Fundamental Linux Commands for Cybersecurity

Jul 31, 2024

Essential Linux Commands for Cybersecurity

Introduction

  • Focus: Essential Linux commands and their advanced flags to enhance skills in cybersecurity.
  • Necessity: Essential before delving into advanced tools like Metasploit, Nmap, Hydra.
  • Approach: Using the terminal, not a file explorer.

Basic Navigation

ls Command

  • Usage: List directory contents.
  • Flags:
    • -l: Long listing format.
    • -a: Show all files, including hidden ones.
    • -t: Sort by modification time, newest first.
    • -h: Human-readable sizes.
    • Combination: ls -lath for detailed info, human-readable sizes, and hidden files.

cd Command

  • Usage: Change directories.
  • Shortcuts:
    • cd -: Go back to the previous directory.
    • cd ..: Move up one directory level.
    • cd ~: Go to the home directory.
    • cd /path/to/dir: Directly change to a specified directory.
  • Auto-completion: Use the Tab key for auto-completing directory names.
  • Displaying current directory: pwd command shows the present working directory.

File and Directory Manipulation

Creating Files and Directories

  • touch: Create blank files.
  • mkdir: Create directories.
    • mkdir -p /path/to/dir: Creates nested directories in one command.
    • mkdir -m 777 dir: Set permissions while creating a directory.

Copying Files and Directories

  • cp:
    • cp source destination: Copy files.
    • cp -r source destination: Copy directories recursively.

Removing Files and Directories

  • rm: Remove files.
    • rm -r directory: Remove directories and their contents recursively.
    • rm -rf /path: Forcefully remove files/directories.

Moving and Renaming Files

  • mv: Move or rename files and directories.
    • mv source destination: Move/rename files or directories.

Displaying and Viewing File Contents

cat Command

  • Usage: Display file contents.
  • Advanced:
    • Combine files: cat file1 file2 > combined_file.
    • Append to files: cat file1 >> file2.

less and more Commands

  • Usage: View large files page by page.
  • Advanced:
    • less file: View file with search capability.
    • more file: Similar to less but with fewer features.

tail and head Commands

  • tail: View the end of the file.
    • tail -n 15 file: View the last 15 lines.
    • tail -f file: Follow file updates in real-time.
  • head: View the beginning of the file.
    • head -n 15 file: View the first 15 lines.

Editing Files

Text Editors

  • vi/vim:
    • Mode-based editor: Insert mode, Command mode.
    • Basic commands: i to insert, :w to save, :q to quit.
  • nano:
    • Simpler editor with on-screen navigation.
    • Basic commands: Ctrl + X to exit, Y to confirm changes.

Managing Processes

Viewing Processes

  • ps: Display process information.
    • ps aux: Detailed information of all processes.
  • top: Interactive view of running processes.
    • Sorting by usage.
    • top -u username: View processes for a specific user.

Killing Processes

  • kill: Terminate a process.
    • kill PID: Terminate a process by PID.
    • kill -9 PID: Forcefully terminate a process.

Background Processes

  • &: Run processes in the background.
    • command &: Run command in the background.
    • jobs: List background jobs.
    • fg %job_number: Bring background job to foreground.

Networking Commands

IP Configuration

  • ifconfig: Display network interface information (deprecated).
  • ip: Modern replacement for ifconfig.
    • ip addr: Show IP addresses.
    • ip route: Display routing table.
    • ip route add: Add a new route.
    • ip addr add: Add a new IP address.

Network Statistics

  • netstat: Display network connections, routing tables, interface statistics.
    • netstat -l: List listening connections.
  • ss: Display network socket information.
    • ss -t: Show TCP sockets.
    • ss -u: Show UDP sockets.
    • ss -p: Show processes using sockets.

Secure Connections

  • ssh: Secure Shell for remote login.
    • ssh user@hostname: Connect to a remote server.
    • -p port: Specify port.
  • scp: Secure Copy Protocol for transferring files.
    • scp source user@hostname:/path: Copy files to a remote server.

System Information

System Details

  • uname -a: Display system information.

Disk Usage

  • df: Display disk space usage.
    • df -h: Human-readable format.
    • df -T: Show file system types.

Finding Files

  • find: Search for files in a directory hierarchy.

    • find /path -name filename: Find files by name.
    • -size +1M: Find files larger than 1MB.
    • -mtime -30: Find files modified in the last 30 days.

  • grep: Search inside files.

    • grep pattern files: Search for a pattern in files.
    • grep -r pattern /path: Recursively search.

Archiving and Compression

tar Command

  • Usage: Archive files.
    • tar -czf archive.tar.gz files: Create a compressed archive.
    • tar -xvf archive.tar.gz: Extract files from an archive.
    • tar -rf archive.tar files: Add files to an existing archive.

gzip Command

  • Usage: Compress files.
    • gzip file: Compress a file.
    • gunzip file.gz: Decompress a file.
    • gzip -l file.gz: List contents of a compressed file.

Managing Users

  • useradd: Add a new user.

    • useradd username: Basic usage.
    • useradd -m username: Create home directory.
    • useradd -g groupname username: Assign user to a group.

  • userdel: Delete a user.

    • userdel username: Basic usage.
    • userdel -r username: Remove user and home directory.

  • groupadd: Add a new group.

    • groupadd groupname.

  • groupdel: Delete a group.

    • groupdel groupname.

Conclusion

  • Recap: Covered essential Linux commands for navigation, file manipulation, process management, networking, system info, finding files, archiving, and user management.
  • Encouragement: Master these commands before moving on to advanced tools.