Procedure for Checking System, After login
Check for suspicious activity when you login
Check the environment ...
...] # set show who is logged on and what ity is doing ...
...] # w Report Process Status - Make Sure All Needed Processes Are Running (EX: Apache, MySQL, SSH) ...
...] # ps -auxf display use used / free memory ...
...] # Free -m Display Network Interface Information - Make Sure Your Interfaces Are Up and Running ...
...] # ifconfig show network connections - See What ports your system is listenging on and the program of the program ...
...] # Netstat -ape View Logged Activity ...
...] # less / var / log / secure view logged activity ...
...] # less / var / log / messages show listing of last logged in users ...
...] # Last Show log of login activity by user name ...
...] # Lastlog List loaded modules ...
...] # lsmod
Services
ChkConfig Is a Tool for maintaining the /etc/rc[0-6].d Directory Hierarchy by relieving system administrats of the task of directly manipulating the nameness symbolic links in those Directories.
Lists All of the Services Which Chkconfig Knows About ...
...] # chkconfig --List Turn Services Off Ors, ON Specified System Run-Levels ...
...] # chkconfig --level 0123456 Service Off / on
Killing Processes
List Running Processes with their PIDS, Hierarchical Structure ...
...] # ps -auxf kill process ...
...] # Kill Pid Kill Process, IF Previous Kill IS Unsuccessful ...
...] # Kill -9 PID
Changing hostname
Edit / etc / sysconfig / network ...
Edit Hostname = "www.domain.com" Edit DomainName = "Domain.com" Restart ...] # Hostname
Www.domain.com Prompt Will Now Display As [user @ www dir] #
Update Local Host Aliases
Edit / etc / hosts ...
Format is IP
...] # cd / etc / sysconfig / network-scripts / / etc / sysconfig / network-scripts] # cp ifcfg-eth0 ifcfg-eth0: 1 Edit ifcfg-eth0: 1 ...
Edit Device = "Eth0: 1" edit ipaddr = "put.extra.ip.here" Bind IP Address with ...
...] # iFup eth0: 1
Put Nic Into Promiscuous Mode
Promiscuous Mode Allows Your Nic To Read All The Data That Is Sent over The Wire, Not Just Your IP.
...] # ifconfig eth0 Promisc Remove Promiscuous Mode with ...
...] # ifconfig eth0 -promisc
View Process Info and NetWork Connections
...] # ps -auxf ...] # NetStat -ape
SYSTEM INFO
Display Bootup Messages: ...] # Dmesg Display System Information: ...] # uname -a
Linux www.domain.com 2.4.20-19.7 # 1 Tue Jul 15 13:44:14 EDT 2003 I686 Unknown
FILE OWNERSHIP
Change File Owner and group: ...] # Chown Owner: Group file change Dir / File Owner and group recursively: ...] # chown -r owner: Group Dir
Recursive: Every File and Sub-Directory Under The Specified Directory
Red Hat Network Up2date, Command Line
Register with the red hat network ...
...] # rhn_register - Nox Change Up2date Options ...
...] # Up2date --configure configuration file: / etc / sysconfig / rhn / up2date packages / headers located under / var / spool / up2date update the Update Program ...
...] # Up2date - Nox Up2date Show Available Relevant Updated Packages ...
...] # Up2date - Nox -l Update System With All Relevant packages ...
...] # Up2date - Nox -u install or update package ...
...] # Up2date - Nox package_name
