Troubleshooting Flashcards

1
Q

Basic connectivity

A

> ping hostname or IP

> traceroute (must use with root privileges)

    • if host takes too long to respond ther could be an issue
    • if you see asterisk in output, a router is blocking connection
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

View ports and programs

A
View running processes
>netstat
- n : shows ports
- a : active internet connections TCP and UDP
- i
- r
- p : shows PID
- l
- t: shows tcp
- u
>netstat -nutlp : shows active internet connections

View Ports
>nmap [IP address or name of target host]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

View live packets

A

> tcpdump : stop output with CTRL+C

  • n
  • A
  • v
  • vvv
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Kill a process

A

A process is simply an application or a script which can be running in the foreground or the background.

  1. ps aux (show all running processes or “|grep chrome”)
    a = show processes for all users
    u = display the process’s user/owner
    x = also show processes not attached to a terminal
  2. kill [process id]
    killall [process name]
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Start/stop/restart a service

A

A service is just another name for a daemon, which is a client / server application that runs in the background. A service is continuously listening for incoming requests and sends a response based on the request given
Services can also be found in the /etc/init.d/ directory and can be controlled in the same manner.

  1. Service –status-all (show running services)
    OR Netstat –tulpn (shows all information about this ser)
  2. Either “service”
    >sudo service httpd start
    ​>sudo service httpd stop
    ​>sudo service httpd restartOr “systemctl”
    >sudo systemctl stop httpd
    >sudo systemctl start httpd
    >sudo systemctl restart httpd
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

System Logging

A
● Syslog servers
○ syslogd
○ rsyslog
○ syslog-ng
● Use logger to generate your own log
messages
● Use logrotate to automatically prune
messages.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Permissions Troubleshooting

A

● Permissions on a directory can effect the files
in the directory.

● If the file permissions look correct, start
checking directory permissions.

● Work your way up to the root.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Linux Networking

A
● DNS and name resolution
○ host
○ dig
● /etc/hosts
● /etc/nsswitch.conf
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is my IP

A

> ip address

>ifconfig

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Determine hostname

A

○ hostname
○ hostname -f
○ uname -n

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Bring interface is up/down

A

ifup / ifdown

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Usefull commands for jobs and processes

A
● ps
● Ctrl-c
● Ctrl-Z
● bg
● fg
● jobs
● kill
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Default Log Directory

A

/var/log

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Third Party potential log directories

A

/etc *** – host specific system config

/opt *** -- config file for third party application software
                >bin
                >etc
                >lib
                >log  

/usr ** – sharable and read only files
>bin
>etc
>lib
>log
/var **
– var. data files generated by system or vendor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Securing Network Services

A
  • use a dedicated user for each service
  • ports below 1024 are privileged service port
  • stop and uninstall any service not used
  • avoid services using unencrypted communication
  • make service only listen to the interface they need. By default the service listens on all interfaces
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Viewing Firewall Rules

A

> iptables - L : Display the filter table

              - t nat -L: Display the nat table
              - vL : Dipslay using verbose output
17
Q

Configuring Firewall Rules

A

> iptables -P [CHAIN] [TARGET]
e.g. iptables -P INPUT DROP

Append Firewall Rule

Insert Firewall Rule

Delete Firewall Rule