali and Backbox. Tools such as Wireshark are a powerful aide to inspecting packets, but sometimes you’ll need to throw together your own packet sniffer.
Python not only has Scapy, the packet manipulation library, but provides a socket library for you to easily read and write packets directly. Ruby’s blocks (write functions on-the-fly without naming them) and other features are great for writing asynchronous network code, and its rapid prototyping matches (and even beats) Python. But Ruby’s biggest boon is Metasploit, which is the most-used pen-testing software.
In terms of ready rolled tools, you can mix and match as needed, but Perl, Python and Ruby all provide everything you need to quickly examine a network for weaknesses or compromises on-the-fly. Note: Python is featured in more security-related job adverts now.
Last, NewLISP isn’t well-known among penetration testers and grey hat hackers, but thanks to the networking built in to the language, a function call and a few arguments will create raw packets for pen testing. Once more, NewLISP has clear potential but suffers from its relatively tiny user base.