-
December 29th, 2002, 01:07 PM
#1
Linux Tips And Tricks...
Hi..guys/gals, I have collections of Linux tips and tricks...
I hope this things..make you easy to learn Linux specially for Linux beginner( like me..)and BTW
don't be afraid to "dive in" in Linux:
1. Control D ( for your shell box)
This one most of you may know, but some of you don't know. Do you type "exit" all the time when
trying to get out of a terminal program? Or do you look for the big X to close that term out?
Well, simply hit the keyboard combinations of "ctrl + d" and it will log you out!
2. Control L (for your shell box)
Another really cool useful tool while in an Xterm. Lets say you have tons of stuff on your screen
and you want to work from a "blank palette". If you hit the following keyboard combinations:
"ctrl + l", then it will clear your screen for you.
3. You need to check what ports are open on your system and which ones you ought therefore to
secure. One such command is "netstat" (see the manpage for more details of syntax etc.),
which when used as below can be most useful:
netstat -paut
It shows each TCP and UDP port that is listening along with
the process that owns the port.
4. Another incredibly useful command that does much the same thing is "lsof"
(lists open files), it might not be installed on your box by default
so look through your distro CD or website.On many Linux systems, LSOF will be installed by
default. Try running lsof -v to see whether the program exists on your system. Search the output
with grep
for the string "LISTEN" as below, and observe the results:
lsof | grep LISTEN
5. Also, if you are paranoid, I would suggest getting the tripwire package.
This will monitor your system for changed system files.
6.Try to use your nmap scanner to check your own box.
If you don't have Nmap, you can download it from:
http://www.insecure.org/nmap/
Try this with it:
nmap -sTU localhost
7. There are other useful tools for auditing your box, this one, called
Saint, is quite nice and very easy to use as well, it is controlled via
your web browser:
http://www.wwdsi.com/saint/
8. Another thing you might want to consider as a dial-up user is using a
logger such as ippl or iplog, which you can get here:
http://www.numb.org/~odin/
http://www.via.ecp.fr/~hugo/ippl/
These daemons log TCP, UDP and ICMP traffic and are very useful for
detecting port scans and attempts to compromise your box. By default
output is sent to /var/log/messages. So you can watch what's happening
in real-time, open a term if you're in X-Windows or switch to another
virtual console otherwise and try this out:
tail -f /var/log/messages
9. Keep up to date with announcements of exploits and their appropriate
fixes so you know what to look out for, these URLs are especially good:
http://www.securityfocus.com
http://www.freshmeat.net
10. Use "pmap_dump" command to see RPC registered daemons...
11. If you have ipchains, you can type the following to avoid banners when surfing:
ipchains -A output -d 199.95.207.0/24 -j REJECT
ipchains -A output -d 199.95.208.0/24 -j REJECT
ipchains -A output -d www.doubleclick.net -j REJECT
ipchains -A output -d ad.doubleclick.net -j REJECT
ipchains -A output -d ad.doubleclick.com -j REJECT
ipchains -A output -d ad.preferences.com -j REJECT
ipchains -A output -d adbot.theonion.com -j REJECT
ipchains -A output -d adpick.switchboard.com -j REJECT
ipchains -A output -d ads.i33.com -j REJECT
ipchains -A output -d ads.infospace.com -j REJECT
ipchains -A output -d ads.msn.com -j REJECT
ipchains -A output -d ads.switchboard.com -j REJECT
12. If you have IPtables...to get a complete listing of iptables rules that are active on your
system, run the following commands(you need to log in as root):
/sbin/iptables -t nat -L -n -v
/sbin/iptables -t mangle -L -n -v
/sbin/iptables -t filter -L -n -v
And of course..you can use /sbin/iptables -L
13. Another netstat command if you paranoid as me..
# watch netstat -na | grep -i established
14. If you wanna know what applications and programs are running on your linux shell.
Type The Command ps ux should give you enough details. including the PID and the memory / CPU
Usage.
15. My font in Linux to small so I edited /etc/X11/fs/config (use your own favorit editor), and
you willl see something like this :
/usr/X11R6/lib/X11/fonts/75dpi:unscaled, <<< I edit to /usr/X11R6/lib/X11/fonts/100dpi:unscaled,
/usr/X11R6/lib/X11/fonts/100dpi:unscaled,
After that ... Restart the font server as 'root' with "service xfs restart" to let the changes
take effect.
And BTW ..feel free to add some tips/tricks if you have one..cause I'm still learning..about Linux/*nix
Cheerss
Not an image or image does not exist!
Not an image or image does not exist!
-
December 29th, 2002, 05:38 PM
#2
thanx for tha links !
will have phun reading over them
=)
-
December 30th, 2002, 05:26 AM
#3
This is pretty cool Sweet Angel. Thanks for the information. I am still a Rookie with nix so this definitely helps! One question though, is this something that might better fit into the Tutorials? I only ask because I was thinking of posting information of this nature.
Thanks again.
Opinions are like holes - everybody\'s got\'em.
Smile
-
December 30th, 2002, 05:39 AM
#4
is this something that might better fit into the Tutorials?
Thanks for mentioned that t2k2... actually I almost posted this thread to tutorial forum..but again..I was thinking..about..*nix security.(I have to choose between *nix security..and tutorial..and I choose *nix security..)
But I agreed with you this one fit too...for tutorial.
cheerss
Not an image or image does not exist!
Not an image or image does not exist!
-
January 8th, 2003, 06:04 PM
#5
Junior Member
great info for us newbies. especially the security tips. thanks alot!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|