System Security State

Question 1

who

Answer 1

Lists currently logged in users.

Question 2

w

Answer 2

Logged in users with processes running.

Question 3

last

Answer 3

All users who have logged in. head can help with interpreted.
-f /var/log/bump

Question 4

lsof

Answer 4

Determine files currently open on system. Ordered CMD, PID, USER, FD, TYPE, DEVICE, SIZE, Node Name.

• i: list network ports.
• u: specify user.

Question 5

find

Answer 5

Can be used to locate all files that have specific SUID/SGID bits set.
In form of -perm -

Question 6

ulimit

Answer 6

Can be used to set limits on amount of resources in system user can utilize.

• a: displays all and switches for.
• m: memory

Question 7

/etc/security/limits.conf

Answer 7

Permanent limits storage. Set in

Question 8

/etc/sudoers

Answer 8

Default configuration file for configuring users/groups granted elevated privileges. visudo to edit.

Question 9

fuser

Answer 9

Lists all PIDs to file/network port in use. Ex: 22/tcp

Question 10

netstat, ss

Answer 10

Use switches to view active connections.

• t: TCP
• u: UDP
• n: IP number instead of host name.
• a: all sockets. Listening and non-listening.

Question 11

nmap

Answer 11

Network map. Scan host for open ports and services.