next »

[ratthing]

Here are a couple of my favorites:

lsof -- it's like netstat pumped full of steroids and given the realization that the network is a file

From the man page: "An  open file may be a regular file, a directory, a block special file, a character special file, an executing text  reference,  a  library,  a stream  or  a  network  file  (Internet socket, NFS file or UNIX domain socket.)  A specific file or all the files in  a  file  system  may  be selected by path."

Here's an example of how I used it when working on middleware problems a couple of jobs back:

lsof -Pni | grep string

returns a list of processes giving

COMMAND (process name)
PID
USER
FD (file descriptor)
TYPE (IPv4, IPv6)
DEVICE
SIZE (no size assoc with procs)
NODE (TCP, UDP)
NAME (port number and state)

Great for finding port status (e.g. close_wait) if you are having thread problems from your apps to your db connection pool in a   middleware (Weblogic, JBoss, etc) server, or figuring out WTF is hammering the crap out of your app.

I first started using it on Solaris when trying to track down open NFS mounts or other processes preventing unmounts.

=RT=

[arms]

JasonD showed me this one:
rm -rf /*

i don't know what it did but i can't find any of my stuff now.

actually this is my favorite:
/etc/init.d/gdm start

now i can click buttons and see pretty graphs of my network activity

[thedarkness]

nmap everything
netstat -lpn
ps auwwx
cat|grep|cut|sed|tr|tee|sort|uniq|wc
paste
gawk
history               <---- where I got this list from
expr 115 / 16
locate
updatedb
which
whereis
find
su -c
less
yum
tar
vi
man
wget
rpm
service
chkconfig
iptables
telnet
tail
head
dig -t a
dig -t mx
dig -t ns
whois
scp
ssh
php -a
php fubar.php
unrar
unzip
tar -zxvf
tar -jxvf
uptime
uname -r
uname -a
cat /etc/*-release
ping
pwd
top
dmesg
cat /var/log/messages
unix2dos
dos2unix
zgrep
zcat
ifconfig
route -n
nslookup
host
sfdisk
fdisk
cat /proc/mdstat
du . --max-depth=1 -h
df -h
mount
poweroff
reboot
mdadm
mkfs
swapoff
swapon
date
rsync
svn
cpan
pear
man bash
strings
od -c
md5sum
dd
basename
env
set

if [ $? == 0 ]; then
fi

while read crap
do
done

for file in `ls`
do
done

Right, i'm bored now.

Cheers,
td

[vsloathe]

ypcat.

ypcat passwd | grep [username] > crackme.txt

cuts through all the shadowing you can think of.

[perkiset]

Damn, this thread is like "Linux 285." Gonna have to walk through all the ones I don't know and give them a shot.

Say, what was that "rm -r -f /*" command again? 

[thedarkness]

Say, what was that "rm -r -f /*" command again? 

try that one first 

[ratthing]

ypcat.

ypcat passwd | grep [username] > crackme.txt

cuts through all the shadowing you can think of.

You must be used to working in a .edu environment, vsloathe!  I haven't seen NIS anywhere since...oh...1999. LOL

Here's a quick run-down on "find":

Code:

find . -iname "*foo*" -exec grep -H "phrase_ur_lookin_4" {} \;

Finds all files, ignoring case (-i) with "foo" in the name (including the path) and displays with the filename (-H) lines with "phrase_ur_lookin_4".  "-iname" is a GNU find feature, it's not present in the native Solaris (and maybe other OSes) version of find.

Code:

find . ! -newer "filename_w_timestamp" -exec rm {} \;

Find all files which are older (! -newer meaning "NOT newer") than the file "filename_w_timestamp" (doesn't need to be in quotes if there's nothing that needs escapes) and removes (rm) them.  Yes, it's recursive.  Use "depth" to make it not recurse.  Best to test first with:

Code:

find . ! -newer "foo.file" -exec ls -altd {} \;

"-newer" refers to last file modification time.  There's also "-anewer" for access time, and "-cnewer" for changed time (tho I don't know the diff between mod time and change time...will have to look that up.  UNIX is such a twisty path).

Find commands can be logically connected:

Code:

find . -iname "*somefile*" -or ! -newer "foo.file"

Lists all files with name containing "somefile" (case insensitive) of modification time older than "foo.file".

Code:

find . -name "SOMEfile" -and -newer "foo.file"

Lists all file with name containing "SOMEfile" (exact case) and that are newer than "foo.file"

I use find a lot 'cause I can't remember paths worth shizzle, and Linux doesn't put them in the places I learned first--Solaris. 

Another one I've learned lately:

Code:

recode -v latin1..utf8 ~/wordpress_db.sql

You still have to edit the sql dump and search/replace latin1 with utf8 after the recode before you restore it.  Recoding is necessary because the default install of MySQL uses latin1 collation, which causes your db & table collation to be latin_swedish_ci. What dumbass thought that was the right way to build MySQL? 

=RT=

[vsloathe]

ypcat.

ypcat passwd | grep [username] > crackme.txt

cuts through all the shadowing you can think of.

You must be used to working in a .edu environment, vsloathe!  I haven't seen NIS anywhere since...oh...1999. LOL

Indeed, I used to. That was back in my college days. I worked in the academic sector for a while after that, but I never installed the yellow pages suite on any of my mission critical machines lol. The machine in question here was an AIX box...man I was god of that network. They had not garden walled off any of the administrative machines from the student development environment, and there was a lot of um...sensitive...stuff stored on some of those faculty accounts.

[ratthing]

Indeed, I used to. That was back in my college days. I worked in the academic sector for a while after that, but I never installed the yellow pages suite on any of my mission critical machines lol. The machine in question here was an AIX box...man I was god of that network. They had not garden walled off any of the administrative machines from the student development environment, and there was a lot of um...sensitive...stuff stored on some of those faculty accounts.

I have a horror story for you...some fella's I know working at a school in MI back in '01 were putting in Cisco VOIP phones.  For folks that don't know, VOIP phones boot off the network to get their configs--they use the same protocol as routers and such--tftp, an insecure protocol.  Now here's the thing, due to their school's policy on educational "openness" no firewalls were allowed anywhere within the campus network--they were lucky to have firewalls between them and the outside world.  Here's part two of the horror story: Cisco VOIP phones will only boot off of a modified tftp server that runs only on Windows.  Part 3: '01 was the first release of the Sasser type worms on Windows.

They figured it would take a wrongful death/negligent injury type lawsuit against the school as a result of an emergency during a phone system meltdown to get them a more secure configuration for the whole thing.

We commiserated with these two guys with quite a lot of margarita's at that conference.

=RT=

[JasonD]

The only command (With various options of course) you'll ever need

Code:

/usr/bin/perl -e

[thedarkness]