- Obtain General Information with *nix
- Get information on mounted volumes
- lsblk
- fdisk
- SuSe Linux | Find SuSe Version
- General OS Checks for Linux Systems
- Packages
- List installed packages
- RPM Platforms (Redhat, CentOS, SuSe, Fedora, ArchLinux, Scientific Linux, etc.)
- Get the local path where a particular package was installed
- Standard Commandline Operations
- Compression (zip) / Decompression (unzip)
- Unzip a file
- RSA Crypto Operations
- Generate a local key and copy public key to target host
- VIM
- Set VIM in nocompatible mode
- Network Discovery
- TCPDump
- Breaking down the Tcpdump Command Line
- Display ASCII text
- Get Packet Contents with Hex Output
- Capture on specific Protocol
- Capture Hosts based on IP address
- Capture traffic from a specific port
- Write to a capture file
Obtain General Information with *nix
Get information on mounted volumes
lsblk
The lsblk command is to list block devices. It reads the data from udev database along with sysfs file system to print a report on all available or specified block devices. Block devices abstracts the actual hardware characteristics of any physical device and allows you to interact with it using a buffered interface.
fdisk
fdisk is mostly used to manipulate the partition table, it can list info on all partitions by using fdisk -l
SuSe Linux | Find SuSe Version
How do I find out the OpenSUSE/SuSE Linux version via Command Line Interface.
Result:
General OS Checks for Linux Systems
Packages
List installed packages
RPM Platforms (Redhat, CentOS, SuSe, Fedora, ArchLinux, Scientific Linux, etc.)
If you are on a RPM-based Linux platform, here are two ways to determine the list of packages installed.
Get the local path where a particular package was installed
Standard Commandline Operations
Compression (zip) / Decompression (unzip)
Unzip a file
RSA Crypto Operations
Generate a local key and copy public key to target host
VIM
Set VIM in nocompatible mode
To avoid dirty characters like “^M” when copy-pasting run vim with: vim -u NONE
Alternatively also use the paste command: :set paste
when you are finished issue :set nopaste
Network Discovery
TCPDump
Breaking down the Tcpdump Command Line
Some common commandline parameters. Ex. sudo tcpdump -i eth0 -nn -s0 -v port 80
Explanation:
You can capture traffic coming from or going to different ports and hosts but TCPDUMP’s real power comes in the combination of different conditions. There are three logical operators to help you assemble the right combination of filters:
AND: use and or &&
OR: use or or ||
NEGATION: use not or !
Display ASCII text
Adding -A
to the command line will have the output include the ascii
strings from the capture. This allows easy reading and the ability to parse the output using grep
or other commands.
Get Packet Contents with Hex Output
Hex output is useful when you want to see the content of the packets displayed in both HEX and ASCII
Output:
Capture on specific Protocol
Filter on UDP traffic. Another way to specify this is to use protocol 17 that is udp
. These two commands will produce the same result. The equivalent of the tcp
filter is protocol 6.
Capture Hosts based on IP address
Using the host
filter will capture traffic going to (destination) or from (source) a specific IP address.
Alternatively, capture only packets going one way using src
or dst
.
Capture traffic from a specific port
You can also capture traffic coming from a range of ports
Write to a capture file
Writing a standard pcap
file is a common command option. Writing a capture file to disk allows the file to be opened in Wireshark or other packet analysis tools.