If you are taking care of the security of Linux systems, it is important that you know these commands and know how each of these helps you and works. There are many aspects of security on Linux systems, from setting up accounts to ensuring that legitimate users do not have more privileges than they need to do their jobs.
Security Commands
▸Sudo
Running privileged commands with sudo – rather than switching from user to root – is an essential good practice, as it helps ensure that root privilege is only used when necessary and limits the impact of errors. Your access to the sudo command depends on the configuration of the / etc / sudoers and / etc / group files.
▸Who and w
The who and w commands show you who is logged in to the system, although w shows more information, such as where the session was started from, when it was started, and how long it was inactive.
▸Find
The find command is used for many types of searches. When it comes to security, you might be looking for files that don’t have owners (or corresponding accounts) or that are writable and executable for everyone. The find commands are easy to compose but require some familiarity with their many options to define what to look for.
▸Which
The which command identifies the executable that will run when you type its name. This will not always be what you think it is. If a Trojan has inserted itself into the file system at a location that appears in the search path before the legitimate one, it will run instead. This is a good reason to make sure your search path includes directories like / usr / bin before adding fewer standard locations and especially before the “.” (current directory) even if necessary suedes to check the search path of a user by changing the user and making him (echo).
▸IPTables
It is also important to know how to list the firewall rules for iptables. These commands will provide you with a complete list of netfilter rules:
▸Kill, Pkill and Killall
As you can see in “More than one way to kill a Unix process”, Unix and Linux systems offer a convenient selection of commands to kill processes no matter why you want them dead. You can kill by process ID or by name. You can kill individually or in a group. In any case, the various kill commands are at your disposal and you should be ready to use them when necessary.
▸Visudo
The visudo command allows you to make changes to the / etc / sudoers file by opening the file in a text editor and checking the syntax of the changes. Run the command with “sudo visudo” and make sure you understand the syntax. Privileges can be assigned by user or by group. On most Linux systems, the / etc / sudoers file will already be configured with groups like the ones shown below that allow you to assign privileges to the groups configured in the / etc / group file.
[…] reads:Security Commands on Linux that you should knowCommands in Ubuntu and Linux – Fast […]