Mastering Essential Linux Commands for Cybersecurity

Jul 31, 2024

Essential Linux Commands for Cybersecurity

Introduction

  • Focus: Most essential Linux commands and their special flags
  • Goal: Master these commands before advancing to tools like Metasploit, nmap, Hydra, etc.

Navigating the File System with ls

  • ls: Lists directory contents (similar to dir in Windows)
  • Flags:
    • -l: Long listing, provides detailed information
    • -a: Shows hidden files
    • -t: Sort by modification time
    • -h: Human-readable file sizes
    • Combine flags: ls -lath
  • Recursion:
    • -R: Recursively list subdirectories

Changing Directories with cd

  • cd: Change directory
    • Usage:
      • cd [directory]: Navigate to a directory
      • Tab completion
      • cd -: Switch to previous directory
      • cd ..: Move up one directory level
      • cd: Go to home directory
  • pwd: Print working directory

Creating and Managing Files and Directories

  • touch: Create empty files
    • Example: touch file1 file2 file3
  • mkdir: Create directories
    • Example: mkdir dir1 dir2
    • Recursive creation: mkdir -p parent/child/grandchild
    • Setting permissions: mkdir -m 777 dir (full rights, not recommended)
  • cp: Copy files and directories
    • cp file1 file2: Copy file
    • cp -R dir1 dir2: Copy directory recursively
  • rm: Remove files and directories
    • rm file: Remove file
    • rm -rf dir: Recursively and forcibly remove directory
    • Wildcards: rm *.txt
  • mv: Move or rename files
    • mv oldname newname: Rename file
    • mv file1 dir/: Move file to directory

Disk Usage with du

  • du: Disk usage
    • du -h: Human-readable format
    • du -sh: Summary of directory size

File Permissions and Ownership

  • chmod: Change file permissions
    • Syntax: chmod [permissions] [file]
    • Example: chmod u+x file (add execute permission for owner)
  • chown: Change file owner and group
    • Syntax: chown [owner]:[group] [file]
    • Example: chown user:group file

Viewing and Editing Files

  • cat: Concatenate and display files
    • Example: cat file
    • Combine files: cat file1 file2 > newfile
    • Append to file: cat file >> existingfile
  • tail: View end of file
    • tail file: Last 10 lines
    • tail -n 20 file: Last 20 lines
    • tail -f file: Follow updates to file
  • head: View beginning of file
    • head file: First 10 lines
    • head -n 20 file: First 20 lines
  • less: View file one page at a time
    • Navigation: Space to scroll, /search to find, q to quit
  • nano: Simple text editor
    • nano file: Open file in nano
    • Basic commands shown at the bottom
  • vi: Advanced text editor
    • vi file: Open file in vi
    • Modes: i to insert, esc to exit insert mode, :wq to save and quit

Process Management

  • ps: Display process status
    • ps aux: Detailed view of all processes
  • top: Dynamic view of system processes
    • Real-time updates, sortable by resource usage
    • q: Quit
  • kill: Terminate processes
    • kill PID: Kill process by PID
    • kill -9 PID: Force kill
  • jobs: List background jobs
    • fg %1: Bring job 1 to foreground

Networking Commands

  • ifconfig: Network interfaces (deprecated)
  • ip: Newer networking tool
    • ip a: Show all IP addresses
    • ip route show: Show routing table
    • Add route: ip route add [dest] via [gateway] dev [interface]
    • Add IP: ip addr add [IP]/[prefix] dev [interface]
    • Remove IP: ip addr del [IP]/[prefix] dev [interface]
  • netstat: Network statistics (deprecated)
    • netstat -l: Show listening ports
  • ss: Socket statistics
    • ss -t: Show TCP connections
    • ss -u: Show UDP connections
    • ss -p: Show process names
  • ssh: Secure shell
    • ssh user@host: Connect to remote host
    • -p [port]: Specify port
  • scp: Secure copy
    • scp sourcefile user@host:/path: Copy file to remote host
  • rsync: Remote synchronization
    • rsync -av source dest: Sync directories

System Information

  • uname -a: Display system information
  • df: Disk free space
    • df -h: Human-readable
    • df -T: Show filesystem type

Finding Files

  • find: Search for files
    • find /path -name filename: Search by name
    • find /path -size +100M: Search by size
    • find /path -mtime -7: Search by modification time
  • grep: Search within files
    • grep 'pattern' file: Search for pattern
    • grep -r 'pattern' /path: Recursive search

Archiving and Compression

  • tar: Archive files
    • tar czf archive.tar.gz files: Create compressed archive
    • tar xzf archive.tar.gz: Extract archive
    • Add to archive: tar rf archive.tar file
  • gzip: Compress files
    • gzip file: Compress file
    • gunzip file.gz: Decompress file
    • gzip -l file.gz: List contents of gzip file

User Management

  • useradd: Add user
    • useradd username: Create new user
    • useradd -m username: Create user with home directory
    • useradd -G groupname username: Add user to group
    • useradd -e YYYY-MM-DD username: Set account expiration date
  • userdel: Delete user
    • userdel username: Delete user
    • userdel -r username: Delete user and home directory
  • groupadd: Add group
    • groupadd groupname: Create new group
  • groupdel: Delete group
    • groupdel groupname: Delete group

Conclusion

  • Summary: Mastering these commands lays a solid foundation for more advanced cybersecurity tools and techniques.
  • Next Steps: Explore advanced tools and applications like Metasploit, nmap, and Hydra. Check out additional videos on these topics.