- Obtain General Information with *nix
- Get information on mounted volumes
- SuSe Linux | Find SuSe Version
- General OS Checks for Linux Systems
- List installed packages
- RPM Platforms (Redhat, CentOS, SuSe, Fedora, ArchLinux, Scientific Linux, etc.)
- Get the local path where a particular package was installed
- Standard Commandline Operations
- Compression (zip) / Decompression (unzip)
- Unzip a file
- RSA Crypto Operations
- Generate a local key and copy public key to target host
- Set VIM in nocompatible mode
- Network Discovery
- Breaking down the Tcpdump Command Line
- Display ASCII text
- Get Packet Contents with Hex Output
- Capture on specific Protocol
- Capture Hosts based on IP address
- Capture traffic from a specific port
- Write to a capture file
Obtain General Information with *nix
Get information on mounted volumes
The lsblk command is to list block devices. It reads the data from udev database along with sysfs file system to print a report on all available or specified block devices. Block devices abstracts the actual hardware characteristics of any physical device and allows you to interact with it using a buffered interface.
fdisk is mostly used to manipulate the partition table, it can list info on all partitions by using
SuSe Linux | Find SuSe Version
How do I find out the OpenSUSE/SuSE Linux version via Command Line Interface.
General OS Checks for Linux Systems
List installed packages
RPM Platforms (Redhat, CentOS, SuSe, Fedora, ArchLinux, Scientific Linux, etc.)
If you are on a RPM-based Linux platform, here are two ways to determine the list of packages installed.
Get the local path where a particular package was installed
Standard Commandline Operations
Compression (zip) / Decompression (unzip)
Unzip a file
RSA Crypto Operations
Generate a local key and copy public key to target host
Set VIM in nocompatible mode
To avoid dirty characters like “^M” when copy-pasting run vim with:
vim -u NONE Alternatively also use the paste command:
:set paste when you are finished issue
Breaking down the Tcpdump Command Line
Some common commandline parameters. Ex.
sudo tcpdump -i eth0 -nn -s0 -v port 80
You can capture traffic coming from or going to different ports and hosts but TCPDUMP’s real power comes in the combination of different conditions. There are three logical operators to help you assemble the right combination of filters:
AND: use and or &&
OR: use or or ||
NEGATION: use not or !
Display ASCII text
-A to the command line will have the output include the
ascii strings from the capture. This allows easy reading and the ability to parse the output using
grep or other commands.
Get Packet Contents with Hex Output
Hex output is useful when you want to see the content of the packets displayed in both HEX and ASCII
Capture on specific Protocol
Filter on UDP traffic. Another way to specify this is to use protocol 17 that is
udp. These two commands will produce the same result. The equivalent of the
tcp filter is protocol 6.
Capture Hosts based on IP address
host filter will capture traffic going to (destination) or from (source) a specific IP address.
Alternatively, capture only packets going one way using
Capture traffic from a specific port
You can also capture traffic coming from a range of ports
Write to a capture file
Writing a standard
pcap file is a common command option. Writing a capture file to disk allows the file to be opened in Wireshark or other packet analysis tools.