1. Security (Authentication and others)
1.1. Login check
#on fedora or ubuntu distr. check for last logins with dates
last
#on fedora distri. check for last invalid login attemps. (Note: run using root or sudo)
lastb
#send alert/email on ssh login
one simple way is to add sendmail line into ~/.bashrc file if you want to do user-specific alert. For instance, you want to get alert only if someone logged into a machine with a specific user.
#send alert/email on ssh login
one simple way is to add sendmail line into ~/.bashrc file if you want to do user-specific alert. For instance, you want to get alert only if someone logged into a machine with a specific user.
IP="$(echo $SSH_CONNECTION | cut -d " " -f 1)"
HOSTNAME=$(hostname)
NOW=$(date +"%e %b %Y, %a %r")
echo 'Someone from '$IP' logged into '$HOSTNAME' on '$NOW'.' | mail -s 'SSH Login Notification' YOUR_EMAIL_ADDRESS
or you can write a monitoring and parsing program that will keep an eye on /var/log/auth.log for ssh login logs. and send alerts as soon as it detects any malicious access.
1.2. Useful OpenSSL commands
see certificate subject
openssl x509 -in certificateName -subject
see certitifcate in text form
openssl x509 -in certificateName -text
connect to a server acting as a client using openssl
openssl s_client -connect [server_ip/server_name]:port
if you have to pass certificate to this connect request
openssl s_client -connect [server_ip/server_name]:port -cert path-to-certificate
if you also know the CAfile or CApath you can also provide them
openssl s_client -connect [server_ip/server_name]:port -CApath path_to_CAdirectory
2. Networking related
#obtain your external ip
curl ifconfig.me
#port forwarding n tunneling using SSH
ssh userName@hostnam/ip -N -L localport:host:hostport -L localport:host:hostport
now add host with 127.0.0.1(loopback address for localhost) mapping into your /etc/hosts file
#dynamic port forwarding using SSH
to be done
#Setting system-wide proxy settings
sudo export http_proxy='http://IP:port'
where IP is the IP address of your proxy server and port is the port of that proxy server.
#dig to get detail DNS query information
dig +noall +answer www.google.com
dig +noall +answer -x 209.85.227.105
For other handy tools and tips, please follow the given link.
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch04_:_Simple_Network_Troubleshooting#Sources_of_a_Lack_of_Connectivity
*Update hosts information in Windows as well
http://accs-net.com/hosts/how_to_use_hosts.html
Windows 95/98/Me c:\windows\hosts
Windows NT/2000/XP Pro c:\winnt\system32\drivers\etc\hosts
Windows XP Home c:\windows\system32\drivers\etc\hosts (I have tested this one)
3. User Management
#change the default shell for a user account
chsh
this command will ask for your password, and then the path to the new shell.
#password less sudo access
To allow a user with sudo access without password, edit /etc/sudoers on (ubuntu) and add the following line at the end
<username> = (ALL:ALL) NOPASSWD: ALL
sample:
khawar = (ALL:ALL) NOPASSWD: ALL
reboot the system and you can access sudo without being asked for passwords
4. Process Management
#search for a specific process name and get its id and kill it.
ps -ef | awk '/Startup.py/ {print $2}' | xargs kill -9
5. Other Utilities
#output with nice formatting (if output has multiple columns)
Let's take the example of mount command. its output is not properly formatted.
mount | column -t
#list directories only
ls -l | grep '^d' | awk '{print $NF;}'
#Split a big file
if you want to split a file on linux, use split command. lets say you have a big file of size 5GB, and want to split it in 3GBs.
split -b 3G bigger_filename
where bigger_filename is the source file you want to split.
#format a drive
mkfs.vfat /dev/sdb1
#print file contents in reverse (opposite of cat)
tac filename
#print file contents with line numbers
cat -n filename
we can also use nl command
nl filename
#file sizes of the given directory
du -h -d 1 directory_name
#convert output of your command to an image file
ls | convert label:@- PATH_TO_IMAGEFILE.png
This will generate an image file of the ls output. For this, X11 should be installed on your system. Not available on Mac OS X latest releases.
#send email (you should have sendmail installed)
echo "test msg" | mail -s test EMAIL_ADDRESS
this will send "test msg" (mail body) with subject "test" (by using -s flag) to the given EMAIL_ADDRESS
6. Search files and perform operations in one command
#find and remove files in one command
find . -type f -name "*.bak" -exec rm -i {} \;
#find files and replace text within it using sed
for file in `find src -name 'YOUR_FILE_NAME'`; do sed 's/SEARCH_STRING/REPLACE_WITH/g'
"$file" > tmp_file; mv tmp_file $file; echo "$file done"; done
#To find and delete empty directories
find -depth -type d -empty -exec rmdir {} \;
#Delete specific files using ls and grep within one directory
cd your_directory
ls -la | grep "username" | awk '{print $colposition}'|while read line do rm $line; done
where colposition is the column number of the filenames. At current display format of ls, it is 9th column that contains the filenames.
7. Installation related (on Ubuntu or Debian)
I experienced a situation in which a failed install script changed my start-stop-daemon scripts and did not rollback the changes. After some searching, I found that the following command fixes such problem.
#reconfigure an improper installed package on Ubuntu or Debian distributions.
sudo apt-get install dpkg --reinstall
No comments:
Post a Comment