Linux Important Commands Basic plus Networking Files and Directories Management

ls Lists files and directories content, I usually use ls -la to have a long listing with all the details and hidden files cd move from the current directory to a different folder pwd lists your current location mv this command can either change the name of a file, or move it to a different location. locate find any file on the Linux server, to get an updated index of files (if for example you just installed a whole bunch of RPMs) run the command updatedb ln create a shortcut to a file or folder tar create or extract files out of a storage file. with the correct arguments it will also compress the files

Editing and Viewing

tail lists the last 10 lines of a file, but you tell tell it to show any number of last lines vi the best command line editing software a little hard to learn how to work this one at first, buts its worth the effort cat list the content of the file. better know how long is the file you are running this command on, or you will get a very long scrolling of lines that will fill up your screen

A Very Good Linux Administration Book Network

nslookup very important networking tool this will show you where a DNS name is pointing to which IP or to another DNS wget get a file from the web from the command line if you need to download some RPM directly to the command line without a browser, this is the command you need ping I think its one of the most used commands, you can check the time it takes you to get via the network to a remote server, whether that server is available, how many packets are getting to the server, etc Installing linux on ps3

General

history lists the last used commands on your Linux server make when compiling a software from source, this command will create the binaries id who am I right now? besides the philosophical angle, this command will show you as which user you will be running commands, I use this to check what is my status, and then sudo to the user I need sudo execute a command as another user although usually use it to change to root ps list the running processes on the server, it give more info like the process id, the parent process id, running time and much more man displays a manual page, whenever you are not sure about a specific command or config file, you should run man command to get info about it. to search the man database use whatis command to find which man file has the info you need df report file system disk space usage, use df -h to get a human formatted listing

1. For anyone whos interested in seeing their own top twenty you can run the following: cat ~/.bash_history | tr \|\;\& \n | sed -e s/^ //g | cut -d -f 1 | sort | uniq -c | sort -n | tail -n 20 Its not perfect but will give you a rough idea. On my own computer I get: timp@shammah:~$ cat ~/.bash_history | tr \|\;\& \n | sed -e s/^ //g | cut -d -f 1 | sort | uniq -c | sort -n | tail -n 20 8 dig 8 fbsetbg 8 make 9 cvs 10 do 10 done 10 for 11 pwsafe 11 wget 12 rm

13 ./test.sh 13 vim 15 cat 15 svnadmin 16 grep 19 su 25 ssh 55 svn 83 ls 96 cd A couple of things of note: dig is similar to nslookup You can also see that I often work with version control: svn, svnadmin, and cvs; I like VIm over vi; I use ssh a lot; and that its not unusual for me to use Bashs builtin for loops (do, done, and for)

10 Most important Linux networking commands

Linux is most powerful operating system which often needs to use commands to explore it effectively.Some of the commands are restricted to normal user groups as they are powerful and has more functionality involved in it.Here we summarized most interesting and useful networking commands which every linux user are supposed to be familiar with it.

1.Arp

manipulates the kernels ARP cache in various ways. The primary options are clearing an address mapping entry and manually

setting up one. For debugging purposes, the arp program also allows a complete dump of the ARP cache.ARP displays the IP address assigned to particular ETH card and mac address

[fasil@smashtech ]# arp Address HWtype HWaddress 59.36.13.1 ether C

Flags Mask eth0

Iface

2.Ifconfig

is used to configure the network interfaces. Normally we use this command to check the IP address assigned to the

system.It is used at boot time to set up interfaces as necessary. After that, it is usually only needed when debugging or when system tuning is needed. [fasil@smashtech ~]# /sbin/ifconfig eth0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:126341 errors:0 dropped:0 overruns:0 frame:0 TX packets:44441 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000

3. Netstat

prints information about the networking subsystem. The type of information which is usually printed by netstat are

Print network connections, routing tables, interface statistics, masquerade connections, and multicast. [fasil@smashtech ~]# netstat Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 .230.87:https ESTABLISHED Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 10 [ ] DGRAM 4970 /dev/log unix 2 [] DGRAM 6625 @/var/run/hal/hotplug_socket unix 2 [] DGRAM 2952 @udevd unix 2 [] DGRAM 100564 unix 3 [] STREAM CONNECTED 62438 /tmp/.X11-unix/X0 unix 3 [] STREAM CONNECTED 62437 unix 3 [] STREAM CONNECTED 10271 @/tmp/fam-rootunix 3 [] STREAM CONNECTED 10270 unix 3 [] STREAM CONNECTED 9276 unix 3 [] STREAM CONNECTED 9275

4.ping

command is used to check the connectivity of a system to a network.Whenever there is problem in network connectivity we use

ping to ensure the system is connected to network.

[root@smashtech ~]# ping google.com PING google.com (74.125.45.100) 56(84) bytes of data. 64 bytes from yx-in-f100.google.com (74.125.45.100): icmp_seq=0 ttl=241 time=295 ms 64 bytes from yx-in-f100.google.com (74.125.45.100): icmp_seq=1 ttl=241 time=277 ms 64 bytes from yx-in-f100.google.com (74.125.45.100): icmp_seq=2 ttl=241 time=277 ms --- google.com ping statistics --3 packets transmitted, 3 received, 0% packet loss, time 6332ms rtt min/avg/max/mdev = 277.041/283.387/295.903/8.860 ms, pipe 2

5.Nslookup

is a program to query Internet domain name servers. Nslookup has two modes: interactive and non-interactive. Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain. Non-interactive mode is used to print just the name and requested information for a host or domain. [fasil@smashtech ~]# nslookup google.com Server: server ip Address: gateway ip 3 Non-authoritative answer: Name: google.com Address: 209.85.171.100 Name: google.com Address: 74.125.45.100 Name: google.com Address: 74.125.67.100

6. dig domain information groper) is a flexible tool for interrogating DNS name servers. It performs
(

DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig. [fasil@smashtech ~]# dig google.com ; <<>> DiG 9.2.4 <<>> google.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4716 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;google.com. IN ;; ANSWER SECTION: google.com. 122 google.com. 122 google.com. 122 IN IN IN IN IN IN IN IN IN IN IN A A A A NS NS NS NS A A A A 74.125.45.100 74.125.67.100 209.85.171.100 ns3.google.com. ns4.google.com. ns1.google.com. ns2.google.com. 216.239.32.10 216.239.34.10 216.239.36.10 216.239.38.10

;; AUTHORITY SECTION: google.com. 326567 google.com. 326567 google.com. 326567 google.com. 326567

;; ADDITIONAL SECTION: ns1.google.com. 152216 ns2.google.com. 152216 ns3.google.com. 152216 ns4.google.com. 152216 ;; Query time: 92 msec

;; SERVER: 172.29.36.1#53(172.29.36.1) ;; WHEN: Thu Mar 5 14:38:45 2009 ;; MSG SIZE rcvd: 212

7.Route/route print

manipulates the IP routing tables. Its primary use is to set up static routes to specific hosts or networks via an interface after it has been configured with the ifconfig program.When the add or del options are used, route modifies the routing tables. Without these options, route displays the current contents of the routing tables. [fasil@smashtech ~]# route Kernel IP routing table Destination Gateway Genmask 54.192.56.321 * 255.255.255.0 * 255.255.0.0 U 0 0 default 0.0.0.0 UG 0 0

Flags Metric Ref Use Iface U 0 0 0 eth0 0 eth0 0 eth0

8.Traceroute

is a large and complex aggregation of network hardware, connected together by gateways. Tracking the route ones packets follow (or finding the miscreant gateway thats discarding your packets) can be difficult. Traceroute utilizes the IP protocol time to live field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to some host. The only mandatory parameter is the destination host name or IP number. The default probe datagram length is 40 bytes, but this may be increased by specifying a packet length (in bytes) after the destination host name. [fasil@smashtech ~]# traceroute google.com traceroute: Warning: google.com has multiple addresses; using 209.85.171.100 traceroute to google.com (209.85.171.100), 30 hops max, 38 byte packets 1 ***

: Internet

9.W displays information about the users currently on the machine, and their processes. The header
-

shows, in this order, the current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes. [fasil@smashtechl ~]# w 15:18:22 up 4:38, 3 users, load average: 0.89, 0.34, 0.19 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root :0 10:41 ?xdm? 24:53 1.35s /usr/bin/gnome-session root pts/1 :0.0 10:58 1.00s 0.34s 0.00s w root pts/2 :0.0 12:10 23:32 0.03s 0.03s bash

10. Nmap is designed to allow system administrators and curious individuals to scan large
networks to determine which hosts are up and what services they are offering. nmap supports a large number of scanning techniques such as:UDP, TCP connect(), TCP SYN (half open), ftp proxy (bounce attack), ICMP (ping sweep), FIN, ACK sweep, Xmas Tree,SYN sweep, IP Protocol, and Null scan. See the Scan Types section for more details. nmap also offers a number of advanced features such as remote OS detection via TCP/IP fingerprinting, stealth scanning, dynamic delay and retransmission calculations, parallel scanning, detection of down hosts via parallel pings, decoy scanning, port filtering detection, direct (non-portmapper) RPC scanning, fragmentation scanning, and flexible target and port specification. Significant effort has been put into decent nmap performance for non-root users. Unfortunately, many critical kernel interfaces (such as raw sockets) require root privileges. nmap should be run as root whenever possible (not setuid root, of course). The result of running nmap is usually a list of interesting ports on the machine(s) being scanned (if any). Nmap always gives the ports "well known" service name (if any), number, state, and protocol.

The state is either"open", "filtered", or "unfiltered". Open means that the target machine will accept() connections on that port.Filtered means that a firewall, filter, or other network obstacle is covering the port and preventing nmap from determining whether the port is open. Unfiltered means that the port is known by nmap to be closed and no fire-wall/filter seems to be interfering with nmaps attempts to determine this. Unfiltered ports are the common case and are only shown when most of the scanned ports are in the filtered state. Depending on options used, nmap may also report the following characteristics of the remote host: OS in use, TCP sequentiality, usernames running the programs which have bound to each port, the DNS name, whether the host is a smurf address, and a few other--Network exploration tool and security scanners.

*********************************************************************** * How to check the version of a Linux OS and Hardware name uname a is a linux command that will output useful information about your linux distribution, kernel version, cpu information and more

Example Output
Linux computerName 2.6.22.18-desktop-1mdv #1 SMP Mon Feb 11 13:53:50 EST 2008 i686 Intel(R) Pentium(R) 4 CPU 3.40GHz GNU/Linux To check Just OS version $ cat /proc/version $ CYGWIN_NT-5.1 1.8.3(0.237/5/3) 2011-07-20 21:35 Or $Uname r
CYGWIN_NT-5.1 qasim-e37a201c8 1.8.3(0.237/5/3) 2011-07-20 21:35 i686 Cygwin

$uname -a
CYGWIN_NT-5.1 qasim-e37a201c8 1.8.3(0.237/5/3) 2011-07-20 21:35 i686 Cygwin

For red hat OS cat /etc/redhat-release

To check routing table in Linux

$ netstat rn (route print command is also used)

To check hard disk space

Use df command to report file system disk space usage (parition wise): $ df H

Arp (address resolution protocol):

Show all lan ips plus mac addresses (only display that ip which u have used recently(ping))

Nmap very important command The following command will display all IPs from 1 to 10 in local domain.

Other important nmap options

$nmap $nmap $nmap

sV [ip] sT [ip] PN [ip]

(incase simple nmap not work)