Commands by unixbhaskar (19)

  • rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. rkhunter is a shell script which carries out various checks on the local system to try and detect known rootkits and malware. It also performs checks to see if commands have been modified, if the system startup files have been modified, and various checks on the network interfaces, including checks for listening applications.


    -2
    rkhunter --check
    unixbhaskar · 2009-08-30 12:53:33 7
  • chkrootkit is a tool to locally check for signs of a rootkit,Get it from the website http://www.chkrootkit.org


    -1
    chkrootkit -x | less
    unixbhaskar · 2009-08-30 12:47:08 3
  • To get information at your fingertips about Apache compilation. Show Sample Output


    -1
    httpd2 -V
    unixbhaskar · 2009-08-29 13:04:37 3
  • Like many other thing in Linux ,you can see the same thing in different way. Show Sample Output


    1
    ip addr show
    unixbhaskar · 2009-08-29 12:52:02 3
  • This is a handy way to find which modules are loaded with Apache web server. Show Sample Output


    -1
    httpd2 -M
    unixbhaskar · 2009-08-29 12:46:10 3
  • You can try it . Nice shell interface to search google from the command line.Visit http://goosh.org in your browser. Show Sample Output


    -4
    http://goosh.org
    unixbhaskar · 2009-08-29 12:19:34 3
  • This command will reveal login has been made to the system as well as when the reboot occurs. It uses a file called /var/log/wtmp,which captures all the information about the successful login and reboot information. It has many switch ,by which you can get an idea when people login how long they stay. Show Sample Output


    -3
    last
    unixbhaskar · 2009-08-29 12:08:30 4
  • This is wonderful perl script to check the web server security and vulnerability .Get it from here :http://www.cirt.net/nikto2 Here are some key features of "Nikto": ? Uses rfp's LibWhisker as a base for all network funtionality ? Main scan database in CSV format for easy updates ? Determines "OK" vs "NOT FOUND" responses for each server, if possible ? Determines CGI directories for each server, if possible ? Switch HTTP versions as needed so that the server understands requests properly ? SSL Support (Unix with OpenSSL or maybe Windows with ActiveState's Perl/NetSSL) ? Output to file in plain text, HTML or CSV ? Generic and "server type" specific checks ? Plugin support (standard PERL) ? Checks for outdated server software ? Proxy support (with authentication) ? Host authentication (Basic) ? Watches for "bogus" OK responses ? Attempts to perform educated guesses for Authentication realms ? Captures/prints any Cookies received ? Mutate mode to "go fishing" on web servers for odd items ? Builds Mutate checks based on robots.txt entries (if present) ? Scan multiple ports on a target to find web servers (can integrate nmap for speed, if available) ? Multiple IDS evasion techniques ? Users can add a custom scan database ? Supports automatic code/check updates (with web access) ? Multiple host/port scanning (scan list files) ? Username guessing plugin via the cgiwrap program and Apache ~user methods Show Sample Output


    0
    nikto.pl -h yourwebserver
    unixbhaskar · 2009-08-29 04:54:43 8
  • Sometime you need to run firefox from the command just to rectify something about it.Means,if some of the addon broke you firefox setting or theme broke your ff setting then fall back to commandline i.e shell and type the mentioned command. It will open up an information box with few option along with the checkbox besides them(means you can select them) to start the web browser in safe mode.Besically deactivating all the addon and theme,except the default one.Once you are done/rectified thing ..close that session and reopen the browser normally.It should work.


    0
    firefox --safe-mode
    unixbhaskar · 2009-08-29 04:36:19 3
  • Once it is connected to the remote server by that ssh protocol,the mentioned command will start working on that server.


    -3
    ssh user@remotehost [anycommand](i.e uptime,w)
    unixbhaskar · 2009-08-29 04:27:37 7
  • If you follow my other posting regarding "vipw" and "vigr' then no explanation required.It has done the same thing as did with those two command.Open the /etc/sudoers file and attach a lock with it. Once you are done with it ,the lock gets released and the changes reflected to the original file.It will open a tmp file in vi editor to give you the chance to edit the sudoers file securely.visudo parses the sudoers file after the edit and will not save the changes if there is a syntax error. Upon finding an error, visudo will print a message stating the line number(s) where the error occurred and the user will receive the "What now?" prompt. At this point the user may enter "e" to re-edit the sudoers file, "x" to exit without saving the changes, or "Q" to quit and save changes. The "Q" option should be used with extreme care because if visudo believes there to be a parse error, so will sudo and no one will be able to sudo again until the error is fixed. If "e" is typed to edit the sudoers file after a parse error has been detected, the cursor will be placed on the line where the error occurred (if the editor supports this feature). PS: Although I have had experienced myself and few people shown to me that it behaves badly in some distribution ,noteably SLES.But the problem can be rectified with little caution. Show Sample Output


    -3
    visudo
    unixbhaskar · 2009-08-29 04:06:11 3
  • If you follow my previous posting regarding "vipw" then no explanation required.The same method goes behind this command also.It will open an tmp file in vi editor to give you the enlisting to edit the group file.And most importantly to attach a lock with it.Once you are done ,the lock is released and the changed reflected to the original file.So you can securely edit the group file over the network without the fear of being tampered . Show Sample Output


    -3
    vigr
    unixbhaskar · 2009-08-29 03:56:07 3
  • Now a bit of explanation required for this command.Once you type the command it opens up an vi editor with an temporary file enlisting the password file information .So if you make an change it will not reflected in the passwd file until you save the file.The reason behind using this command over other way to view the password file in network environment is that it locks the password file when you start working with it.So no one can temper with it during that period.Once you are done(means you save the tmp file) ,it will release the lock associated with it.I think it's a better mechanism to view the sensitive data like passwd file.Never ever use other tool like cat, nano or any other means. Show Sample Output


    -3
    vipw
    unixbhaskar · 2009-08-29 03:46:42 3
  • After you install slocate ,the first thing you have to do with it to initialise the database by issuing a command " slocate -u" . And then onwards just give the filename or dirname as a argument to the slocate command will reveal the files/dirs location in the system along with path.Moreover over it's an securely way of looking into the file system. Show Sample Output


    -3
    slocate filename/dirname
    unixbhaskar · 2009-08-29 03:28:08 3
  • It is a much better tool then nslookup for getting information about the any site.It has got better capability too.For reverse information please use the switch "-x" and the ip address. Show Sample Output


    -1
    dig google.com
    unixbhaskar · 2009-08-28 04:32:52 3
  • This is an commandline utility to get fair piece of information about the attached network card. Show Sample Output


    0
    ethtool eth0
    unixbhaskar · 2009-08-28 04:22:03 4
  • A wonderful command line utility to check the internet usage. It has got so many useful switch to display the data you want.Please visit the man page to get all the information.Get it from this website http://humdi.net/vnstat Show Sample Output


    0
    vnstat
    unixbhaskar · 2009-08-28 04:14:42 4
  • To get the connection information of protocol tcp and extended infortmation. Show Sample Output


    3
    sudo /bin/netstat -tpee
    unixbhaskar · 2009-08-28 04:02:10 5
  • As mentioned in the summery that it is a powerful command to monitor system activity in great way. It has got the power of vmstat,iostat,mpstat,df,free and sar.Instead of firing each single command separately ,one can fire one single command to get all the info at once.But there is a way to get the individual information too. Please see the man page . You can get it from here : http://dag.wieers.com/home-made/dstat/ Show Sample Output


    4
    dstat -afv
    unixbhaskar · 2009-08-28 03:53:24 9

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Makes you look busy
This makes an alias for a command named 'busy'. The 'busy' command opens a random file in /usr/include to a random line with vim. Drop this in your .bash_aliases and make sure that file is initialized in your .bashrc.

list files recursively by size

Generate random valid mac addresses
Doubt it actually generates valid mac addresses but this version doesn't need any external commands so it runs much faster. Much shorter as well.

List out classes in of all htmls in directory
Lists out all classes used in all *.html files in the currect directory. usefull for checking if you have left out any style definitions, or accidentally given a different name than you intended. ( I have an ugly habit of accidentally substituting camelCase instead of using under_scores: i would name soemthing counterBox instead of counter_box) WARNING: assumes you give classnames in between double quotes, and that you apply only one class per element.

Create a tar archive using xz compression
Compress files or a directory to xz format. XZ has superior and faster compression than bzip2 in most cases. XZ is superior to 7zip format because it can save file permissions and other metadata data.

Insert a line at the top of a text file without sed or awk or bash loops
Yet another way to add a line at the top a of text file with the help of the tac command (reverse cat).

Shows size of dirs and files, hidden or not, sorted.
Enhanced version: fixes sorting by human readable numbers, and filters out non MB or GB entries that have a G or an M in their name.

fast access to any of your favorite directory.
example: -------------------------------------------------------------------------------------------- user@ubuntu:~/workspace/SVN/haystak-repos/trunk/internal/src$ addpi -------------------------------------------------------------------------------------------- Now that directory is in the list of fast access directories. You can switch to it anytime like this: -------------------------------------------------------------------------------------------- user@ubuntu:~$ pi internal` user@ubuntu:~/workspace/SVN/haystak-repos/trunk/internal/src$ -------------------------------------------------------------------------------------------- Please note the backquote ( the symbol that shares its key with ~ in the keyboard ) pi will switch you to that directory. To see the list of all fast access directories you have to say "cat ~/.pi"

List recorded formular fields of Firefox
When you fill a formular with Firefox, you see things you entered in previous formulars with same field names. This command list everything Firefox has registered. Using a "delete from", you can remove anoying Google queries, for example ;-)

know the current running shell (the true)
Return the current shell. It is better than print $SHELL which can sometimes return a false value.


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: