Submitted By tsheffieldw3342
Words: 623
Pages: 3


iptables ­[IAD]chain rule­specifications [options]
Usually Input Flags:
­i specifies the inbound interface
­s specifies the source
­p specifies the protocol [TCP/UDP]
­dport specifies the destination port
ACCEPT­Deliver the traffic
REJECT­do not deliver, send reject notice
DROP­do not deliver, do not respond
LOG­ just logs, doesn’t deliver To view rules:
­nvL ­­line­numbers Add number after INPUT/OUTPUT/FORWARD to add a rule at specified line netstat ­plant | grep :80 | awk ‘{print $5}’ | cut ­d: ­f1 | sort | uniq ­c | sort ­n one line to look at apache connections

­p show the PID and the name of the program to which each socket belongs ­plant shows listening sockets ss ­tn for socket statistics

Ubuntu: cat /var/auth.log
CentOS: less /var/log/secure

Can be piped to grep for failed passwords less /var/log/secure | grep ‘failed password for root’| awk ‘{print $11}’

Above shows only the IP addresses from failed connections less /var/log/secure | grep ‘failed password for root’| awk ‘{print $11}’ | uniq ­c | sort ­n

Shows IP addresses sorted by how many times they have attempted. whois [IP Address]
Shows information about an IP

.sh File Extension for bash scripts mkdir [foldername] Makes a folder eject Ejects rmdir Deletes folders, ­Rf deletes everything within the folder
Start all scripts with #!/bin/bash read takes user input and stores it in a variable
Use “$” to call variables; do not when defining a variable; unless it is a list cut removes characters from the STDOT
­d flag followed by column number only outputs that column followed by delimiter: “:” followed by ­f[col #]
Define an array [list name]=$( contents separated by spaces )
For loop syntax: for [local variable name] in “${list[@]}” do [commands] done “”” used for block quotes cat prints a files contents
\n new line; similar to in python tr translates text cat [filename] | tr “\n” “” displays a files contexts all on one line, with each item separated by a space list=($[listname]) converts a list to an array­Beginners­Guide/html/sect_07_01.html Windows:

Useful tools for identifying processes autoruns and other programs

NETSTAT netstat ­aon shows all connections Piped to !findsr [port] will act similar to grep. Common ports are: 23,25,80,443,8080 Microsoft Baseline Security Analyzer(MBSA)
Fast and easy method to identify and correct many common misconfigurations and issues
Scans all the things, like everything, everywhere Microsoft Baseline Configuration Analyzer(MBCA)
Allows a system to be…