Linux Commands
cat /proc/cpuinfo
free -m
uname -a
less /etc/passwd | grep mysql
less /etc/group | grep mysql
useradd -G <group_name> <user_name>
usermod -a -G <group_name> <usertobemodified>
echo $PATH
export PATH=$PATH:/usr/sbin
du / -bh | less
nbtstat
netstat -an
netstat -rn
lsmod
less /proc/modules
ls /etc/sysconfig/network-scripts/ifcfg-eth* | wc -l
uname -rp
setup
iftop -i eth0 -B -p
vmstat 2 4 read virtual memory after a delay of 2 sec for 4 times
cat /proc/cpuinfo
cat /proc/partitions
dmesg | grep -i scsi
dmesg | grep RAMDISK
ls -l /dev/ram*
dmesg | grep -i usb
ls -l /dev/ram*
cat /proc/meminfo
cat /proc/net/dev shows packet flow through every interface
cat /proc/net/snmp
cat /proc/mtrr
cat /proc/swaps
cat /proc/zoneinfo
mii-tool eth0
ethtool eth0
chkconfig --list
mysqlcheck -u root -p --auto-repair --check --optimize --all-database
mysqlcheck -o asterisk
mtop --dbuser=root --password=vicidialnow --seconds=2
free -m
netstat -s | less
ps -ef | grep mysqld
mysql -u root -pvicidialnow asterisk
mysql -u cron –h 65.55.55.2 –p1234 asterisk
sync
tcpdump -qnn
ip rule show
ip route flush cache
echo 3 > /proc/sys/vm/drop_caches
df -k
df -T
df -H Disk usage
du / -bh | less
du --max-depth=1 /var/spool/asterisk/monitorDONE/ | sort -n -r
cp -dpr x y
netstat -rn
netstat -tap | grep mysql
ip route show
ping 146.101.248.200 -c 1
top | grep AST
cat /etc/hosts | grep localhost
hostname -f
perldoc perllocal
cat /proc/cpuinfo
cat /proc/meminfo
cat /proc/zaptel/*
/usr/share/astguiclient/start_asterisk_boot.pl
find / -type f -exec grep -H 'vicidial' {} \;
find /var/spool/asterisk/monitorDONE/ORIG/ -type f -iname "*-in.wav" -exec rm -f {} \;
find /var/spool/asterisk/monitorDONE/ORIG/ -type f -iname "*-out.wav" -exec rm -f {} \;
find /var/spool/asterisk/monitorDONE/ORIG/ -mtime +7 -exec ls {} \;
find /var/spool/asterisk/monitorDONE/ORIG/ -type f -name "*-all.wav" -exec cp {} /home/rec \;
find / -name sendmail.mc
ifconfig | grep HWaddr
nameif
route add -net 192.168.1.0/24 gw 10.0.0.100
route add -net 10.0.0.0/8 gw 192.168.1.225
route add default gw 192.168.1.254 eth0
ip route add 192.168.1.0/24 dev eth0
Changes to survive a reboot can be set in
/etc/sysconfig/networking/devices/route-ethX
Other profiles for switching between different configurations can be found in
/etc/sysconfig/networking/profiles/default/route-ethX
history -c >/var/log/wtmp
ls zoneinfo
scp /var/www/backup/elastixbackup-20100725123021-f1.tar root@203.79.25.29:/var/www/backup/
/usr/share/astguiclient/ADMIN_adjust_GMTnow_on_leads.pl --debugX
/var/log/astguiclient
/var/log/astguiclient/archive/
screen -x
ln -s /var/run/mysql/mysql.sock /tmp/mysql.sock
ps -A on the command line will give you a list of all running programs
ps -x
ps -o "%p %a" --no-headers -A
modinfo zaptel | egrep "^version"
sip show registry
sip show peers
show channels
show translation
zap show status
reload
zttool
zttest
/home/cron/AST_update.pl --debug
show channels concise
select * from vicidial_conferences;
sip debug
chown -R asterisk:asterisk /var/lib/asterisk/sounds/custom
/usr/share/astguiclient/ip_relay/ip_relay_linux_i386
iax2 show peers
iax2 show registry
crontab -l shows the right scripts like in scratch install
perl --version
screen -ls
dial 912127773456@default
ps aux | grep AST
ps aux | grep crond
/usr/share/astguiclient/FastAGI_log.pl
/usr/share/astguiclient/AST_VDsales_export.pl --help
/usr/share/astguiclient/AST_VDhopper.pl
/usr/share/astguiclient/AST_VDhopper.pl --debug
/usr/share/astguiclient/AST_VDhopper.pl --debugX
/usr/share/astguiclient/AST_conf_update.pl --debug
How do you list the network open ports on your server and the process that owns them? The answer is simple use the following command (must run as root):
sudo lsof -i
sudo netstat -lptu
Find Listening Network Ports. Use the following command to list all open ports and associated programs:
netstat -tulpn
OR
nmap -sT -O localhost
nmap -sT -O server.example.com
Display the time and date:
date
Display UTC:
date --utc
Display current hardware clock time:
hwclock --show
Since the time in Linux Kernel time, doesn’t match with the current time:
date -s "18:56:00"
Set the hardware clock from the system clock (kept by the Linux kernel):
hwclock --systohc
/etc/sysconfig/clock
How to dump MySQL database structure?
Syntax : mysqldump -u <user name> -d -p <name of the database> > <dump file name.sql>
user : root
database : asterisk
dump file name : asteriskdb.sql
mysqldump -u root -d -p asterisk > asteriskdb.sql
du -hs /usr/lib /usr/local/lib /opt/*/lib 2>/dev/null
616M /usr/lib
2.7M /usr/local/lib
228M /opt/kde/lib
df -h /
Filesystem Size Used Avail Use% Mounted on
/dev/hda2 4.0G 3.6G 471M 89% /
du -sh /lib /usr/lib /usr/local/lib/
520M /lib
1.9G /usr/lib
73M /usr/local/lib/
df -k | awk 'NR==1{print $4}{s=0+s+$4}END{print "tot="s/1024/1024"G"}'
Available
tot=232.434G
Temporary ip address and gateway assignment:
ifconfig eth0 172.16.1.10 netmask 255.255.0.0
route add default gw 172.16.1.1
ifconfig eth0 up
shutdown -rf now will skip fsck
shutdown -rF now will force fsck on reboot
Search and list all files from current directory and down for the string ABC:
find ./ -name "*" -exec grep -H ABC {} \;
find ./ -type f -print | xargs grep -H "ABC" /dev/null
egrep -r ABC *
Find all files of a given type from current directory on down:
find ./ -name "*.conf" -print
Find all user files larger than 5Mb:
find /home -size +5000000c -print
Find all files owned by a user (defined by user id number. see /etc/passwd) on the system: (could take a very long time)
find / -user 501 -print
Find all files created or updated in the last five minutes: (Great for finding effects of make install)
find / -cmin -5
Find all users in group 20 and change them to group 102: (execute as root)
find / -group 20 -exec chown :102 {} \;
Find all suid and setgid executables:
find / \( -perm -4000 -o -perm -2000 \) -type f -exec ls -ldb {} \;
find / -type f -perm +6000 -ls
Find out which process is using up your memory using ps, awk, sort. The following command lists all the process sorted based on the used memory size.
ps aux | awk '{if ($5 != 0 ) print $2,$5,$6,$11}' | sort -k2n
Find out Top 10 Largest File or Directory Using du, sort and head.du command shows summarized disk usage for each file and directory of a given location (/var/log/*). The output of a sort command is reversely sorted based on the size.
du -sk /var/log/* | sort -r -n | head -10
ps -AlFH
ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm
ps -eopid,tt,user,fname,tmout,f,wchan
Find Out The Top 10 Memory Consuming Process:
ps -auxf | sort -nr -k 4 | head -10
Find Out top 10 CPU Consuming Process:
ps -auxf | sort -nr -k 3 | head -10
List currently established, closed, orphaned and waiting TCP sockets, enter:
ss -s
Display All Open Network Ports
ss -l
Find out who is responsible for opening socket / port # 4949:
ss -lp | grep 4949
Display All TCP Sockets
ss -t -a
Display All UDP Sockets
ss -u -a
Display All Established HTTP Connections
ss -o state established '( dport = :http or sport = :http )'
This is useful to find out if your server is under attack or not. You can also list abusive IP address using this method.
netstat -nat | awk '{print $6}' | sort | uniq -c | sort -n
Dig out more information about a specific ip address:
netstat -nat |grep {IP-address} | awk '{print $6}' | sort | uniq -c | sort -n
Find Out If Box is Under DoS Attack or Not, If you think your Linux box is under attack, print out a list of open connections on your box and sorts them by according to IP address, enter:
netstat -atun | awk '{print $5}' | cut -d: -f1 | sed -e '/^$/d' |sort | uniq -c | sort -n
Find out the amount of ram the system will support:
dmidecode -t memory | grep -i Maximum
Display name of ports:
ss | grep -vE 'State' | awk '{ print $5}' | cut -d':' -f2 | sort | uniq
Find out the no of ssh connections:
ss | grep -vE 'State' | awk '{print $1 "-->""Local("$4")" "to" "Remote("$5")"}' | grep -e ssh | wc -l
ss | grep -vE 'State' | awk '{print $1 "-->""Local("$4")" "to" "Remote("$5")"}' | grep -e ssh
who | grep -wv ':0'
last -ad | grep -wv '0.0.0.0'
Record a linux session:
who
script session.log
script /dev/pts/7
setengorce 0 switch SELinux to permissive mode
tac
dmidecode -t
dmidecode -t baseboard
sar -u 1 10 Load on cpu at i sec interval for 10 times
sar -r 1 10 Memory performance
iostat -p /dev/sda
e2label /dev/sda2
x86info -c Information about CPU's
dumpe2fs /dev/sda1
To connect and use MG880 modem:
cat /proc/bus/usb/devices
dmesg -tail
modprobe usbserial vendor=0x19d2 product=0xfffd
wvdial /etc/wvdial.conf
netcat -w 3 -z -vvn 1.1.1.1 79-81 Run a port scan
du --max-depth=1 /var/spool/asterisk/monitorDONE/ | sort -n -r Sort folders by size
df -h
filefrag -v list.sh
ls *.mp3 | cpio -o --format=tar -F voicemp3.tar Copy files to and from archives
find $HOME -name '*.mp3" | cpio -o --format=tar -F voicemp3.tar to include sub-folders
cpio -it -F voicemp3.tar List contents of archive
cpio -i -F voicemp3.tar Extract archive
nmap 1.1.1.1
seinfo
semodule -l
ps aux | grep -v 'whoami' List all process not run by u
ps aux --sort=-%cpu | grep -m 11 -v 'whoami' List only top ten
ethtool -i eth0
mii-tool
netstat -tap | grep mysql
free -m
fdisk -l | grep Disk
fdisk -l 2> /dev/null | grep Disk | grep -v identifier
top
uname -rm
lspci -n | grep -i broad
namei /dev/cdrom
echo 'ALERT -ROOT Shell Access on:' 'date' 'who' | mail -s "Alert: Root Access from 'who | awk '{print $6}''"krsnanzs@gmail.com
ss -lp | grep 3061
ss -u -a
ss -o state established
netstat -nat | awk '{print $6}' | sort | uniq -c | sort -n
netstat -nat |grep {IP-address} | awk '{print $6}' | sort | uniq -c | sort -n
netstat -nat | awk '{ print $5}' | cut -d: -f1 | sed -e '/^$/d' | uniq | wc -l
netstat -nat | awk '{ print $5}' | cut -d: -f1 | sed -e '/^$/d' | uniq
netstat -s | less
netstat -t -s | less
netstat -u -s | less
netstat -w -s | less
netstat -s
cp -Rvf /media/cdrom/* /distro/i386
free -m
uname -a
less /etc/passwd | grep mysql
less /etc/group | grep mysql
useradd -G <group_name> <user_name>
usermod -a -G <group_name> <usertobemodified>
echo $PATH
export PATH=$PATH:/usr/sbin
du / -bh | less
nbtstat
netstat -an
netstat -rn
lsmod
less /proc/modules
ls /etc/sysconfig/network-scripts/ifcfg-eth* | wc -l
uname -rp
setup
iftop -i eth0 -B -p
vmstat 2 4 read virtual memory after a delay of 2 sec for 4 times
cat /proc/cpuinfo
cat /proc/partitions
dmesg | grep -i scsi
dmesg | grep RAMDISK
ls -l /dev/ram*
dmesg | grep -i usb
ls -l /dev/ram*
cat /proc/meminfo
cat /proc/net/dev shows packet flow through every interface
cat /proc/net/snmp
cat /proc/mtrr
cat /proc/swaps
cat /proc/zoneinfo
mii-tool eth0
ethtool eth0
chkconfig --list
mysqlcheck -u root -p --auto-repair --check --optimize --all-database
mysqlcheck -o asterisk
mtop --dbuser=root --password=vicidialnow --seconds=2
free -m
netstat -s | less
ps -ef | grep mysqld
mysql -u root -pvicidialnow asterisk
mysql -u cron –h 65.55.55.2 –p1234 asterisk
sync
tcpdump -qnn
ip rule show
ip route flush cache
echo 3 > /proc/sys/vm/drop_caches
df -k
df -T
df -H Disk usage
du / -bh | less
du --max-depth=1 /var/spool/asterisk/monitorDONE/ | sort -n -r
cp -dpr x y
netstat -rn
netstat -tap | grep mysql
ip route show
ping 146.101.248.200 -c 1
top | grep AST
cat /etc/hosts | grep localhost
hostname -f
perldoc perllocal
cat /proc/cpuinfo
cat /proc/meminfo
cat /proc/zaptel/*
/usr/share/astguiclient/start_asterisk_boot.pl
find / -type f -exec grep -H 'vicidial' {} \;
find /var/spool/asterisk/monitorDONE/ORIG/ -type f -iname "*-in.wav" -exec rm -f {} \;
find /var/spool/asterisk/monitorDONE/ORIG/ -type f -iname "*-out.wav" -exec rm -f {} \;
find /var/spool/asterisk/monitorDONE/ORIG/ -mtime +7 -exec ls {} \;
find /var/spool/asterisk/monitorDONE/ORIG/ -type f -name "*-all.wav" -exec cp {} /home/rec \;
find / -name sendmail.mc
ifconfig | grep HWaddr
nameif
route add -net 192.168.1.0/24 gw 10.0.0.100
route add -net 10.0.0.0/8 gw 192.168.1.225
route add default gw 192.168.1.254 eth0
ip route add 192.168.1.0/24 dev eth0
Changes to survive a reboot can be set in
/etc/sysconfig/networking/devices/route-ethX
Other profiles for switching between different configurations can be found in
/etc/sysconfig/networking/profiles/default/route-ethX
history -c >/var/log/wtmp
ls zoneinfo
scp /var/www/backup/elastixbackup-20100725123021-f1.tar root@203.79.25.29:/var/www/backup/
/usr/share/astguiclient/ADMIN_adjust_GMTnow_on_leads.pl --debugX
/var/log/astguiclient
/var/log/astguiclient/archive/
screen -x
ln -s /var/run/mysql/mysql.sock /tmp/mysql.sock
ps -A on the command line will give you a list of all running programs
ps -x
ps -o "%p %a" --no-headers -A
modinfo zaptel | egrep "^version"
sip show registry
sip show peers
show channels
show translation
zap show status
reload
zttool
zttest
/home/cron/AST_update.pl --debug
show channels concise
select * from vicidial_conferences;
sip debug
chown -R asterisk:asterisk /var/lib/asterisk/sounds/custom
/usr/share/astguiclient/ip_relay/ip_relay_linux_i386
iax2 show peers
iax2 show registry
crontab -l shows the right scripts like in scratch install
perl --version
screen -ls
dial 912127773456@default
ps aux | grep AST
ps aux | grep crond
/usr/share/astguiclient/FastAGI_log.pl
/usr/share/astguiclient/AST_VDsales_export.pl --help
/usr/share/astguiclient/AST_VDhopper.pl
/usr/share/astguiclient/AST_VDhopper.pl --debug
/usr/share/astguiclient/AST_VDhopper.pl --debugX
/usr/share/astguiclient/AST_conf_update.pl --debug
How do you list the network open ports on your server and the process that owns them? The answer is simple use the following command (must run as root):
sudo lsof -i
sudo netstat -lptu
Find Listening Network Ports. Use the following command to list all open ports and associated programs:
netstat -tulpn
OR
nmap -sT -O localhost
nmap -sT -O server.example.com
Display the time and date:
date
Display UTC:
date --utc
Display current hardware clock time:
hwclock --show
Since the time in Linux Kernel time, doesn’t match with the current time:
date -s "18:56:00"
Set the hardware clock from the system clock (kept by the Linux kernel):
hwclock --systohc
/etc/sysconfig/clock
How to dump MySQL database structure?
Syntax : mysqldump -u <user name> -d -p <name of the database> > <dump file name.sql>
user : root
database : asterisk
dump file name : asteriskdb.sql
mysqldump -u root -d -p asterisk > asteriskdb.sql
du -hs /usr/lib /usr/local/lib /opt/*/lib 2>/dev/null
616M /usr/lib
2.7M /usr/local/lib
228M /opt/kde/lib
df -h /
Filesystem Size Used Avail Use% Mounted on
/dev/hda2 4.0G 3.6G 471M 89% /
du -sh /lib /usr/lib /usr/local/lib/
520M /lib
1.9G /usr/lib
73M /usr/local/lib/
df -k | awk 'NR==1{print $4}{s=0+s+$4}END{print "tot="s/1024/1024"G"}'
Available
tot=232.434G
Temporary ip address and gateway assignment:
ifconfig eth0 172.16.1.10 netmask 255.255.0.0
route add default gw 172.16.1.1
ifconfig eth0 up
shutdown -rf now will skip fsck
shutdown -rF now will force fsck on reboot
Search and list all files from current directory and down for the string ABC:
find ./ -name "*" -exec grep -H ABC {} \;
find ./ -type f -print | xargs grep -H "ABC" /dev/null
egrep -r ABC *
Find all files of a given type from current directory on down:
find ./ -name "*.conf" -print
Find all user files larger than 5Mb:
find /home -size +5000000c -print
Find all files owned by a user (defined by user id number. see /etc/passwd) on the system: (could take a very long time)
find / -user 501 -print
Find all files created or updated in the last five minutes: (Great for finding effects of make install)
find / -cmin -5
Find all users in group 20 and change them to group 102: (execute as root)
find / -group 20 -exec chown :102 {} \;
Find all suid and setgid executables:
find / \( -perm -4000 -o -perm -2000 \) -type f -exec ls -ldb {} \;
find / -type f -perm +6000 -ls
Find out which process is using up your memory using ps, awk, sort. The following command lists all the process sorted based on the used memory size.
ps aux | awk '{if ($5 != 0 ) print $2,$5,$6,$11}' | sort -k2n
Find out Top 10 Largest File or Directory Using du, sort and head.du command shows summarized disk usage for each file and directory of a given location (/var/log/*). The output of a sort command is reversely sorted based on the size.
du -sk /var/log/* | sort -r -n | head -10
ps -AlFH
ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm
ps -eopid,tt,user,fname,tmout,f,wchan
Find Out The Top 10 Memory Consuming Process:
ps -auxf | sort -nr -k 4 | head -10
Find Out top 10 CPU Consuming Process:
ps -auxf | sort -nr -k 3 | head -10
List currently established, closed, orphaned and waiting TCP sockets, enter:
ss -s
Display All Open Network Ports
ss -l
Find out who is responsible for opening socket / port # 4949:
ss -lp | grep 4949
Display All TCP Sockets
ss -t -a
Display All UDP Sockets
ss -u -a
Display All Established HTTP Connections
ss -o state established '( dport = :http or sport = :http )'
This is useful to find out if your server is under attack or not. You can also list abusive IP address using this method.
netstat -nat | awk '{print $6}' | sort | uniq -c | sort -n
Dig out more information about a specific ip address:
netstat -nat |grep {IP-address} | awk '{print $6}' | sort | uniq -c | sort -n
Find Out If Box is Under DoS Attack or Not, If you think your Linux box is under attack, print out a list of open connections on your box and sorts them by according to IP address, enter:
netstat -atun | awk '{print $5}' | cut -d: -f1 | sed -e '/^$/d' |sort | uniq -c | sort -n
Find out the amount of ram the system will support:
dmidecode -t memory | grep -i Maximum
Display name of ports:
ss | grep -vE 'State' | awk '{ print $5}' | cut -d':' -f2 | sort | uniq
Find out the no of ssh connections:
ss | grep -vE 'State' | awk '{print $1 "-->""Local("$4")" "to" "Remote("$5")"}' | grep -e ssh | wc -l
ss | grep -vE 'State' | awk '{print $1 "-->""Local("$4")" "to" "Remote("$5")"}' | grep -e ssh
who | grep -wv ':0'
last -ad | grep -wv '0.0.0.0'
Record a linux session:
who
script session.log
script /dev/pts/7
setengorce 0 switch SELinux to permissive mode
tac
dmidecode -t
dmidecode -t baseboard
sar -u 1 10 Load on cpu at i sec interval for 10 times
sar -r 1 10 Memory performance
iostat -p /dev/sda
e2label /dev/sda2
x86info -c Information about CPU's
dumpe2fs /dev/sda1
To connect and use MG880 modem:
cat /proc/bus/usb/devices
dmesg -tail
modprobe usbserial vendor=0x19d2 product=0xfffd
wvdial /etc/wvdial.conf
netcat -w 3 -z -vvn 1.1.1.1 79-81 Run a port scan
du --max-depth=1 /var/spool/asterisk/monitorDONE/ | sort -n -r Sort folders by size
df -h
filefrag -v list.sh
ls *.mp3 | cpio -o --format=tar -F voicemp3.tar Copy files to and from archives
find $HOME -name '*.mp3" | cpio -o --format=tar -F voicemp3.tar to include sub-folders
cpio -it -F voicemp3.tar List contents of archive
cpio -i -F voicemp3.tar Extract archive
nmap 1.1.1.1
seinfo
semodule -l
ps aux | grep -v 'whoami' List all process not run by u
ps aux --sort=-%cpu | grep -m 11 -v 'whoami' List only top ten
ethtool -i eth0
mii-tool
netstat -tap | grep mysql
free -m
fdisk -l | grep Disk
fdisk -l 2> /dev/null | grep Disk | grep -v identifier
top
uname -rm
lspci -n | grep -i broad
namei /dev/cdrom
echo 'ALERT -ROOT Shell Access on:' 'date' 'who' | mail -s "Alert: Root Access from 'who | awk '{print $6}''"krsnanzs@gmail.com
ss -lp | grep 3061
ss -u -a
ss -o state established
netstat -nat | awk '{print $6}' | sort | uniq -c | sort -n
netstat -nat |grep {IP-address} | awk '{print $6}' | sort | uniq -c | sort -n
netstat -nat | awk '{ print $5}' | cut -d: -f1 | sed -e '/^$/d' | uniq | wc -l
netstat -nat | awk '{ print $5}' | cut -d: -f1 | sed -e '/^$/d' | uniq
netstat -s | less
netstat -t -s | less
netstat -u -s | less
netstat -w -s | less
netstat -s
cp -Rvf /media/cdrom/* /distro/i386
1 comment:
Open
Post a Comment