* whoami : displays current user
* top : displays the top cpu/memory eaters and system load.. like task manager on windows
* ps : displays all processes running.. ps aux is the most useful way to run it
* wall “some text” : sends a broadcast message to all logged on users
* man program : displays the ‘man page’ or manual for a given program. Use space bar to page down and q to exit
* program -h : displays the help for a given program, briefer than man
* du -sh dirName : Displays the total size of a directory recursively
* df -kh : displays total and available storage on all partitions for the system
* locate filename : finds ware a program or file is located on the system
* w : displays who is ssh’ed or logged in.
* watch -n seconds filename : will execute a file every n seconds. Useful to watch who is online, watch -n 3 w
* wget http://somesite.com/somefile : gets a file via ftp, rsync, http, etc from a remote host.
* netstat : displays all listening ports and active connections
* ifconfig : used for listing network interface info and setting it
* clear : clears the terminal
* md5sum filename : displays the md5 checksum of the given file
admin
File System
/ : root of the file system contains all devices and directory’s
/root : the root users home directory
/home : all other users home dirs reside in here
/boot : All the kernels and boot specific info
/tmp : temporary files are stored here, is commonly world writable so keep an eye on it
/dev : on linux even hardware devices are part of the file system, they are stored here.
/bin : executables that should be safe for normal users to run
/var : the system writes data here during its operation, commonly contains/var/lib/mysql and /var/www
/opt : optional software, 3rd parties stick stuff here
/sbin : system executables that only root should need
/proc : the OS uses this to keep track of everything on the system in real time. No need to muck around in here
/mnt or /media: this ware new file systems get mounted (cds, floppys, flash drives)
/etc : all config files
Basics
I see most of the people searching for basics on linux and found much difficult to get it in short.
I have gathered some from a wiki and will add to this section. This might help some of you guys 🙂
How to Disable Telnet access on server
Telnet should be disabled on all web servers, and you should use SSH which is more secure.
Telnet sends password in plain text passwords and usernames through logins, and
‘crackers/hackers’ can obtain these passwords easily as compared to SSH.
TELNET server listens for incoming messages on port 23, and sends outgoing messages to port 23.
1. Login to your server through SSH and su to root.
2. Type pico /etc/xinetd.d/telnet
3. Look for the line: disable = no and replace with disable = yes
4. Now restart the inetd service: /etc/rc.d/init.d/xinetd restart
5. Turn off it through chkconfig as well because it can still start through that.
/sbin/chkconfig telnet off
6. Scan your server to ensure port 23 is closed.
nmap -sT -O localhost
Also run ps -aux | grep telnet and if you find anything other than “grep telnet” as result kill the process.
🙂
Installing qmHandle
qmHandle is a simple program which allows you to view and manage the qmail queue.
Installation:
wget http://jaist.dl.sourceforge.net/sourceforge/qmhandle/qmhandle-1.3.2.tar.gz
tar xvzf qmhandle-1.2.0.tar.gz
chmod 777 qmHandle
./qmHandle –h
That will show you how to use ./qmHandle
Now, i am writing few tips how to use it.
/root/qmHandle/ -s
Messages in local queue: 0
Messages in remote queue: 484
It means 484 messages in your SMTP queue.
You can list message queues using:
/root/qmHandle -l
After a while this will show you the result, now if you can see all the messages in queue you can find our the spam emails. After finding it you may choose first few character of mail subject, an example is:
2868937 (9, R)
Return-path:
From: [email protected]
To: [email protected]
Subject: failure notice
Date: 22 Apr 2006 05:51:32 +0000
Size: 3161 bytes
Now, to delete all mails with subject “failure” you may use command:
/root/qmHandle -Sfailure
This will delete all emails with the Subject failure from SMTP queue. Now if any body is doing SPAM with subject “PayPal verification” you may run this command:
/root/qmHandle -SPayPal
Indeed a good tool 🙂
OpenSSL Tricks
Create a strong CSR and private keyopenssl req -new -nodes -newkey rsa:2048 -out server.crt -keyout server.key
Parsing out the data within a certificateopenssl asn1parse -in server.crt
Checking a certificate/key modulus to see if they correspondopenssl rsa -in server.key -modulus -noout | openssl md5
openssl x509 -in server.crt -modulus -noout | openssl md5
Convert a key from PEM -> DERopenssl rsa -inform PEM -in key.pem -outform DER -out keyout.der
Convert a key from DER -> PEMopenssl rsa -inform DER -in key.der -outform PEM -out keyout.pem
Remove the password from an encrypted private keyopenssl rsa -in server.key -out server-nopass.key
Reviewing a detailed SSL connectionopenssl s_client -connect 192.168.1.1:443
Rebuilding the initial ram disk (initrd)
Installing new hardware may mean that new kernel need to be loaded when your server boots up. There’s a two step process to making a new initrd file:
First, add the appropriate line to your /etc/modules.conf or /etc/modprobe.conf which corresponds to your new kernel module.
Next, rebuild the initial ram disk after making a backup of the current one:
# cp /boot/initrd-`uname -r`.img /boot/initrd-`uname -r`.img.bak
# mkinitrd -f initrd-`uname -r`.img `uname -r`
Reboot the server now and make sure the new driver is loaded properly.
Register to Red Hat Network
rhn_register that will register your server over at RHN.
Well if you want to upgrade your kernel… you’ll have to edit the config to NOT skip the kernel
up2date –configure
type 24
and then type C and hit enter
and then hit enter again
Type:
up2date -p
that will update the packages your server to reflect the packages available to update over at RH.
Then type
up2date -u
and it will install any updates that are available
But remember you’ll have to setup an account over at Red Hat Network — if you haven’t already, type rhn_register, and that will register your server over at RHN.
And that’s it!
Adding IP aliases in FreeBSD
One question I hear quite often is “how do I add IP aliases in FreeBSD?” It’s not terribly intuitive, but you can follow these steps:
Example:
Server’s primary IP: 192.168.1.11
Additional IP’s to add: 192.168.1.12, 192.168.1.13, and 192.168.1.14
Boot-time configuration:
Add it to /etc/rc.conf first (so you don’t forget). In this example, we have a Realtek card called rl0:ifconfig_rl0="inet 192.168.1.11 netmask 255.255.255.0"
ifconfig_rl0_alias0="inet 192.168.1.12 netmask 255.255.255.0"
ifconfig_rl0_alias1="inet 192.168.1.13 netmask 255.255.255.0"
ifconfig_rl0_alias2="inet 192.168.1.14 netmask 255.255.255.0"
IMPORTANT NOTE: Start with the number 0 (zero) any time that you make IP alias configurations in /etc/rc.conf.
This is BAD form:
ifconfig_rl0="inet 192.168.1.11 netmask 255.255.255.0"
ifconfig_rl0_alias1="inet 192.168.1.12 netmask 255.255.255.0"
ifconfig_rl0_alias2="inet 192.168.1.13 netmask 255.255.255.0"
ifconfig_rl0_alias3="inet 192.168.1.14 netmask 255.255.255.0"If you do it the wrong way (which means starting alias with anything but alias0), only the primary comes up. Keep that in mind.
Bringing up the new IP’s:
You can do things the extraordinarily dangerous way:# /etc/rc.network restart
Or, you can follow the recommended steps:# ifconfig rl0 alias 192.168.1.12 netmask 255.255.255.0
# ifconfig rl0 alias 192.168.1.13 netmask 255.255.255.0
# ifconfig rl0 alias 192.168.1.14 netmask 255.255.255.0
Test your work:
Any good system administrator knows to test things once their configured. Make sure to ping your new IP’s from a source on your network and outside your network (if possible/applicable).
Hello world!
My first post 😉