Friday, December 7, 2007

Basic Linux Commands

The purpose of this blog entry is to document a few basic Linux commands that i find useful. I'm fairly new to Linux and recording these commands gives me a point of reference and helps me remember them.

It's important to note that in Linux syntax is case sensitive.

I am using Ubuntu so my syntax may differ slightly to yours if you are using another distro. If you want to learn more about any of the commands i list try the following:

man command (e.g man ls)

or

command -h

or

command --help


The sections i have added so far are:

1. Users
2. Navigation
3. Files
4. Networking
5. Hardware
6. System Tools


I will add to this document as i learn more commands.



1. Users

To add a new user called bob:

adduser bob

To switch to a new user called bob:

su bob

To change bobs password:

passwd bob

To switch straight to root:

su

To run a command as root whilst logged in as another user:

sudo command

* this assumes you are in the sudo group.

To view which user you are currently logged in as use:

whoami


2. Navigation

To list directories use:

ls

To list all directories including hidden and permissions use:

ls -la

To list all directories in another folder use the following syntax:

ls -la /home/bob/

In the output anything preceded with a . is hidden.


To change directory use:

cd directory_name

Or the path:

cd /etc/directory_name

To move back in the directory structure use:

cd ..

or

cd ../..

To navigate directly to the root / directory:

cd /

To navigate directly to your home directory:

cd #

To print the current directory use:

pwd


3. Files

To view the contents of a file:

cat filename.txt

To delete a file:

rm filename.txt

To delete all files and directories and sub-directories (without prompting)

rm -Rf directory_name

To locate a file:

locate filename.txt

To change the owner of a file use:

chown bob filename.txt

To change the group ownership as well use:

chown bob:users_group filename.txt

To create a directory use:

mkdir mydirectory

To create a file use:

touch myfilename

To move or rename a file use:

mv file1 file2

To copy a file to bobs home directory use:

cp file1 /home/bob/


4. Networking

To obtain a DHCP address (on all interfaces):

dhclient

Or on just one particular interface:

dhclient eth1

To view the interface network properties:

ifconfig

To set the IP address of a interface:

ifconfig eth1 192.168.1.100/24

To change the MAC address of an interface:

ifconfig eth1 hw ether 11:22:33:44:55:66:77:00

To put an interface into promiscuous mode:

ifconfig eth1 promisc

To take an interface out of promiscuous mode:

ifconfig eth1 -promisc

To view the wireless interface settings:

iwconfig

To set the wireless interface to a particular wireless AP:

iwconfig eth1 essid my_wireless_network

To set the wireless interface to managed mode:

iwconfig eth1 mode managed

To set a wireless interface to monitor mode (for sniffing etc..)

iwconfig eth1 mode monitor

To configure WEP encryption on a wireless interface:

iwconfig eth1 enc {enc key}

To configure a wireless interface to use a particular channel:

iwconfig eth1 channel 3

To view the routing table:

route

To view the routing cache:

route -C

To set a static route to a network:

route add -net 172.16.1.1 netmask 255.255.0.0 dev eth1

To set a static route to a host:

route add -host 80.127.23.65 eth1

To delete a route:

route del -host 80.127.23.65 eth1

To add a default gateway of 192.168.1.1:

route add default gw 192.168.1.1


Tracerouting in linux uses UDP packets as oppose to Windows using ICMP.

To traceroute to a target (yahoo in my example) use:

traceroute www.yahoo.com

Another really cool program i found on my system for tracerouting and providing really useful diagnostic info is mtr:

mtr www.yahoo.com

Bear in mind that unlike traceroute mtr use ICMP echo requests.

To list all network connection (external):

netstat -punta

To list network statistics:

netstat -s

To list statistics on an interface:

netstat -i eth1

For a continuous listing on any netstat commands add -c to the command:

netstat -punta -c


To list any IPTables rules:

iptables -L -v

To quickly add a rule to drop ICMP requests:

iptables -A OUTPUT -p icmp -d 0/0 -j DROP

The above command appends (-A) a rule to the output (OUTPUT) chain telling it that ICMP (-p ICMP) from any destination (-d 0/0) should be dropped (-j DROP)

To remove your rule you can use the command:

iptables -F OUTPUT

To flush all rules use:

iptables -F

To remove any currently active rules:

iptables -X

The following rules can be used to rate limit connections to prevent brute-force login to port 21 (for FTP)

iptables -I INPUT -p tcp --dport 21 -i eth1 -m state --state NEW -m recent \

  --set

iptables -I INPUT -p tcp --dport 21 -i eth1 -m state --state NEW -m recent \
--update --seconds 60 --hitcount 4 -j DROP
Using the rule above will drop any more than 3 connection attampts in 60 seconds from the same IP address.


(I will post a blog article on iptables rules)


Or to block icmp you could run or script the following command:

echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

The default is 0, to to revert it back use:

echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all

To use a capture network traffic:

ifconfig eth1 promisc
tcpdump -i eth1 -vv


All the above commands assume the interface is eth1. If you are unsure which is your wireless interface run iwconfig and look for the interface with the wireless extensions.



5. Hardware

To list installed hardware (available on ubuntu):

lshw

To list all PCI devices:

lspci

To list all USB devices:

lsusb

To list the loaded modules

lsmod

Another useful trick i have found relating to hardware, is when i attach a new USB HDD and i am unsure of the what it will be called, i attach the device and then immediately look at /var/log/messages for the last entries. This usually gives me what i need. The tail command is useful here.

tail -n 10 /var/log/messages

This will display the last 10 lines of the log file.

To use tail and have it update (-s 2 will update every 2 seconds) as the log updates use the following command:

tail -n 10 -s 2 -f /var/log/messages

Running the dmesg command will also reveal useful information about hardware.


6. System Tools

To view free disk space use:

df -h

To view disk usage on the system use:

du

du can also specify a directory:

du /home/bob/

A useful tool for viewing running processes is top:

top

or for a more interactive version:

htop

You can also use ps to view process information.

To view a list of all running processes:

ps aux

To view a list of processes by a particular user (bob):

ps U bob

To view process in a tree:

ps -eH

To kill a process by it's PID (example of 28556):

kill 28556


Mounting Disks

To view a list of currently mounted file systems view /etc/mtab or use:

mount -L

To mount a disk first create a folder which you will mount it to:

mkdir /media/usb

mount - t ntfs /dev/sdb /media/usb

To unmount a disk:

umount /media/usb






4 comments:

Anonymous said...

Im so grateful for this blog, words cannot express my graditude :)

SynJunkie said...

No problem, I appreciate your positive feedback.

Regards

Lee

jayjan said...

thanks a lot it is great for future reference on linux commands

c4in said...

gud job.. :)