- FlorianWoegerer 's Personal Notes (mainly linux/debian orientated)
linux stuff
FILES
.bashrc - includes "aliases" for the command line... i.e. ls = ls --color .bash_profile - check die file auch mal... /etc/motd - Message of the day crontab -e - make new crontabs (add 2>&1 > /dev/null 2>&1 > /dev/null to not receive any email notification)
Chown change owner of file
CHMOD change permissions of file
(r = 4), Write (w=2), Execute (x=1)
OWNER | GROUP | OTHER
Write 2 2 2
Read 4 4 4
Execute 1 1 1
i.e: Full permission to owner, read permission to group and no permission to world would be:
7 2 0
makes sense huh? ''Not much.''THE POWER OF DEBIAN - APT!
apt-get PACKAGE NAME - will install that package with all unmeet dependencies and download those as well apt-get update - will update your source list apt-get upgrade - will update all install packages to the most current version if available apt-cache search PACKAGE - Searches your APT list for PACKAGE. Lets say you want an irc client...you dont know any irc clients? (man you suck ;)) well, type in: apt-cache search irc client <enter> and you will get something like: irssi-text - text-mode version of the irssi IRC client ksirc - IRC Client based on Qt and KDE xchat - IRC client for X similar to AmIRC xchat-gnome - IRC client for GNOME similar to AmIRC xchat-text - IRC client for console similar to AmIRC bitchx - Advanced Internet Relay Chat client bitchx-ssl - SSL support for BitchX blackened - A feature rich ircII based IRC client well now you can choose yourself what you want! Lets see I want irssi (neat IRC client) type in: apt-get install irssi and you got it! changing apt sources. Apt uses a sources list found at: /etc/apt/sources.list where all websites containing sources and binaries are listed.
Installing Kernel (debian)
apt-get kernel sources apt-get install kernel-package # mehr zu folgendem siehe LinuxKernel make-kpkg clean make-kpkg kernel_image
PORTS/SCANS
netstat -a | grep LISTEN - display ports nmap -Ss HOST - Stealth scan
whois
whois - make a whois query on a domain name - address, contact details, nameserveretc. dig - technical details of domains
Networking / Internet
ifconfig eth0 OPTIONS - configures your network card iface eth0 inet dhcp - dhcp client...if ure on a network with DHCP server this is the easiest way to go Nameservers go in here: /etc/resolv.conf
Samba - windows connectivity
Start Samba /etc/rc.d/init.d/samba start Stop Samba /etc/rc.d/init.d/samba stop Restart Samba /etc/rc.d/init.d/samba restart Creating Shares [myshare] comment = Share for John and Sam path = /usr/share valid users = john sam public = no writable = yes printable = no create mask = 0765
Apache
Securing directories: Creating the .htpass file htpasswd -cb .htpass USER PASS -c :makes a new file -b :Uses password stated in command line -m: MD5 encryption -d: CRYPT encryption Creating the .htaccess file AuthUserFile /var/htpass/.htpasswd #AuthGroupFile /var/htpass/.htgroup AuthName priv area AuthType Basic require user nexflo whoever
Screening
screen -w - shows all current processes screen -r pid - jumps to process [strg] [a] [d] - detach screen -r - opens last screen
Printer related
Installing printer via CUPS: apt-get install cupsys
Mounting/HDD related
View HDD's:
fdisk -l
View supported filesystems:
cat /proc/filesystems
make dir and mount:
mkdir /mnt/windows
mount /dev/hda1 /mnt/windows -t ntfs -r
FileSystems:
adfs, affs, autofs,coda, coherent, cramfs, devpts, efs, ext, ext2,
ext3, hfs, hpfs, iso9660, jfs, minix, msdos, ncpfs, nfs, ntfs,
proc, qnx4, reiserfs, romfs, smbfs, sysv, tmpfs, udf, ufs, umsdos
vfat, xenix, xfs, xiafsvi
[esc]q - quit [esc]!q - quit without saving [esc]wq - save and quit [esc]w - save [insert] - inserts characters without replacing anything [insert][insert] - inserts characters over existing charcters
Firewall/security
PortSentry: Great app which monitors ports, and if it detects a portscan, it blocks the scanning IP. Default configuration file located at: /usr/local/psionic/portsentry/portsentry.conf Uncheck the lines below: "# Use these if you just want to be aware" to watch those standart ports. (143 port is used for IMAP so u should remove that from the list) add the following to the rc.local file to boot portsentry at start up: echo "PortSentry started" /usr/local/psionic/portsentry/portsentry -atcp /usr/local/psionic/portsentry/portsentry -audp echo "Loaded! - Have a nice day :)" IPtables: Browsing and outgoing connections only: (blocks all incoming(sshd,ftpd, httpd ) /sbin/iptables -A INPUT -p tcp --syn -j DROP Block all ports, besides port 22 to allow sshd: /sbin/iptables -A INPUT -p tcp --syn --destination-port 22 -j ACCEPT /sbin/iptables -A INPUT -p tcp --syn -j DROP Block all ports,besides port 22, and only allow predefined IP to access that port. /sbin/iptables -A INPUT -p tcp --syn -s 192.168.1.100/32 --destination-port 22 -j ACCEPT /sbin/iptables -A INPUT -p tcp --syn -j DROP To add other services now, just add to that lines (commands are read sequentially) /sbin/iptables -A INPUT -p tcp --syn -s 192.168.1.100/32 --destination-port 22 -j ACCEPT #allow connection to sshd from IP 192.168.1.100 /sbin/iptables -A INPUT -p tcp --syn --destination-port 80 -j ACCEPT #allow httpd server to be accessed by world /sbin/iptables -A INPUT -p tcp --syn -j DROP #block all ports (besides the limitations of above)
just commands
ls -la - shows all files in folder ls --color - shows files in folder with color cat - outputs a file into the shell ps aux -u nexflo |grep screen - shows all current screen sessions kill pid - kills a process or screen ln - create a link / shortcut
flos bin
http://berlin.cubic-international.com/downloads/canon/eflenses1-english.pdf max power - jordan
Wie wäre es, auf den globalen Seiten zu diesen Themen mitzuarbeiten, anstatt hier ne eigene Baustelle aufzumachen? Hätte den Vorteil, dass es dann auch von allen genutzt/bearbeitet und korrigiert würde.