Sep 302014
 

tux-terminal.jpg
Article by Daniel Miessler first posted on his blog

lsof is the sysadmin/security über-tool. I use it most for getting network connection related information from a system, but that’s just the beginning for this powerful and too-little-known application. The tool is aptly called lsof because it “lists openfiles“. And remember, in UNIX just about everything (including a network socket) is a file.

Interestingly, lsof is also the Linux/Unix command with the most switches. It has so many it has to use both minuses andpluses.

usage: [-?abhlnNoOPRstUvV] [+|-c c] [+|-d s] [+D D] [+|-f[cgG]]
 [-F [f]] [-g [s]] [-i [i]] [+|-L [l]] [+|-M] [-o [o]]
 [-p s] [+|-r [t]] [-S [t]] [-T [t]] [-u s] [+|-w] [-x [fl]] [--] [names]

As you can see, lsof has a truly staggering number of options. You can use it to get information about devices on your system, what a given user is touching at any given point, or even what files or network connectivity a process is using.

For me, lsof replaces both netstat and ps entirely. It has everything I get from those tools and much, much more. So let’s look at some of its primary capabilities:

Continue reading »

flattr this!

Sep 292014
 

The most new and dangerous bug around it’s the one called “shellshock”, this is a security bug in the widely used Unix Bash shell which was disclosed on 24 September 2014. Many Internet daemons, such as web servers, use Bash to process certain commands, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.

The bug causes Bash to unintentionally execute commands when they are stored in specially crafted environment variables. Within days, a series of further related vulnerabilities in Bash were found, leading to the need for further patches.

By 25 September, botnets based on computers compromised with this exploit were being used by attackers for distributed denial-of-service attacks and vulnerability scanning, source wikipedia

Let’s see how to check if your computer or server is vulnerable.
Continue reading »

flattr this!

Sep 132014
 

Systemd
Article by Stuart Burns first posted on Openlogic.com

With Red Hat Enterprise Linux 7 released and CentOS version 7 newly unveiled, now is a good time to cover systemd, the replacement for legacy System V (SysV) startup scripts and runlevels. Red Hat-based distributions are migrating to systemd because it provides more efficient ways of managing services and quicker startup times. With systemd there are fewer files to edit, and all the services are compartmentalized and stand separate from each other. This means that should you screw up one config file, it won’t automatically take out other services.

Systemd has been the default system and services manager in Red Hat Fedora since the release of Fedora 15, so it is extensively field-tested. It provides more consistency and troubleshooting ability than SysV – for instance, it will report if a service has failed, is suspended, or is in error. Perhaps the biggest reason for the move to systemd is that it allows multiple services to start up at the same time, in parallel, making machine boot times quicker than they would be with legacy runlevels.

Continue reading »

flattr this!

Aug 312014
 

Some time ago I posted an article about shelr.tv a website and a service that was made to allow you to share your terminal records directly from the website.

Now the website of shelr.tv seems dead and so I’ve took a look around to see if there are similar websites and I’ve found commands.com.

For what I can see from their homepage it’s a service similar to the other, so let’s test it.
Continue reading »

flattr this!

Aug 292014
 

If you manage a server with many different users or just your family computer you will probably have many different accounts to manage, and one important aspect of any account it’s its password.

In this small article I’ll show you how to use the basic passwd command but also how to do some small bash script or use a web application, if you have a more complex environment, such as a central ldap server that keep all your accounts information.
Continue reading »

flattr this!