Archive

Archives de l'auteur

15 Practical Linux Find Command Examples

04/08/2020 Aucun commentaire

Apart from the basic operation of looking for files under a directory structure, you can also perform several practical operations using find command that will make your command line journey easy.

In this article, let us review 15 practical examples of Linux find command that will be very useful to both newbies and experts. Lire la suite…

Categories: Système Tags: ,

15 Examples To Master Linux Command Line History

03/08/2020 Aucun commentaire

When you are using Linux command line frequently, using the history effectively can be a major productivity boost. In fact, once you have mastered the 15 examples that I’ve provided here, you’ll find using command line more enjoyable and fun.

1. Display timestamp using HISTTIMEFORMAT

Typically when you type history from command line, it displays the command# and the command. For auditing purpose, it may be beneficial to display the timepstamp along with the command as shown below.

# export HISTTIMEFORMAT='%F %T '
# history | more
1 2008-08-05 19:02:39 service network restart
2 2008-08-05 19:02:39 exit
3 2008-08-05 19:02:39 id
4 2008-08-05 19:02:39 cat /etc/redhat-release

2. Search the history using Control+R

Lire la suite…

Categories: Système Tags: ,

How to Setup Reverse SSH Tunnel on Linux

03/08/2020 Aucun commentaire

Reverse SSH is a technique that can be used to access systems (that are behind a firewall) from the outside world.

As you already know SSH is a network protocol that supports cryptographic communication between network nodes. Using this protocol, you can do a secure remote login, secure copy from/to a remote machine etc.

You’ll typically do the following to connect to a remote server securely using ssh command.

$ ssh [your-account-login]@[server-ip]

What is Reverse SSH?

SSH is very good tool to access remote machine or server securely. But, the problem arises when you try to connect to a remote server which is behind a firewall and this firewall denies any incoming connection or data transfer request that has no prior outgoing request. This means that only those connections would be allowed which are initiated by the remote server machine. This is a real problem for those who want to access this server machine remotely. Lire la suite…

Watch iptables counters

02/08/2020 Aucun commentaire

How to check iptables traffic on the fly?

Here are a few commands that can help:

watch --interval 0 'iptables -nvL | grep -v "0 0"'

This will allow you to watch as matches occur in real-time. To filter out only ACCEPT, DROP, LOG..etc, then run the following command: watch ‘iptables -nvL | grep -v “0 0” && grep “ACCEPT”‘ The -v is used to do an inverted filter. ie. NOT “0 0”

watch 'iptables -vL'

Watch the number of packets/bytes coming through the firewall. Useful in setting up new iptables rules or chains. Use this output to reorder rules for efficiency.

while true; do iptables -nvL > /tmp/now; diff -U0 /tmp/prev /tmp/now > /tmp/diff; clear; cat /tmp/diff; mv /tmp/now /tmp/prev; sleep 1; done

this alternative shows the differences as they occur so that they are made plain

watch -d -n 2 iptables -nvL

This will highlight (with a box over it) any changes since the last refresh.

Standard Process for Restoring IPtables at Boot?

02/08/2020 Aucun commentaire

Source: Ubuntu Tutorials

I got to thinking about something the other day when I rebuilt my webserver using Debian 5.0. How does Debian/Ubuntu standardize on reloading the iptables rules at boot time?

I know that Red Hat and its variants use the /etc/sysconfig/iptables file as a save and restore point, and there is an init script, iptables, that starts at boot prior to the network script, but is there a similar standard on Debian/Ubuntu?

The solution I’ve come up with (and I’m very curious to hear what others have done) is the following:

First, I manually enter my base iptables rules…

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -s 17.88.115.150/32 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -s 111.70.51.51/32 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -s 16.10.111.177/32 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -j REJECT --reject-with icmp-host-unreachable
...etc, etc.

*(ip addresses have been scrambled to protect their identity)

I then run:

iptables-save > /etc/default/iptables

From this point forward I manually update my ruleset by editing the file directly with a text editor.

To reload these rules at boot-time I have added a line to my /etc/network/interfaces configuration as follows:

auto eth0
iface eth0 inet static
address foo
netmask bar
gateway baz
dns-search domain.tld
dns-nameservers foo
pre-up iptables-restore < /etc/default/iptables

That last line tells the machine that, before you activate these network settings, run iptables-restore and read from the file /etc/default/iptables.  This seems to work well enough so far, but I’m still curious what others have done.  Do you simply write an init script on your own and maintain the ruleset within that file?  Do you use a file similar to what I’ve done, but source it via an init script?  I’m curious, as there does not seem to be a standard that I’m aware of.

Categories: Réseau Tags: ,