Linux Utilities - Security Checks Flashcards Preview

Linux > Linux Utilities - Security Checks > Flashcards

Flashcards in Linux Utilities - Security Checks Deck (3)
Loading flashcards...
1

How to display who is connected to the system?

root@ubuntu:/var# w

15:43:54 up 1 day, 3:45, 2 users, load average: 0.20, 0.05, 0.02

USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT

ubuntu ttyS0 - Sat12 0.00s 0.26s 0.05s -bash

janiax pts/0 192.168.235.147 15:43 9.00s 0.02s 0.02s -bash

 

  • USER -> username of the connected user
  • TTY -> terminal to which user connects; :0 = console
  • FROM -> display IP address the user connects from
  • LOGIN@ -> display the time when user connected
  • IDLE -> how long the user's been inactive
  • JCPU -> how much CPU is being used by the user in that CPU
  • WHAT -> what process the user runs

2

How to display history of logins to the system, reboots and system crashes?

root@ubuntu:~# last

janiax pts/0 192.168.235.147 Sun Apr 26 15:43 - 15:44 (00:00)

ubuntu ttyS0 Sat Apr 25 12:04 still logged in

reboot system boot 4.15.0-20-generi Sat Apr 25 11:58 still running

ubuntu ttyS0 Sat Apr 25 10:28 - crash (01:29)

reboot system boot 4.15.0-20-generi Sat Apr 25 10:25 still running

3

How to check history of commands run by a user? How is the file called?

  • home folder of the user
    • hidden .bash_history file
  • root privileges need to be used in order to check history of some other user

 

root@ubuntu:/home/janiax# cd /home/janiax

root@ubuntu:/home/janiax# cat .bash_history

w

ifconfig ens3

watch -n 1 ifconfig

exit