As part of my journey in cybersecurity, I have learned about the complexity of Linux systems. Both system administration and security assessment require a thorough understanding of a system's design, operations, and configurations. Here's a quick list of some of the most significant Linux commands I have learned.
Fundamental System Details
whoami: Instantaneously show the active username. It is important to know what privileges you might have while gaining access to a system.
whoami
Whoami is extended with id, which shows the user's ID and group memberships. When auditing account permissions, this information is quite helpful.
The hostname of the system you are currently logged into is printed or set. Easy to use but efficient for machine identification.
uname: This command yields comprehensive system information, including the name and version of the kernel and hardware specifications. When evaluating possible kernel vulnerabilities, the -a flag is useful because it shows all accessible information.
uname -a
Networking Insights
ifconfig: For viewing and configuring network setups and network interface settings. It is necessary for diagnosing problems with networks.
ifconfig
ip: You can control network interfaces, routing, and tunnels with this more contemporary option to ifconfig.
ip a
Network status is shown via netstat, which also shows connections, routing tables, and interface information.
netstat -tuln
Another excellent tool that provides thorough information for examining sockets and network connections is ss.
ss -tuln
Handling Devices and Processes
- ps: Provides a list of active processes, which is helpful for debugging and keeping track of system activities.
ps aux
- lsblk: Provides details about block devices and a storage device hierarchy.
lsblk
- lsusb and lspci: These commands help identify connected hardware by listing USB and PCI devices, respectively.
lsusb
lspci
- Lists of open files, or lsofs, are useful for troubleshooting system problems and looking into possible security risks.
lsof
Getting Remote Access using SSH
One essential piece of technology that allows for safe remote access to Linux computers is SSH (Secure Shell). For those working in the disciplines of system administration and cybersecurity, it is an essential tool. One needs to be able to use SSH to log in and run commands remotely in order to perform system administration duties.
ssh username@remote_host
With these tools, I’m building a strong foundation in Linux system management, which is crucial for both day-to-day operations and security assessments. This knowledge will also aid in discovering vulnerabilities and misconfigurations that could lead to privilege escalation—a critical skill in penetration testing
Conclusion
Mastering these Linux commands is just the beginning of my cybersecurity journey. If you're also exploring Linux or cybersecurity, I'd love to hear your thoughts! What are your go-to commands? Connect with me on Twitter and let’s share knowledge.
Top comments (2)
And I would like to add "dmesg" to this list, it's a really useful command to execute to look at the kernels latest information, it's just really a useful tool for troubleshooting and information gathering.
Thank you for highlighting
dmesg! Your feedback is precisely the reason I think this platform is so important; working together and exchanging knowledge truly aids in enhancing and perfecting our comprehension. I appreciate your contribution!