Basic Operation
#hostame - Displays the hostname and/or FQDN of the system
#uname -a - Displays the hostname and detailed kernel version
#cat /etc/redhat-release - Displays the version of Linux installed Example:
#cat /proc/cpuinfo - Displays information about the CPU(s)
#df -h - Displays the partitions, their sizes details, and mount points
#free - Displays detail about the system memory and usage
#lsof - Displays all open files
#lsof -nPi:22 - Displays any open files which use port 22
#locate httpd.conf - Displays the full path to any file named httpd.conf
#updatedb - Rebuilds index of files for search using the locate utility
Copy, Move, Delete
#cp file1.txt file2.txt - Copies file1.txt to file2.txt
#mv old.txt new.txt - Renames a file called old.txt to new.txt
#rm file1.txt - Deletes file1.txt
#mkdir httpds - Creates a new directory called httpds
#cp -R httpd httpds - Recursively copies all files from directory httpd to httpds
#cp -PR httpd httpds - Recursively copies all files from directory httpd to httpds and retains all permission settings
#rm -rf httpd - Recursively deletes folder httpd and all contents
#chkconfig --list - Displays all services and their state (start or stop) at each runlevel
#chkconfig --level 35 httpd on - Sets httpd to start on runlevels 35 when machine is booted
#service httpd start - Immediately starts Apache
File Attributes
#chown apache virtualhosts.txt - Changes ownership of the virtualhosts.txt file to user apache
#chgrp apache virtualhosts.txt - Changes membership of the virtualhosts.txt file to group apache
#chmod a+x sniffer.pl - Allows the sniffer.pl file to be executed
CHMOD
7 rwx read, write, execute
6 rw- read, write
5 r-x read, execute
4 r-- read
3 -wx write, execute
2 -w- write
1 --x execute
0 --- no permissions
#chmod 777 passwords.txt - Allows read, write, and execute on the file passwords.txt to anyone
#chmod 000 passwords.txt - Blocks read, write, and execute on the file passwords.txt to anyone
YUM
#yum update -y - Updates all packages without prompting
#yum install iptraf - Installs a package named iptraf
#yum whatprovides */iostat - Searches all repositories and returns RPMs that provide the program iostat
#yum update samba - updates a package named samba
#rpm -qa | grep bind - Displays all packages installed with the word bind. Example:
#rpm -qa | grep bind
bind-chroot-9.3.6-16.P1.el5
system-config-bind-4.0.3-4.el5.centos
bind-utils-9.3.6-16.P1.el5
bind-9.3.6-16.P1.el5
bind-libs-9.3.6-16.P1.el5
ypbind-1.19-12.el5
#rpm -ivh proftpd - Interactively installs proftpd
#rpm -Uvh proftpd - Interactive upgrades named proftpd
#rpm -e proftpd - Removes package proftpd
#rpm --rebuilddb - Rebuilds a corrupt RPM database
#tar -zvxf stunnel.tar.gz - Decompressed a gzip file named stunnel.tar.gz
Networking
#ifup eth0 - Enables network interface eth0
#ifdown eth0 - Disables network interface eth0
#vi /etc/sysconfig/network-scripts/ifcfg-eth0 - Uses vi to edit network settings on eth0
IP tables
#service iptables status - Displays status of iptables (running or not)
#iptables -L - Displays ruleset of iptables
#iptables -I INPUT -p tcp -m tcp -s 192.168.15.254/26 --dport 22 -j ACCEPT - Accepts incoming
SSH connections from IP range 192.168.15.254/26
#iptables -I INPUT -p tcp -m tcp -s 0.0.0.0/0 --dport 22 -j DROP - Blocks SSH connections from everywhere else
#iptables -I INPUT -s "192.168.10.121" -j DROP - Drops all traffic from IP 192.168.10.121
#iptables -D INPUT -s "192.168.10.121" -j DROP - Removes previously allied drop all from IP 192.168.10.121
#iptables -I INPUT -s "192.168.10.0/24" -j DROP - Drops all traffic from IP range 192.168.10.0/24
#iptables -A INPUT -p tcp --dport 25 -j DROP - Blocks all traffic to TCP port 25
#iptables -A INPUT -p tcp --dport 25 -j ACCEPT - Allows all traffic to TCP port 25
#iptables -A INPUT -p udp --dport 53 -j DROP - Blocks all traffic to UDP port 53
#/etc/init.d/iptables save - Saves all IPtables rules and re-applies them after a reboot
Processes
#ps ax - Displays all running processes
#ps aux - Displays all running processes including CPU and memory usage of each
#ps ax | wc -l - Displays the total number of processes
#top - Interactive process manager which allows sorting by criteria
#tail -50 /var/log/messages - Displays the last 50 lines of the messages log
#head -50 /var/log/messages - Displays the first 50 lines of the messages log
#cat /var/log/messages - Displays the entire messages log
#cat /var/log/messages | grep "FTP session opened" - Displays any entries in the messages log that contain the ext FTP session opened
#cat /var/log/messages | grep "FTP session opened" > log2.txt - Writes any entries in the messages log that contain the ext FTP session opened to a file named log2.txt
/etc/named.conf - Bind configuration file (non chrooted)
/var/named/chroot/var/named - Bind zone files (chrooted)
/var/named/chroot/etc/named.conf - Bind configuration file (chrooted)
Apache (httpd)
/etc/httpd/conf/httpd.conf - Main apache configuration file
/var/www/html - Default directory for serving pages
/var/log/httpd/ - Default location for logs (access and error)
Networking
/etc/hosts - System hosts file
/etc/resolv.conf - DNS lookup configuration file
/etc/sysconfig/network - Network/hostname configuration file
/etc/selinux - SELinux configuration file
/etc/sysconfig/network-scripts/ - Default location of a network setting file
/etc/sysconfig/iptables - Default iptables policy configuration file
/etc/sysconfig/iptables-config - Default iptables daemon configuration file
#hostame - Displays the hostname and/or FQDN of the system
#uname -a - Displays the hostname and detailed kernel version
#cat /etc/redhat-release - Displays the version of Linux installed Example:
#cat /proc/cpuinfo - Displays information about the CPU(s)
#df -h - Displays the partitions, their sizes details, and mount points
#free - Displays detail about the system memory and usage
#lsof - Displays all open files
#lsof -nPi:22 - Displays any open files which use port 22
#locate httpd.conf - Displays the full path to any file named httpd.conf
#updatedb - Rebuilds index of files for search using the locate utility
Copy, Move, Delete
#cp file1.txt file2.txt - Copies file1.txt to file2.txt
#mv old.txt new.txt - Renames a file called old.txt to new.txt
#rm file1.txt - Deletes file1.txt
#mkdir httpds - Creates a new directory called httpds
#cp -R httpd httpds - Recursively copies all files from directory httpd to httpds
#cp -PR httpd httpds - Recursively copies all files from directory httpd to httpds and retains all permission settings
#rm -rf httpd - Recursively deletes folder httpd and all contents
#chkconfig --list - Displays all services and their state (start or stop) at each runlevel
#chkconfig --level 35 httpd on - Sets httpd to start on runlevels 35 when machine is booted
#service httpd start - Immediately starts Apache
File Attributes
#chown apache virtualhosts.txt - Changes ownership of the virtualhosts.txt file to user apache
#chgrp apache virtualhosts.txt - Changes membership of the virtualhosts.txt file to group apache
#chmod a+x sniffer.pl - Allows the sniffer.pl file to be executed
CHMOD
7 rwx read, write, execute
6 rw- read, write
5 r-x read, execute
4 r-- read
3 -wx write, execute
2 -w- write
1 --x execute
0 --- no permissions
#chmod 777 passwords.txt - Allows read, write, and execute on the file passwords.txt to anyone
#chmod 000 passwords.txt - Blocks read, write, and execute on the file passwords.txt to anyone
YUM
#yum update -y - Updates all packages without prompting
#yum install iptraf - Installs a package named iptraf
#yum whatprovides */iostat - Searches all repositories and returns RPMs that provide the program iostat
#yum update samba - updates a package named samba
RPM
#rpm -q http - Displays the version of daemon http (apache)#rpm -qa | grep bind - Displays all packages installed with the word bind. Example:
#rpm -qa | grep bind
bind-chroot-9.3.6-16.P1.el5
system-config-bind-4.0.3-4.el5.centos
bind-utils-9.3.6-16.P1.el5
bind-9.3.6-16.P1.el5
bind-libs-9.3.6-16.P1.el5
ypbind-1.19-12.el5
#rpm -ivh proftpd - Interactively installs proftpd
#rpm -Uvh proftpd - Interactive upgrades named proftpd
#rpm -e proftpd - Removes package proftpd
#rpm --rebuilddb - Rebuilds a corrupt RPM database
Compressed files
#unzip package.zip - Unzips the file package.zip#tar -zvxf stunnel.tar.gz - Decompressed a gzip file named stunnel.tar.gz
Networking
#ifup eth0 - Enables network interface eth0
#ifdown eth0 - Disables network interface eth0
#vi /etc/sysconfig/network-scripts/ifcfg-eth0 - Uses vi to edit network settings on eth0
IP tables
#service iptables status - Displays status of iptables (running or not)
#iptables -L - Displays ruleset of iptables
#iptables -I INPUT -p tcp -m tcp -s 192.168.15.254/26 --dport 22 -j ACCEPT - Accepts incoming
SSH connections from IP range 192.168.15.254/26
#iptables -I INPUT -p tcp -m tcp -s 0.0.0.0/0 --dport 22 -j DROP - Blocks SSH connections from everywhere else
#iptables -I INPUT -s "192.168.10.121" -j DROP - Drops all traffic from IP 192.168.10.121
#iptables -D INPUT -s "192.168.10.121" -j DROP - Removes previously allied drop all from IP 192.168.10.121
#iptables -I INPUT -s "192.168.10.0/24" -j DROP - Drops all traffic from IP range 192.168.10.0/24
#iptables -A INPUT -p tcp --dport 25 -j DROP - Blocks all traffic to TCP port 25
#iptables -A INPUT -p tcp --dport 25 -j ACCEPT - Allows all traffic to TCP port 25
#iptables -A INPUT -p udp --dport 53 -j DROP - Blocks all traffic to UDP port 53
#/etc/init.d/iptables save - Saves all IPtables rules and re-applies them after a reboot
#ps ax - Displays all running processes
#ps aux - Displays all running processes including CPU and memory usage of each
#ps ax | wc -l - Displays the total number of processes
#top - Interactive process manager which allows sorting by criteria
Logs
#tail -f /var/log/messages - Displays the most current entries to the messages log in real-time#tail -50 /var/log/messages - Displays the last 50 lines of the messages log
#head -50 /var/log/messages - Displays the first 50 lines of the messages log
#cat /var/log/messages - Displays the entire messages log
#cat /var/log/messages | grep "FTP session opened" - Displays any entries in the messages log that contain the ext FTP session opened
#cat /var/log/messages | grep "FTP session opened" > log2.txt - Writes any entries in the messages log that contain the ext FTP session opened to a file named log2.txt
Paths to Common Files
Bind (named)
/var/named - Bind zone files (non chrooted)/etc/named.conf - Bind configuration file (non chrooted)
/var/named/chroot/var/named - Bind zone files (chrooted)
/var/named/chroot/etc/named.conf - Bind configuration file (chrooted)
Apache (httpd)
/etc/httpd/conf/httpd.conf - Main apache configuration file
/var/www/html - Default directory for serving pages
/var/log/httpd/ - Default location for logs (access and error)
Networking
/etc/hosts - System hosts file
/etc/resolv.conf - DNS lookup configuration file
/etc/sysconfig/network - Network/hostname configuration file
/etc/selinux - SELinux configuration file
/etc/sysconfig/network-scripts/ - Default location of a network setting file
/etc/sysconfig/iptables - Default iptables policy configuration file
/etc/sysconfig/iptables-config - Default iptables daemon configuration file