Intro To System Administration - McCool Cheat Sheet (DRAFT) by cfmccool

ps - shows the status of running processes, supports more than 80 comman­d-line options on Linux systems.

man - tradit­ional "­on-­lin­e" docume­ntation

pwd - print working directory

cd - move to another directory

mkdir - to make a directory

rmdir - remove to directory

To find out about a command:
man command

Manual pages are divided into different sections depending on their purpose. User commands are in section 1, Unix system calls in section 2, and so on. 1, 5 (file formats), and 8 (system admini­str­ation commands).

Uses public key crypto­graphy and PKI to secure messages between nodes on a network. TLS runs as a separate layer that wraps TCP connec­tions. Once a client and server have establ­ished a TLS connec­tion, the contents of the exchange, including the URL and all headers, are protected by encryp­tion.

/usr/local
Programs and datafiles that have been added locally by the system admini­str­ator.

/etc/skel
Sample startup files you can place in home direct­ories for new users

/dev
This directory contains the so-called device files, the interface between the filesystem and the hardware

/proc
The interface between the filesystem and the running processes, the CPU, and memory

/opt
Directory is often used for larger software packages

/var/spool
Temporary storage for files being printed, sent by UUCP, and so on.

/usr/lib
Standard libraries, such as libc.a.

/usr/l­ib/X11
The X Window System distri­bution. Contains the libraries used by X clients, as well as fonts, sample resources files, and other important parts of the X package.

/usr/i­nclude
Standard location of include files used in C programs

/usr/src
Location of sources to programs built on the system.

/bin
The most essential Unix commands, such as ls.

/usr/bin
Other commands.

/sbin
Very common commands used by the superuser for system admini­str­ation.

/usr/sbin
Commands used less often by the superuser for system admini­str­ation.

/boot
Location where the kernel and other files used during booting are sometimes stored.

/etc
Files used by subsystems such as networ­king, NFS, and mail.

/var
Admini­str­ative files, such as log files, used by various utilities.

Tasks:
Finding, loading, and running bootst­rapping code

Finding, loading, and running the OS kernel

Running startup scripts and system daemons

Mainta­ining process hygiene and managing system state transi­tions

stty function key

Function is what you want to do:
erase, kill, intr, susp

Key is the key that you press. Put (^{) in front of key i.e} C

To generate list of current terminal settings:
stty a

Command to bring shell to a reason and making it operate as expected if it doesn't:
stty sane

Ctrl-U : Delete the line from the cursor to the beginning of the line.

Ctrl-C : Aborts execution.

Ctrl-Z : Suspends execution.

Ctrl-S : Stops the terminal output until you press Ctrl-Q.

bash - Bourne Again shell. The most commonly used shell on Linux. Comman­d-line editing, history substi­tution.

csh - Different interface for progra­mming. No comman­d-line editing, history substi­tution.

ksh - Korn shell. Comman­d-line editing.

sh - Bourne shell. The original shell. No comman­d-line editing.

tcsh - Enhanced C shell. Comman­d-line editing.

zsh - Z shell. The newest of the shells. Comman­d-line editing. Has very powerful completion features.

Root Kits - Programs and patches that hide important system inform­ation such as process, disk, or network activity.

Packet Filtering - Passes only traffic for services that you specif­ically want to offer from that system.

Passwords and Multif­actor Authen­tic­ation

Vigilance

Applic­ation penetr­ation testing

Nmap - Network Port Scanner

Nessus - Next generation network scanner

Metasploit - Penetr­ation testing software

Lynis - On-box security auditing

John the Ripper - Finder of insecure passwords

Bro - The progra­mmable network intrusion detection system

Snort - the popular network intrusion detection system

OSSEC - Host-based intrusion detection

Fail2Ban - Brute-­Force attack response system

ssh -1 accoun­tname systemname

-1 specifies the account on the remote system

Another syntax with identical effects is:
ssh accoun­tna­me@­sys­temname

To suspend remote login:
~ followed by Ctrl-Z

Social Engine­ering

Software Vulner­abi­lities

Distri­buted Denial­-of­-Se­rvice

Insider Abuse

Network, system, or applic­ation config­uration errors

Confid­ent­iality - Privacy of data

Integrity - Authen­ticity of Inform­ation

Availa­bility - Must be accessible to authorized to users when they need it

Software Updates

Unnece­ssary Services - Disabling unnece­ssary services.

Remote Event Logging

Backups - Regular, tested system backups are an essential part of any site security plan. Protect your backups by limiting (and monito­ring) access and by encrypting backup files.

Viruses and Worms

To copy files in the SSH suite:
scp

Copies a file from your local system to remote system:
scp filepath accoun­tna­me@­sys­tem­name: DO NOT FORGET COLON

Copies a file from the remote system to your own:
scp accoun­tna­me@­sys­tem­nam­e:f­ilepath

To copy a directory:
scp -r accoun­tna­me@­sys­tem­nam­e:d­ire­cto­ryname relative path.

xemacs - editor

cat - used to scan a file, rather than edit it.

vi - text editor

more - prints a screenful at a time and waits for you to press the spacebar before printing more. Can search for a string in the file: press the slash key (/), type the string, and press Return.

less - variation of more

nano - simple and low-impact starter editor

Password:
# - means you are at root level
$ - means you are at the user level
To set a password use the "­pas­swd­" command.

.bashrc - Startup file

.bash_­profile - Runs only when you log in

.zshrc - .bashrc but for zsh

.zprofile - .bash_­pro­file, but for zsh

.cshrc - For the C shell or tcsh

.login - .bash_­profile for the C shell or tcsh.

.emacs - For Emacs editor

.exrc - For vi editor

.newsrc - For news readers

.xinitrc - For X Window System

.kde/s­har­e/c­onfig - Directory with config­uration files for the K Desktop Enviro­nment

.gnome - Directory with config­uration files for the GNOME

ls - lists files.

ls text?text - lists files containing digits in a position if the difference in file names is just a digit.

ls text[1­3]text - lists files with the digits 1 and 3 in that position.

ls text[1­-3]text - lists all files from 1-3 inclusive in that position. Also works with alphab­etical characters [a-zA-Z]

ls text*text - lists all files that match the structure including a numbers and full words between the text.

Proper­ties:
Entang­lement: every bit of the hash value depends on every bit of the input data. On average, changing one bit of input should cause 50% of the hash bits to change.

Pseudo­-ra­ndo­mness: hash values should be indist­ing­uis­hable from random data.

Non revers­ibi­lity: given a hash value, it should be infeasible to discover another input that generates the same hash value.

A network of entities who trust each other to varying degrees. By following indirect chains of trust outside your personal network, you can establish that a public key is trustw­orthy with a reasonable degree of confid­ence.
The Public Key Infras­tru­cture, used to implement TLS on the web, addresses this problem by trusting a third party known as a Certif­icate Authority (CA) to vouch for public keys.
The CA signs certif­icates for Alice and Bob’s public keys with its own private key.

Alice generates a pair of keys. The private key remains a secret, but the public key can be widely known. Bob similarly generates a key pair and publishes his public key. When Alice wants to send Bob a message, she encrypts it with Bob’s public key. Bob, who holds the private key, is the only one who can decrypt the message.
Alice can also sign the message with her private key. Bob can use Alice’s signature and her public key to validate its authen­ticity.
Asymmetric ciphers.

Alice and Bob share a secret key that they use to encrypt and decrypt messages. They must find a way to exchange the shared secret privately. Once they both know the key, they can reuse it as long as they wish.
Symmetric keys are relatively efficient in terms of CPU usage and the size of the encrypted payloads.
The need to distribute the shared key in advance is a serious impediment to many use cases.

Confid­ent­iality - messages are impossible to read for everyone except the intended recipi­ents.

Integrity - it is impossible to modify the contents without detection.

Non repudi­ation - the authen­ticity of the message can be validated.