Creating an inventory with nmap network scanning

Creating systems reports A systems report can be quickly generated by nmap. Simply by scanning a network, an immediate list of systems and their protocols can be seen by using operating system identification (-O) and possibly verbose output (-v) against the complete network (/24): nmap -O -v 192.168.1.0/24 However, the format is unruly, as pages […]

Read More

How would you make your Linux server more secure?

Install only what you need.  Keep your server lean.  Install only those packages that you really need. If there are unwanted packages; purge. The fewer the packages the less chance of unpatched code. Run only what you need.  This output will show you which services are running on which ports: netstat -npl You should also […]

Read More

What is ps?

Linux: ps The ps command lists running processes. The following command lists all processes running on your system: ps -A If this is too many processes to read at one time, you can pipe the output through the less command to scroll through them at your own pace: ps -A | less You could also […]

Read More

What is dhclient?

Linux: dhclient The dhclient command can release your computer’s IP address and get a new one from your DHCP server. dhclient is generated by NetworkManager. dhclient.conf is located in /etc/dhcp. This requires root permissions, so use sudo. Run dhclient with no options to get a new IP address or use the -r switch to release your […]

Read More

What is ifup / ifdown?

Linux: ifdown & ifup The ifdown and ifup commands are the same thing as running ifconfig up or ifconfig down. Given an interface’s name, they take the interface down or bring it up. This requires root permissions, so you have to use sudo on Ubuntu. sudo ifdown eth0 sudo ifup eth0

Read More

What is mtr?

Linux: mtr The mtr command combines ping and tracepath into a single command. mtr will continue to send packets, showing you the ping time to each “hop.” This will also show you any problems and if a hop is losing a percentage of the packets. mtr google.com

Read More

What is curl / wget?

Linux: Use the curl or wget commands to download a file from the Internet without leaving the terminal. If you’re using curl, type curl -O followed by the path to the file. wget users can use wget without any options.. The file will appear in the current directory. curl -O website.com/file wget website.com/file

Read More

Where are log files stored in Linux?

Answer: /var/log The following are the 20 different log files that are located under /var/log/ directory. Some of these log files are distribution specific. For example, you’ll see dpkg.log on Debian based systems (for example, on Ubuntu). /var/log/messages – Contains global system messages, including the messages that are logged during system startup. There are several […]

Read More

Basic Linux Privilege Escalation

Hat tip to g0tmi1k for authoring one of the best basic Linux privilege escalation compilations ever. Operating System What’s the distribution type? What version? 1 2 3 4 cat /etc/issue cat /etc/*-release cat /etc/lsb-release     # Debian based cat /etc/redhat-release   # Redhat based What’s the kernel version? Is it 64-bit? 1 2 3 4 5 6 […]

Read More

What is ipconfig / ifconfig?

The ipconfig command is used on Windows, while the ifconfig command is used on Linux, Mac OS X, and other Unix-like operating systems. These commands allow you to configure your network interfaces and view information about them. For example, you can use the ipconfig /all command on Windows to view all your configured network interfaces, […]

Read More