SECFND 9: Linux Flashcards
(106 cards)
1
Q
chmod
A
Modify file perms
2
Q
chmod symbolic mode
A
Use a symbol to represent the access class and the access type you want to modify
“chmod u+r MyFile.txt”
3
Q
Symbolic mode access class letters
A
U, G, O, A (a is default)
4
Q
Symbolic mode operator symbols
A
+, -, =
5
Q
Symbolic mode access type letters
A
R, W, X
6
Q
Symbol to reset access type when using chmod
A
= (resets rather than changes)
7
Q
First partition on first HDD
A
/dev/sda1
8
Q
parted command
A
partition tool
9
Q
gparted
A
graphical partition tool
10
Q
fdisk
A
partition tool (MBR)
11
Q
gdisk
A
partition tool
12
Q
GPT
A
newer partition table type. More partitions and disk size.
13
Q
ext2, ext3, ext4
A
Linux file systems
14
Q
ISO 9660 and Juliet
A
File systems for optical media
15
Q
/etc/fstab
A
A list of all devices previously mounted. uses UUID identifier
16
Q
mount command
A
Mount a device
17
Q
Boot loaders (2)
A
GRUB, LILO
18
Q
BOOT_IMAGE
A
Part of boot loader. References Kernel and followed by root=partition
19
Q
System V
A
Init process. Runs scripts one at a time
20
Q
Systemd
A
Newer init process. Runs scripts parralel
21
Q
Run levels
A
7 run levels (0-6) that contain scripts to start and stop daemons. Part of the init process (mostly System V)
22
Q
/etc/inittab
A
Part of System V init
23
Q
/proc/cmdline
A
Boot parameters processed by boot loader
24
Q
Single user mode
A
Safe mode (never to be used for forensics.
Run level 1
25
Run level 1
Safe mode
26
shutdown -h
Halt the system
27
X11
GUI subsystem
28
TID
Thread ID
29
How do multi-threaded processes start
Main thread, then additional as needed. They run in parralel
30
PID after process fork
Parent takes child's PID. Child gets PID 0
31
top command
real-time view of system information including system up time, process information, and resource utilization
32
TOP NICE value
19 to -20. Higher number is lower priority. Lower number is higher priority.
33
TOP S column
Process status
R: Running
S: Sleeping
Z: Zombie
34
PS command
lists processes that are associated with the user running the command
35
PS -f
Full output
36
PS -e
See processes for everyone
37
PS -fC sshd
See full info on processes associated with SSHD service
38
grep
Filter with wild cards and regular expressions
39
.*
Regex that means any. Same as good old *
40
LSOF command
Lists processes using certain files. Must be elevated to use (SUDO)
41
sudo lsof +D /var/log
Lists processes using files in a directory
42
sudo lsof -p 892
Lists files access by a process
43
sudo lsof -i TCP -s TCP:LISTEN
List services listening for connections
44
top -p 892
Monitor a certain PID
45
pidof command
PID of... Find the PID of a service
46
vmstat command
View memory utilization
47
iostat command
Monitor I/O
48
env command
Show environment variables
49
STDIN
Input from keyboard or files
50
STDOUT
Output to the display, files, or devices
51
STDERR
Output from error messages which goes to display, files, or devices
52
CAT command
Display contents of files
53
> vs >> command
> overwrites. >> appends to existing file
54
&& Command
Used to run multiple commands. Next command runs after last one finishes
55
history command
Lists history of commands run
56
!! Command
Repeat last command
57
awk command
Data extraction and text processing
58
awk '{print $1 "\t" $2 "\t" $8}'
Print column 1, tab, column 2, tab, column 8)
59
sed command
Stream editing command similar to find and replace.
60
sed ^
^ is beginning of a line
61
sed $
$ is end of a line
62
Linux text editors (2)
vi, nano
63
netstat -rn
Routing table with numbered address
64
ifconfig
View AND change IP info
65
route add command
Add a default GW
66
service command
use it to stop and start services (often found with ps command)
67
/etc/init.d
Startup scripts in system systems
68
systemctl command
Used to manage "units" such as services
69
netstat -a46
Any connection state on IPv4 and IPv6
70
netstat -n
Show IP and Port numbers instead of names
71
sudo lsof –i
List files that are associated with an internet address.
72
resolv.conf
Primary DNS config file. Contains search domain and name servers
73
nsswitch.conf
Lists sources of different resources on the system, including name resolution order (hosts, multicast, DNS)
74
whois command
Searches ARIN, RIPE, APNIC for IP address whois info
75
tcpdump -s 0
Display the entire packet
76
syslogd
Logging process
77
rsyslogd
More recent version of syslogd. Added functionality through extensions.
78
syslog selector syntax
facility.severity
Facility=process/service
mail. alert
cron. none
kern. emergency
79
(r)syslog.conf location
/etc/syslog
80
syslog port
UDP 514
81
logger command
Sends test messages to log files
82
.c extension
Often used for C language source code files
83
gcc compiler
Open source compiler for Linux
84
.o extension
Belong to object files
85
.a extension
Archive file. Archive of multiple object files.
86
.so extension
Shared object files
87
.h extension
Header files
88
gcc -o command
Compile a file with output file name
89
autotools
Script and automate compiling on Linux.
90
configure command
Makes sure everything needed for compiling is there. Customizes for the local system.
91
make command
compiles the program
92
make install command
Installs the program after compiling
93
Process to compile a program
Decompress (if needed), run configure, run make, run make install
94
tar command
Extracts from compressed files
95
Executable
Binary files that run CPU code. Often .bin
96
Interpreters
Application that can read commands from a source file and perform actions
97
#!/bin/sh
First line of a BASH shell script. aka Shebang
98
.sh extension
Used for BASH scripts
99
.pl extension
Perl script
100
.py extension
Python script
101
RPM
Installation package for Red Hat based systems
102
.deb extension
Installation package for Debian-based systems
103
What do package managers do?
resolve or identify package dependencies, update or upgrade software, uninstall software, and select the remote repositories for fetching software
104
yum
Red Hat package management
105
apt
Debian package management
106
/var/log/slapd
Location of LDAP files
