ps - shows the status of running processes, supports more than 80 command-line options on Linux systems.
man - traditional "on-line" documentation
pwd - print working directory
cd - move to another directory
mkdir - to make a directory
rmdir - remove to directory
To find out about a command:
Manual pages are divided into different sections depending on their purpose. User commands are in section 1, Unix system calls in section 2, and so on. 1, 5 (file formats), and 8 (system administration commands).
Transport Layer Security
Uses public key cryptography and PKI to secure messages between nodes on a network. TLS runs as a separate layer that wraps TCP connections. Once a client and server have established a TLS connection, the contents of the exchange, including the URL and all headers, are protected by encryption.
Even More Important Directories
Programs and datafiles that have been added locally by the system administrator.
Sample startup files you can place in home directories for new users
This directory contains the so-called device files, the interface between the filesystem and the hardware
The interface between the filesystem and the running processes, the CPU, and memory
Directory is often used for larger software packages
More Important Directories
Temporary storage for files being printed, sent by UUCP, and so on.
Standard libraries, such as libc.a.
The X Window System distribution. Contains the libraries used by X clients, as well as fonts, sample resources files, and other important parts of the X package.
Standard location of include files used in C programs
Location of sources to programs built on the system.
The most essential Unix commands, such as ls.
Very common commands used by the superuser for system administration.
Commands used less often by the superuser for system administration.
Location where the kernel and other files used during booting are sometimes stored.
Files used by subsystems such as networking, NFS, and mail.
Administrative files, such as log files, used by various utilities.
Boot Process Tasks
Finding, loading, and running bootstrapping code
Finding, loading, and running the OS kernel
Running startup scripts and system daemons
Maintaining process hygiene and managing system state transitions
Diagram of Processes Forked From Shell
Fix Key Commands
stty function key
Function is what you want to do:
erase, kill, intr, susp
Key is the key that you press. Put () in front of key i.e C
To generate list of current terminal settings:
Command to bring shell to a reason and making it operate as expected if it doesn't:
Ctrl-U : Delete the line from the cursor to the beginning of the line.
Ctrl-C : Aborts execution.
Ctrl-Z : Suspends execution.
Ctrl-S : Stops the terminal output until you press Ctrl-Q.
What the test command can do
Shells on Linux
bash - Bourne Again shell. The most commonly used shell on Linux. Command-line editing, history substitution.
csh - Different interface for programming. No command-line editing, history substitution.
ksh - Korn shell. Command-line editing.
sh - Bourne shell. The original shell. No command-line editing.
tcsh - Enhanced C shell. Command-line editing.
zsh - Z shell. The newest of the shells. Command-line editing. Has very powerful completion features.
Linux & Unix Boot Process
More Basic Security Measures
Root Kits - Programs and patches that hide important system information such as process, disk, or network activity.
Packet Filtering - Passes only traffic for services that you specifically want to offer from that system.
Passwords and Multifactor Authentication
Application penetration testing
Copying the Current Shell
To Create A Temp File w/ Random Name
Security Power Tools
Nmap - Network Port Scanner
Nessus - Next generation network scanner
Metasploit - Penetration testing software
Lynis - On-box security auditing
John the Ripper - Finder of insecure passwords
Bro - The programmable network intrusion detection system
Snort - the popular network intrusion detection system
OSSEC - Host-based intrusion detection
Fail2Ban - Brute-Force attack response system
ssh -1 accountname systemname
-1 specifies the account on the remote system
Another syntax with identical effects is:
To suspend remote login:
~ followed by Ctrl-Z
How Security Is Compromised
Network, system, or application configuration errors
Elements of Security
Confidentiality - Privacy of data
Integrity - Authenticity of Information
Availability - Must be accessible to authorized to users when they need it
Basic Security Measures
Unnecessary Services - Disabling unnecessary services.
Remote Event Logging
Backups - Regular, tested system backups are an essential part of any site security plan. Protect your backups by limiting (and monitoring) access and by encrypting backup files.
Viruses and Worms
To Copy Stuff Over SSH
To copy files in the SSH suite:
Copies a file from your local system to remote system:
scp filepath accountname@systemname: DO NOT FORGET COLON
Copies a file from the remote system to your own:
To copy a directory:
scp -r accountname@systemname:directoryname relative path.
xemacs - editor
cat - used to scan a file, rather than edit it.
vi - text editor
more - prints a screenful at a time and waits for you to press the spacebar before printing more. Can search for a string in the file: press the slash key (/), type the string, and press Return.
less - variation of more
nano - simple and low-impact starter editor
# - means you are at root level
$ - means you are at the user level
To set a password use the "passwd" command.
.bashrc - Startup file
.bash_profile - Runs only when you log in
.zshrc - .bashrc but for zsh
.zprofile - .bash_profile, but for zsh
.cshrc - For the C shell or tcsh
.login - .bash_profile for the C shell or tcsh.
.emacs - For Emacs editor
.exrc - For vi editor
.newsrc - For news readers
.xinitrc - For X Window System
.kde/share/config - Directory with configuration files for the K Desktop Environment
.gnome - Directory with configuration files for the GNOME
ls - lists files.
ls text?text - lists files containing digits in a position if the difference in file names is just a digit.
ls texttext - lists files with the digits 1 and 3 in that position.
ls text[1-3]text - lists all files from 1-3 inclusive in that position. Also works with alphabetical characters [a-zA-Z]
ls text*text - lists all files that match the structure including a numbers and full words between the text.
Common Security Flavors for NFS Protocol
NFS (Network File System)
Cryptographic Hash Functions
Entanglement: every bit of the hash value depends on every bit of the input data. On average, changing one bit of input should cause 50% of the hash bits to change.
Pseudo-randomness: hash values should be indistinguishable from random data.
Non reversibility: given a hash value, it should be infeasible to discover another input that generates the same hash value.
Public Key Infrastructure
A network of entities who trust each other to varying degrees. By following indirect chains of trust outside your personal network, you can establish that a public key is trustworthy with a reasonable degree of confidence.
The Public Key Infrastructure, used to implement TLS on the web, addresses this problem by trusting a third party known as a Certificate Authority (CA) to vouch for public keys.
The CA signs certificates for Alice and Bob’s public keys with its own private key.
Public Key Cryptography
Alice generates a pair of keys. The private key remains a secret, but the public key can be widely known. Bob similarly generates a key pair and publishes his public key. When Alice wants to send Bob a message, she encrypts it with Bob’s public key. Bob, who holds the private key, is the only one who can decrypt the message.
Alice can also sign the message with her private key. Bob can use Alice’s signature and her public key to validate its authenticity.
Symmetric Key Cryptography
Alice and Bob share a secret key that they use to encrypt and decrypt messages. They must find a way to exchange the shared secret privately. Once they both know the key, they can reuse it as long as they wish.
Symmetric keys are relatively efficient in terms of CPU usage and the size of the encrypted payloads.
The need to distribute the shared key in advance is a serious impediment to many use cases.
Cryptographic Message Properties
Confidentiality - messages are impossible to read for everyone except the intended recipients.
Integrity - it is impossible to modify the contents without detection.
Non repudiation - the authenticity of the message can be validated.