Commands in Linux
Information about the System
- arch or uname -m – displays your computer’s architecture;
- uname -r – shows the kernel version that was utilized;
- dmidecode -q – display hardware system components (SMBIOS / DMI);
- hdparm -i /dev/hda – exhibit hard drive characteristics;
- hdparm -tT /dev/sda – evaluate the read performance of the hard drive;
- cat /proc/user beancounters – displays beancounter information (only on VPS);
- cat /proc/cpuinfo – reveals CPU information;
- cat /proc/interrupts – display interrupts;
- Check memory utilization using cat /proc/meminfo;
- /proc/swaps cat – show swap file (s);
- /proc/version – exhibits the kernel version;
- /proc/net/dev/cat – display network interfaces and their statistics;
- cat /proc/mounts – shows a list of mounted file systems;
- lspci -tv – displays the PCI devices in a tree format;
- lsusb -tv – demonstrates USB devices in a tree view;
- date – display the system date;
- cal 2007 – shows the calendar table for 2007;
- date 041217002007.00* – configures the system date and time MMDDCHmmHmmYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY (MonthDayHhMinutesMinutesYear.Seconds).
Restart the System
- shutdown -h now – terminates the system;
- shutdown -h hours:minutes & – schedule system shutdown;
- shutdown -c is used to terminate a planned computer shutdown;
- To restart the system, use shutdown -r now or reboot -to;
- logout – exit the system.
Directories and Files
- cd /home – navigate to the directory '/home.'
- cd. – move to the above-mentioned directory.
- cd../... – go over to the directory two levels above.
- cd – go to the home directory.
- cd user – navigate to the user's home directory.
- cd – return to the directory we were in before moving to the current directory.
- pwd – shows the current directory.
- ls – displays the contents of the current directory.
- ls -F – demonstrates the contents of the current directory, with type symbols attached to the names.
- ls -l – displays a comprehensive picture of the current directory’s files and directories.
- In the current directory, type ls -a to show hidden files and directories;
- ls *[0-9]* – display files and directories that have numerals in their titles;
- tree or lstree – displays the file and directory tree, beginning at the root (/).
- mkdir dir1 – make a directory called ‘dir1’
- mkdir dir1 dir2 – make two directories at once
- mkdir -p /tmp/dir1/dir2 – creates a directory called ‘dir2’, as well as any intermediary directories (‘dir1’) that do not already exist.
- rm -f file1 – deletes the file ‘file1’
- rmdir dir1 – removes the directory ‘dir1’
- rm -rf dir1 – recursively remove the directory ‘dir1’ and all of its contents.
- rm -rf dir1 dir2 – recursively remove the two folders and their contents
- mv dir1 new_dir – rename or move a file or directory
- cp file1 file2 – copy file1 to file2 cp
- dir/*. – copy all files in the dir directory to the current directory
- cp -a /tmp/dir1. – copy the contents of directory dir1 into the current directory.
- cp -a dir1 dir2 – move directory dir1 to directory dir2.
- Build a symbolic link to a file or directory using ln -s file1 lnk1*.
- To build a “hard” (physical) link to a file or directory, use ln file1 lnk1.
- 0712250000 -touch – change the date and time when the file was created; if the file is missing, create a new file with the supplied date and time (YYMMDDhhmm).
File Lookup
- find / -name file1 – locate files and folders called file1. Begin your search from the root (/).
- find / -user user1 – locate files and directories associated with user user1. Begin your search at the root (/).
- find /home/user1 -name '*.bin’ – locates all files and folders with names that finish in ‘. bin’. Begin your search with ‘/home/user1’*.
- find /usr/bin -type f -atime +100 – locate all files in ‘/usr/bin’ that have been accessed in the previous 100 days.
- find /usr/bin -type f -mtime -10 – finds all files in ‘/usr/bin’ that were created or modified in the previous 10 days.
- find / -name *.rpm -exec chmod 755“; – find all files and folders with names ending in '.rpm' and modify their access permissions.
- find / -xdev -name”*.rpm” – find all files and folders with names that finish in '.rpm,' disregarding removable media such as cdrom, floppy, and so on.
- locate “*.ps” – find all files with the suffix “.ps” in their names. It is advised that you run the ‘updatedb’ command first.
- whereis halt – displays the location of binary files, source code, and documentation associated with the halt file;
- which stop – displays the complete path to the file ‘halt’.
Mounting Files and Folders
- mount /dev/hda2 /mnt/hda2 – mounts the partition ‘hda2’ to the mount point ‘/mnt/hda2’. Ascertain that the mount point directory ‘/mnt/hda2’ exists.
- umount /dev/hda2 – this command unmounts the ‘hda2’ partition. Leave ‘/mnt/hda2’ before proceeding.
- fuser -km /mnt/hda2 – forces the partition to be unmounted. If the partition is utilized by a user, this may be used.
- umount -n /mnt/hda2 – unmount without writing to /etc/mtab. Useful if you have a read-only file or don’t have enough storage space.
- /dev/fd0 /mnt/floppy – mount a floppy disk.
- /dev/cdrom /mnt/cdrom – mount a CD or DVD.
- mount /dev/hdc /mnt/cdrecorder – DVD-R/DVD-RW(+-) or CD-R/CD-RW(+-).
- mount -o loop file.iso /mnt/cdrom – mount ISO image.
- mount -t vfat /dev/hda5 /mnt/hda5 – mounts the Windows FAT32 file system.
- mount -t smbfs -o username=user, password=pass /winclient/share /mnt/share – mounts the Windows network file system (SMB/CIFS).
- bind /home/user/prg /var/ftp/user mount -o mount a folder to another directory (binding). As of kernel version 2.4.0, this feature has been available. This is convenient for giving the contents of the user’s directory through ftp when the ftp-server is executing in a sandbox (chroot) where symlinking is not enabled. This operation copies the contents of /home/user/prg to /var/ftp/user.
Hard Drive Space
- df -h provides information on installed partitions as well as total, allocated, and utilized space (Translator’s comment. The -h flag is not supported by all *nix systems).
- ls -l Sr |more – returns a list of directories ordered recursively in ascending order of size, including page-by-page navigation.
- du -sh dir1 – calculates and shows the size of the directory ‘dir1’.
- du -sk * | sort -rn – shows the size and titles of files and folders in descending order of size.
- rpm -q -a --qf '%10t% n’ | sort -k1,1n – displays the size of consumed disk space used by rpm package files, ordered by size (fedora, redhat, etc.).
- dpkg-query -W -f=’$Installed-Size;10t$n’ | sort -k1,1n – returns the hard drive space used by deb-package files, sorted by size (ubuntu, debian, etc.).
Groups and Users
- groupadd group name – add a new group called group name to the list.
- groupdel group name – delete the group name.
- groupmod -n old group name new group name – rename the group old group name to new group name.
- useradd -c “Nome Cognome” -g admin -d /home/user1 -s /bin/bash user1 – create user user1, set /home/user1 as its root folder, /bin/bash as its shell, add it to the admin group, and include the Nome Cognome remark.
- useradd user1 – create a user named user1.
- userdel -r user1 removes user user1 and his home directory.
- Change user characteristics with usermod -c “User FTP” -g system -d /ftp/user1 -s /bin/nologin user1.
- passwd – change your password.
- passwd user1 – update user1’s password (root only).
- 2005-12-31 chage -E user1 – provide the account's expiration date.
- pwck – Verify the integrity of system account files. This examines the directories /etc/passwd and /etc/shadow.
- grpck – verifies the integrity of system account files. Examines the /etc/group file.
- [-] newgrp group name – modifies the current user's primary group. If “-” is supplied, the situation will be the same as if the user logged out and then logged back in. If no group is supplied, the principal group will be determined by looking at /etc/passwd.
Verify/Alter File Permissions
- ls -lh – displays file and directory permissions in the current directory.
- ls /tmp | pr -T5 -W$COLUMNS – show the data of the /tmp folder in five rows.
- chmod ugo+rwx directory1 – give directory1 permissions. ugo (User Group Other)+rwx(Read Write eXecute) – everyone has full access. To do the same, chmod 777 directory1. chmod go-rwx directory1 – take all permissions from the group and all others for the directory1 directory.
- chown user1 file1 – this command makes user1 the owner of file1.
- chown -R user1 directory1 – recursively designate user1 the owner of directory1.
- chgrp group1 file1 – make group1 the owner of file1.
- chown user1:group1 file1 – this command changes the owner and group-owner of file1.
- find / -perm -u+s – search for all files with the SUID set, starting at the root.
- chmod u+s /bin/binary file – provide /bin/binary file the SUID bit. This permits any user with the authorization of the file owner to execute the file.
- chmod u-s /bin/binary file removes the SUID bit from the file.
- chmod g+s /home/public – give /home/public the SGID bit.
- Remove the SGID bit from /home/public using chmod g-s /home/public.
- chmod o+t /home/public – give /home/public the STIKY bit. Only owners have the ability to delete files.
- Remove the STIKY bit from the /home/public directory with chmod o-t /home/public.
Attributes Specific to Files
- chattr +a file1 – enables you to open a file in add mode for writing only.
- chattr +c file1 enables the kernel to compress and decompress file contents automatically.
- dump to ignore file1 (chattr +d file1) – in backup mode, dump to ignore file1.
- chattr I file1 – prevents any modifications to the file, including editing, deleting, moving, and linking to it.
- chattr +s file1 – makes file deletion safe; if the s attribute is set, the disk space occupied by the file is filled with zeros, making data recovery impossible.
- chattr +S file1 – specifies that the file will be synced when you save the modifications, similar to the command sync.
- chattr +u file1 – this property indicates that when a file is deleted, its content is stored and the user can recover it if required.
- lsattr is a command that displays file attributes.
Collecting and Condensing Files
- bunzip2 file1.bz2 – condenses ‘file1.gz’ file
- gzip file1 or bzip2 file1 – compresses ‘file1’ file
- gzip -9 file1 – compresses file1 with maximum reduction
- rar a file1.rar test_file – make rar-archive 'file1.rar' and contain file test_file in it
- rar a file1.rar file1 file2 dir1 – build rar-archive 'file1.rar' and contain file1, file2 and dir1 in it
- rar x file1.rar – unload the rar archive
- tar -cvf archive.tar file1 – build tar archive.tar tar archive with file1
- tar -cvf archive.tar file1 file2 dir1 – make tar archive.tar archive including file1, file2 and dir1
- tar -tf archive.tar – show the archive content
- tar -xvf archive.tar – empty the archive
- tar -xvf archive.tar -C /tmp – unload the archive to /tmp
- tar -cvfj archive.tar.bz2 dir1 – create the library and condenses it with bzip2 (Note: the -j switch might not operate on some *nix systems)
- tar -xvfj archive.tar.bz2 – decompresses and empties the archive (Note: the -j switch does not function on all *nix systems)
- tar -cvfz archive.tar.gz dir1 – develop the library and condense it with gzip
- tar -xvfz archive.tar.gz – unload the archive and unpack it
- zip file1.zip file1 – create shortened zip library
- zip -r file1.zip file1 file2 dir1 – make a compact zip archive and contain several records and/or folds
- unzip file1.zip – unzip and unzip the zip archive
RPM (Red Hat Package Manager) Packages (Fedora, Red Hat and Similar)
- rpm -ivh package.rpm – install the product with notifications and progress bar
- rpm -ivh package.rpm – without dependencies, install a package with messages and a progress bar.
- rpm -U package.rpm – update software program without modifying configuration files; if the package is missing, it will be installed;
- rpm -F package.rpm – update software program, providing it is already installed;
- rpm -e package name.rpm – delete package
- rpm -qa – show the inventory of every package, set up in the system
- rpm -qa | grep httpd – discover among all software packages set up in your system a package, containing "httpd" in its title
- rpm -qi package_name – output the data about exact package
- rpm -qg "System Environment/Daemons" – show packages from the packages group
- rpm -ql package_name – present inventory of files of package
- rpm -qc package_name – show list of formatting files of the package
- rpm -q package_name --whatrequires – output list of packages, required for installing package by dependencies
- rpm -q package_name --whatprovides – exhibit capacity supplied by an rpm package
- rpm -q package_name --scripts – show scripts which are used during package installation/removal
- rpm -q package_name --changelog – show revision history of the package
- rpm -qf /etc/httpd/conf/httpd.conf – determine which software package the provided file belongs to. You must include the entire location and file name.
- rpm -qp package.rpm -l – shows a list of files that are part of a package but have not yet been set up on the system.
- rpm --import /media/cdrom/RPM-GPG-KEY – public digital signature key import
- rpm --checksig package.rpm – verify the package's signature
- rpm -qa gpg-pubkey – examine the content of the installed package to ensure its integrity.
- rpm -V package_name – size, permissions, type, owner, group, MD5 value, and last update date should all be checked.
- rpm -Va – examine the contents of all installed packages on the system. Execute with caution!
- rpm -Vp package.rpm – check for packages that have not yet been set up on the system.
- rpm2cpio package.rpm | cpio --extract --make-directories *bin – from the package, extract files with the name bin
- rpm -ivh /usr/src/redhat/RPMS/`arch`/package.rpm – install package, compiled from source
- rpmbuild --rebuild package_name.src.rpm – create a package from sources
Install (as well as delete and update) packages from network repositories using the yum program. Unlike the lower-level 'rpm' program, 'yum' can install extra packages that are required by the package being installed.
DEB Packages (Debian, Ubuntu and Similar)
- dpkg -i package.deb – update / install the package.
- dpkg -r package_name – delete the package from the system (the configuration files are not removed; the program’s settings remain in the system).
- dpkg -P package_name – delete the software as well as its configuration files from your computer.
- dpkg -l – list all the packages that have been installed on the system.
- dpkg -l | grep httpd – find the package with the word "httpd" in its name among all those installed on the device.
- dpkg -s package_name – show details regarding a certain package.
- dpkg -L package_name – demonstrate the inventory of files that were put into the system as part of the package.
- dpkg --contents package.deb – provide a list of files from a package that hasn’t been installed yet on your system.
- dpkg -S /bin/ping – discover the package that holds the file you’re looking for.
Aptitude Package Management Application (Debian, Ubuntu, and Others)
- aptitude install package_name – to install or upgrade package.
- aptitude update – obtain up-to-date package listings.
- aptitude safe-upgrade – update packages that have been installed on your system (the upgrade does not modify the editions of packages, only fixes safety defects).
- aptitude full-upgrade – update packages installed on your system; if a package with a version change is accessible in the repository, it is feasible to upgrade it. Use with extreme care.
- aptitude remove package_name – uninstall a package from your system without retaining its configurations.
- aptitude purge package_name – delete the configuration files for a package that is already installed on your system.
- aptitude clean – delete the loaded package archive files.
- aptitude autoclean – dismiss old packaging files.
- aptitude install -f – check the system for package dependencies and, if necessary, resolve them. There are no dependence issues if it finishes without producing any output.
- aptitude search package_name – find a package with the name "package name."
- aptitude show package_name – show in-depth data about the package.
- aptitude search ~c – retrieve the list of packages deleted from the system without destroying configuration files (using aptitude delete package name or dpkg -r).
- aptitude search ~b – locate broken parcels (with damaged dependencies).
Pacman Package Management Tool (Arch, Frugalware and Similar)
pacman -S name – installs the package “name” and its dependencies.
pacman -R name – deletes the package “name” and all of its files.
Examine the files’ contents:
- cat file1 – prints the contents of file1 to the standard output device.
- tac file1 – display the contents of file1 in reverse order on the standard output device (the last line becomes the first one, etc.).
- file1 – paginated output of file1 on the standard output medium.
- less file1 – page output of file1 on the conventional output device, but with the ability to flip in both ways (up-down), search for information, and so forth.
- head -2 file1 – sends the opening two lines of file1 to the standard output device. The output format is set to 10 lines by default.
- tail -2 file1 – sends the final two lines of file1 to the standard output device. Ten lines are printed by default.
- tail -f /var/log/messages – outputs the contents of the /var/log/messages file to the standard output device as text.
Manipulation of Text
- cat file originale | [operations: sed, grep, awk, grep, and so on] > result.txt – general syntax for actions that process the contents of a file and output the result to a new file.
- cat file originale | [operation: sed, grep, awk, grep, and so on] >> result.txt – general syntax for parsing file contents and writing the results to an existing file. The file will be created if it does not already exist.
- grep Aug /var/log/messages – from the file '/var/log/messages,' select and output the lines containing 'Aug' to the standard output device.
- Aug /var/log/messages – from the file '/var/log/messages,' select and output the lines beginning with "Aug" to the standard output device.
- grep [0-9] /var/log/messages – from the file '/var/log/messages' select and output the lines containing digits to the standard output device
- grep Aug -R /var/log/* – select and display on the standard output device the lines containing "Aug" in all the files in the directory /var/log and below
- sed 's/stringa1/stringa2/g' example.txt – change "string1" to "string2" in the file example.txt, output the result to the normal output device.
- sed '/^$/d' example.txt – remove blank lines from the file example.txt
- sed '/ *#/d; /^$/d' example.txt – cancel empty lines and comments from the file example.txt
- echo 'esempio' | tr '[:lower:]' '[:upper:]' – transform lower case letters to upper case
- sed -e '1d' result.txt – delete the first line of the example.txt file.
- sed -n '/string1/p' – only show lines containing "string1"
- sed -e 's/ *$//' example.txt – eliminate any empty lines at the end of each line
- sed -e 's/string1//g' example.txt – remove the line'string1' from the text without affecting the remainder of the content
- sed -n '1,8p;5q' example.txt – take lines 1–8 from the file and print the first five of them.
- sed -n '5p;5q' example.txt – take the fifth line
- sed -e 's/0*/0/g' example.txt – кeplace any number of zeros with a single zero.
- cat -n file1 – уhen displaying the file contents, number the lines
- cat example.txt | awk 'NR%2==1' – do not output the fileєs even-numbered lines
- echo a b c | awk '{print $1}' – the first column should be printed Split by whitespace/spaces or tab character/characters by default
- echo a b c | awk '{print $1,$3}' – еhe first and third columns should be printed. By default, split characters are separated by whitespace/spaces or tab characters.
- paste file1 file2 – integrate the contents of files 1 and 2 into a table: Row 1 of file1 equals row 1 column 1-n, while row 1 of file2 equals row 1 column n+1-m.
- paste -d '+' file1 file2 – combine the contents of files 1 and 2 into a table separated by a '+' symbol
- sort file1 file2 – sort the two files’ contents
- sort file1 file2 | uniq – categorize the contents of the two files without displaying duplicates
- sort sort file1 file2 | uniq -u – Arrange the information of the two files such that only unique strings are shown (strings, occurring in both files, are not printed to the standard output device)
- sort file1 file2 | uniq -d – arrange the content of the two files such that only duplicated strings are shown
- comm -1 file1 file2 – examine the contents of the two files while hiding the strings from 'file1'
- comm -2 file1 file2 – check the contents of two files, disregarding the lines from 'file2'
- comm -3 file1 file2 – уvaluate the contents of two files, eliminating strings from each
Character Sets and File Formats Conversion
- dos2unix filedos.txt fileunix.txt – MSDOS to UNIX text format file conversion (difference in carriage return characters).
- unix2dos fileunix.txt filedos.txt – UNIX to MSDOS text format file conversion (difference in carriage return characters).
- page.txt > recode..HTML > page.html – convert the contents of the test page.txt file to the html page.html.
- recode -l | more – displays a list of supported formats.
File System Analysis
- badblocks -v /dev/hda1 – examine hda1 partition for badblocks
- fsck /dev/hda1 – check/restore integrity of hda1 linux filesystem
- fsck.ext2 /dev/hda1 or e2fsck /dev/hda1 – check/restore the ext2 file system integrity on hda1.
- e2fsck -j /dev/hda1 – verify/restore the integrity of the ext3 file system on the hda1 partition, confirming that the journal is also present.
- fsck.ext3 /dev/hda1 – validate/restore the integrity of the ext3 file system on hda1.
- fsck.vfat /dev/hda1 or fsck.msdos /dev/hda1 or dosfsck /dev/hda1 – verify/restore the fat file system integrity on hda11.
File System Formatting
- mkfs /dev/hda1 – make a linux file system on partition hda1.
- mke2fs /dev/hda1 – build an ext2 file system on hda1.
- mke2fs -j /dev/hda1 – construct a journaling ext3 file system on partition hda1.
- mkfs -t vfat 32 -F /dev/hda1 – creates a FAT32 file system on partition hda1.
- fdformat -n /dev/fd0 – formats a floppy disk without inspecting.
- mkswap /dev/hda3 – create swap space on hda3 partition.
- mkswap /dev/hda3 – create swap space on hda3 partition.
- swapon /dev/hda3 – enable swap space on hda3 partition.
- swapon /dev/hda2 /dev/hdb3 – enable swap-spaces on hda2 and hdb3 partitions.
Making a Backup
- /home dump -0aj -f /tmp/home0.bak – make a full backup copy of the /home directory to the /tmp/home0.bak file.
- /home – make an incremental backup of the /home directory to the file /tmp/home0.bak.
- restore -if /tmp/home0.bak – restore from the backup copy /tmp/home0.bak.
- rsync -rogpav --delete /home /tmp - Sync /tmp with /home.
- rsync -rogpav -e ssh --delete /home ip address:/tmp – SSH-tunnel synchronization.
- rsync -az -e ssh --delete ip addr:/home/public /home/local – sync local and remote directories using an ssh tunnel with compression.
- rsync -az -e ssh --delete /home/local ip addr:/home/public – synchronize distant and local directories over ssh-tunnel with compression. dd bs=1M if=/dev/hda | gzip | ssh user@ip addr 'dd of=hda.gz' - create a "snapshot" of the local disk into a file on the remote machine through ssh-tunnel.
- tar -Puf backup.tar /home/user – create an incremental backup of the '/home/user' directory into backup.tar with preserved permissions.
- (cd /tmp/local/ && tar c.) | ssh -C user@ip addr 'cd /home/share/ && tar x -p' – transfer the contents of /tmp/local to a distant machine over an ssh tunnel into /home/share/.
- (/home tar c) | ssh -C user@ip addr 'cd /home/backup-home && tar x -p' – transfer the contents of /home to a distant machine over an ssh tunnel into /home/backup-home.
- tar cf -. – copying a directory with stored permissions and links to another.
- search /home/user1 -name '*.txt' | xargs cp -av --target-directory=/home/backup/ --parents – locate and copy all files ending in '.txt' in /home/user1 to another directory.
- find /var/log -name '*.log' | tar cv --files-from=- | bzip2 > log.tar.bz2 – search /var/log for files ending in '.log' and generate a bzip archive from them.
- dd if (dev/hda) of (dev/fd0) bs=512 count=1 – Make a floppy disk copy of the MBR (Master Boot Record) from /dev/hda.
Network
- ifconfig eth0 – displays the settings of the network interface eth0.
- ifup eth0 – activate (raise) the eth0 interface.
- ifdown eth0 – disable the (lower) eth0 interface.
- ifconfig eth0 192.168.1.1 netmask 255.255.255.0 – set the IP address and netmask for eth0.
- ifconfig eth0 promisc – sets the eth0 interface to promiscuous mode for sniffing.
- Ifconfig eth0 -promisc – disables promiscuous mode on the eth0 device.
- dhclient eth0 – activate the eth0 interface in DHCP mode.
- netstat -rn – display the local routing table.
- route add -net 0/0 gw IP Gateway – configure the default gateway's IP address.
- route add -net 192.168.0.0 netmask 255.255.255.0.0 gw 192.168.1.1 – add.static route in network 192.168.0.0/16 via gateway with ip-address 192.168.1.1.
- if=dev/fd0 of=dev/hda bs=512 count=1 dd – restore the floppy disk's MBR to /dev/hda.
- gw route del 0/0 IP _gateway – remove the default gateway's IP address.
- echo "1" > /proc/sys/net/ipv4/ip _forward – permits forwarding.
- hostname – displays the host’s name.
- http://www.linuxguide.it or 62.149.140.85 – allow hostname http://www.linuxguide.it in ip-address and vice versa
- ip link display – displays the status of all interfaces.
- mii-tool eth0 – displays the eth0 interface's status and connection type.
- ethtool eth0 – displays statistics for the eth0 interface, including information such as supported and current connection modes.
- netstat -tupn – displays all established TCP and UDP network connections without resolving names into IP addresses and PIDs, as well as the names of the processes that are establishing the connections.
- netstat -tupln – displays all network connections through TCP and UDP protocols without enabling names to be resolved to IP addresses and PIDs, as well as the names of the processes listening on the ports.
- tcpdump tcp port 80 – shows all activity on TCP port 80. (usually HTTP)
- iwlist scan – searches the airwaves for wireless access points.
- iwconfig eth1 – displays the settings of the wireless network device eth1.
Networks Powered by Microsoft Windows (SAMBA)
nbtscan ip_addr
- nmblookup -A ip_addr – allow netbios name nbtscan is not installed by default on all platforms; you may need to install it manually. The nmblookup command is included in the samba package.
- smbclient -L ip addr/hostname – displays the shared resources on the Windows computer.
- smbget -Rr smb:/ip addr/share – smbget, like wget, may get files from Windows PCs over the smb protocol.
- mount -t smbfs -o username=user,password=pass /winclient/share /mnt/share – mount the smb resource given by Windows to the local file system.
TEMPLATES (firewall)
- iptables –t filter –nL
- iptables -nL – displays all rule chains
- iptables -t nat -L will display all rule chains in the NAT table.
- iptables -t filter -F or iptables -F – remove all rule chains from the filter-table
- Clear all rule chains in the NAT table with iptables -t nat -F.
- iptables -t filter -X removes all user-defined rule chains from the filter-table.
- iptables –t filter –A INPUT –p tcp –dport telnet –j Allow inbound telnet connections using the command ACCEPT.
- iptables -t filter -A OUTPUT -p tcp --dport http -j DROP – preventt incoming HTTP connections.
- Allow forward POP3 connections using iptables -t filter -A FORWARD -p tcp --dport pop3 -j ACCEPT.
- iptables -t filter -A INPUT -j LOG --record-prefix "DROP INPUT" – instructs the kernel to log packets that pass through the INPUT chain and appends the "DROP INPUT" prefix to the message.
- iptables -- nat -A POSTROUTING –o eth0 -j MASQUERADE – enable NAT (Network Address Translate) of eth0 interface outgoing packets. When used with dynamically assigned IP addresses, it is OK.
- iptables -t nat -A PREROUTING -d 192.168.0.1 -p tcp -m tcp --dport 22 -j DNAT 10.0.0.2:22 – forward packets intended to one host to another.
Monitoring and Troubleshooting
- top – shows running processes, the resources they utilize, and other important information (with automatic data update).
- ps -eafw – displays running processes, their resources, and other helpful information (one time).
- ps -e -o pid,args —forest – displays PIDs and processes as a tree.
- pstree - Display the process tree.
- kill -9 98989 or kill -KILL 98989 – "put to death" the process with PID 98989 (without integrity of data).
- To properly terminate the process with PID 98989, use kill -TERM 98989.
- To force the process with PID 98989 to reread the configuration file, use kill -1 98989 or kill -HUP 98989.
- lsof -p 98989 – displays a list of the files opened by the process with PID 98989.
- lsof /home/user1 – returns a list of open files in /home/user1.
- strace -c ls >/dev/null – shows a list of all system calls made and received by the ls process.
- strace -f -e open ls >/dev/null – displays library calls.
- 'cat /proc/interrupts' watch -n1 – displays interruptions in real-time.
- latest reboot – displays the system’s reboot history.
- last user1 – displays user user1’s login history in the system as well as the time he signed in.
- lsmod – displays the loaded kernel modules.
- free -m – displays the RAM status in megabytes.
- smartctl -A /dev/hda – use this command to verify the status of the /dev/hda hard drive using SMART.
- smartctl -i /dev/hda – check the availability of SMART on the /dev/hda hard drive.
- tail /var/log/dmesg – displays the last 10 kernel boot log items.
- tail /var/log/messages – prints the past 10 system log items.
Additional Helpful Commands
- apropos ...keyword – provides a list of commands that are related to keywords in some way. When you know what the application performs but can't recall the command, this feature comes in handy.
- man ping – invokes the program's documentation, in this instance ping.
- whatis …keyword – shows a description of the given program's activity.
- mkbootdisk /dev/fd0 --device 'uname -r' – generates a bootable floppy disk
- gpg -c file1 – encrypts file1 with GNU Privacy Guard. gpg file1.gpg - decrypts file1.
- wget -r http://www.example.com – downloads the contents of http://www.example.com recursively.
- wget -c http://www.example.com/file.iso – download the file http://www.example.com/file.iso with the option to pause and resume later.
- 'wget -c' echo http://www.example.com/files.iso ' | at 09:00 – begin downloading at the given time
- ldd /usr/bin/ssh – display the list of libraries required for ssh.
- alias hh='history'' – assign the history command to the alias hh.
- whereis ping – prints the full path to the program's executable file as well as its help.</page.txt>.
Subscribe to our Newsletter