Unix / Linux mastering command line

1. Introduction

Small Quick Reference for Unix / Linux adminstrator.

2. Linux / Unix Commands

2.1. Memory

• free, vmstat, mpstat, iostat, sar

2.2. Cpu

• vmstat, mpstat, iostat, sar

2.3. I/O

• vmstat, mpstat, iostat, sar

2.4. Process

• ipcs, ipcrm

2.5. Multi-proposal

• nmon: 

2.6. Information

2.6.1. How to determine CentOS or RedHat version

• http://www.rackaid.com/resources/how-to-determine-centos-or-red-hat-version/

2.6.2. How to determine Ubuntu version

• http://www.ubuntuka.com/how-to-find-out-ubuntu-version/

2.6.3. System file information

• cat /proc/cpuinfo
• cat /proc/meminfo
• cat /proc/zoneinfo
• cat /proc/mounts

2.6.4. Command line differeces between some Unix/Linux distributions

• http://bhami.com/rosetta.html

3. Reference

• http://www.oracle.com/technetwork/articles/linux/part3-090589.html
• http://unixguide.net/cgi-bin/unixguide.cgi

Best tips using nmap to scan and anoy host

1. Introduction

What should I do to discover as much as I can about a host connected the network.

2. Tips

2.1. Scanning host with nmap

# nmap Options:
# -sT: TCP connect Scan
# -sU: UDP scan
# -sR: RPC scan
# -O: Enable SO detection
# -sV: SO version detection
# -p: port range
# -v: Verbose mode
# -P0: No ping
# -A: Agressive scan option
#
$ nmap -sS -O 10.10.10.176 -p 139
$ nmap -sTUR -O -v -p 1-65535 -P0 10.10.10.176
$ nmap -sA 10.10.10.176
$ nmap -sS -O 10.10.10.176 -p 139

2.2. Finding out something MORE with NetBIOS Lookup over TCP/IP and SmbClient

$ nmblookup -A 10.10.10.176

Looking up status of 10.10.10.176

        LP0054          <00> -         M <ACTIVE>

        WORKGROUP       <00> - <GROUP> M <ACTIVE>

        LP0054          <20> -         M <ACTIVE>

        WORKGROUP       <1e> - <GROUP> M <ACTIVE>

        MAC Address = 00-1A-73-21-74-64

$ #

$ #

$ smbclient -L\\LP0054 -I 10.10.10.176

Password:

Anonymous login successful

Domain=[WORKGROUP] OS=[Windows Vista (TM) Business 6001 Service Pack 1] Server=[Windows Vista (TM) Business 6.0]

        Sharename       Type      Comment

        ---------       ----      -------

cli_rpc_pipe_open: cli_nt_create failed on pipe \srvsvc to machine LP0054.  Error was NT_STATUS_ACCESS_DENIED

Error returning browse list: NT_STATUS_ACCESS_DENIED

Anonymous login successful

Domain=[WORKGROUP] OS=[Windows Vista (TM) Business 6001 Service Pack 1] Server=[Windows Vista (TM) Business 6.0]

        Server               Comment

        ---------            -------
                                    

        Workgroup            Master

        ---------            -------

2.3. Anoying host - please use only if you're sysadm 

• On Linux

$ ping -i 0.001 -c 1000 -f -s 65507 10.10.10.176

• On Windows

C:\> shutdown /?
C:\> shutdown –m \\computername –r –f –c “The computer will restart, please save all work.” –t 15

2.2. Lookup Vendor by MAC ADDRESS

$ arping 10.10.10.176

• http://www.coffer.com/mac_find/
• http://www.macvendorlookup.com/
• https://db.uga.edu/network/public/vendorcode.cgi

3. References

• http://www.vivaolinux.com.br/dica/Nmap-Combinacoes-para-um-bom-scan/
• http://www.coffer.com/mac_find/
• http://www.macvendorlookup.com/
• https://db.uga.edu/network/public/vendorcode.cgi
• http://www.madirish.net/node/77
• http://maximumpcguides.com/windows-vista/use-the-remote-shutdown-tool-to-shutdown-restart-or-logoff-a-local-or-networked-computer/
• http://www.online-tech-tips.com/computer-tips/remote-shutdown-command/