:: A M J A D - A Z I Z ::
-

:: Download LATEST FREE Softwares + Read ARTICLES Through RSS FEED [UPDATED DAILY] ::

 

Download Latest Free Softwares & Latest Articles

SELECT OPTIONS FROM BELOW:

RSS-feed will be listed here...
:: MORE LINUX BOOKS ::

S.NO MORE FREE LINUX BOOKS GO
1.
 Practical Guide to Linux Commands & Shell Programming Read
2.
 Bash Read
3.
 Bash Quick Reference Read
4.
 Bash Cookbook Read
5.
 AWK & SED Read
6.
 Advanced Bash-Scripting Guide Read

:: LINUX USEFUL TOOLS ::

S.NO LINUX USEFUL TOOLS GO
1.
 Linux Security HOWTO Read
2.
 Linux Security for Beginners Read
3.
 A New Linux Community Read
4.
 Tips For Linux Read
5.
 Linux tips : Christophe Pallier Read
6.
 The Linux Tips HOWTO : Paul Anderson Read


:: 80 of the Best Linux Security Applications ::

 

Security is paramount. Security involves defense in depth. Approaching security one step at a time, with consistency and rigour, you can mitigate threats, and keep intruders at bay.

Intruders use a variety of different techniques in an attempt to compromise a system. For example, systems can be attacked by denial of service, cracking, intrusion, snooping (intercepting the data of another user), or viruses/worms/Trojan horses. To have a secure box, a system therefore needs a variety of defenses.

The aim of this article is to provide the user with a starting point for improving the security of a Linux machine. Basic system security (e.g. having a regular backup strategy, using hard-to-guess passwords, removing services that you don't need) is essential administration in protecting your data. But you need a more sophisticated approach to keep intruders out.

We have identified 80 of the best Linux security applications which help to protect the integrity of a system. For each application we have compiled its own portal page, providing a detailed description of the software, its features, with links to other relevant resources.

All of the software featured in this article is free to download, and almost all released under the GNU General Public License.

Anti-Virus
AMaViS Mail virus scanner
Avast! Virus protection, with anti-spyware and anti-rootkit software
AVG Free Anti-virus and Anti-spyware software
ClamAV Anti-virus toolkit for e-mail scanning on mail gateways
P3Scan Scans email messages
Anti-Malware
chkrootkit Check for signs of a rootkit
OSSEC Rootkit detection
Nixory Anti Spyware program open source for Mozilla Firefox
rkhunter Scans for rootkits, backdoors and possible local exploits
Encryption
GnuPG Encrypt and sign data and communication
MailCrypt Simple interface to public key cryptography with PGP
MCrypt Developer tool for adding a wide range of encryption functions
OpenSignature Digital signature of documents
PeaZip Portable, open source archiving, encryption and file split tool
Seahorse GNOME application for managing encryption keys
Steghide Hide data in various kinds of image- and audio-files
Stunnel Encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer)
TrueCrypt Disk encryption software
Firewalls / Network Gateways
ClarkConnect Dedicated firewall and Internet server/gateway
FireHOL Stateful iptables packet filtering firewall configurator
Firestarter Visual firewall program
Netfilter Packet filtering framework
IPCop
 Linux firewall distribution
ShellTer Iptables-based firewall
Shorewall High-level tool for configuring Netfilter
Untangle Quality open source alternative to SonicWALL and WatchGuard
Turtle Firewall Firewall configuration project based on Linux 2.4.x/2.6.x and iptables
Vuumuur Powerful firewall manager built on top of iptables
Intrusion Detection
AFICK Monitor the changes on your filesystems
BASE Web front-end to query and analyze the alerts from a SNORT IDS system
Bro Passively monitors network traffic and looks for suspicious activity
Kismet Wireless network detector, sniffer, and intrusion detection system
OSSEC Open Source Host-based Intrusion Detection System
Sguil Analyst Console for Network Security Monitoring
SNARE System iNtrusion Analysis and Reporting Environment
Snort Network intrusion prevention and detection
Snort_inline Modified version of Snort
Tripwire Provides configuration audit and control features
Network Monitoring
AIM Sniff Monitoring and archiving AOL Instant Messenger and MSN messages
Argus Fixed-model Real Time Flow Monitor
Nagios Host and network monitoring tool
Nipper Network Infrastructure Configuration Parser
NSAT Network Security Analysis Tool
ntop Network traffic probe that shows the network usage
SEC Simple Event Correlator
SniffDet Remote Sniffer Detection Tool/Library
tcpdump Network debugging tool
Network Traffic Analyzer
dsniff Collection of tools for network auditing and penetration testing
Ettercap Multipurpose sniffer/interceptor/logger for switched LAN
ngrep Network grep
Kismet Wireless network detector, sniffer, and intrusion detection system
Wireshark Network protocol analyzer
Packet Crafting
Hping3 TCP/IP packet assembler/analyzer
Nemesis Packet crafting and injection utility
Scapy Interactive packet manipulation program
Yersinia Network tool to take advantage of weaknesses in network protocols
Portscanner
Angry IP Scanner Fast and friendly network scanner
Knocker TCP security port scanner
Unicornscan User-land Distributed TCP/IP stack
Vulnerability Scanner
Nessus Comprehensive vulnerability scanning software
SARA Third generation security analysis tool that is based on the SATAN model
Tiger Perform a security audit of UNIX systems
Log File Analyzers
AWStats Advanced web, streaming, ftp or mail server statistics, graphically
IPtables Log Analyzer Analyzes the log output from an iptables firewall
tcpreplay Use previously captured traffic in libpcap format to test network devices
tcptrace Analyze TCP dump files
The Webalizer Web server log file analysis
Data Removal
Darik's Boot and Nuke Self-contained boot floppy that securely wipes hard disks
Wipe Secure file wiping utility
Password Management
Figaro's PM GNOME application that allows password to be securely stored
KeePassX  Lightweight and easy-to-use password manager
VPN Tools
Poptop PPTP server solution
OpenVPN Full-featured SSL VPN solution
SSL Explorer Fully-featured, web-based SSL VPN server
Forensics
ODESSA Open Digital Evidence Search and Seizure Architecture
Other Tools
Denyhosts SSH attack prevention
iptables Configure the Netfilter tables, chains, and rules
mtr Network diagnostic tool
Netcat Reads and writes data across network connections
Nikto Web server scanner performing tests against web servers
OpenSSH SSH connectivity tools
Smart Sign Smartcard based digital signature

Ref: http://www.windowsecurity.com/articles/WiFi-security-lack

 

:: Linux vs. Windows: Which is Most Secure? ::

 

A point by point comparison of the two OSes, with a subjective conclusion as to which offers better security. Plus: some thoughts on Apple security.

By Kenneth van Wyk  

 

I’m more secure on Linux than I am on Windows. Yup, that’s right. I have no doubt whatsoever that I am.

I started down this path by comparing how secure I am on a Mac vs. on Windows, then I compared Mac vs. Linux. To complete that trifecta, I guess it’s only fair to compare the end-user data security aspects of Windows against Linux.

Before I get into my rationale, though, just a little more background is in order. I started using a UNIX desktop way back in college and was always comfortable there. At my first couple of jobs after college, I mostly used UNIX workstations from Dec and Sun as my primary desktops.

Later, I started using Windows-based systems at the office, but never felt quite at home. I was constantly frustrated by the frequent reboots, lack of serious security capabilities (from my perspective), and such. Then, following a brief foray in OS/2, I quickly gravitated to running Linux at home so I could once again have a real multi-tasking working environment.

Nowadays, my primary desktop is on a Macbook Pro – the best computer I’ve ever owned, without any doubt.

But, I still run a Debian Linux infrastructure for my company, with a couple Samba servers at its core. It’s not uncommon for the Linux systems to go over a year in between reboots. And, I still use XP on another laptop from time to time, generally when a customer requires it or I absolutely must run something like ActiveX controls on a web site. I try my best to learn how to best use the security features of each OS I use, naturally.

So, with that background in mind, it’s clear my views are somewhat biased. However, I consider myself very open-minded and will always give credit where it’s due. Heck, some of my best friends use Windows (but I do my best to talk them into OS X anyway).

• True to UNIX. It’s tough to be entirely fair here, since Windows isn’t UNIX in any sense. But my point here is that Linux does follow the security features and capabilities it inherited from UNIX quite closely. In particular, the notion of an administrative (root) user that maintains and operates the system, and desktop users who only run the software on the system, is completely ingrained in most Linux distributions.

Now it’s true that many Linux users ignore these features and run all their software from a root-level account anyway, but that’s a choice that they’ve made. The system defaults to protecting the operating system components from its user’s actions (intentional or otherwise). That feature alone must account in large degree for the dearth of viruses and other malicious vermin on Linux and UNIX platforms.

Windows, on the other hand, started life as a single user system, with that single user being all-powerful. Although that’s no longer the case, the general attitude can still be found in many Windows-based software products – many of which just can’t be installed and/or run properly without desktop administrator privileges. This is all changing for the better, but it took Microsoft far too long to adopt this default-secure configuration practice.

• “Bummer of a birthmark” Many of us no doubt remember Gary Larson’s Far Side comic strip in which two deer are standing around, and one of the deer has a big bulls-eye target on his chest… You get the picture.

Well, in many ways, that’s the sad state of affairs for Windows users these days. It’s true that phishers, virus writers, and other miscreants could target other operating systems, but by and large they don’t.

As other operating systems gain market share, that’s likely change, but by my thinking, Linux isn’t going to be the next big target. So, until and unless that target “birthmark” finds its way onto another victim, it’s “bummer of a birthmark” time for Windows users. (Hint: the “birthmark” itself is your Outlook/Internet Explorer combination!)

Qualitative score: Windows gets an F while Linux gets an A.

• User data confidentiality. All those commands that I grew comfortable with on UNIX (e.g., chmodchownumask) for protecting or sharing my data are in Linux and are easy for me to work with. Although the features are relatively on the light side as industrial strength file access control goes, the tools and capabilities are readily available and they work pretty darned well.

While it’s true that Windows has equivalent commands and GUI interfaces for protecting one’s data, I’ve always found them to be awkward at best, and generally defaulting to open (world read-write) unless I go out of my way to lock down my own files.

Now, to be fair, I have to point out that the Windows NTFS file system has a phenomenally powerful set of features when it comes to file/directory access control and auditing. Indeed, when used properly, an NTFS file system can be very tightly configured to the needs of a user or application. The problem is that so few people do it or even know how to do it.

One other factor here is the availability of third-party file and disk encryption products. Here Windows clearly has the upper hand, and I’m noticing more and more corporate laptops employing disk encryption as a standard configuration item. (I guess we can thank the likes of the U.S. Veterans Administration for that.)

Qualitative score: Windows gets a B- while Linux gets a B+.

• Patch practices. Here Windows shines (finally). With Windows Update being readily available and running by default as of XP SP2, things are finally looking up for Windows users. From the perspective of an end-user seeking to keep his computer up to date with the current vendor-supplied security patches, Windows sure does make things easy.

Linux isn’t too far in the distance, though. Most Linux distributions do a respectable job at automated security patch management. Many are opt-in, however, and the interface varies from one distribution to the next, making it a bit less easy to do things properly for a typical end-user.

The elapsed time from notification to patch, on the other hand, can vary substantially. Overall, and again from a highly subjective viewpoint, I give a slight edge to Linux, but I do feel that Microsoft has made great advances in the past few years.

Qualitative score: Windows gets an A- while Linux gets a B+.

With these scores in mind, I have absolutely no doubt that my data is safest on a Linux system than on a Windows system. And that ends my three-way comparison of the user-level security in OS X, Windows, and Linux. I’ve tried to be as fair as I can, and have given credit where each is worthy of it – and wrath where it’s not.

My overall winner remains Apple’s OS X, which offers the best of both worlds (UNIX and Windows-like) to me. I have the native desktop apps that I need to do business, and underneath it all is the familiar face of UNIX. I’m at $HOME.

In closing, I should also say that a person determined to keep her data secure can certainly use any of these three operating systems successfully. There’s enough good in the worst of them (and bad in the best of them) that what matters most is really learning how to use all the security capabilities of the OS you’re most comfortable with.

 

Ref: http://www.esecurityplanet.com/views/article.php



A FEW HANDY ( CONSOLE ) COMMANDS:      REF

Command Description
apropos whatis Show commands pertinent to string. See also threadsafe
man -t ascii | ps2pdf - > ascii.pdf make a pdf of a manual page
  which command Show full path name of command
  time command See how long a command takes
time cat Start stopwatch. Ctrl-d to stop. See also sw
dir navigation
cd - Go to previous directory
cd Go to $HOME directory
  (cd dir && command) Go to dir, execute command and return to current dir
pushd . Put current dir on stack so you can popd back to it
alias l='ls -l --color=auto' quick dir listing
ls -lrt List files by date. See also newest and find_mm_yyyy
ls /usr/bin | pr -T9 -W$COLUMNS Print in 9 columns to width of terminal
  find -name '*.[ch]' | xargs grep -E 'expr' Search 'expr' in this dir and below. See also findrepo
  find -type f -print0 | xargs -r0 grep -F 'example' Search all regular files for 'example' in this dir and below
  find -maxdepth 1 -type f | xargs grep -F 'example' Search all regular files for 'example' in this dir
  find -maxdepth 1 -type d | while read dir; do echo $dir; echo cmd2; done Process each item with multiple commands (in while loop)
find -type f ! -perm -444 Find files not readable by all (useful for web site)
find -type d ! -perm -111 Find dirs not accessible by all (useful for web site)
locate -r 'file[^/]*\.txt' Search cached index for names. This re is like glob *file*.txt
look reference Quickly search (sorted) dictionary for prefix
grep --color reference /usr/share/dict/words Highlight occurances of regular expression in dictionary
archives and compression
  gpg -c file Encrypt file
  gpg file.gpg Decrypt file
  tar -c dir/ | bzip2 > dir.tar.bz2 Make compressed archive of dir/
  bzip2 -dc dir.tar.bz2 | tar -x Extract archive (use gzip instead of bzip2 for tar.gz files)
  tar -c dir/ | gzip | gpg -c | ssh user@remote 'dd of=dir.tar.gz.gpg' Make encrypted archive of dir/ on remote machine
  find dir/ -name '*.txt' | tar -c --files-from=- | bzip2 > dir_txt.tar.bz2 Make archive of subset of dir/ and below
  find dir/ -name '*.txt' | xargs cp -a --target-directory=dir_txt/ --parents Make copy of subset of dir/ and below
  ( tar -c /dir/to/copy ) | ( cd /where/to/ && tar -x -p ) Copy (with permissions) copy/ dir to /where/to/ dir
  ( cd /dir/to/copy && tar -c . ) | ( cd /where/to/ && tar -x -p ) Copy (with permissions) contents of copy/ dir to /where/to/
  ( tar -c /dir/to/copy ) | ssh -C user@remote 'cd /where/to/ && tar -x -p' Copy (with permissions) copy/ dir to remote:/where/to/ dir
  dd bs=1M if=/dev/sda | gzip | ssh user@remote 'dd of=sda.gz' Backup harddisk to remote machine
rsync (Network efficient file copier: Use the --dry-run option for testing)
  rsync -P rsync://rsync.server.com/path/to/file file Only get diffs. Do multiple times for troublesome downloads
  rsync --bwlimit=1000 fromfile tofile Locally copy with rate limit. It's like nice for I/O
  rsync -az -e ssh --delete ~/public_html/ remote.com:'~/public_html' Mirror web site (using compression and encryption)
  rsync -auz -e ssh remote:/dir/ . && rsync -auz -e ssh . remote:/dir/ Synchronize current directory with remote one
ssh (Secure SHell)
  ssh $USER@$HOST command Run command on $HOST as $USER (default command=shell)
ssh -f -Y $USER@$HOSTNAME xeyes Run GUI command on $HOSTNAME as $USER
  scp -p -r $USER@$HOST: file dir/ Copy with permissions to $USER's home directory on $HOST
  scp -c arcfour $USER@$LANHOST: bigfile Use faster crypto for local LAN. This might saturate GigE
  ssh -g -L 8080:localhost:80 root@$HOST Forward connections to $HOSTNAME:8080 out to $HOST:80
  ssh -R 1434:imap:143 root@$HOST Forward connections from $HOST:1434 in to imap:143
  ssh-copy-id $USER@$HOST Install public key for $USER@$HOST for password-less log in
wget (multi purpose download tool)
(cd dir/ && wget -nd -pHEKk http://www.pixelbeat.org/cmdline.html) Store local browsable version of a page to the current dir
  wget -c http://www.example.com/large.file Continue downloading a partially downloaded file
  wget -r -nd -np -l1 -A '*.jpg' http://www.example.com/dir/ Download a set of files to the current directory
  wget ftp://remote/file[1-9].iso/ FTP supports globbing directly
wget -q -O- http://www.pixelbeat.org/timeline.html | grep 'a href' | head Process output directly
  echo 'wget url' | at 01:00 Download url at 1AM to current dir
  wget --limit-rate=20k url Do a low priority download (limit to 20KB/s in this case)
  wget -nv --spider --force-html -i bookmarks.html Check links in a file
  wget --mirror http://www.example.com/ Efficiently update a local copy of a site (handy from cron)
networking (Note ifconfig, route, mii-tool, nslookup commands are obsolete)
  ethtool eth0 Show status of ethernet interface eth0
  ethtool --change eth0 autoneg off speed 100 duplex full Manually set ethernet interface speed
  iwconfig eth1 Show status of wireless interface eth1
  iwconfig eth1 rate 1Mb/s fixed Manually set wireless interface speed
iwlist scan List wireless networks in range
ip link show List network interfaces
  ip link set dev eth0 name wan Rename interface eth0 to wan
  ip link set dev eth0 up Bring interface eth0 up (or down)
ip addr show List addresses for interfaces
  ip addr add 1.2.3.4/24 brd + dev eth0 Add (or del) ip and mask (255.255.255.0)
ip route show List routing table
  ip route add default via 1.2.3.254 Set default gateway to 1.2.3.254
host pixelbeat.org Lookup DNS ip address for name or vice versa
hostname -i Lookup local ip address (equivalent to host `hostname`)
whois pixelbeat.org Lookup whois info for hostname or ip address
netstat -tupl List internet services on a system
netstat -tup List active connections to/from system
windows networking (Note samba is the package that provides all this windows specific networking support)
smbtree Find windows machines. See also findsmb
  nmblookup -A 1.2.3.4 Find the windows (netbios) name associated with ip address
  smbclient -L windows_box List shares on windows machine or samba server
  mount -t smbfs -o fmask=666,guest //windows_box/share /mnt/share Mount a windows share
  echo 'message' | smbclient -M windows_box Send popup to windows machine (off by default in XP sp2)
text manipulation (Note sed uses stdin and stdout. Newer versions support inplace editing with the -i option)
  sed 's/string1/string2/g' Replace string1 with string2
  sed 's/\(.*\)1/\12/g' Modify anystring1 to anystring2
  sed '/ *#/d; /^ *$/d' Remove comments and blank lines
  sed ':a; /\\$/N; s/\\\n//; ta' Concatenate lines with trailing \
  sed 's/[ \t]*$//' Remove trailing spaces from lines
  sed 's/\([`"$\]\)/\\\1/g' Escape shell metacharacters active within double quotes
seq 10 | sed "s/^/      /; s/ *\(.\{7,\}\)/\1/" Right align numbers
  sed -n '1000{p;q}' Print 1000th line
  sed -n '10,20p;20q' Print lines 10 to 20
  sed -n 's/.*<title>\(.*\)<\/title>.*/\1/ip;T;q' Extract title from HTML web page
  sed -i 42d ~/.ssh/known_hosts Delete a particular line
  sort -t. -k1,1n -k2,2n -k3,3n -k4,4n Sort IPV4 ip addresses
echo 'Test' | tr '[:lower:]' '[:upper:]' Case conversion
tr -dc '[:print:]' < /dev/urandom Filter non printable characters
tr -s '[:blank:]' '\t' </proc/diskstats | cut -f4 cut fields separated by blanks
history | wc -l Count lines
set operations (Note you can export LANG=C for speed. Also these assume no duplicate lines within a file)
  sort file1 file2 | uniq Union of unsorted files
  sort file1 file2 | uniq -d Intersection of unsorted files
  sort file1 file1 file2 | uniq -u Difference of unsorted files
  sort file1 file2 | uniq -u Symmetric Difference of unsorted files
  join -t'\0' -a1 -a2 file1 file2 Union of sorted files
  join -t'\0' file1 file2 Intersection of sorted files
  join -t'\0' -v2 file1 file2 Difference of sorted files
  join -t'\0' -v1 -v2 file1 file2 Symmetric Difference of sorted files
math
echo '(1 + sqrt(5))/2' | bc -l Quick math (Calculate φ). See also bc
seq -f '4/%g' 1 2 99999 | paste -sd-+ | bc -l Calculate π the unix way
echo 'pad=20; min=64; (100*10^6)/((pad+min)*8)' | bc More complex (int) e.g. This shows max FastE packet rate
echo 'pad=20; min=64; print (100E6)/((pad+min)*8)' | python Python handles scientific notation
echo 'pad=20; plot [64:1518] (100*10**6)/((pad+x)*8)' | gnuplot -persist Plot FastE packet rate vs packet size
echo 'obase=16; ibase=10; 64206' | bc Base conversion (decimal to hexadecimal)
echo $((0x2dec)) Base conversion (hex to dec) ((shell arithmetic expansion))
units -t '100m/9.58s' 'miles/hour' Unit conversion (metric to imperial)
units -t '500GB' 'GiB' Unit conversion (SI to IEC prefixes)
units -t '1 googol' Definition lookup
seq 100 | (tr '\n' +; echo 0) | bc Add a column of numbers. See also add and funcpy
calendar
cal -3 Display a calendar
cal 9 1752 Display a calendar for a particular month year
date -d fri What date is it this friday. See also day
[ $(date -d '12:00 +1 day' +%d) = '01' ] || exit exit a script unless it's the last day of the month
date --date='25 Dec' +%A What day does xmas fall on, this year
date --date='@2147483647' Convert seconds since the epoch (1970-01-01 UTC) to date
TZ='America/Los_Angeles' date What time is it on west coast of US (use tzselect to find TZ)
date --date='TZ="America/Los_Angeles" 09:00 next Fri' What's the local time for 9AM next Friday on west coast US
locales
printf "%'d\n" 1234 Print number with thousands grouping appropriate to locale
BLOCK_SIZE=\'1 ls -l Use locale thousands grouping in ls. See also l
echo "I live in `locale territory`" Extract info from locale database
LANG=en_IE.utf8 locale int_prefix Lookup locale info for specific country. See also ccodes
locale -kc $(locale | sed -n 's/\(LC_.\{4,\}\)=.*/\1/p') | less List fields available in locale database
recode (Obsoletes iconv, dos2unix, unix2dos)
recode -l | less Show available conversions (aliases on each line)
  recode windows-1252.. file_to_change.txt Windows "ansi" to local charset (auto does CRLF conversion)
  recode utf-8/CRLF.. file_to_change.txt Windows utf8 to local charset
  recode iso-8859-15..utf8 file_to_change.txt Latin9 (western europe) to utf8
  recode ../b64 < file.txt > file.b64 Base64 encode
  recode /qp.. < file.qp > file.txt Quoted printable decode
  recode ..HTML < file.txt > file.html Text to HTML
recode -lf windows-1252 | grep euro Lookup table of characters
echo -n 0x80 | recode latin-9/x1..dump Show what a code represents in latin-9 charmap
echo -n 0x20AC | recode ucs-2/x2..latin-9/x Show latin-9 encoding
echo -n 0x20AC | recode ucs-2/x2..utf-8/x Show utf-8 encoding
CDs
  gzip < /dev/cdrom > cdrom.iso.gz Save copy of data cdrom
  mkisofs -V LABEL -r dir | gzip > cdrom.iso.gz Create cdrom image from contents of dir
  mount -o loop cdrom.iso /mnt/dir Mount the cdrom image at /mnt/dir (read only)
  cdrecord -v dev=/dev/cdrom blank=fast Clear a CDRW
  gzip -dc cdrom.iso.gz | cdrecord -v dev=/dev/cdrom - Burn cdrom image (use dev=ATAPI -scanbus to confirm dev)
  cdparanoia -B Rip audio tracks from CD to wav files in current dir
  cdrecord -v dev=/dev/cdrom -audio -pad *.wav Make audio CD from all wavs in current dir (see also cdrdao)
  oggenc --tracknum='track' track.cdda.wav -o 'track.ogg' Make ogg file from wav file
disk space (See also FSlint)
ls -lSr Show files by size, biggest last
du -s * | sort -k1,1rn | head Show top disk users in current dir. See also dutop
du -hs /home/* | sort -k1,1h Sort paths by easy to interpret disk usage
df -h Show free space on mounted filesystems
df -i Show free inodes on mounted filesystems
fdisk -l Show disks partitions sizes and types (run as root)
rpm -q -a --qf '%10{SIZE}\t%{NAME}\n' | sort -k1,1n List all packages by installed size (Bytes) on rpm distros
dpkg-query -W -f='${Installed-Size;10}\t${Package}\n' | sort -k1,1n List all packages by installed size (KBytes) on deb distros
dd bs=1 seek=2TB if=/dev/null of=ext3.test Create a large test file (taking no space). See also truncate
> file truncate data of file or create an empty file
monitoring/debugging
tail -f /var/log/messages Monitor messages in a log file
strace -c ls >/dev/null Summarise/profile system calls made by command
strace -f -e open ls >/dev/null List system calls made by command
strace -f -e trace=write -e write=1,2 ls >/dev/null Monitor what's written to stdout and stderr
ltrace -f -e getenv ls >/dev/null List library calls made by command
lsof -p $$ List paths that process id has open
lsof ~ List processes that have specified path open
tcpdump not port 22 Show network traffic except ssh. See also tcpdump_not_me
ps -e -o pid,args --forest List processes in a hierarchy
ps -e -o pcpu,cpu,nice,state,cputime,args --sort pcpu | sed '/^ 0.0 /d' List processes by % cpu usage
ps -e -orss=,args= | sort -b -k1,1n | pr -TW$COLUMNS List processes by mem (KB) usage. See also ps_mem.py
ps -C firefox-bin -L -o pid,tid,pcpu,state List all threads for a particular process
ps -p 1,$$ -o etime= List elapsed wall time for particular process IDs
last reboot Show system reboot history
free -m Show amount of (remaining) RAM (-m displays in MB)
watch -n.1 'cat /proc/interrupts' Watch changeable data continuously
udevadm monitor Monitor udev events to help configure rules
system information (see also sysinfo) ('#' means root access is required)
uname -a Show kernel version and system architecture
head -n1 /etc/issue Show name and version of distribution
cat /proc/partitions Show all partitions registered on the system
grep MemTotal /proc/meminfo Show RAM total seen by the system
grep "model name" /proc/cpuinfo Show CPU(s) info
lspci -tv Show PCI info
lsusb -tv Show USB info
mount | column -t List mounted filesystems on the system (and align output)
grep -F capacity: /proc/acpi/battery/BAT0/info Show state of cells in laptop battery
# dmidecode -q | less Display SMBIOS/DMI information
# smartctl -A /dev/sda | grep Power_On_Hours How long has this disk (system) been powered on in total
# hdparm -i /dev/sda Show info about disk sda
# hdparm -tT /dev/sda Do a read speed test on disk sda
# badblocks -s /dev/sda Test for unreadable blocks on disk sda
interactive (see also linux keyboard shortcuts)
readline Line editor used by bash, python, bc, gnuplot, ...
screen Virtual terminals with detach capability, ...
mc Powerful file manager that can browse rpm, tar, ftp, ssh, ...
gnuplot Interactive/scriptable graphing
links Web browser
xdg-open . open a file or url with the registered desktop application
grep . /proc/sys/net/ipv4/* List the contents of flag files
set | grep $USER Search current environment
tr '\0' '\n' < /proc/$$/environ Display the startup environment for any process
echo $PATH | tr : '\n' Display the $PATH one per line
kill -0 $$ && echo process exists and can accept signals Check for the existence of a process (pid)
find /etc -readable | xargs less -K -p'*ntp' -j $((${LINES:-25}/2)) Search paths and data with full context. Use n to iterate
Low impact admin
# apt-get install "package" -o Acquire::http::Dl-Limit=42 \
-o Acquire::Queue-mode=access		 Rate limit apt-get to 42KB/s
  echo 'wget url' | at 01:00 Download url at 1AM to current dir
# apache2ctl configtest && apache2ctl graceful Restart apache if config is OK
nice openssl speed sha1 Run a low priority command (openssl benchmark)
chrt -i 0 openssl speed sha1 Run a low priority command (more effective than nice)
renice 19 -p $$; ionice -c3 -p $$ Make shell (script) low priority. Use for non interactive tasks
Interactive monitoring
watch -t -n1 uptime Clock with system load
htop -d 5 Better top (scrollable, tree view, lsof/strace integration, ...)
iotop What's doing I/O
# watch -d -n30 "nice ps_mem.py | tail -n $((${LINES:-12}-2))" What's using RAM
# iftop What's using the network. See also iptraf
# mtr www.pixelbeat.org ping and traceroute combined
Useful utilities
pv < /dev/zero > /dev/null Progress Viewer for data copying from files and pipes
wkhtml2pdf http://.../linux_commands.html linux_commands.pdf Make a pdf of a web page
timeout 1 sleep 3 run a command with bounded time. See also timeout
Networking
python -m SimpleHTTPServer Serve current directory tree at http://$HOSTNAME:8000/
openssl s_client -connect www.google.com:443 </dev/null 2>&0 |
openssl x509 -dates -noout		 Display the date range for a site's certs
curl -I www.pixelbeat.org Display the server headers for a web site
# lsof -i tcp:80 What's using port 80
# httpd -S Display a list of apache virtual hosts
vim scp://user@remote//path/to/file Edit remote file using local vim. Good for high latency links
curl -s http://www.pixelbeat.org/pixelbeat.asc | gpg --import Import a gpg key from the web
tc qdisc add dev lo root handle 1:0 netem delay 20msec Add 20ms latency to loopback device (for testing)
tc qdisc del dev lo root Remove latency added above
Notification
echo "DISPLAY=$DISPLAY xmessage cooker" | at "NOW +30min" Popup reminder
notify-send "subject" "message" Display a gnome popup notification
  echo "mail -s 'go home' P@draigBrady.com < /dev/null" | at 17:30 Email reminder
  uuencode file name | mail -s subject P@draigBrady.com Send a file via email
  ansi2html.sh | mail -a "Content-Type: text/html" P@draigBrady.com Send/Generate HTML email
Better default settings (useful in your .bashrc)
# tail -s.1 -f /var/log/messages Display file additions more responsively
seq 100 | tail -n $((${LINES:-12}-2)) Display as many lines as possible without scrolling
# tcpdump -s0 Capture full network packets
Useful functions/aliases (useful in your .bashrc)
md () { mkdir -p "$1" && cd "$1"; } Change to a new directory
strerror() { python -c "import os; print os.strerror($1)"; } Display the meaning of an errno
plot() { { echo 'plot "-"' "$@"; cat; } | gnuplot -persist; } Plot stdin. (e.g: • seq 1000 | sed 's/.*/s(&)/' | bc -l | plot)
hili() { e="$1"; shift; grep --col=always -Eih "$e|$" "$@"; } highlight occurences of expr. (e.g: • env | hili $USER)
alias hd='od -Ax -tx1z -v' Hexdump. (usage e.g.: • hd /proc/self/cmdline | less)
alias realpath='readlink -f' Canonicalize path. (usage e.g.: • realpath ~/../$USER)
ord() { printf "0x%x\n" "'$1"; } shell version of the ord() function
chr() { printf $(printf '\\%03o\\n' "$1"); } shell version of the chr() function
Multimedia
DISPLAY=:0.0 import -window root orig.png Take a (remote) screenshot
convert -filter catrom -resize '600x>' orig.png 600px_wide.png Shrink to width, computer gen images or screenshots
  mplayer -ao pcm -vo null -vc dummy /tmp/Flash* Extract audio from flash video to audiodump.wav
  ffmpeg -i filename.avi Display info about multimedia file
ffmpeg -f x11grab -s xga -r 25 -i :0 -sameq demo.mpg Capture video of an X display
DVD
  for i in $(seq 9); do ffmpeg -i $i.avi -target pal-dvd $i.mpg; done Convert video to the correct encoding and aspect for DVD
  dvdauthor -odvd -t -v "pal,4:3,720xfull" *.mpg;dvdauthor -odvd -T Build DVD file system. Use 16:9 for widescreen input
  growisofs -dvd-compat -Z /dev/dvd -dvd-video dvd Burn DVD file system to disc
Unicode
python -c "import unicodedata as u; print u.name(unichr(0x2028))" Lookup a unicode character
uconv -f utf8 -t utf8 -x nfc Normalize combining characters
printf '\300\200' | iconv -futf8 -tutf8 >/dev/null Validate UTF-8
printf 'ŨTF8\n' | LANG=C grep --color=always '[^ -~]\+' Highlight non printable ASCII chars in UTF-8
fc-match -s "sans:lang=zh" List font match order for language and style
Development
gcc -march=native -E -v -</dev/null 2>&1|sed -n 's/.*-mar/-mar/p' Show autodetected gcc tuning params. See also gcccpuopt
for i in $(seq 4); do { [ $i = 1 ] && wget http://url.ie/6lko -qO-||
./a.out; } | tee /dev/tty | gcc -xc - 2>/dev/null; done		 Compile and execute C code from stdin
cpp -dM /dev/null Show all predefined macros
echo "#include <features.h>" | cpp -dN | grep "#define __USE_" Show all glibc feature macros
  gdb -tui Debug showing source code context in separate windows
udev
udevadm info -a -p $(udevadm info -q path -n /dev/input/mouse0) List udev attributes of a device, for matching rules etc.
udevadm test /sys/class/input/mouse0 See how udev rules are applied for a device
# udevadm control --reload-rules Reload udev rules after modification
Extended Attributes (Note you may need to (re)mount with "acl" or "user_xattr" options)
getfacl . Show ACLs for file
setfacl -m u:nobody:r . Allow a specific user to read file
setfacl -x u:nobody . Delete a specific user's rights to file
  setfacl --default -m group:users:rw- dir/ Set umask for a for a specific dir
  getcap file Show capabilities for a program
  setcap cap_net_raw+ep your_gtk_prog Allow gtk program raw access to network
stat -c%C . Show SELinux context for file
  chcon ... file Set SELinux context for file (see also restorecon)
getfattr -m- -d . Show all extended attributes (includes selinux,acls,...)
setfattr -n "user.foo" -v "bar" . Set arbitrary user attributes
BASH specific
echo 123 | tee >(tr 1 a) | tr 1 b Split data to 2 commands (using process substitution)
  meld local_file <(ssh host cat remote_file) Compare a local and remote file (using process substitution)
Multicore
taskset -c 0 nproc Restrict a command to certain processors
find -type f -print0 | xargs -r0 -P$(nproc) -n10 md5sum Process files in parallel over available processors
  sort -m <(sort data1) <(sort data2) >data.sorted Sort separate data files over 2 processors

Linux Terminal Command Reference

 

System Info

 

date – Show the current date and time
cal – Show this month's calendar
uptime – Show current uptime
w – Display who is online
whoami – Who you are logged in as
finger user – Display information about user
uname -a – Show kernel information
cat /proc/cpuinfo – CPU information
cat /proc/meminfo – Memory information
df – Show disk usage
du – Show directory space usage
free – Show memory and swap usage

 

Keyboard Shortcuts

 

Enter – Run the command
Up Arrow – Show the previous command
Ctrl + R – Allows you to type a part of the command you're looking for and finds it

Ctrl + Z – Stops the current command, resume with fg in the foreground or bg in the background
Ctrl + C – Halts the current command, cancel the current operation and/or start with a fresh new line
Ctrl + L – Clear the screen

command | less – Allows the scrolling of the bash command window using Shift + Up Arrow and Shift + Down Arrow
!! – Repeats the last command
command  !$ – Repeats the last argument of the previous command
Esc + . (a period) – Insert the last argument of the previous command on the fly, which enables you to edit it before executing the command

Ctrl + A – Return to the start of the command you're typing
Ctrl + E – Go to the end of the command you're typing
Ctrl + U – Cut everything before the cursor to a special clipboard, erases the whole line
Ctrl + K – Cut everything after the cursor to a special clipboard
Ctrl + Y – Paste from the special clipboard that Ctrl + U and Ctrl + K save their data to
Ctrl + T – Swap the two characters before the cursor (you can actually use this to transport a character from the left to the right, try it!)
Ctrl + W – Delete the word / argument left of the cursor in the current line

Ctrl + D – Log out of current session, similar to exit

 

Learn the Commands

 

apropos subject – List manual pages for subject
man -k keyword – Display man pages containing keyword
man command – Show the manual for command
man -t man | ps2pdf - > man.pdf  – Make a pdf of a manual page
which command – Show full path name of command
time command – See how long a command takes

whereis app – Show possible locations of app
which app – Show which app will be run by default; it shows the full path

 

Searching

 

grep pattern files – Search for pattern in files
grep -r pattern dir – Search recursively for pattern in dir
command | grep pattern – Search for pattern in the output of command
locate file – Find all instances of file
find / -name filename – Starting with the root directory, look for the file called filename
find / -name ”*filename*” – Starting with the root directory, look for the file containing the string filename
locate filename – Find a file called filename using the locate command; this assumes you have already used the command updatedb (see next)
updatedb – Create or update the database of files on all file systems attached to the Linux root directory
which filename – Show the subdirectory containing the executable file  called filename
grep TextStringToFind /dir – Starting with the directory called dir, look for and list all files containing TextStringToFind

 

File Permissions

 

chmod octal file – Change the permissions of file to octal, which can be found separately for user, group, and world by adding: 4 – read (r), 2 – write (w), 1 – execute (x)
Examples:
chmod 777 – read, write, execute for all
chmod 755 – rwx for owner, rx for group and world
For more options, see man chmod.

 

File Commands

 

ls – Directory listing
ls -l – List files in current directory using long format
ls -laC – List all files in current directory in long format and display in columns
ls -F – List files in current directory and indicate the file type
ls -al – Formatted listing with hidden files

cd dir – Change directory to dir
cd – Change to home
mkdir dir – Create a directory dir
pwd – Show current directory

rm name – Remove a file or directory called name
rm -r dir – Delete directory dir
rm -f file – Force remove file
rm -rf dir – Force remove an entire directory dir and all it’s included files and subdirectories (use with extreme caution)

cp file1 file2 – Copy file1 to file2
cp -r dir1 dir2 – Copy dir1 to dir2; create dir2 if it doesn't exist
cp file /home/dirname – Copy the file called filename to the /home/dirname directory

mv file /home/dirname – Move the file called filename to the /home/dirname directory
mv file1 file2 – Rename or move file1 to file2; if file2 is an existing directory, moves file1 into directory file2

ln -s file link – Create symbolic link link to file
touch file – Create or update file
cat > file – Places standard input into file
cat file – Display the file called file

more file – Display the file called file one page at a time, proceed to next page using the spacebar
head file – Output the first 10 lines of file
head -20 file – Display the first 20 lines of the file called file
tail file – Output the last 10 lines of file
tail -20 file – Display the last 20 lines of the file called file
tail -f file – Output the contents of file as it grows, starting with the last 10 lines

 

Compression

 

tar cf file.tar files– Create a tar named file.tar containing files
tar xf file.tar – Extract the files from file.tar

tar czf file.tar.gz files – Create a tar with Gzip compression
tar xzf file.tar.gz– Extract a tar using Gzip

tar cjf file.tar.bz2 – Create a tar with Bzip2 compression
tar xjf file.tar.bz2 – Extract a tar using Bzip2

gzip file – Compresses file and renames it to file.gz
gzip -d file.gz – Decompresses file.gz back to file

 

Printing

 

/etc/rc.d/init.d/lpd start – Start the print daemon
/etc/rc.d/init.d/lpd stop – Stop the print daemon
/etc/rc.d/init.d/lpd status – Display status of the print daemon
lpq – Display jobs in print queue
lprm – Remove jobs from queue
lpr – Print a file
lpc – Printer control tool
man subject | lpr – Print the manual page called subject as plain text
man -t subject | lpr – Print the manual page called subject as Postscript output
printtool – Start X printer setup interface

 

Network

 

ifconfig – List IP addresses for all devices on the local machine
ping host – Ping host and output results
whois domain – Get whois information for domain
dig domain – Get DNS information for domain
dig -x host – Reverse lookup host
wget file – Download file
wget -c file – Continue a stopped download

 

SSH

 

ssh user@host – Connect to host as user
ssh -p port user@host – Connect to host on port port as user
ssh-copy-id user@host – Add your key to host for user to enable a keyed or passwordless login

 

User Administration

 

adduser accountname – Create a new user call accountname
passwd accountname – Give accountname a new password
su – Log in as superuser from current login
exit – Stop being superuser and revert to normal user

 

Process Management

 

ps – Display your currently active processes
top – Display all running processes
kill pid – Kill process id pid
killall proc – Kill all processes named proc (use with extreme caution)
bg – Lists stopped or background jobs; resume a stopped job in the background
fg – Brings the most recent job to foreground
fg n – Brings job n to the foreground

 

Installation from source

 

./configure
make
make install
dpkg -i pkg.deb – install a DEB package (Debian / Ubuntu / Linux Mint)
rpm -Uvh pkg.rpm – install a RPM package (Red Hat / Fedora)

 

Stopping & Starting

 

shutdown -h now – Shutdown the system now and do not reboot
halt – Stop all processes - same as above
shutdown -r 5 – Shutdown the system in 5 minutes and reboot
shutdown -r now – Shutdown the system now and reboot
reboot – Stop all processes and then reboot - same as above
startx – Start the X system


Ref: http://community.linuxmint.com/tutorial/view/244

Security Audit Tools:

Perform a "Security Risk Assessment" on your system with the following tools.

  1. System Audit
    • Chkrootkit (YoLinux tutorial) - Scan system for trojans, worms and exploits.
    • Root kit detection:
      • checkps - detect rootkits by detecting falsified output and similar anomalies. The ps check should work on anything with /proc. Also uses netstat.
      • Rootkit hunter - scans for rootkits, back doors and local exploits
      • Rkdet - root kit detector daemon. Intended to catch someone installing a rootkit or running a packet sniffer.
    • fsaudit - Perl script to scan filesystems and search for suspicious looking directories
    • COPS: Computer Oracle and Password System - UNIX security checks. Programs and shell scripts which perform security checks. Checks include file and directory permissions, passwords, system scripts, SUID files, ftp configuration check, ...
    • SARA - Security Auditor's Research Assistant - network security vulnerability scanner for SQL injections, remote scans, etc. (follow-on to the SATAN analysis tool)
    • TAMU - Texas A&M University developed tools

  2. Network Vulnerability Audits:
  • Nessus (YoLinux tutorial) - Remote security scanner - This is my favorite security audit tool!! Checks service exploits and vulnerabilities.
  • ISIC - IP Stack Integrity Checker
  • Argus - IP network transaction auditing tool. This daemon promiscuously reads network datagrams from a specified interface, and generates network traffic status records
    Argus 2
  • SAINT - Finds computers on the network, port scans and does a vulnerability check and outputs a report. - Commercial product.
  • InterSect Alliance - Intrusion analysis. Identifies malicious or unauthorized access attempts.
  • Linuxforce: AdminForce CGI Auto Audit - CGI script analyzer to find security deficiencies.
  1. Wireless:

Port Scanners:

Used to identify computer network services available for exploit.
  • nmap - Port scanner and security scanning and investigation tool
    • NmapFe - GUI front-end to NMAP
    • KNmap - KDE front-end
    • pbnj - Diff nmap scans to find changes to systems on the network.
    • nmap3d - nmap post processing to 3-d VRML
    • nmap-sql - log scans to database
  • portscan - C++ Port Scanner will try to connect on every port you define for a particular host.
  • pof - passive OS fingerprinting.
  • Web/http scan:
    • Nikto - web server scanner. CGI, vulnerability checks. Not a stealthy tool. For security tests.

Portscanning Information:


Network Sniffers:
Linux Tools for Network Examination.
  • DSniff - network tools for auditing and penetration testing.
  • Wireshark - full network protocol sniffer/analyzer
    (Ethereal - legacy. Now Wireshark)
  • IPTraf - curses based IP LAN monitor
  • TcpDump - network monitor and data acquisition
    • VOMIT - Voice Over Misconfigured Internet Telephones - Use TCP dump of VOIP stream and convert to WAV file.
      Cisco Call Manager depends on MS/SQL server and are thus vulnerable to SQL Slammer attacks.
  • KISMET - 802.11a/b/g wireless network detector, sniffer and intrusion detection system.
  • DISCO - Passive IP discovery and fingerprinting tool. Sits on a segment of a network to discover unique IPs and identify them.
  • Yersina - Framework for analyzing and testing the deployed networks and systems. Designed to take advantage of some weakness in different Layer 2 protocols: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).
  • YoLinux.com List of network monitoring tools and example tcpdump sessions

Hacker Tools:

  1. Password crackers:
(can also be part of a vulnerability audit)
  • John the Ripper - weak password detection. crypt, Kerberos AFS, MS/Windows LM, ...
  • lCRACK - password hacker, dictionary, brute force incremental, ...

  1. Exploits:
  1. Exploit framework:
  • MetaSploit - Exploit launcher, test and development tool

  1. Other Links:

Security Infrastructure Software Tools:


  1. Commercial Vendors:

Online Web Based Tools:


Software Updates and Security fixes:


Forensic and Data Recovery Tools:


Anti-Virus Software:

This has typically been the domain of the Microsoft Windows and Outlook products and NOT Linux but Linux administrators running SAMBA file servers often must be aware of these viruses. There are according to Symantec 68 Linux specific viruses and worms including the Ramen worm which attempts to attack unpatched rpc.statd, wuftpd, and LPRng.

  1. Anti-Virus products:
  1. Virus info:
  1. Virus email alert:

Attacks:


Honeypots:

How to bait and catch the evil hackers:


NISPOM (National Industry Security Program Operating Manual) chapter 8 is a computer security requirement developed by the US DoD (Department of Defe

 

DoD/DoE NISPOM Chapter 8 computer security configuration for Linux:

nse - US) and DoE (Department of Energy) and published by the DSS (Defense Security Service) which US defense contractors are required to meet when processing classified data on computers in a classified environment. Linux as issued by major distros defaults do not meet this requirement. Use the following software packages/configurations:

  1. Use central authentication server (LDAP or NIS) with the proper security policies. See YoLinux LDAP authentication tutorial.
  2. Meet reporting requirements: This auditing and reporting requirement can be met using Snare. This requires a kernel patch (or use of one of the kernels [RHEL3 or RHEL4] downloaded from the Snare home page.) and the running of a Snare audit daemon. It meets C-2 reporting requirements and records logins/logoffs, file and directory access, access denial, ...
    Newer Linux distributions running auditd (RHEL4, FC3+) can get compliant results.
    Snare home page. For more aggressive reporting requirements, see Computer Associates eTrust Security Information Management.
  3. Grant admin privileges without giving root password. Granular delegation of root privileges. File and directory access control. Symark.com: PowerBroker
  4. Virus scanner. (See above list)
  1. Links:

Standards and Security Certification:

  • GIAC.org - SANS (SysAdmin, Audit, Network, Security) Institute
  • ISACA.org - The Information Systems Audit and Control Association & Foundation
  • CISA - Community Information Strategies Australia Inc.
  • COBIT - Control Objectives for Information and related Technology

Links:


 


INTERNET TV
For most of the twentieth century, the only ways to watch television  More
FREE TV ONLINE CHANNELS
MOBILE
China: Internet Network Information Center, at the end of 2012  More
FREE MOBILE SOFTWARES/APPs
PC / MAC
Mac or PC: it's the perennial debate for anyone  More
REVIEWS: NEWS TECH SUPPORT
EMAIL
Don't let the simple, easy to access face fool you! There's more  More
FREE EMAIL SOFTWARES
NEWS RSS
With the recent redesign of the infamous and geek-loved  More
FREE LATEST TECH NEWS