The purpose of this blog entry is to document a few basic Linux
commands that i find useful. I'm fairly new to Linux and recording these
commands gives me a point of reference and helps me remember them.
It's important to note that in Linux syntax is case sensitive.
I am using Ubuntu so my syntax may differ slightly to yours if you are using another distro. If you want to learn more about any of the commands i list try the following:
man command (e.g man ls)
or
command -h
or
command --help
The sections i have added so far are:
1. Users
2. Navigation
3. Files
4. Networking
5. Hardware
6. System Tools
I will add to this document as i learn more commands.
1. Users
To add a new user called bob:
adduser bob
To switch to a new user called bob:
su bob
To change bobs password:
passwd bob
To switch straight to root:
su
To run a command as root whilst logged in as another user:
sudo command
* this assumes you are in the sudo group.
To view which user you are currently logged in as use:
whoami
2. Navigation
To list directories use:
ls
To list all directories including hidden and permissions use:
ls -la
To list all directories in another folder use the following syntax:
ls -la /home/bob/
In the output anything preceded with a . is hidden.
To change directory use:
cd directory_name
Or the path:
cd /etc/directory_name
To move back in the directory structure use:
cd ..
or
cd ../..
To navigate directly to the root / directory:
cd /
To navigate directly to your home directory:
cd #
To print the current directory use:
pwd
3. Files
To view the contents of a file:
cat filename.txt
To delete a file:
rm filename.txt
To delete all files and directories and sub-directories (without prompting)
rm -Rf directory_name
To locate a file:
locate filename.txt
To change the owner of a file use:
chown bob filename.txt
To change the group ownership as well use:
chown bob:users_group filename.txt
To create a directory use:
mkdir mydirectory
To create a file use:
touch myfilename
To move or rename a file use:
mv file1 file2
To copy a file to bobs home directory use:
cp file1 /home/bob/
4. Networking
To obtain a DHCP address (on all interfaces):
dhclient
Or on just one particular interface:
dhclient eth1
To view the interface network properties:
ifconfig
To set the IP address of a interface:
ifconfig eth1 192.168.1.100/24
To change the MAC address of an interface:
ifconfig eth1 hw ether 11:22:33:44:55:66:77:00
To put an interface into promiscuous mode:
ifconfig eth1 promisc
To take an interface out of promiscuous mode:
ifconfig eth1 -promisc
To view the wireless interface settings:
iwconfig
To set the wireless interface to a particular wireless AP:
iwconfig eth1 essid my_wireless_network
To set the wireless interface to managed mode:
iwconfig eth1 mode managed
To set a wireless interface to monitor mode (for sniffing etc..)
iwconfig eth1 mode monitor
To configure WEP encryption on a wireless interface:
iwconfig eth1 enc {enc key}
To configure a wireless interface to use a particular channel:
iwconfig eth1 channel 3
To view the routing table:
route
To view the routing cache:
route -C
To set a static route to a network:
route add -net 172.16.1.1 netmask 255.255.0.0 dev eth1
To set a static route to a host:
route add -host 80.127.23.65 eth1
To delete a route:
route del -host 80.127.23.65 eth1
To add a default gateway of 192.168.1.1:
route add default gw 192.168.1.1
Tracerouting in linux uses UDP packets as oppose to Windows using ICMP.
To traceroute to a target (yahoo in my example) use:
traceroute www.yahoo.com
Another really cool program i found on my system for tracerouting and providing really useful diagnostic info is mtr:
mtr www.yahoo.com
Bear in mind that unlike traceroute mtr use ICMP echo requests.
To list all network connection (external):
netstat -punta
To list network statistics:
netstat -s
To list statistics on an interface:
netstat -i eth1
For a continuous listing on any netstat commands add -c to the command:
netstat -punta -c
To list any IPTables rules:
iptables -L -v
To quickly add a rule to drop ICMP requests:
iptables -A OUTPUT -p icmp -d 0/0 -j DROP
The above command appends (-A) a rule to the output (OUTPUT) chain telling it that ICMP (-p ICMP) from any destination (-d 0/0) should be dropped (-j DROP)
To remove your rule you can use the command:
iptables -F OUTPUT
To flush all rules use:
iptables -F
To remove any currently active rules:
iptables -X
The following rules can be used to rate limit connections to prevent brute-force login to port 21 (for FTP)
iptables -I INPUT -p tcp --dport 21 -i eth1 -m state --state NEW -m recent \
(I will post a blog article on iptables rules)
Or to block icmp you could run or script the following command:
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
The default is 0, to to revert it back use:
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all
To use a capture network traffic:
ifconfig eth1 promisc
tcpdump -i eth1 -vv
All the above commands assume the interface is eth1. If you are unsure which is your wireless interface run iwconfig and look for the interface with the wireless extensions.
5. Hardware
To list installed hardware (available on ubuntu):
lshw
To list all PCI devices:
lspci
To list all USB devices:
lsusb
To list the loaded modules
lsmod
Another useful trick i have found relating to hardware, is when i attach a new USB HDD and i am unsure of the what it will be called, i attach the device and then immediately look at /var/log/messages for the last entries. This usually gives me what i need. The tail command is useful here.
tail -n 10 /var/log/messages
This will display the last 10 lines of the log file.
To use tail and have it update (-s 2 will update every 2 seconds) as the log updates use the following command:
tail -n 10 -s 2 -f /var/log/messages
Running the dmesg command will also reveal useful information about hardware.
6. System Tools
To view free disk space use:
df -h
To view disk usage on the system use:
du
du can also specify a directory:
du /home/bob/
A useful tool for viewing running processes is top:
top
or for a more interactive version:
htop
You can also use ps to view process information.
To view a list of all running processes:
ps aux
To view a list of processes by a particular user (bob):
ps U bob
To view process in a tree:
ps -eH
To kill a process by it's PID (example of 28556):
kill 28556
Mounting Disks
To view a list of currently mounted file systems view /etc/mtab or use:
mount -L
To mount a disk first create a folder which you will mount it to:
mkdir /media/usb
mount - t ntfs /dev/sdb /media/usb
To unmount a disk:
umount /media/usb
It's important to note that in Linux syntax is case sensitive.
I am using Ubuntu so my syntax may differ slightly to yours if you are using another distro. If you want to learn more about any of the commands i list try the following:
man command (e.g man ls)
or
command -h
or
command --help
The sections i have added so far are:
1. Users
2. Navigation
3. Files
4. Networking
5. Hardware
6. System Tools
I will add to this document as i learn more commands.
1. Users
To add a new user called bob:
adduser bob
To switch to a new user called bob:
su bob
To change bobs password:
passwd bob
To switch straight to root:
su
To run a command as root whilst logged in as another user:
sudo command
* this assumes you are in the sudo group.
To view which user you are currently logged in as use:
whoami
2. Navigation
To list directories use:
ls
To list all directories including hidden and permissions use:
ls -la
To list all directories in another folder use the following syntax:
ls -la /home/bob/
In the output anything preceded with a . is hidden.
To change directory use:
cd directory_name
Or the path:
cd /etc/directory_name
To move back in the directory structure use:
cd ..
or
cd ../..
To navigate directly to the root / directory:
cd /
To navigate directly to your home directory:
cd #
To print the current directory use:
pwd
3. Files
To view the contents of a file:
cat filename.txt
To delete a file:
rm filename.txt
To delete all files and directories and sub-directories (without prompting)
rm -Rf directory_name
To locate a file:
locate filename.txt
To change the owner of a file use:
chown bob filename.txt
To change the group ownership as well use:
chown bob:users_group filename.txt
To create a directory use:
mkdir mydirectory
To create a file use:
touch myfilename
To move or rename a file use:
mv file1 file2
To copy a file to bobs home directory use:
cp file1 /home/bob/
4. Networking
To obtain a DHCP address (on all interfaces):
dhclient
Or on just one particular interface:
dhclient eth1
To view the interface network properties:
ifconfig
To set the IP address of a interface:
ifconfig eth1 192.168.1.100/24
To change the MAC address of an interface:
ifconfig eth1 hw ether 11:22:33:44:55:66:77:00
To put an interface into promiscuous mode:
ifconfig eth1 promisc
To take an interface out of promiscuous mode:
ifconfig eth1 -promisc
To view the wireless interface settings:
iwconfig
To set the wireless interface to a particular wireless AP:
iwconfig eth1 essid my_wireless_network
To set the wireless interface to managed mode:
iwconfig eth1 mode managed
To set a wireless interface to monitor mode (for sniffing etc..)
iwconfig eth1 mode monitor
To configure WEP encryption on a wireless interface:
iwconfig eth1 enc {enc key}
To configure a wireless interface to use a particular channel:
iwconfig eth1 channel 3
To view the routing table:
route
To view the routing cache:
route -C
To set a static route to a network:
route add -net 172.16.1.1 netmask 255.255.0.0 dev eth1
To set a static route to a host:
route add -host 80.127.23.65 eth1
To delete a route:
route del -host 80.127.23.65 eth1
To add a default gateway of 192.168.1.1:
route add default gw 192.168.1.1
Tracerouting in linux uses UDP packets as oppose to Windows using ICMP.
To traceroute to a target (yahoo in my example) use:
traceroute www.yahoo.com
Another really cool program i found on my system for tracerouting and providing really useful diagnostic info is mtr:
mtr www.yahoo.com
Bear in mind that unlike traceroute mtr use ICMP echo requests.
To list all network connection (external):
netstat -punta
To list network statistics:
netstat -s
To list statistics on an interface:
netstat -i eth1
For a continuous listing on any netstat commands add -c to the command:
netstat -punta -c
To list any IPTables rules:
iptables -L -v
To quickly add a rule to drop ICMP requests:
iptables -A OUTPUT -p icmp -d 0/0 -j DROP
The above command appends (-A) a rule to the output (OUTPUT) chain telling it that ICMP (-p ICMP) from any destination (-d 0/0) should be dropped (-j DROP)
To remove your rule you can use the command:
iptables -F OUTPUT
To flush all rules use:
iptables -F
To remove any currently active rules:
iptables -X
The following rules can be used to rate limit connections to prevent brute-force login to port 21 (for FTP)
iptables -I INPUT -p tcp --dport 21 -i eth1 -m state --state NEW -m recent \
--set iptables -I INPUT -p tcp --dport 21 -i eth1 -m state --state NEW -m recent \ --update --seconds 60 --hitcount 4 -j DROPUsing the rule above will drop any more than 3 connection attampts in 60 seconds from the same IP address.
(I will post a blog article on iptables rules)
Or to block icmp you could run or script the following command:
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
The default is 0, to to revert it back use:
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all
To use a capture network traffic:
ifconfig eth1 promisc
tcpdump -i eth1 -vv
All the above commands assume the interface is eth1. If you are unsure which is your wireless interface run iwconfig and look for the interface with the wireless extensions.
5. Hardware
To list installed hardware (available on ubuntu):
lshw
To list all PCI devices:
lspci
To list all USB devices:
lsusb
To list the loaded modules
lsmod
Another useful trick i have found relating to hardware, is when i attach a new USB HDD and i am unsure of the what it will be called, i attach the device and then immediately look at /var/log/messages for the last entries. This usually gives me what i need. The tail command is useful here.
tail -n 10 /var/log/messages
This will display the last 10 lines of the log file.
To use tail and have it update (-s 2 will update every 2 seconds) as the log updates use the following command:
tail -n 10 -s 2 -f /var/log/messages
Running the dmesg command will also reveal useful information about hardware.
6. System Tools
To view free disk space use:
df -h
To view disk usage on the system use:
du
du can also specify a directory:
du /home/bob/
A useful tool for viewing running processes is top:
top
or for a more interactive version:
htop
You can also use ps to view process information.
To view a list of all running processes:
ps aux
To view a list of processes by a particular user (bob):
ps U bob
To view process in a tree:
ps -eH
To kill a process by it's PID (example of 28556):
kill 28556
Mounting Disks
To view a list of currently mounted file systems view /etc/mtab or use:
mount -L
To mount a disk first create a folder which you will mount it to:
mkdir /media/usb
mount - t ntfs /dev/sdb /media/usb
To unmount a disk:
umount /media/usb
