Trace: » irc » runlevel » joggler » using_tar » using_grep » wine_hacks » lesson_2 » lesson_1 » saag_aloo » systems_admin

Login

You are currently not logged in! Enter your authentication credentials below to log in. You need to have cookies enabled to log in.

Login

Ah, Under Attack!

Check listening servers

netstat -atpn 

tcp        0      0 192.168.1.2:50047       221.21.21.21:6667      ESTABLISHED6125/bash

OK, who's running bash with PID 6125 (the number next to bash)

ps aux | grep 6125 

chris     6125  0.7  5.8  98128 30360 ?        Sl   21:26   0:19 bash

OK, so it's Chris. Lets shut down all of his running processes

kill -9 `ps -u chris -o “pid=“` (You might also find this useful: killall -u chris )

Delete his account

userdel chris

Random Bunf

Check listening servers
netstat -atpn

When creating a new user, save yourself a headache and use adduser rather than useradd

ssh dictionary attacks are a pain in the arse - stop them with denyhosts.
http://www.howtoforge.com/preventing_ssh_dictionary_attacks_with_denyhosts

Check the history of commands issued
cat .bash_history
Also, you can use the “history” command.

scp SourceFile user@host:directory/TargetFile
scp user@host:folder/SourceFile TargetFile
Use the -r flag to transfer directories
If transfering large files use -c blowfish to get a faster cipher

You can restart a crashed X server (GUI) by hitting CTRL-ALT-BACKSPACE. You can get into a command line terminal, by hitting CTRL-ALT-<FUNCTION KEY>. Generally, function keys F1-F6. F7 (at least, in Ubuntu) is the GUI “terminal” if you like.

Getting info out of a hard drive sudo hdparm -iI /dev/hdb6

 

Back to top