unixtoolbox.book
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
717
On Slideshare
717
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
3
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. UNIXTOOLBOX 4GHRCNBTLDMSHR@BNKKDBSHNMNE5MHW,HMTW"3$BNLL@MCR@MCS@RJRVGHBG@QDTRDETKENQ)4VNQJ NQENQ@CU@MBDCTRDQR4GHRHR@OQ@BSHB@KFTHCDVHSGBNMBHRDDWOK@M@SHNMR
  • 2. GNVDUDQSGDQD@CDQHR RTOONRDCSNJMNVVG@SRGDHRCNHMF 3XRSDL 0QNBDRRDR &HKD3XRSDL .DSVNQJ 33(3#0 60.VHSG33( 239.# 35$/ %MBQXOS&HKDR %MBQXOS0@QSHSHNMR 33,#DQSHEHB@SDR #63 36. 5RDETK#NLL@MCR )MRS@KK3NESV@QD #NMUDQS-DCH@ 0QHMSHMF $@S@A@RDR $HRJ1TNS@ 3GDKKR 3BQHOSHMF 0QNFQ@LLHMF /MKHMD(DKO 5MHW4NNKANWQDUHRHNM 4GDK@SDRSUDQRHNMNESGHRCNBTLDMSB@MADENTMC@SGSSOBAUTTMHWSNNKANWWGSLK2DOK@BDWGSLK NMSGDKHMJVHSGOCEENQSGD0$&UDQRHNM@MCVHSGANNJOCEENQSGDANNJKDSUDQRHNM/M@CTOKDW OQHMSDQSGDANNJKDSVHKKBQD@SD@RL@KKANNJQD@CXSNAHMC3DD@KRNSGD@ANTSO@FD %QQNQQDONQSR@MCBNLLDMSR@QDLNRSVDKBNLD BBAUT#NKHM"@QRBGDK
  • 3. 1SYSTEM (@QCV@QDO [3S@SHRSHBRO [5RDQRO [,HLHSRO [2TMKDUDKRO [QNNSO@RRVNQCO [ #NLOHKDJDQMDKO [2DO@HQFQTAO [-HRBO 2TMMHMFJDQMDK@MCRXRSDLHMENQL@SHNM #uname-a#Getthekernelversion(andBSDversion) #lsb_release-a#FullreleaseinfoofanyLSBdistribution #cat/etc/SuSE-release#GetSuSEversion #cat/etc/debian_version#GetDebianversion 5RDDSBDISTR QDKD@RDVHSGDISTR=KRA5ATMST
  • 4. QDCG@S
  • 5. FDMSNN
  • 6. L@MCQ@JD
  • 7. RTM3NK@QHR
  • 8. @MCRN NM3DD@KRN/etc/issue #uptime#Showhowlongthesystemhasbeenrunning+load #hostname#system'shostname #hostname-i#DisplaytheIPaddressofthehost.(Linuxonly) #manhier#Descriptionofthefilesystemhierarchy #lastreboot#Showsystemreboothistory 1.1HardwareInformations +DQMDKCDSDBSDCG@QCV@QD #dmesg#Detectedhardwareandbootmessages #lsdev#informationaboutinstalledhardware #ddif=/dev/membs=1kskip=768count=2562>/dev/null|strings-n8#ReadBIOS Linux #cat/proc/cpuinfo#CPUmodel #cat/proc/meminfo#Hardwarememory #grepMemTotal/proc/meminfo#Displaythephysicalmemory #watch-n1'cat/proc/interrupts'#Watchchangeableinterruptscontinuously #free-m#Usedandfreememory(-mforMB) #cat/proc/devices#Configureddevices #lspci-tv#ShowPCIdevices #lsusb-tv#ShowUSBdevices #lshal#Showalistofalldeviceswiththeirproperties #dmidecode#ShowDMI/SMBIOS:hwinfofromtheBIOS FreeBSD #sysctlhw.model#CPUmodel #sysctlhw#Givesalotofhardwareinformation #sysctlhw.ncpu#numberofactiveCPUsinstalled #sysctlvm#Memoryusage #sysctlhw.realmem#Hardwarememory #sysctl-a|grepmem#Kernelmemorysettingsandinfo #sysctldev#Configureddevices #pciconf-l-cv#ShowPCIdevices #usbdevs-v#ShowUSBdevices #atacontrollist#ShowATAdevices #camcontroldevlist-v#ShowSCSIdevices 1.2Load,statisticsandmessages 4GDENKKNVHMFBNLL@MCR@QDTRDETKSNEHMCNTSVG@SHRFNHMFNMNMSGDRXRSDL #top#displayandupdatethetopcpuprocesses #mpstat1#displayprocessorsrelatedstatistics #vmstat2#displayvirtualmemorystatistics #iostat2#displayI/Ostatistics(2sintervals) #systat-vmstat1#BSDsummaryofsystemstatistics(1sintervals) #systat-tcp1#BSDtcpconnections(tryalso-ip) #systat-netstat1#BSDactivenetworkconnections #systat-ifstat1#BSDnetworktrafficthroughactiveinterfaces c3XRSDLc 
  • 9. 3GNQS,HMTWQDEDQDMBDVVVOHWDKAD@SNQFBLCKHMDGSLK ,HSSKDBNLL@MCKHMDFNNCHDRVVVRGDKK ETNQF 4G@SR@KKENKJR 4GHRCNBTLDMS5MHW4NNKANWQDUHRHNMHRKHBDMRDCTMCDQ@#QD@SHUD#NLLNMR,HBDMBD ;!SSQHATSHNM 3G@QD!KHJD=b#NKHM"@QRBGDK 3NLDQHFGSRQDRDQUDC c/MKHMD(DKOc  #systat-iostat1#BSDCPUandanddiskthroughput #ipcs-a#informationonSystemVinterprocess #tail-n500/var/log/messages#Last500kernel/syslogmessages #tail/var/log/warn#Systemwarningsmessagesseesyslog.conf 1.3Users #id#Showtheactiveuseridwithloginandgroup #last#Showlastloginsonthesystem #who#Showwhoisloggedonthesystem #groupaddadmin#Addgroup"admin"andusercolin(Linux/Solaris) #useradd-c"ColinBarschel"-gadmin-mcolin #usermod-a-G<group><user>#Addexistingusertogroup(Debian) #groupmod-A<user><group>#Addexistingusertogroup(SuSE) #userdelcolin#Deleteusercolin(Linux/Solaris) #adduserjoe#FreeBSDadduserjoe(interactive) #rmuserjoe#FreeBSDdeleteuserjoe(interactive) #pwgroupaddadmin#UsepwonFreeBSD #pwgroupmodadmin-mnewmember#Addanewmembertoagroup #pwuseraddcolin-c"ColinBarschel"-gadmin-m-s/bin/tcsh #pwuserdelcolin;pwgroupdeladmin %MBQXOSDCO@RRVNQCR@QDRSNQDCHMDSBRG@CNVENQ,HMTW@MC3NK@QHR@MCDSBL@RSDQO@RRVCNM &QDD"3$)ESGDL@RSDQO@RRVCHRLNCHEHDCL@MT@KKXR@XSNCDKDSD@O@RRVNQC
  • 10. QTM#pwd_mkdb -pmaster.passwdSNQDATHKCSGDC@S@A@RD 4NSDLONQ@QHKXOQDUDMSKNFHMRRXRSDLVHCDENQ@KKTRDQRATSQNNS TRDMNKNFHM4GDLDRR@FDHM MNKNFHMVHKKADCHROK@XDCLHFGSMNSVNQJVHSGRRGOQD RG@QDCJDXR  #echo"Sorrynologinnow">/etc/nologin#(Linux) #echo"Sorrynologinnow">/var/run/nologin#(FreeBSD) 1.4Limits 3NLD@OOKHB@SHNMQDPTHQDGHFGDQKHLHSRNMNODMEHKDR@MCRNBJDSRKHJD@OQNWXVDARDQUDQ
  • 11. C@S@A@RD 4GDCDE@TKSKHLHSR@QDTRT@KKXSNNKNV Linux Pershell/script 4GDRGDKKKHLHSR@QDFNUDQMDCAXulimit4GDRS@STRHRBGDBJDCVHSGulimit-a&NQDW@LOKDSN BG@MFDSGDNODMEHKDRKHLHSEQNLSNCN #ulimit-n10240#Thisisonlyvalidwithintheshell 4GDulimitBNLL@MCB@MADTRDCHM@RBQHOSSNBG@MFDSGDKHLHSRENQSGDRBQHOSNMKX Peruser/process ,NFHMTRDQR@MC@OOKHB@SHNMRB@MADBNMEHFTQDCHM/etc/security/limits.conf&NQDW@LOKD #cat/etc/security/limits.conf *hardnproc250#Limituserprocesses asteriskhardnofile409600#Limitapplicationopenfiles Systemwide +DQMDKKHLHSR@QDRDSVHSGRXRBSK0DQL@MDMSKHLHSR@QDRDSHM/etc/sysctl.conf #sysctl-a#Viewallsystemlimits #sysctlfs.file-max#Viewmaxopenfileslimit #sysctlfs.file-max=102400#Changemaxopenfileslimit #echo"102450000">/proc/sys/net/ipv4/ip_local_port_range#portrange #cat/etc/sysctl.conf fs.file-max=102400#Permanententryinsysctl.conf #cat/proc/sys/fs/file-nr#Howmanyfiledescriptorsareinuse c3XRSDLc 
  • 12. FreeBSD Pershell/script 5RDSGDBNLL@MClimitsHMBRGNQSBRGNQ@RHM,HMTW
  • 13. TRDulimitHM@MRGNQA@RGRGDKK Peruser/process 4GDCDE@TKSKHLHSRNMKNFHM@QDRDSHM/etc/login.conf!MTMKHLHSDCU@KTDHRRSHKKKHLHSDCAXSGD RXRSDLL@WHL@KU@KTD Systemwide +DQMDKKHLHSR@QD@KRNRDSVHSGRXRBSK0DQL@MDMSKHLHSR@QDRDSHM/etc/sysctl.confNQ/boot/ loader.conf4GDRXMS@WHRSGDR@LD@R,HMTWATSSGDJDXR@QDCHEEDQDMS #sysctl-a#Viewallsystemlimits #sysctlkern.maxfiles=XXXX#maximumnumberoffiledescriptors kern.ipc.nmbclusters=32768#Permanententryin/etc/sysctl.conf kern.maxfiles=65536#TypicalvaluesforSquid kern.maxfilesperproc=32768 kern.ipc.somaxconn=8192#TCPqueue.Betterforapache/sendmail #sysctlkern.openfiles#Howmanyfiledescriptorsareinuse #sysctlkern.ipc.numopensockets#Howmanyopensocketsareinuse #sysctlnet.inet.ip.portrange.last=50000#Defaultis1024-5000 #netstat-m#networkmemorybuffersstatistics 3DD4GD&QDD"3$G@MCANNJ#G@OSDQ ENQCDS@HKR!MC@KRN&QDD"3$ODQENQL@MBDSTMHMF Solaris 4GDENKKNVHMFU@KTDRHM/etc/systemVHKKHMBQD@RDSGDL@WHLTLEHKDCDRBQHOSNQRODQOQNB setrlim_fd_max=4096#Hardlimitonfiledescriptorsforasingleproc setrlim_fd_cur=1024#Softlimitonfiledescriptorsforasingleproc 1.5Runlevels Linux /MBDANNSDC
  • 14. SGDJDQMDKRS@QSRinitVGHBGSGDMRS@QSRrcVGHBGRS@QSR@KKRBQHOSRADKNMFHMFSN@ QTMKDUDK4GDRBQHOSR@QDRSNQDCHMDSBHMHSC@MC@QDKHMJDCHMSNDSBQBCQB.CVHSG.SGDQTMKDUDK MTLADQ 4GDCDE@TKSQTMKDUDKHRBNMEHFTQDCHMDSBHMHSS@A)SHRTRT@KKXNQ #grepdefault:/etc/inittab id:3:initdefault: 4GD@BST@KQTMKDUDKB@MADBG@MFDCVHSGinit&NQDW@LOKDSNFNEQNLSN #init5#Entersrunlevel5 3GTSCNVM@MCG@KS 3HMFKD 5RDQLNCD@KRN3 -TKSH TRDQVHSGNTSMDSVNQJ -TKSH TRDQVHSGMDSVNQJ -TKSH TRDQVHSG8 2DANNS 5RDchkconfigSNBNMEHFTQDSGDOQNFQ@LRSG@SVHKKADRS@QSDC@SANNSHM@QTMKDUDK #chkconfig--list#Listallinitscripts #chkconfig--listsshd#Reportthestatusofsshd #chkconfigsshd--level35on#Configuresshdforlevels3and5 #chkconfigsshdoff#Disablesshdforallrunlevels $DAH@M@MC$DAH@MA@RDCCHRSQHATSHNMRKHJD5ATMSTNQ+MNOOHWTRDSGDBNLL@MCupdate-rc.dSN L@M@FDSGDQTMKDUDKRRBQHOSR$DE@TKSHRSNRS@QSHM
  • 15. 
  • 16. @MC@MCRGTSCNVMHM
  • 17. @MC GSSOVVVEQDDARCNQFG@MCANNJBNMEHFSTMHMF JDQMDK KHLHSRGSLK GSSORDQUDQE@TKSBNLPTDRSHNMREQDDARC ODQENQL@MBD STMHMF RXRBSKR KN@CDQ BNME JDQMDK c3XRSDLc  Theprogramsimplecpp.cpp #include"IPv4.h" #include<iostream> #include<string> usingnamespacestd; intmain(intargc,char*argv[]){ stringipstr;//definevariables unsignedlongipint=1347861486;//TheIPinintegerform GenericUtils::IPv4iputils;//createanobjectoftheclass ipstr=iputils.IPint_to_IPquad(ipint);//calltheclassmember cout<<ipint<<"="<<ipstr<<endl;//printtheresult return0; } #NLOHKD@MCDWDBTSDVHSG #g++-cIPv4.cppsimplecpp.cpp#Compileinobjects #g++IPv4.osimplecpp.o-osimplecpp.exe#Linktheobjectstofinalexecutable #./simplecpp.exe 1347861486=80.86.187.238 5RDlddSNBGDBJVGHBGKHAQ@QHDR@QDTRDCAXSGDDWDBTS@AKD@MCVGDQDSGDX@QDKNB@SDC!KRNTRDC SNBGDBJHE@RG@QDCKHAQ@QXHRLHRRHMFNQHESGDDWDBTS@AKDHRRS@SHB #ldd/sbin/ifconfig#listdynamicobjectdependencies #arrcsstaticlib.a*.o#createstaticarchive #artstaticlib.a#printtheobjectslistfromthearchive #arx/usr/lib/libc.aversion.o#extractanobjectfilefromthearchive #nmversion.o#showfunctionmembersprovidedbyobject 22.5SimpleMakefile 4GDLHMHL@K-@JDEHKDENQSGDLTKSH RNTQBDOQNFQ@LHRRGNVMADKNV4GDKHMDRVHSGHMRSQTBSHNMRmust beginwithatab4GDA@BJRK@RG<B@MADTRDCSNBTSKNMFKHMDR CC=g++ CFLAGS=-O OBJS=IPv4.osimplecpp.o simplecpp:${OBJS} ${CC}-osimplecpp${CFLAGS}${OBJS} clean: rm-f${TARGET}${OBJS} 23ONLINEHELP 23.1Documentation ,HMTW$NBTLDMS@SHNMDMSKCONQF ,HMTW-@M0@FDRVVVKHMTWL@MO@FDRBNL ,HMTWBNLL@MCRCHQDBSNQXVVVNQDHKKXMDSBNLKHMTWBLC ,HMTWCNBL@MGNVSNRKHMTWCHDMDS &QDD"3$(@MCANNJVVVEQDDARCNQFG@MCANNJ &QDD"3$-@M0@FDRVVVEQDDARCNQFBFHL@MBFH &QDD"3$TRDQVHJHVVVEQDDARCVHJHMDS 3NK@QHR-@M0@FDRCNBRRTMBNL@OOCNBRBNKK 23.2OtherUnix/Linuxreferences 2NRDSS@3SNMDENQ5MHWAG@LHBNLQNRDSS@GSLK@5MHWBNLL@MCSQ@MRK@SNQ 5MHWFTHCDBQNRRQDEDQDMBDTMHWFTHCDMDSTMHWFTHCDRGSLK ,HMTWBNLL@MCRKHMDKHRSVVVKHMTWBLCNQF c/MKHMD(DKOc 
  • 18. #gccsimple.c-osimple #./simple Theansweris42 22.3C++basics *pointer//Objectpointedtobypointer &obj//Addressofobjectobj obj.x//Memberxofclassobj(objectobj) pobj->x//Memberxofclasspointedtobypobj //(*pobj).xandpobj->xarethesame 22.4C++example !R@RKHFGSKXLNQDQD@KHRSHBOQNFQ@LHM# @BK@RRHMHSRNVMGD@CDQ)0UG @MCHLOKDLDMS@SHNM )0UBOO @MC@OQNFQ@LVGHBGTRDRSGDBK@RRETMBSHNM@KHSX4GDBK@RRBNMUDQSR@M)0@CCQDRRHM HMSDFDQENQL@SSNSGDJMNVMPT@CENQL@S IPv4class IPv4.h: #ifndefIPV4_H #defineIPV4_H #include<string> namespaceGenericUtils{//createanamespace classIPv4{//classdefinition public: IPv4();~IPv4(); std::stringIPint_to_IPquad(unsignedlongip);//memberinterface }; }//namespaceGenericUtils #endif//IPV4_H IPv4.cpp: #include"IPv4.h" #include<string> #include<sstream> usingnamespacestd;//usethenamespaces usingnamespaceGenericUtils; IPv4::IPv4(){}//defaultconstructor/destructor IPv4::~IPv4(){} stringIPv4::IPint_to_IPquad(unsignedlongip){//memberimplementation ostringstreamipstr;//useastringstream ipstr<<((ip&0xff000000)>>24)//Bitwiserightshift <<"."<<((ip&0x00ff0000)>>16) <<"."<<((ip&0x0000ff00)>>8) <<"."<<((ip&0x000000ff)); returnipstr.str(); } c0QNFQ@LLHMFc  #update-rc.dsshddefaults#Activatesshdwiththedefaultrunlevels #update-rc.dsshdstart202345.stop20016.#Withexplicitarguments #update-rc.d-fsshdremove#Disablesshdforallrunlevels #shutdown-hnow(or#poweroff)#Shutdownandhaltthesystem FreeBSD 4GD"3$ANNS@OOQN@BGHRCHEEDQDMSEQNLSGD3XR6
  • 19. SGDQD@QDMNQTMKDUDKR4GDEHM@KANNSRS@SD RHMFKDTRDQ
  • 20. VHSGNQVHSGNTS8 HRBNMEHFTQDCHM/etc/ttys!KK/3RBQHOSR@QDKNB@SDCHM/etc/ rc.d/@MCHM/usr/local/etc/rc.d/ENQSGHQC O@QSX@OOKHB@SHNMR4GD@BSHU@SHNMNESGDRDQUHBDHR BNMEHFTQDCHM/etc/rc.conf@MC/etc/rc.conf.local4GDCDE@TKSADG@UHNQHRBNMEHFTQDCHM/etc/ defaults/rc.conf4GDRBQHOSRQDRONMCR@SKD@RSSNRS@QS[RSNO[RS@STR #/etc/rc.d/sshdstatus sshdisrunningaspid552. #shutdownnow#Gointosingle-usermode #exit#Gobacktomulti-usermode #shutdown-pnow#Shutdownandhaltthesystem #shutdown-rnow#Reboot 4GDOQNBDRRinitB@M@KRNADTRDCSNQD@BGNMDNESGDENKKNVHMFRS@SDRKDUDK&NQDW@LOKD#init 6ENQQDANNS (@KS@MCSTQMSGDONVDQNEERHFM@KUSR2 'NSNRHMFKD TRDQLNCDRHFM@KTERM 2DANNSSGDL@BGHMDRHFM@KINT B"KNBJETQSGDQKNFHMRRHFM@KTSTP P2DRB@MSGDSSXR EHKDRHFM@KHUP Windows 3S@QS@MCRSNO@RDQUHBDVHSGDHSGDQSGDservicenameNQ"servicedescription"RGNVMHMSGD 3DQUHBDR#NMSQNK0@MDK @RENKKNVR netstopWSearch netstartWSearch#startsearchservice netstop"WindowsSearch" netstart"WindowsSearch"#sameasaboveusingdescr. 1.6Resetrootpassword Linuxmethod1 !SSGDANNSKN@CDQKHKNNQFQTA
  • 21. DMSDQSGDENKKNVHMFANNSNOSHNM init=/bin/sh 4GDJDQMDKVHKKLNTMSSGDQNNSO@QSHSHNM@MCinitVHKKRS@QSSGDANTQMDRGDKKHMRSD@CNErc@MCSGDM@ QTMKDUDK5RDSGDBNLL@MCpasswd@SSGDOQNLOSSNBG@MFDSGDO@RRVNQC@MCSGDMQDANNS&NQFDS SGDRHMFKDTRDQLNCD@RXNTMDDCSGDO@RRVNQCENQSG@S )E
  • 22. @ESDQANNSHMF
  • 23. SGDQNNSO@QSHSHNMHRLNTMSDCQD@CNMKX
  • 24. QDLNTMSHSQV #mount-oremount,rw/ #passwd#ordeletetherootpassword(/etc/shadow) #sync;mount-oremount,ro/#syncbeforetoremountreadonly #reboot FreeBSDmethod1 /M&QDD"3$
  • 25. ANNSHMRHMFKDTRDQLNCD
  • 26. QDLNTMSQV@MCTRDO@RRVC9NTB@MRDKDBSSGDRHMFKD TRDQLNCDNMSGDANNSLDMTNOSHNM VGHBGHRCHROK@XDCENQRDBNMCR@SRS@QSTO4GDRHMFKD TRDQLNCDVHKKFHUDXNT@QNNSRGDKKNMSGDO@QSHSHNM #mount-u/;mount-a#willmount/rw #passwd #reboot c3XRSDLc 
  • 27. UnixesandFreeBSDandLinuxmethod2 /SGDQ5MHWDRLHFGSMNSKDSXNTFN@V@XVHSGSGDRHLOKDHMHSSQHBJ4GDRNKTSHNMHRSNLNTMSSGDQNNS O@QSHSHNMEQNL@MNSGDQ/3KHJD@QDRBTD#$ @MCBG@MFDSGDO@RRVNQCNMSGDCHRJ a"NNS@KHUD#$NQHMRS@KK@SHNM#$HMSN@QDRBTDLNCDVGHBGVHKKFHUDXNT@RGDKK a&HMCSGDQNNSO@QSHSHNMVHSGECHRJDFECHRJCDURC@ a-NTMSHS@MCTRDBGQNNS #mount-orw/dev/ad4s3a/mnt #chroot/mnt#chrootinto/mnt #passwd #reboot 1.7Kernelmodules Linux #lsmod#Listallmodulesloadedinthekernel #modprobeisdn#Toloadamodule(hereisdn) FreeBSD #kldstat#Listallmodulesloadedinthekernel #kldloadcrypto#Toloadamodule(herecrypto) 1.8CompileKernel Linux #cd/usr/src/linux #makemrproper#Cleaneverything,includingconfigfiles #makeoldconfig#Reusetheold.configifexistent #makemenuconfig#orxconfig(Qt)orgconfig(GTK) #make#Createacompressedkernelimage #makemodules#Compilethemodules #makemodules_install#Installthemodules #makeinstall#Installthekernel #reboot FreeBSD /OSHNM@KKXTOC@SDSGDRNTQBDSQDDHM/usr/src VHSGBRTO@RNE&QDD"3$NQK@SDQ  #csup<supfile> )TRDSGDENKKNVHMFRTOEHKD *defaulthost=cvsup5.FreeBSD.org#www.freebsd.org/handbook/cvsup.html#CVSUP-MIRRORS *defaultprefix=/usr *defaultbase=/var/db *defaultrelease=cvsdeletetag=RELENG_7 src-all 4NLNCHEX@MCQDATHKCSGDJDQMDK
  • 28. BNOXSGDFDMDQHBBNMEHFTQ@SHNMEHKDSN@MDVM@LD@MCDCHSHS@R MDDCDCXNTB@M@KRNDCHSSGDEHKDGENERICCHQDBSKX 4NQDRS@QSSGDATHKC@ESDQ@MHMSDQQTOSHNM
  • 29. @CC SGDNOSHNMNO_CLEAN=YESSNSGDL@JDBNLL@MCSN@UNHCBKD@MHMFSGDNAIDBSR@KQD@CXATHKC #cd/usr/src/sys/i386/conf/ #cpGENERICMYKERNEL #cd/usr/src #makebuildkernelKERNCONF=MYKERNEL #makeinstallkernelKERNCONF=MYKERNEL 4NQDATHKCSGDETKK/3 #makebuildworld#BuildthefullOSbutnotthekernel #makebuildkernel#UseKERNCONFasaboveifappropriate #makeinstallkernel #reboot #mergemaster-p#Comparesonlyfilesknowntobeessential c3XRSDLc  [^$.|?*+()#specialcharactersanyotherwillmatchthemselves #escapesspecialcharactersandtreatasliteral *#repeatthepreviousitemzeroormoretimes .#singlecharacterexceptlinebreakcharacters .*#matchzeroormorecharacters ^#matchatthestartofaline/string $#matchattheendofaline/string .$#matchasinglecharacterattheendofline/string ^$#matchlinewithasinglespace [^A-Z]#matchanylinebeginningwithanycharfromAtoZ 21.6Someusefulcommands 4GDENKKNVHMFBNLL@MCR@QDTRDETKSNHMBKTCDHM@RBQHOSNQ@RNMDKHMDQR sort-t.-k1,1n-k2,2n-k3,3n-k4,4n#SortIPv4ipaddresses echo'Test'|tr'[:lower:]''[:upper:]'#Caseconversion echofoo.bar|cut-d.-f1#Returnsfoo PID=$(ps|grepscript.sh|grepbin|awk'{print$1}')#PIDofarunningscript PID=$(psaxww|grep[p]ing|awk'{print$1}')#PIDofping(w/ogreppid) IP=$(ifconfig$INTERFACE|sed'/.*inetaddr:/!d;s///;s/.*//')#Linux IP=$(ifconfig$INTERFACE|sed'/.*inet/!d;s///;s/.*//')#FreeBSD if[`difffile1file2|wc-l`!=0];then[...]fi#Filechanged? cat/etc/master.passwd|grep-vroot|grep-v*:|awk-F":"#Createhttppasswd '{printf("%s:%sn",$1,$2)}'>/usr/local/etc/apache2/passwd testuser=$(cat/usr/local/etc/apache2/passwd|grep-v#Checkuserinpasswd root|grep-v*:|awk-F":"'{printf("%sn",$1)}'|grep^user$) :(){:|:&};:#bashforkbomb.Willkillyourmachine tail+2file>file2#removethefirstlinefromfile )TRDSGHRKHSSKDSQHBJSNBG@MFDSGDEHKDDWSDMRHNMENQL@MXEHKDR@SNMBD&NQDW@LOKDEQNLBWWSN BOO4DRSHSEHQRSVHSGNTSSGD|sh@SSGDDMC9NTB@M@KRNCNSGHRVHSGSGDBNLL@MCrenameHE HMRS@KKDC/QVHSGA@RGATHKSHMR #ls*.cxx|awk-F.'{print"mv"$0""$1".cpp"}'|sh #ls*.c|sed"s/.*/cp&&.$(date"+%Y%m%d")/"|sh#e.g.copy*.cto*.c.20080401 #rename.cxx.cpp*.cxx#Renameall.cxxtocpp #foriin*.cxx;domv$i${i%%.cxx}.cpp;done#withbashbuiltins 22PROGRAMMING 22.1Cbasics strcpy(newstr,str)/*copystrtonewstr*/ expr1?expr2:expr3/*if(expr1)expr2elseexpr3*/ x=(y>z)?y:z;/*if(y>z)x=y;elsex=z;*/ inta[]={0,1,2};/*Initializedarray(ora[3]={0,1,2};*/ inta[2][3]={{1,2,3},{4,5,6}};/*Arrayofarrayofints*/ inti=12345;/*Convertinitocharstr*/ charstr[10]; sprintf(str,"%d",i); 22.2Cexample !LHMHL@KBOQNFQ@LRHLOKDB #include<stdio.h> main(){ intnumber=42; printf("Theansweris%in",number); } #NLOHKDVHSG c0QNFQ@LLHMFc 
  • 30. Generateafile MYHOME=/home/colin cat>testhome.sh<<_EOF #Allofthisgoesintothefiletesthome.sh if[-d"$MYHOME"];then echo$MYHOMEexists else echo$MYHOMEdoesnotexist fi _EOF shtesthome.sh 21.2Bournescriptexample !R@RL@KKDW@LOKD
  • 31. SGDRBQHOSTRDCSNBQD@SD@0$&ANNJKDSEQNLSGHRWGSLKCNBTLDMS #!/bin/sh #Thisscriptcreatesabookinpdfformatreadytoprintonaduplexprinter if[$#-ne1];then#Checktheargument echo1>&2"Usage:$0HtmlFile" exit1#nonzeroexitiferror fi file=$1#Assignthefilename fname=${file%.*}#Getthenameofthefileonly fext=${file#*.}#Gettheextensionofthefile prince$file-o$fname.pdf#fromwww.princexml.com pdftops-paperA4-noshrink$fname.pdf$fname.ps#createpostscriptbooklet cat$fname.ps|psbook|psnup-Pa4-2|pstops-b"2:0,1U(21cm,29.7cm)">$fname.book.ps ps2pdf13-sPAPERSIZE=a4-sAutoRotatePages=None$fname.book.ps$fname.book.pdf #use#a4and#NoneonWindows! exit0#exit0meanssuccessful 21.3Someawkcommands !VJHRTRDETKENQEHDKCRSQHOOHMF
  • 32. KHJDBTSHM@LNQDONVDQETKV@X3D@QBGSGHRCNBTLDMSENQNSGDQ DW@LOKDR3DDENQDW@LOKDFMTK@LOBNL@MCNMD KHMDQRENQ@VJENQRNLDMHBDDW@LOKDR awk'{print$2,$1}'file#Printandinversefirsttwocolumns awk'{printf("%5d:%sn",NR,$0)}'file#Addlinenumberleftaligned awk'{printFNR"t"$0}'files#Addlinenumberrightaligned awkNFtest.txt#removeblanklines(sameasgrep'.') awk'length>80'#printlinelongerthan80char) 21.4Somesedcommands (DQDHRSGDNMDKHMDQFNKCLHMD !MC@FNNCHMSQNCTBSHNM@MCSTSNQH@KSNRDC  sed's/string1/string2/g'#Replacestring1withstring2 sed-i's/wroong/wrong/g'*.txt#Replacearecurringwordwithg sed's/(.*)1/12/g'#Modifyanystring1toanystring2 sed'/<p>/,/</p>/d't.xhtml#Deletelinesthatstartwith<p> #andendwith</p> sed'/*#/d;/^*$/d'#Removecommentsandblanklines sed's/[t]*$//'#Removetrailingspaces(usetabast) sed's/^[t]*//;s/[t]*$//'#Removeleadingandtrailingspaces sed's/[^*]/[&]/'#Enclosefirstcharwith[]top->[t]op sed=file|sed'N;s/n/t/'>file.num#Numberlinesonafile 21.5RegularExpressions 3NLDA@RHBQDFTK@QDWOQDRRHNMTRDETKENQRDCSNN3DD"@RHB2DFDW3XMS@W ENQ@FNNCOQHLDQ GSSORSTCDMSMNQSGO@QJDCTODLDMSDRDCRDCKHMDSWS GSSOVVVFQXLNHQDBNL5MHW3DCGSLK GSSOVVVQDFTK@Q DWOQDRRHNMRHMENQDEDQDMBDGSLK c3BQHOSHMFc  #makeinstallworld #mergemaster-i-U#Updateallconfigurationsandotherfiles #reboot &NQRL@KKBG@MFDRHMSGDRNTQBDXNTB@MTRD./?#,%!.XDRSN@UNHCQDATHKCHMFSGDVGNKDSQDD #makebuildworldNO_CLEAN=yes#Don'tdeletetheoldobjects #makebuildkernelKERNCONF=MYKERNELNO_CLEAN=yes 1.9Repairgrub 3NXNTAQNJDFQTA"NNSEQNL@KHUDBC
  • 33. ;EHMCXNTQKHMTWO@QSHSHNMTMCDQ/dev@MCTRDfdiskSNEHMC SGDKHMTWO@QSHNM=LNTMSSGDKHMTWO@QSHSHNM
  • 34. @CCOQNB@MCCDU@MCTRDgrub-install/dev/xyz 3TOONRDKHMTWKHDRNM/dev/sda6 #mount/dev/sda6/mnt#mountthelinuxpartitionon/mnt #mount--bind/proc/mnt/proc#mounttheprocsubsysteminto/mnt #mount--bind/dev/mnt/dev#mountthedevicesinto/mnt #chroot/mnt#changeroottothelinuxpartition #grub-install/dev/sda#reinstallgrubwithyouroldsettings 1.10Misc $HR@AKD/38UHQST@KLDLNQXQDOD@SVHSGloadSNQD DM@AKD &@RSDQRXRSDL
  • 35. ATS@KHSSKDQHRJX #sudolaunchctlunload-w/System/Library/LaunchDaemons/com.apple.dynamic_pager.plist #sleep3600;pmsetsleepnow#gotostandbyinonehour(OSX) #defaultswrite-gcom.apple.mouse.scaling-float8 #OSXmouseacceleration(use-1toreverse) 2PROCESSES ,HRSHMFO [0QHNQHSXO ["@BJFQNTMC&NQDFQNTMCO [4NOO [+HKKO 2.1ListingandPIDs %@BGOQNBDRRG@R@TMHPTDMTLADQ
  • 36. SGD0)$!KHRSNE@KKQTMMHMFOQNBDRRHRQDSQHDUDCVHSGps #ps-auxefw#Extensivelistofallrunningprocess (NVDUDQLNQDSXOHB@KTR@FDHRVHSG@OHODNQVHSGpgrepENQ/38HMRS@KKproctoolsEQNL-@B0NQSR O@FD  #psaxww|grepcron 586??Is0:01.48/usr/sbin/cron-s #psaxjf#Allprocessesinatreeformat(Linux) #psaux|grep'ss[h]'#Findallsshpidswithoutthegreppid #pgrep-lsshd#FindthePIDsofprocessesby(partof)name #echo$$#ThePIDofyourshell #fuser-va22/tcp#Listprocessesusingport22(Linux) #pmapPID#Memorymapofprocess(huntmemoryleaks)(Linux) #fuser-va/home#Listprocessesaccessingthe/homepartition #stracedf#Tracesystemcallsandsignals #trussdf#sameasaboveonFreeBSD/Solaris/Unixware 2.2Priority #G@MFDSGDOQHNQHSXNE@QTMMHMFOQNBDRRVHSGreniceNegativenumbershaveahigherpriority
  • 37. SGDKNVDRSHR @MCMHBDG@UD@ONRHSHUDU@KTD #renice-5586#Strongerpriority 586:oldpriority0,newpriority-5 3S@QSSGDOQNBDRRVHSG@CDEHMDCOQHNQHSXVHSGnice0NRHSHUDHRMHBDNQVD@J
  • 38. MDF@SHUDHRRSQNMF RBGDCTKHMFOQHNQHSX-@JDRTQDXNTJMNVHE/usr/bin/niceNQSGDRGDKKATHKS HMHRTRDCBGDBJVHSG #whichnice  c0QNBDRRDRc 
  • 39. #nice-n-5top#Strongerpriority(/usr/bin/nice) #nice-n5top#Weakerpriority(/usr/bin/nice) #nice+5top#tcshbuiltinnice(sameasabove!) 7GHKDMHBDBG@MFDRSGD#05RBGDCTKDQ
  • 40. @MNSGDQTRDETKBNLL@MCioniceVHKKRBGDCTKDSGDCHRJ)/ 4GHRHRUDQXTRDETKENQHMSDMRHUD)/@OOKHB@SHNMDFBNLOHKHMF 9NTB@MRDKDBS@BK@RRHCKD ADRS DEENQS QD@KSHLD
  • 41. SGDL@MO@FDHRRGNQS@MCVDKKDWOK@HMDC #ionicec3-p123#setidleclassforpid123(Linuxonly) #ionice-c2-n0firefox#Runfirefoxwithbesteffortandhighpriority #ionice-c3-p$$#Settheactualshelltoidlepriority 4GDK@RSBNLL@MCHRUDQXTRDETKSNBNLOHKDNQCDATF @K@QFDOQNIDBS%UDQXBNLL@MCK@TMBGDC EQNLSGHRRGDKKVHKKG@UD@KNUDQOQHNQHSX$$HRXNTQRGDKKOHCSQXDBGN  &QDD"3$TRDRidprio/rtprioL@WOQHNQHSX
  • 42. LNRSHCKD  #idprio31make#compileinthelowestpriority #idprio31-1234#setPID1234withlowestpriority #idprio-t-1234#-tremovesanyrealtime/idlepriority 2.3Background/Foreground 7GDMRS@QSDCEQNL@RGDKK
  • 43. OQNBDRRDRB@MADAQNTFGSHMSGDA@BJFQNTMC@MCA@BJSNSGDENQDFQNTMC VHSG;#SQK= ;:=>:
  • 44. bg@MCfg,HRSSGDOQNBDRRDRVHSGjobs7GDMMDDCDCCDS@BGEQNLSGD SDQLHM@KVHSGdisown #pingcb.vu>ping.log ^Z#pingissuspended(stopped)with[Ctrl]-[Z] #bg#putinbackgroundandcontinuesrunning #jobs-l#Listprocessesinbackground [1]-36232Runningpingcb.vu>ping.log [2]+36233Suspended(ttyoutput)top #fg%2#Bringprocess2backinforeground #make#startalongcompilejobbutneedtoleavetheterminal ^Z#suspended(stopped)with[Ctrl]-[Z] #bg#putinbackgroundandcontinuesrunning #disown-h%1#detatchprocessfromterminal,won'tbekilledatlogout .NRSQ@HFGSENQV@QCV@XSNQD @SS@BGSGDOQNBDRRSN@MDVSDQLHM@K
  • 45. SQXQDOSXQ,HMTW  5RDnohupSNRS@QS@OQNBDRRVGHBGG@RSNJDDOQTMMHMFVGDMSGDRGDKKHRBKNRDCHLLTMDSN G@MFTOR  #nohupping-i60>ping.log& 2.4Top 4GDOQNFQ@LtopCHROK@XRQTMMHMFHMENQL@SHNMNEOQNBDRRDR3DD@KRNSGDOQNFQ@LhtopEQNL GSNORNTQBDENQFDMDS@LNQDONVDQETKUDQRHNMNESNO VGHBGQTMRNM,HMTW@MC&QDD"3$ports/ sysutils/htop/ 7GHKDSNOHRQTMMHMFOQDRRSGDJDXGENQ@GDKONUDQUHDV5RDETKJDXR@QD au[username]4NCHROK@XNMKXSGDOQNBDRRDRADKNMFHMFSNSGDTRDQ5RD NQAK@MJSNRDD @KKTRDQR ak[pid]+HKKSGDOQNBDRRVHSGOHC a14NCHROK@X@KKOQNBDRRNQRRS@SHRSHBR,HMTWNMKX aR4NFFKDMNQL@KQDUDQRDRNQS 2.5Signals/Kill 4DQLHM@SDNQRDMC@RHFM@KVHSGkillNQkillall #ping-i60cb.vu>ping.log& [1]4712 #kill-sTERM4712#sameaskill-154712 #killall-1httpd#KillHUPprocessesbyexactname #pkill-9http#KillTERMprocessesby(partof)name c0QNBDRRDRc  21SCRIPTING "@RHBRO [3BQHOSDW@LOKDO [@VJO [RDCO [2DFTK@Q%WOQDRRHNMRO [TRDETK BNLL@MCRO 4GD"NTQMDRGDKKAHMRG HROQDRDMSNM@KK5MHWHMRS@KK@SHNMR@MCRBQHOSRVQHSSDMHMSGHRK@MFT@FD @QDPTHSD ONQS@AKDman1shHR@FNNCQDEDQDMBD 21.1Basics Variablesandarguments !RRHFMVHSGU@QH@AKDU@KTD@MCFDSBNMSDMSVHSGU@QH@AKD MESSAGE="HelloWorld"#Assignastring PI=3.1415#Assignadecimalnumber N=8 TWON=`expr$N*2`#Arithmeticexpression(onlyintegers) TWON=$(($N*2))#Othersyntax TWOPI=`echo"$PI*2"|bc-l`#Usebcforfloatingpointoperations ZERO=`echo"c($PI/4)-sqrt(2)/2"|bc-l` 4GDBNLL@MCKHMD@QFTLDMSR@QD $0,$1,$2,...#$0isthecommanditself $##Thenumberofarguments $*#Allarguments(also$@) SpecialVariables $$#ThecurrentprocessID $?#exitstatusoflastcommand command if[$?!=0];then echo"commandfailed" fi mypath=`pwd` mypath=${mypath}/file.txt echo${mypath##*/}#Displaythefilenameonly echo${mypath%%.*}#Fullpathwithoutextention foo=/tmp/my.dir/filename.tar.gz path=${foo%/*}#Fullpathwithoutextention var2=${var:=string}#Usevarifset,otherwiseusestring #assignstringtovarandthentovar2. size=$(stat-c%s"$file")#getfilesizeinbournescript filesize=${size:=-1} Constructs forfilein`ls` do echo$file done count=0 while[$count-lt5];do echo$count sleep1 count=$(($count+1)) done myfunction(){ find.-typef-name"*.$1"-print#$1isfirstargumentofthefunction } myfunction"txt" c3BQHOSHMFc 
  • 46. #in.bashrc bind'"e[A"':history-search-backward#Useupanddownarrowtosearch bind'"e[B"':history-search-forward#thehistory.Invaluable! set-oemacs#Setemacsmodeinbash(seebelow) setbell-stylevisible#Donotbeep,inversecolors #Setanicepromptlike[user@host]/path/todir> PS1="[033[1;30m][[033[1;34m]u[033[1;30m]" PS1="$PS1@[033[0;33m]h[033[1;30m]][033[0;37m]" PS1="$PS1w[033[1;30m]>[033[0m]" #Tocheckthecurrentlyactivealiases,simplytypealias aliasls='ls-aF'#Appendindicator(oneof*/=>@|) aliasll='ls-aFls'#Listing aliasla='ls-all' alias..='cd..' alias...='cd../..' exportHISTFILESIZE=5000#Largerhistory exportCLICOLOR=1#Usecolors(ifpossible) exportLSCOLORS=ExGxFxdxCxDxDxBxBxExEx 20.2tcsh 2DCHQDBSR@MCOHODRENQSBRG@MCBRGRHLOKD@MC@QDSGDR@LD@RRG  #cmd>&file#Redirectbothstdoutandstderrtofile. #cmd>>&file#Appendbothstdoutandstderrtofile. #cmd1|cmd2#pipestdouttocmd2 #cmd1|&cmd2#pipestdoutandstderrtocmd2 4GDRDSSHMFRENQBRGSBRG@QDRDSHM~/.cshrc
  • 47. QDKN@CVHSGRNTQBDBRGQB%W@LOKDR #in.cshrc aliasls'ls-aF' aliasll'ls-aFls' aliasla'ls-all' alias..'cd..' alias...'cd../..' setprompt="%B%n%b@%B%m%b%/>"#likeuser@host/path/todir> sethistory=5000 setsavehist=(6000merge) setautolist#Reportpossiblecompletionswithtab setvisiblebell#Donotbeep,inversecolors #Bindkeyandcolors bindkey-eSelectEmacsbindings#Useemacskeystoeditthecommandprompt bindkey-kuphistory-search-backward#Useupanddownarrowtosearch bindkey-kdownhistory-search-forward setenvCLICOLOR1#Usecolors(ifpossible) setenvLSCOLORSExGxFxdxCxDxDxBxBxExEx 4GDDL@BRLNCDDM@AKDRSNTRDSGDDL@BRJDXRRGNQSBTSRSNLNCHEXSGDBNLL@MCOQNLOSKHMD 4GHRHRDWSQDLDKXTRDETKMNSNMKXENQDL@BRTRDQR 4GDLNRSTRDCBNLL@MCR@QD # @-NUDBTQRNQSNADFHMMHMFNEKHMD # D-NUDBTQRNQSNDMCNEKHMD - A-NUDBTQRNQA@BJNMDVNQC - E-NUDBTQRNQENQV@QCNMDVNQC - C#TSSGDMDWSVNQC # V#TSSGDK@RSVNQC # T#TSDUDQXSGHMFADENQDSGDBTQRNQ # J#TSDUDQXSGHMF@ESDQSGDBTQRNQQDRSNESGDKHMD # X0@RSDSGDK@RSSGHMFSNADBTSRHLOKXO@RSD # ?5MCN Note:# GNKCBNMSQNK
  • 48. - GNKCLDS@VGHBGHRTRT@KKXSGD@KSNQDRB@ODJDX  c3GDKKRc  #pkill-TERM-uwww#KillTERMprocessesownedbywww #fuser-k-TERM-m/home#Killeveryprocessaccessing/home(toumount) )LONQS@MSRHFM@KR@QD HUPG@MFTO INTHMSDQQTOS QUITPTHS KILLMNM B@SBG@AKD
  • 49. MNM HFMNQ@AKDJHKK TERMRNESV@QDSDQLHM@SHNMRHFM@K 3FILESYSTEM $HRJHMENO ["NNSO [$HRJTR@FDO [/ODMDCEHKDRO [-NTMSQDLNTMSO [-NTMS 3-"O [-NTMSHL@FDO ["TQM)3/O [#QD@SDHL@FDO [-DLNQXCHRJO [$HRJ ODQENQL@MBDO 3.1Permissions #G@MFDODQLHRRHNM@MCNVMDQRGHOVHSGchmod@MCchown4GDCDE@TKSTL@RJB@MADBG@MFDCENQ@KK TRDQRHMDSBOQNEHKDENQ,HMTWNQDSBKNFHMBNMEENQ&QDD"3$4GDCDE@TKSTL@RJHRTRT@KKX4GD TL@RJHRRTASQ@BSDCEQNL
  • 50. SGTRTL@RJQDRTKSRHM@ODQLHRRHNME 1--xexecute#Mode764=exec/read/write|read/write|read 2-w-write#For:|--Owner--||-Group-||Oth| 4r--read ugo=au=user,g=group,o=others,a=everyone #chmod[OPTION]MODE[,MODE]FILE#MODEisoftheform[ugoa]*([-+=]([rwxXst])) #chmod640/var/log/maillog#Restrictthelog-rw-r----- #chmodu=rw,g=r,o=/var/log/maillog#Sameasabove #chmod-Ro-r/home/*#Recursiveremoveotherreadableforallusers #chmodu+s/path/to/prog#SetSUIDbitonexecutable(knowwhatyoudo!) #find/-perm-u+s-print#FindallprogramswiththeSUIDbit #chownuser:group/path/to/file#Changetheuserandgroupownershipofafile #chgrpgroup/path/to/file#Changethegroupownershipofafile #chmod640`find./-typef-print`#Changepermissionsto640forallfiles #chmod751`find./-typed-print`#Changepermissionsto751foralldirectories 3.2Diskinformation #diskinfo-v/dev/ad2#informationaboutdisk(sector/size)FreeBSD #hdparm-I/dev/sda#informationabouttheIDE/ATAdisk(Linux) #fdisk/dev/ad2#Displayandmanipulatethepartitiontable #smartctl-a/dev/ad2#DisplaythediskSMARTinfo 3.3Boot FreeBSD 4NANNS@MNKCJDQMDKHESGDMDVJDQMDKCNDRMSANNS
  • 51. RSNOSGDANNS@SCTQHMFSGDBNTMSCNVM #unload #loadkernel.old #boot 3.4Systemmountpoints/Diskusage #mount|column-t#Showmountedfile-systemsonthesystem #df#displayfreediskspaceandmounteddevices #cat/proc/partitions#Showallregisteredpartitions(Linux) c&HKD3XRSDLc 
  • 52. Diskusage #du-sh*#Directorysizesaslisting #du-csh#Totaldirectorysizeofthecurrentdirectory #du-ks*|sort-n-r#Sorteverythingbysizeinkilobytes #ls-lSr#Showfiles,biggestlast 3.5Whohaswhichfilesopened 4GHRHRTRDETKSNEHMCNTSVGHBGEHKDHRAKNBJHMF@O@QSHSHNMVGHBGG@RSNADTMLNTMSDC@MCFHUDR@ SXOHB@KDQQNQNE #umount/home/ umount:unmountof/home#umountimpossiblebecauseafileislockinghome failed:Devicebusy FreeBSDandmostUnixes #fstat-f/home#foramountpoint #fstat-pPID#foranapplicationwithPID #fstat-uuser#forausername &HMCNODMDCKNFEHKDNQNSGDQNODMDCEHKDR
  • 53. R@XENQ8NQF #psax|grepXorg|awk'{print$1}' 1252 #fstat-p1252 USERCMDPIDFDMOUNTINUMMODESZ|DVR/W rootXorg1252root/2drwxr-xr-x512r rootXorg1252text/usr216016-rws--x--x1679848r rootXorg12520/var212042-rw-r--r--56987w 4GDEHKDVHSGHMTLHRSGDNMKXEHKDHMU@Q #find-x/var-inum212042 /var/log/Xorg.0.log Linux &HMCNODMDCEHKDRNM@LNTMSONHMSVHSGfuserNQlsof #fuser-m/home#Listprocessesaccessing/home #lsof/home COMMANDPIDUSERFDTYPEDEVICESIZENODENAME tcsh29029eedcobacwdDIR0,18122881048587/home/eedcoba(guam:/home) lsof29140eedcobacwdDIR0,18122881048587/home/eedcoba(guam:/home) !ANTS@M@OOKHB@SHNM psax|grepXorg|awk'{print$1}' 3324 #lsof-p3324 COMMANDPIDUSERFDTYPEDEVICESIZENODENAME Xorg3324root0wREG8,65629612492/var/log/Xorg.0.log !ANTS@RHMFKDEHKD #lsof/var/log/Xorg.0.log COMMANDPIDUSERFDTYPEDEVICESIZENODENAME Xorg3324root0wREG8,65629612492/var/log/Xorg.0.log 3.6Mount/remountafilesystem &NQDW@LOKDSGDBCQNL)EKHRSDCHMDSBERS@A #mount/cdrom /QEHMCSGDCDUHBDHMCDUNQVHSGCLDRF c&HKD3XRSDLc  changethevaluesofsoftandhard)EMNSRODBHEHDC
  • 54. SGDAKNBJR@QDJ4GDFQ@BDODQHNCHRRDSVHSG edquota-t&NQDW@LOKD #edquota-ucolin Linux Diskquotasforusercolin(uid1007): Filesystemblockssofthardinodessofthard /dev/sda810810002000100 FreeBSD Quotasforusercolin: /home:kbytesinuse:504184,limits(soft=700000,hard=800000) inodesinuse:1792,limits(soft=0,hard=0) Formanyusers 4GDBNLL@MCedquota-pHRTRDCSNCTOKHB@SD@PTNS@SNNSGDQTRDQR&NQDW@LOKDSNCTOKHB@SD@ QDEDQDMBDPTNS@SN@KKTRDQR #edquota-prefuser`awk-F:'$3>499{print$1}'/etc/passwd` #edquota-prefuseruser1user2#Duplicateto2users Checks 5RDQRB@MBGDBJSGDHQPTNS@AXRHLOKXSXOHMFquotaSGDEHKDPTNS@TRDQLTRSADQD@C@AKD 2NNS B@MBGDBJ@KKPTNS@R #quota-ucolin#Checkquotaforauser #repquota/home#Fullreportforthepartitionforallusers 20SHELLS -NRS,HMTWCHRSQHATSHNMRTRDSGDA@RGRGDKKVGHKDSGD"3$RTRDSBRG
  • 55. SGDANTQMDRGDKKHRNMKXTRDC ENQRBQHOSR&HKSDQR@QDUDQXTRDETK@MCB@MADOHODC grep0@SSDQML@SBGHMF sed3D@QBG@MC2DOK@BDRSQHMFRNQBG@Q@BSDQR cut0QHMSRODBHEHBBNKTLMREQNL@L@QJDQ sort3NQS@KOG@ADSHB@KKXNQMTLDQHB@KKX uniq2DLNUDCTOKHB@SDKHMDREQNL@EHKD &NQDW@LOKDTRDC@KK@SNMBD #ifconfig|sed's///g'|cut-d""-f1|uniq|grep-E"[a-z0-9]+"|sort-r #ifconfig|sed'/.*inetaddr:/!d;s///;s/.*//'|sort-t.-k1,1n-k2,2n-k3,3n-k4,4n 4GDEHQRSBG@Q@BSDQHMSGDRDCO@SSDQMHR@S@A4NVQHSD@S@ANMSGDBNMRNKD
  • 56. TRDBSQK UBSQK S@A 20.1bash 2DCHQDBSR@MCOHODRENQA@RG@MCRG #cmd1>file#Redirectstdouttofile. #cmd2>file#Redirectstderrtofile. #cmd1>>file#Redirectandappendstdouttofile. #cmd&>file#Redirectbothstdoutandstderrtofile. #cmd>file2>&1#Redirectsstderrtostdoutandthentofile. #cmd1|cmd2#pipestdouttocmd2 #cmd12>&1|cmd2#pipestdoutandstderrtocmd2 -NCHEXXNTQBNMEHFTQ@SHNMHM]A@RGQBHSB@M@KRNAD]A@RG?OQNEHKD 4GDENKKNVHMFDMSQHDR@QD TRDETK
  • 57. QDKN@CVHSGA@RGQB7HSGBXFVHMTRD]A@RG?OQNEHKDVHSGQWUSO@RSVHSGRGHES KDES BKHBJ c3GDKKRc 
  • 58. Dumpandrestore )SB@MADTRDETKSNCTLO@MCQDRSNQD@M31,HSDC@S@A@RD&NQDW@LOKDXNTB@MDCHSSGDCTLOEHKD SNBG@MFD@BNKTLM@SSQHATSDNQSXOD@MCSGDMQDRSNQDSGDC@S@A@RD4GHRHRD@RHDQSG@MLDRRHMF VHSG31,BNLL@MCR5RDSGDBNLL@MCsqlite3ENQ@WC@S@A@RD #sqlitedatabase.db.dump>dump.sql#dump #sqlitedatabase.db<dump.sql#restore Convert2.xto3.xdatabase sqlitedatabase_v2.db.dump|sqlite3database_v3.db 19DISKQUOTA !CHRJPTNS@@KKNVRSNKHLHSSGD@LNTMSNECHRJRO@BD@MCNQSGDMTLADQNEEHKDR@TRDQNQNQ LDLADQNEFQNTO B@MTRD4GDPTNS@R@QD@KKNB@SDCNM@ODQ EHKDRXRSDLA@RHR@MC@QDDMENQBDCAX SGDJDQMDK 19.1Linuxsetup 4GDPTNS@SNNKRO@BJ@FDTRT@KKXMDDCRSNADHMRS@KKDC
  • 59. HSBNMS@HMRSGDBNLL@MCKHMDSNNKR !BSHU@SDSGDTRDQPTNS@HMSGDERS@A@MCQDLNTMSSGDO@QSHSHNM)ESGDO@QSHSHNMHRATRX
  • 60. DHSGDQ@KK KNBJDCEHKDRLTRSADBKNRDC
  • 61. NQSGDRXRSDLLTRSADQDANNSDC!CCusrquotaSNSGDERS@ALNTMS NOSHNMR
  • 62. ENQDW@LOKD /dev/sda2/homereiserfsrw,acl,user_xattr,usrquota11 #mount-oremount/home #mount#Checkifusrquotaisactive,otherwisereboot )MHSH@KHYDSGDPTNS@TRDQEHKDVHSGquotacheck #quotacheck-vum/home #chmod644/home/aquota.user#Tolettheuserschecktheirownquota !BSHU@SDSGDPTNS@DHSGDQVHSGSGDOQNUHCDCRBQHOSDFDSBHMHSCPTNS@CNM3T3% NQVHSGquotaon quotaon-vu/home #GDBJSG@SSGDPTNS@HR@BSHUDVHSG quota-v 19.2FreeBSDsetup 4GDPTNS@SNNKR@QDO@QSNESGDA@RDRXRSDL
  • 63. GNVDUDQSGDJDQMDKMDDCRSGDNOSHNMPTNS@)EHSHRMNS SGDQD
  • 64. @CCHS@MCQDBNLOHKDSGDJDQMDK optionsQUOTA !RVHSG,HMTW
  • 65. @CCSGDPTNS@SNSGDERS@ANOSHNMRTRDQPTNS@
  • 66. MNSTRQPTNS@  /dev/ad0s1d/homeufsrw,noatime,userquota22 #mount/home#Toremountthepartition %M@AKDCHRJPTNS@RHMDSBQBBNME@MCRS@QSSGDPTNS@ #grepquotas/etc/rc.conf enable_quotas="YES"#turnonquotasonstartup(orNO). check_quotas="YES"#Checkquotasonstartup(orNO). #/etc/rc.d/quotastart 19.3Assignquotalimits 4GDPTNS@R@QDMNSKHLHSDCODQCDE@TKSRDSSN 4GDKHLHSR@QDRDSVHSGedquotaENQRHMFKDTRDQR !PTNS@B@MAD@KRNCTOKHB@SDCSNL@MXTRDQR4GDEHKDRSQTBSTQDHRCHEEDQDMSADSVDDMSGDPTNS@ HLOKDLDMS@SHNMR
  • 67. ATSSGDOQHMBHOKDHRSGDR@LDSGDU@KTDRNEAKNBJR@MCHMNCDRB@MADKHLHSDCOnly c$HRJ1TNS@c  FreeBSD #mount-v-tcd9660/dev/cd0c/mnt#cdrom #mount_cd9660/dev/wcd0c/cdrom#othermethod #mount-v-tmsdos/dev/fd0c/mnt#floppy %MSQXHMDSBERS@A #DeviceMountpointFStypeOptionsDumpPass# /dev/acd0/cdromcd9660ro,noauto00 4NKDSTRDQRCNHS #sysctlvfs.usermount=1#Orinserttheline"vfs.usermount=1"in/etc/sysctl.conf Linux #mount-tauto/dev/cdrom/mnt/cdrom#typicalcdrommountcommand #mount/dev/hdc-tiso9660-r/cdrom#typicalIDE #mount/dev/scd0-tiso9660-r/cdrom#typicalSCSIcdrom #mount/dev/sdc0-tntfs-3g/windows#typicalSCSI %MSQXHMDSBERS@A /dev/cdrom/media/cdromsubfsnoauto,fs=cdfss,ro,procuid,nosuid,nodev,exec00 MountaFreeBSDpartitionwithLinux &HMCSGDO@QSHSHNMMTLADQBNMS@HMHMFVHSGECHRJ
  • 68. SGHRHRTRT@KKXSGDQNNSO@QSHSHNM
  • 69. ATSHSBNTKCAD@M NSGDQ"3$RKHBDSNN)ESGD&QDD"3$G@RL@MXRKHBDR
  • 70. SGDX@QDSGDNMDMNSKHRSDCHMSGDECHRJS@AKD
  • 71. ATSUHRHAKDHMCDURC@ NQCDUGC@  #fdisk/dev/sda#FindtheFreeBSDpartition /dev/sda3*5357790520474842+a5FreeBSD #mount-tufs-oufstype=ufs2,ro/dev/sda3/mnt /dev/sda10=/tmp;/dev/sda11/usr#Theotherslices Remount 2DLNTMS@CDUHBDVHSGNTSTMLNTMSHMFHS.DBDRR@QXENQERBJENQDW@LOKD #mount-oremount,ro/#Linux #mount-oro-u/#FreeBSD #NOXSGDQ@VC@S@EQNL@BCQNLHMSN@MHRNHL@FDCDE@TKSAKNBJRHYDLHFGSB@TRDOQNAKDLR  #ddif=/dev/cd0cof=file.isobs=2048 Virtualbox !KKNV@RG@QDNMSGDGNRS #VBoxManagesharedfolderadd"GuestName"--name"share"--hostpath"C:hostshare" -NTMSRG@QDNMFTDRSKHMTW
  • 72. &QDD"3$ #sudomount-tvboxsfshare/home/vboxshare#-ouid=1000,gid=1000(asappropriate) share/home/colin/sharevboxsfdefaults,uid=colin00#fstabentry OSX #diskutillist#Listthepartitionsofadisk #diskutilunmountDisk/dev/disk1#Unmountanentiredisk(allvolumes) #chflagshidden~/Documents/folder#Hidefolder(reversewithunhidden) 3.7Addswapon-the-fly 3TOONRDXNTMDDCLNQDRV@OQHFGSMNV
  • 73. R@X@'"EHKDRV@OFA,HMTWNMKX  #ddif=/dev/zeroof=/swap2gbbs=1024kcount=2000 #mkswap/swap2gb#createtheswaparea #swapon/swap2gb#activatetheswap.Itnowinuse #swapoff/swap2gb#whendonedeactivatetheswap #rm/swap2gb c&HKD3XRSDLc 
  • 74. 3.8MountanSMBshare 3TOONRDVDV@MSSN@BBDRRSGD3-"RG@QDLXRG@QDNMSGDBNLOTSDQRLARDQUDQ
  • 75. SGD@CCQDRR@R SXODCNM@7HMCNVR0#HR<<RLARDQUDQ<LXRG@QD<7DLNTMSNMLMSRLARG@QD7@QMHMFBHER V@MSR@M)0NQ$.3M@LD
  • 76. MNS@7HMCNVRM@LD Linux/OSX #smbclient-Uuser-I192.168.16.229-L//smbshare/#Listtheshares #mount-tsmbfs-ousername=winuser//smbserver/myshare/mnt/smbshare #mount-tcifs-ousername=winuser,password=winpwd//192.168.16.229/myshare/mnt/share -NTMC3@LA@RG@QDSGQNTFGRRGSTMMDK #ssh-C-f-N-p20022-L445:127.0.0.1:445me@server#connecton20022,tunnel445 #mount-tsmbfs//colin@localhost/colin~/mnt #mount_smbfs//colin:mypassword@127.0.0.1/private/Volumes/private#IusethisonOSX+ssh !CCHSHNM@KKXVHSGSGDO@BJ@FDLNTMSBHERHSHRONRRHAKDSNRSNQDSGDBQDCDMSH@KRHM@EHKD
  • 77. ENQDW@LOKD /home/user/.smb username=winuser password=winpwd !MCLNTMS@RENKKNV #mount-tcifs-ocredentials=/home/user/.smb//192.168.16.229/myshare/mnt/smbshare FreeBSD 5RD )SNFHUDSGD)0NQ$.3M@LD RLARDQUDQHRSGD7HMCNVRM@LD #smbutilview-I192.168.16.229//winuser@smbserver#Listtheshares #mount_smbfs-I192.168.16.229//winuser@smbserver/myshare/mnt/smbshare 3.9Mountanimage #hdiutilmountimage.iso#OSX Linuxloop-back #mount-tiso9660-oloopfile.iso/mnt#MountaCDimage #mount-text3-oloopfile.img/mnt#Mountanimagewithext3fs FreeBSD 7HSGLDLNQXCDUHBDCNJKCKN@CLCJNHEMDBDRR@QX  #mdconfig-a-tvnode-ffile.iso-u0 #mount-tcd9660/dev/md0/mnt #umount/mnt;mdconfig-d-u0#Cleanupthemddevice /QVHSGUHQST@KMNCD #vnconfig/dev/vn0cfile.iso;mount-tcd9660/dev/vn0c/mnt #umount/mnt;vnconfig-u/dev/vn0c#Cleanupthevndevice SolarisandFreeBSD VHSGKNNO A@BJEHKDHMSDQE@BDNQKNEH #lofiadm-afile.iso #mount-Fhsfs-oro/dev/lofi/1/mnt #umount/mnt;lofiadm-d/dev/lofi/1#Cleanupthelofidevice 3.10CreateandburnanISOimage 4GHRVHKKBNOXSGDBCNQ$6$RDBSNQENQRDBSNQ7HSGNTSconv=notrunc
  • 78. SGDHL@FDVHKKADRL@KKDQHE SGDQDHRKDRRBNMSDMSNMSGDBC3DDADKNV@MCSGDCCDW@LOKDRO@FD  #ddif=/dev/hdcof=/tmp/mycd.isobs=2048conv=notrunc c&HKD3XRSDLc  18.2MySQL Changemysqlrootorusernamepassword Method1 #/etc/init.d/mysqlstop or #killallmysqld #mysqld--skip-grant-tables #mysqladmin-urootpassword'newpasswd' #/etc/init.d/mysqlstart Method2 #mysql-urootmysql mysql>UPDATEUSERSETPASSWORD=PASSWORD("newpassword")whereuser='root'; mysql>FLUSHPRIVILEGES;#Useusernameinsteadof"root" mysql>quit Createuseranddatabase(seeMySQLdoc ) #mysql-urootmysql mysql>CREATEUSER'bob'@'localhost'IDENTIFIEDBY'pwd';#createonlyauser mysql>CREATEDATABASEbobdb; mysql>GRANTALLON*.*TO'bob'@'%'IDENTIFIEDBY'pwd';#Uselocalhostinsteadof% #torestrictthenetworkaccess mysql>DROPDATABASEbobdb;#Deletedatabase mysql>DROPUSERbob;#Deleteuser mysql>DELETEFROMmysql.userWHEREuser='bobandhost='hostname';#Alt.command mysql>FLUSHPRIVILEGES; Grantremoteaccess 2DLNSD@BBDRRHRSXOHB@KKXODQLHSSDCENQ@C@S@A@RD
  • 79. @MCMNS@KKC@S@A@RDR4GDEHKD/etc/my.cnf BNMS@HMRSGD)0@CCQDRRSNAHMCSN/M&QDD"3$my.cnfMNSBQD@SDCODQEDC@TKS
  • 80. BNOXNMD.cnf EHKDEQNL/usr/local/share/mysqlSN/usr/local/etc/my.cnf 4XOHB@KKXBNLLDMSSGDKHMDbind- address=NTS #mysql-urootmysql mysql>GRANTALLONbobdb.*TObob@'xxx.xxx.xxx.xxx'IDENTIFIEDBY'PASSWORD'; mysql>REVOKEGRANTOPTIONONfoo.*FROMbar@'xxx.xxx.xxx.xxx'; mysql>FLUSHPRIVILEGES;#Use'hostname'oralso'%'forfullaccess Backupandrestore "@BJTO@MCQDRSNQD@RHMFKDC@S@A@RD #mysqldump-uroot-psecret--add-drop-databasedbname>dbname_sql.dump #mysql-uroot-psecret-Ddbname<dbname_sql.dump "@BJTO@MCQDRSNQD@KKC@S@A@RDR #mysqldump-uroot-psecret--add-drop-database--all-databases>full.dump #mysql-uroot-psecret<full.dump (DQDHRRDBQDSSGDLXRPKQNNSO@RRVNQC
  • 81. SGDQDHRMNRO@BD@ESDQ O7GDMSGD ONOSHNMHRTRDC @KNMDVNO@RRVNQC
  • 82. SGDO@RRVNQCHR@RJDC@SSGDBNLL@MCOQNLOS 18.3SQLite 31,HSD HR@RL@KKONVDQETKRDKE BNMS@HMDC
  • 83. RDQUDQKDRR
  • 84. YDQN BNMEHFTQ@SHNM31,C@S@A@RD GSSOCDULXRPKBNLCNBQDEL@MDM@CCHMF TRDQRGSLK GSSOVVVRPKHSDNQF c$@S@A@RDRc 
  • 85. #lprm-#Removeallusersjobsondefaultprinter #lprm-Php45003186#Removejob3186.Findjobnbrwithlpq #lpcstatus#Listallavailableprinters #lpcstatushp4500#Checkifprinterisonlineandqueuelength 3NLDCDUHBDR@QDMNSONRSRBQHOS@MCVHKKOQHMSF@QA@FDVGDMEDCVHSG@OCEEHKD4GHRLHFGSADRNKUDC VHSG #gs-dSAFER-dNOPAUSE-sDEVICE=deskjet-sOutputFile=|lprfile.pdf 0QHMSSN@0$&EHKDDUDMHESGD@OOKHB@SHNMCNDRMNSRTOONQSHS5RDgsNMSGDOQHMSBNLL@MCHMRSD@C NElpr #gs-q-sPAPERSIZE=a4-dNOPAUSE-dBATCH-sDEVICE=pdfwrite-sOutputFile=/path/file.pdf 18DATABASES 18.1PostgreSQL Changerootorausernamepassword #psql-dtemplate1-Upgsql >alteruserpgsqlwithpassword'pgsql_password';#Useusernameinsteadof"pgsql" Createuseranddatabase 4GDBNLL@MCRcreateuser
  • 86. dropuser
  • 87. createdb@MCdropdb@QDBNMUDMHDMSRGNQSBTSRDPTHU@KDMS SNSGD31,BNLL@MCR4GDMDVTRDQHRANAVHSGC@S@A@RDANACATRD@RQNNSVHSGOFRPKSGD C@S@A@RDRTODQTRDQ #createuser-Upgsql-Pbob#-Pwillaskforpassword #createdb-Upgsql-Obobbobdb#newbobdbisownedbybob #dropdbbobdb#Deletedatabasebobdb #dropuserbob#Deleteuserbob 4GDFDMDQ@KC@S@A@RD@TSGDMSHB@SHNMLDBG@MHRLHRBNMEHFTQDCHMOF?GA@BNME Grantremoteaccess 4GDEHKD$PGSQL_DATA_D/postgresql.confRODBHEHDRSGD@CCQDRRSNAHMCSN4XOHB@KKX listen_addresses='*'ENQ0NRSFQDRW 4GDEHKD$PGSQL_DATA_D/pg_hba.confCDEHMDRSGD@BBDRRBNMSQNK%W@LOKDR #TYPEDATABASEUSERIP-ADDRESSIP-MASKMETHOD hostbobdbbob212.117.81.42255.255.255.255password hostallall0.0.0.0/0password Backupandrestore 4GDA@BJTOR@MCQDRSNQD@QDCNMDVHSGSGDTRDQOFRPKNQONRSFQDR"@BJTO@MCQDRSNQD@RHMFKD C@S@A@RD #pg_dump--cleandbname>dbname_sql.dump #psqldbname<dbname_sql.dump "@BJTO@MCQDRSNQD@KKC@S@A@RDRHMBKTCHMFTRDQR  #pg_dumpall--clean>full.dump #psql-ffull.dumppostgres )MSGHRB@RDSGDQDRSNQDHRRS@QSDCVHSGSGDC@S@A@RDONRSFQDRVGHBGHRADSSDQVGDMQDKN@CHMF@M DLOSXBKTRSDQ c$@S@A@RDRc  5RDLJHRNERSNBQD@SD@#$$6$HL@FDEQNLEHKDRHM@CHQDBSNQX4NNUDQBNLDSGDEHKDM@LDR QDRSQHBSHNMR QDM@AKDRSGD2NBJ2HCFDDWSDMRHNMRBNLLNMSN5.)8RXRSDLR
  • 88. *DM@AKDR*NKHDS DWSDMRHNMRTRDCAX-HBQNRNESRXRSDLR ,@KKNVR)3/EHKDM@LDRSNADFHMVHSG@ODQHNC #mkisofs-J-L-r-VTITLE-oimagefile.iso/path/to/dir #hdiutilmakehybrid-iso-joliet-odir.isodir/#OSX /M&QDD"3$
  • 89. LJHRNERHRENTMCHMSGDONQSRHMRXRTSHKRBCQSNNKR BurnaCD/DVDISOimage FreeBSD &QDD"3$CNDRMNSDM@AKD$-!NM!4!0)CQHUDRAXCDE@TKS$-!HRDM@AKDCVHSGSGDRXRBSKBNLL@MC @MCSGD@QFTLDMSRADKNV
  • 90. NQVHSGANNSKN@CDQBNMEVHSGSGDENKKNVHMFDMSQHDR hw.ata.ata_dma="1" hw.ata.atapi_dma="1" 5RDburncdVHSG@M!4!0)CDUHBDburncdHRO@QSNESGDA@RDRXRSDL @MCcdrecordHMRXRTSHKR BCQSNNKR VHSG@3#3)CQHUD #burncd-f/dev/acd0dataimagefile.isofixate#ForATAPIdrive #cdrecord-scanbus#Tofindtheburnerdevice(like1,0,0) #cdrecorddev=1,0,0imagefile.iso Linux !KRNTRDcdrecordVHSG,HMTW@RCDRBQHADC@ANUD!CCHSHNM@KKXHSHRONRRHAKDSNTRDSGDM@SHUD!4!0) HMSDQE@BDVGHBGHRENTMCVHSG #cdrecorddev=ATAPI-scanbus !MCATQMSGD#$$6$@R@ANUD dvd+rw-tools 4GDCUC QV SNNKRO@BJ@FD&QDD"3$ONQSRRXRTSHKRCUC QV SNNKR B@MCNHS@KK@MCHMBKTCDR growisofsSNATQM#$RNQ$6$R4GDDW@LOKDRQDEDQSNSGDCUCCDUHBD@R/dev/dvdVGHBGBNTKC AD@RXLKHMJSN/dev/scd0SXOHB@KRBRHNM,HMTW NQ/dev/cd0SXOHB@K&QDD"3$ NQ/dev/rcd0c SXOHB@K.DS"3$/ODM"3$BG@Q@BSDQ3#3) NQ/dev/rdsk/c0t1d0s23NK@QHRDW@LOKDNE@BG@Q@BSDQ 3#3)!4!0)#$ 2/-CDUHBD 4GDQDHR@MHBDCNBTLDMS@SHNMVHSGDW@LOKDRNMSGD&QDD"3$ G@MCANNJBG@OSDQ  #-dvd-compatclosesthedisk #growisofs-dvd-compat-Z/dev/dvd=imagefile.iso#Burnexistingisoimage #growisofs-dvd-compat-Z/dev/dvd-J-R/p/to/data#Burndirectly ConvertaNero.nrgfileto.iso .DQNRHLOKX@CCR@+AGD@CDQSN@MNQL@KHRNHL@FD4GHRB@MADSQHLLDCVHSGCC #ddbs=1kif=imagefile.nrgof=imagefile.isoskip=300 Convertabin/cueimageto.iso 4GDKHSSKDbchunkOQNFQ@L B@MCNSGHR)SHRHMSGD&QDD"3$ONQSRHMRXRTSHKRABGTMJ #bchunkimagefile.binimagefile.cueimagefile.iso 3.11Createafilebasedimage &NQDW@LOKD@O@QSHSHNMNE'"TRHMFSGDEHKDTRQUCHRJHLF(DQDVDTRDSGDUMNCD
  • 91. ATSHSBNTKC @KRNAD FreeBSD #ddif=/dev/randomof=/usr/vdisk.imgbs=1Kcount=1M #mdconfig-a-tvnode-f/usr/vdisk.img-u0#Createsdevice/dev/md1 #bsdlabel-w/dev/md0 GSSOVVVEQDDARCNQFG@MCANNJBQD@SHMF CUCRGSLK GSSOEQDRGLD@SMDSOQNIDBSRABGTMJ c&HKD3XRSDLc 
  • 92. #newfs/dev/md0c #mount/dev/md0c/mnt #umount/mnt;mdconfig-d-u0;rm/usr/vdisk.img#Cleanupthemddevice 4GDEHKDA@RDCHL@FDB@MAD@TSNL@SHB@KKXLNTMSDCCTQHMFANNSVHSG@MDMSQXHMDSBQBBNME@MC DSBERS@A4DRSXNTQRDSTOVHSG#/etc/rc.d/mdconfigstartEHQRSCDKDSDSGDLCCDUHBDVHSG# mdconfig-d-u0  .NSDGNVDUDQSG@SSGHR@TSNL@SHBRDSTOVHKKNMKXVNQJHESGDEHKDHL@FDHR./4NMSGDQNNSO@QSHSHNM 4GDQD@RNMHRSG@SSGDDSBQBCLCBNMEHFRBQHOSHRDWDBTSDCUDQXD@QKXCTQHMFANNS@MCSGDQNNS O@QSHSHNMHRRSHKKQD@C NMKX)L@FDRKNB@SDCNTSRHCDSGDQNNSO@QSHSHNMVHKKADLNTMSDCK@SDQVHSGSGD RBQHOSDSBQBCLCBNMEHF ANNSKN@CDQBNME md_load="YES" DSBQBBNME #mdconfig_md0="-tvnode-f/usr/vdisk.img"#/usrisnotontherootpartition DSBERS@A4GD@SSGDDMCHRHLONQS@MS
  • 93. HSSDKKERBJSNHFMNQDSGHRCDUHBD
  • 94. @RHRCNDRMNSDWHRS XDS /dev/md0/usr/vdiskufsrw00 )SHR@KRNONRRHAKDSNHMBQD@RDSGDRHYDNESGDHL@FD@ESDQV@QC
  • 95. R@XENQDW@LOKD-"K@QFDQ #umount/mnt;mdconfig-d-u0 #ddif=/dev/zerobs=1mcount=300>>/usr/vdisk.img #mdconfig-a-tvnode-f/usr/vdisk.img-u0 #growfs/dev/md0 #mount/dev/md0c/mnt#Filepartitionisnow300MBlarger Linux #ddif=/dev/zeroof=/usr/vdisk.imgbs=1024kcount=1024 #mkfs.ext3/usr/vdisk.img #mount-oloop/usr/vdisk.img/mnt #umount/mnt;rm/usr/vdisk.img#Cleanup Linuxwithlosetup /dev/zeroHRLTBGE@RSDQSG@Murandom
  • 96. ATSKDRRRDBTQDENQDMBQXOSHNM #ddif=/dev/urandomof=/usr/vdisk.imgbs=1024kcount=1024 #losetup/dev/loop0/usr/vdisk.img#Createsandassociates/dev/loop0 #mkfs.ext3/dev/loop0 #mount/dev/loop0/mnt #losetup-a#Checkusedloops #umount/mnt #losetup-d/dev/loop0#Detach #rm/usr/vdisk.img 3.12Createamemoryfilesystem !LDLNQXA@RDCEHKDRXRSDLHRUDQXE@RSENQGD@UX)/@OOKHB@SHNM(NVSNBQD@SD@-"O@QSHSHNM LNTMSDCNMLDLCHRJ FreeBSD #mount_mfs-orw-s64Mmd/memdisk #umount/memdisk;mdconfig-d-u0#Cleanupthemddevice md/memdiskmfsrw,-s64M00#/etc/fstabentry Linux #mount-ttmpfs-osize=64mtmpfs/memdisk c&HKD3XRSDLc  #NMUDQS5MHWSN$/3MDVKHMDRwithinaWindowsenvironment5RDRDCNQ@VJEQNLLHMFVNQ BXFVHM #sed-npunixfile.txt>dosfile.txt #awk1unixfile.txt>dosfile.txt#UNIXtoDOS(withacygwinshell) 2DLNUD^ML@BMDVKHMD@MCQDOK@BDVHSGTMHWMDVKHMD4NFDS@^MTRD#4, 6SGDM#4, - #tr'^M''n'<macfile.txt 16.3PDFtoJpegandconcatenatePDFfiles #NMUDQS@0$&CNBTLDMSVHSGgs'GNRS3BQHOS SNIODFNQOMF HL@FDRENQD@BGO@FD!KRNLTBG RGNQSDQVHSGconvert@MCmogrifyEQNL)L@FD-@FHBJNQ'Q@OGHBR-@FHBJ  #gs-dBATCH-dNOPAUSE-sDEVICE=jpeg-r150-dTextAlphaBits=4-dGraphicsAlphaBits=4 -dMaxStripSize=8192-sOutputFile=unixtoolbox_%d.jpgunixtoolbox.pdf #convertunixtoolbox.pdfunixtoolbox-%03d.png #convert*.jpegimages.pdf#CreateasimplePDFwithallpictures #convertimage000*-resample120x120-compressJPEG-quality80images.pdf #mogrify-formatpng*.ppm#convertallppmimagestopngformat 'GNRSRBQHOSB@M@KRNBNMB@SDM@SDLTKSHOKDOCEEHKDRHMSN@RHMFKDNMD4GHRNMKXVNQJRVDKKHESGD0$& EHKDR@QDVDKKADG@UDC #gs-q-sPAPERSIZE=a4-dNOPAUSE-dBATCH-sDEVICE=pdfwrite-sOutputFile=all.pdf file1.pdffile2.pdf...#OnWindowsuse'#'insteadof'=' %WSQ@BSHL@FDREQNLOCECNBTLDMSTRHMFpdfimagesEQNLONOOKDQNQxpdf #pdfimagesdocument.pdfdst/#extractallimagesandputindst #yuminstallpoppler-utils#installpoppler-utilsifneeded.or: #apt-getinstallpoppler-utils 16.4Convertvideo #NLOQDRRSGD#@MNMCHFHB@LUHCDNVHSG@MLODFBNCDB@MCQDO@HQSGDBQ@OOXRNTMC #mencoder-ovideoout.avi-oacmp3lame-ovclavc-srate11025 -channels1-af-advforce=1-lameoptspreset=medium-lavcopts vcodec=msmpeg4v2:vbitrate=600-mc0vidoein.AVI 3DDRNWENQRNTMCOQNBDRRHMF 16.5Copyanaudiocd 4GDOQNFQ@Lcdparanoia B@MR@UDSGD@TCHNSQ@BJR&QDD"3$ONQSHM@TCHNBCO@Q@MNH@
  • 97. oggenc B@MDMBNCDHM/FF6NQAHRENQL@S
  • 98. lameBNMUDQSRSNLO #cdparanoia-B#Copythetrackstowavfilesincurrentdir #lame-b256in.wavout.mp3#Encodeinmp3256kb/s #foriin*.wav;dolame-b256$i`basename$i.wav`.mp3;done #oggencin.wav-b256out.ogg#EncodeinOggVorbis256kb/s 17PRINTING 17.1Printwithlpr #lprunixtoolbox.ps#Printondefaultprinter #exportPRINTER=hp4600#Changethedefaultprinter #lpr-Php4500#2unixtoolbox.ps#Useprinterhp4500andprint2copies #lpr-oDuplex=DuplexNoTumble...#Printduplexalongthelongside #lpr-oPageSize=A4,Duplex=DuplexNoTumble... #lpq#Checkthequeueondefaultprinter #lpq-l-Php4500#Queueonprinterhp4500withverbose GSSOENNK@ARBNLWOCECNVMKN@CGSLK GSSOWHOGNQFO@Q@MNH@ c0QHMSHMFc 
  • 99. #cd/usr/ports/net/rsync/#Selectthepackagetoinstall #makeinstalldistclean#Installandcleanup(alsoseemanports) #makepackage#Makeabinarypackageofthisport #pkgdb-F#Fixthepackageregistrydatabase #portsclean-C-DD#Cleanworkdiranddistdir(partofportupgrade) OSXMacPorts (usesudoforallcommands) #portselfupdate#Updatetheporttree(safe) #portinstalled#Listinstalledports #portdepsapache2#Listdependenciesforthisport #portsearchpgrep#Searchforstring #portinstallproctools#Installthispackage #portvariantsghostscript#Listvariantsofthisport #port-vinstallghostscript+no_x11#-no_x11fornegativevalue #portclean--allghostscript#Cleanworkdirofport #portupgradeghostscript#Upgradethisport #portuninstallghostscript#Uninstallthisport #port-funinstallinstalled#Uninstalleverything 15.3Librarypath $TDSNBNLOKDWCDODMCDMBHDR@MCQTMSHLDKHMJHMF
  • 100. OQNFQ@LR@QDCHEEHBTKSSNBNOXSN@MNSGDQRXRSDL NQCHRSQHATSHNM(NVDUDQENQRL@KKOQNFQ@LRVHSGKHSSKDCDODMCDMBHDR
  • 101. SGDLHRRHMFKHAQ@QHDRB@MAD BNOHDCNUDQ4GDQTMSHLDKHAQ@QHDR@MCSGDLHRRHMFNMD @QDBGDBJDCVHSGldd@MCL@M@FDCVHSG ldconfig #ldd/usr/bin/rsync#Listallneededruntimelibraries #otool-L/usr/bin/rsync#OSXequivalenttoldd #ldconfig-n/path/to/libs/#Addapathtothesharedlibrariesdirectories #ldconfig-m/path/to/libs/#FreeBSD #LD_LIBRARY_PATH#Thevariablesetthelinklibrarypath 16CONVERTMEDIA 3NLDSHLDRNMDRHLOKXMDDCSNBNMUDQS@UHCDN
  • 102. @TCHNEHKDNQCNBTLDMSSN@MNSGDQENQL@S 16.1Textencoding 4DWSDMBNCHMFB@MFDSSNS@KKXVQNMF
  • 103. RODBH@KKXVGDMSGDK@MFT@FDQDPTHQDRRODBH@KBG@Q@BSDQRKHJD ^_`4GDBNLL@MCiconvB@MBNMUDQSEQNLNMDDMBNCHMFSN@MNSGDQ #iconv-f<from_encoding>-t<to_encoding><input_file> #iconv-fISO8859-1-tUTF-8-ofile.input>file_utf8 #iconv-l#Listknowncodedcharactersets 7HSGNTSSGD ENOSHNM
  • 104. HBNMUVHKKTRDSGDKNB@KBG@Q RDS
  • 105. VGHBGHRTRT@KKXEHMDHESGDCNBTLDMSCHROK@XR VDKK #NMUDQSEHKDM@LDREQNLNMDDMBNCHMFSN@MNSGDQMNSEHKDBNMSDMS 7NQJR@KRNHENMKXRNLDEHKDR@QD @KQD@CXTSE #convmv-r-futf8--nfd-tutf8--nfc/dir/*--notest 16.2Unix-DOSnewlines #NMUDQS$/3#2,& SN5MHW,& MDVKHMDR@MCA@BJwithinaUnixshell3DD@KRNdos2unix@MC unix2dosHEXNTG@UDSGDL #sed's/.$//'dosfile.txt>unixfile.txt#DOStoUNIX #awk'{sub(/r$/,"");print}'dosfile.txt>unixfile.txt#DOStoUNIX #awk'{sub(/$/,"r");print}'unixfile.txt>dosfile.txt#UNIXtoDOS GSSOFTHCDL@BONQSRNQF c#NMUDQS-DCH@c  3.13Diskperformance 2D@C@MCVQHSD@'"EHKDNMO@QSHSHNM@CRBGNLD #timeddif=/dev/ad4s3cof=/dev/nullbs=1024kcount=1000 #timeddif=/dev/zerobs=1024kcount=1000of=/home/1Gb.file #hdparm-tT/dev/hda#Linuxonly 4NETWORK 2NTSHMFO [!CCHSHNM@K)0O [#G@MFD-!#O [0NQSRO [&HQDV@KKO [)0&NQV@QC O [.!4O [$.3O [$(#0O [4Q@EEHBO [1N3O [.)3O [.DSB@SO 4.1Debugging(SeealsoTrafficanalysis)(page20) Linux #ethtooleth0#Showtheethernetstatus(replacesmii-diag) #ethtool-seth0speed100duplexfull#Force100MbitFullduplex #ethtool-seth0autonegoff#Disableautonegotiation #ethtool-peth1#Blinktheethernetled-veryusefulwhensupported #iplinkshow#DisplayallinterfacesonLinux(similartoifconfig) #iplinkseteth0up#Bringdeviceup(ordown).Sameas"ifconfigeth0up" #ipaddrshow#DisplayallIPaddressesonLinux(similartoifconfig) #ipneighshow#Similartoarp-a OtherOSes #ifconfigfxp0#Checkthe"media"fieldonFreeBSD #arp-a#Checktherouter(orhost)ARPentry(allOS) #pingcb.vu#Thefirstthingtotry... #traceroutecb.vu#Printtheroutepathtodestination #ifconfigfxp0media100baseTXmediaoptfull-duplex#100Mbitfullduplex(FreeBSD) #netstat-s#System-widestatisticsforeachnetworkprotocol !CCHSHNM@KBNLL@MCRVGHBG@QDMNS@KV@XRHMRS@KKDCODQCDE@TKSATSD@RXSNEHMC #arping192.168.16.254#Pingonethernetlayer #tcptraceroute-f5cb.vu#usestcpinsteadoficmptotracethroughfirewalls 4.2Routing Printroutingtable #route-n#Linuxoruse"iproute" #netstat-rn#Linux,BSDandUNIX #routeprint#Windows Addanddeletearoute FreeBSD #routeadd212.117.0.0/16192.168.1.1 #routedelete212.117.0.0/16 #routeadddefault192.168.1.1 !CCSGDQNTSDODQL@MDMSKXHMDSBQBBNME static_routes="myroute" route_myroute="-net212.117.0.0/16192.168.1.1" Linux #routeadd-net192.168.20.0netmask255.255.255.0gw192.168.16.254 #iprouteadd192.168.20.0/24via192.168.16.254#sameasabovewithiproute #routeadd-net192.168.20.0netmask255.255.255.0deveth0 #routeadddefaultgw192.168.51.254 c.DSVNQJc 
  • 106. #iprouteadddefaultvia192.168.51.254deveth0#sameasabovewithiproute #routedelete-net192.168.20.0netmask255.255.255.0 Solaris #routeadd-net192.168.20.0-netmask255.255.255.0192.168.16.254 #routeadddefault192.168.51.2541#1=hopstothenextgateway #routechangedefault192.168.50.2541 0DQL@MDMSDMSQHDR@QDRDSHMDMSQXHM/etc/defaultrouter Windows #Routeadd192.168.50.0mask255.255.255.0192.168.51.253 #Routeadd0.0.0.0mask0.0.0.0192.168.51.254 5RD@CC OSNL@JDSGDQNTSDODQRHRSDMS 4.3ConfigureadditionalIPaddresses Linux #ifconfigeth0192.168.50.254netmask255.255.255.0#FirstIP #ifconfigeth0:0192.168.51.254netmask255.255.255.0#SecondIP #ipaddradd192.168.50.254/24deveth0#Equivalentipcommands #ipaddradd192.168.51.254/24deveth0labeleth0:1 FreeBSD #ifconfigfxp0inet192.168.50.254/24#FirstIP #ifconfigfxp0alias192.168.51.254netmask255.255.255.0#SecondIP #ifconfigfxp0-alias192.168.51.254#RemovesecondIPalias 0DQL@MDMSDMSQHDRHMDSBQBBNME ifconfig_fxp0="inet192.168.50.254netmask255.255.255.0" ifconfig_fxp0_alias0="192.168.51.254netmask255.255.255.0" Solaris #GDBJSGDRDSSHMFRVHSGifconfig-a #ifconfighme0plumb#Enablethenetworkcard #ifconfighme0192.168.50.254netmask255.255.255.0up#FirstIP #ifconfighme0:1192.168.51.254netmask255.255.255.0up#SecondIP 4.4ChangeMACaddress .NQL@KKXXNTG@UDSNAQHMFSGDHMSDQE@BDCNVMADENQDSGDBG@MFD$NMSSDKKLDVGXXNTV@MSSN BG@MFDSGD-!#@CCQDRR #ifconfigeth0down #ifconfigeth0hwether00:01:02:03:04:05#Linux #ifconfigfxp0link00:01:02:03:04:05#FreeBSD #ifconfighme0ether00:01:02:03:04:05#Solaris #sudoifconfigen0ether00:01:02:03:04:05#OSXTiger,SnowLeopardLAN* #sudoifconfigen0lladdr00:01:02:03:04:05#OSXLeopard 4XOHB@KVHQDKDRRHMSDQE@BDHRen1@MCMDDCRCNCHR@RRNBH@SDEQNL@MXMDSVNQJEHQRSNRWC@HKX GNVSN  #echo"aliasairport='/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport'" >>~/.bash_profile#orsymlinkto/usr/sbin #airport-z#Disassociatefromwirelessnetworks #airport-I#Getinfofromwirelessnetwork -@MXSNNKRDWHRSENQ7HMCNVR&NQDW@LOKDDSGDQBG@MFD /QKNNJENQ-@B-@JDTO
  • 107. RL@B GSSOMSRDBTQHSXMTSNNKANWDSGDQBG@MFD c.DSVNQJc  exporthttp_proxy=http://proxy_server:3128 exportftp_proxy=http://proxy_server:3128 15.1Listinstalledpackages #rpm-qa#Listinstalledpackages(RH,SuSE,RPMbased) #dpkg-l#Debian,Ubuntu #pkg_info#FreeBSDlistallinstalledpackages #pkg_info-Wsmbd#FreeBSDshowwhichpackagesmbdbelongsto #pkginfo#Solaris 15.2Add/removesoftware &QNMSDMCRX@RSX@RSENQ3T3%
  • 108. QDCG@S BNMEHF O@BJ@FDRENQ2DC(@S #rpm-ipkgname.rpm#installthepackage(RH,SuSE,RPMbased) #rpm-epkgname#Removepackage SuSEzypper(seedocandcheetsheet) #zypperrefresh#Refreshrepositorie #zypperinstallvim#Installthepackagevim #zypperremovevim#Removethepackagevim #zyppersearchvim#Searchpackageswithvim #zypperupdatevim#Searchpackageswithvim Debian #apt-getupdate#Firstupdatethepackagelists #apt-getinstallemacs#Installthepackageemacs #dpkg--removeemacs#Removethepackageemacs #dpkg-Sfile#findwhatpackageafilebelongsto Gentoo 'DMSNNTRDRDLDQFD@RSGDGD@QSNEHSR0NQS@FDO@BJ@FDL@M@FDLDMSRXRSDL #emerge--sync#Firstsyncthelocalportagetree #emerge-upackagename#Installorupgradeapackage #emerge-Cpackagename#Removethepackage #revdep-rebuild#Repairdependencies Solaris 4GDBCQNLO@SGHRTRT@KKX/cdrom/cdrom0 #pkgadd-d<cdrom>/Solaris_9/ProductSUNWgtar #pkgadd-dSUNWgtar#Adddownloadedpackage(bunzip2first) #pkgrmSUNWgtar#Removethepackage FreeBSD #pkg_add-rrsync#Fetchandinstallrsync. #pkg_delete/var/db/pkg/rsync-xx#Deletethersyncpackage 3DSVGDQDSGDO@BJ@FDR@QDEDSBGDCEQNLVHSGSGDPACKAGESITEU@QH@AKD&NQDW@LOKD #exportPACKAGESITE=ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages/Latest/ #orftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/Latest/ FreeBSDports 4GDONQSSQDD/usr/ports/HR@BNKKDBSHNMNERNESV@QDQD@CXSNBNLOHKD@MCHMRS@KKRDDL@MONQSR  4GDONQSR@QDTOC@SDCVHSGSGDOQNFQ@Lportsnap #portsnapfetchextract#Createthetreewhenrunningthefirsttime #portsnapfetchupdate#Updatetheporttree GSSODMNODMRTRDNQF3$":XOODQ?TR@FD GSSOVVVEQDDARCNQFG@MCANNJONQSRGSLK c)MRS@KK3NESV@QDc 
  • 109. #find/-name"*.core"|xargsrm#Findcoredumpsanddeletethem(alsotrycore.*) #find/-name"*.core"-print-execrm{};#Othersyntax #Findimagesandcreateanarchive,inameisnotcasesensitive.-rforappend #find.(-iname"*.png"-o-iname"*.jpg")-print-exectar-rfimages.tar{}; #find.-typef-name"*.txt"!-nameREADME.txt-print#ExcludeREADME.txtfiles #find/var/-size+10M-execls-lh{};#Findlargefiles>10MB #find/var/-size+10M-ls#Thisissimpler #find.-size+10M-size-50M-print #find/usr/ports/-namework-typed-print-execrm-rf{};#Cleantheports #FindfileswithSUID;thosefilearevulnerableandmustbekeptsecure #find/-typef-userroot-perm-4000-execls-l{}; #findflac/-iname*.flac-print-size+500k-exec/Applications/Fluke.app/Contents/MacOS/Fluke{}; #IuseabovetoaddflacfilestoiTunesonOSX "DB@QDETKVHSGW@QFNQDWDB@RHSLHFGSNQLHFGSMNSGNMNQPTNSHMFR@MCB@MQDSTQMVQNMFQDRTKSR VGDMEHKDRNQCHQDBSNQHDRBNMS@HMRO@BDR)MCNTASTRD OQHMS[W@QFR HMRSD@CNE[W@QFR4GD NOSHNM OQHMSLTRSADSGDK@RSHMSGDEHMCBNLL@MC3DDSGHRMHBDLHMHSTSNQH@KENQEHMC  #find.-typef|xargsls-l#Willnotworkwithspacesinnames #find.-typef-print0|xargs-0ls-l#Willworkwithspacesinnames #find.-typef-execls-l'{}';#Orusequotes'{}'with-exec $TOKHB@SDCHQDBSNQXSQDD #find.-typed-execmkdir-p/tmp/new_dest/{}; 14.9Miscellaneous #whichcommand#Showfullpathnameofcommand #timecommand#Seehowlongacommandtakestoexecute #timecat#Usetimeasstopwatch.Ctrl-ctostop #set|grep$USER#Listthecurrentenvironment #cal-3#Displayathreemonthcalendar #date[-u|--utc|--universal][MMDDhhmm[[CC]YY][.ss]] #date10022155#Setdateandtime #whatisgrep#Displayashortinfoonthecommandorword #whereisjava#Searchpathandstandarddirectoriesforword #setenvvarnamevalue#Setenv.variablevarnametovalue(csh/tcsh) #exportvarname="value"#setenv.variablevarnametovalue(sh/ksh/bash) #pwd#Printworkingdirectory #mkdir-p/path/to/dir#noerrorifexisting,makeparentdirsasneeded #mkdir-pproject/{bin,src,obj,doc/{html,man,pdf},debug/some/more/dirs} #rmdir/path/to/dir#Removedirectory #rm-rf/path/to/dir#Removedirectoryanditscontent(force) #rm---badchar.txt#Removefilewhitchstartswithadash(-) #cp-la/dir1/dir2#Archiveandhardlinkfilesinsteadofcopy #cp-lpR/dir1/dir2#SameforFreeBSD #cpunixtoolbox.xhtml{,.bak}#Shortwaytocopythefilewithanewextension #mv/dir1/dir2#Renameadirectory #ls-1#listonefileperline #history|tail-50#Displaythelast50usedcommands #cd-#cdtoprevious($OLDPWD)directory #/bin/ls|grep-v.py|xargsrm-r#pipefilenamestormwithxargs #GDBJEHKDG@RGDRVHSGNODMRRK4GHRHR@MHBD@KSDQM@SHUDSNSGDBNLL@MCRmd5sumNQsha1sum &QDD"3$TRDRmd5@MCsha1 VGHBG@QDMNS@KV@XRHMRS@KKDC #opensslmd5file.tar.gz#Generateanmd5checksumfromfile #opensslsha1file.tar.gz#Generateansha1checksumfromfile #opensslrmd160file.tar.gz#GenerateaRIPEMD-160checksumfromfile 15INSTALLSOFTWARE 5RT@KKXSGDO@BJ@FDL@M@FDQTRDRSGDOQNWXU@QH@AKDENQGSSOESOQDPTDRSR)MA@RGQB GSSOVVVGBBEKDCTONKKNBJ5MHW&HMC#LCGSL c)MRS@KK3NESV@QDc  4.5Portsinuse ,HRSDMHMFNODMONQSR #netstat-an|grepLISTEN #lsof-i#LinuxlistallInternetconnections #socklist#Linuxdisplaylistofopensockets #sockstat-4#FreeBSDapplicationlisting #netstat-anp--udp--tcp|grepLISTEN#Linux #netstat-tup#Listactiveconnectionsto/fromsystem(Linux) #netstat-tupl#Listlisteningportsfromsystem(Linux) #netstat-ano#Windows 4.6Firewall #GDBJHE@EHQDV@KKHRQTMMHMFSXOHB@KBNMEHFTQ@SHNMNMKX  Linux #iptables-L-n-v#Forstatus Opentheiptablesfirewall #iptables-PINPUTACCEPT#Openeverything #iptables-PFORWARDACCEPT #iptables-POUTPUTACCEPT #iptables-Z#Zerothepacketandbytecountersinallchains #iptables-F#Flushallchains #iptables-X#Deleteallchains FreeBSD #ipfwshow#Forstatus #ipfwlist65535#ifansweris"65535denyipfromanytoany"thefwisdisabled #sysctlnet.inet.ip.fw.enable=0#Disable #sysctlnet.inet.ip.fw.enable=1#Enable 4.7IPForwardforrouting Linux #GDBJ@MCSGDMDM@AKD)0ENQV@QCVHSG #cat/proc/sys/net/ipv4/ip_forward#CheckIPforward0=off,1=on #echo1>/proc/sys/net/ipv4/ip_forward NQDCHSDSBRXRBSKBNMEVHSG net.ipv4.ip_forward=1 FreeBSD #GDBJ@MCDM@AKDVHSG #sysctlnet.inet.ip.forwarding#CheckIPforward0=off,1=on #sysctlnet.inet.ip.forwarding=1 #sysctlnet.inet.ip.fastforwarding=1#Fordedicatedrouterorfirewall Permanentwithentryin/etc/rc.conf: gateway_enable="YES"#SettoYESifthishostwillbeagateway. Solaris #ndd-set/dev/ipip_forwarding1#SetIPforward0=off,1=on 4.8NATNetworkAddressTranslation Linux #iptables-tnat-APOSTROUTING-oeth0-jMASQUERADE#toactivateNAT #iptables-tnat-APREROUTING-ptcp-d78.31.70.238--dport20022-jDNAT --to192.168.16.44:22#Portforward20022tointernalIPportssh c.DSVNQJc 
  • 110. #iptables-tnat-APREROUTING-ptcp-d78.31.70.238--dport993:995-jDNAT --to192.168.16.254:993-995#Portforwardofrange993-995 #iprouteflushcache #iptables-L-tnat#CheckNATstatus $DKDSDSGDONQSENQV@QCVHSG $HMRSD@CNE !4GDOQNFQ@LMDSRS@S M@S HRUDQXTRDETKSNSQ@BJ BNMMDBSHNMRHSTRDR/proc/net/ip_conntrackNQ/proc/net/nf_conntrack  #netstat-nat-n#showallconnectionswithIPs FreeBSD #natd-s-m-u-dynamic-f/etc/natd.conf-nfxp0 Oredit/etc/rc.confwith: firewall_enable="YES"#SettoYEStoenablefirewallfunctionality firewall_type="open"#Firewalltype(see/etc/rc.firewall) natd_enable="YES"#Enablenatd(iffirewall_enable==YES). natd_interface="tun0"#PublicinterfaceorIPaddresstouse. natd_flags="-s-m-u-dynamic-f/etc/natd.conf" 0NQSENQV@QCVHSG #cat/etc/natd.conf same_portsyes use_socketsyes unregistered_only #redirect_porttcpinsideIP:2300-23993300-3399#portrange redirect_portudp192.168.51.103:77777777 4.9DNS /M5MHWSGD$.3DMSQHDR@QDU@KHCENQ@KKHMSDQE@BDR@MC@QDRSNQDCHMDSBQDRNKUBNME4GDCNL@HM SNVGHBGSGDGNRSADKNMFRHR@KRNRSNQDCHMSGHREHKD!LHMHL@KBNMEHFTQ@SHNMHR nameserver78.31.70.238 searchsleepyowl.netintern.lab domainsleepyowl.net #GDBJSGDRXRSDLCNL@HMM@LDVHSG #hostname-d#Sameasdnsdomainname Windows /M7HMCNVRSGD$.3@QDBNMEHFTQDCODQHMSDQE@BD4NCHROK@XSGDBNMEHFTQDC$.3@MCSNEKTRGSGD $.3B@BGDTRD #ipconfig/?#Displayhelp #ipconfig/all#SeeallinformationincludingDNS FlushDNS &KTRGSGD/3$.3B@BGD
  • 111. RNLD@OOKHB@SHNMTRHMFSGDHQNVMB@BGDDF&HQDENW @MCVHKKAD TM@EEDBSDC #/etc/init.d/nscdrestart#Restartnscdifused-Linux/BSD/Solaris #lookupd-flushcache#OSXTiger #dscacheutil-flushcache#OSXLeopardandnewer #ipconfig/flushdns#Windows Forwardqueries $HFHRXNTEQHDMCSNSDRSSGD$.3RDSSHMFR&NQDW@LOKDSGDOTAKHB$.3RDQUDQ213.133.105.2 ns.second-ns.deB@MADTRDCENQSDRSHMF3DDEQNLVGHBGRDQUDQSGDBKHDMSQDBDHUDRSGD@MRVDQ RHLOKHEHDC@MRVDQ  #digsleepyowl.net sleepyowl.net.600INA78.31.70.238 ;;SERVER:192.168.51.254#53(192.168.51.254) GSSOSVDDFXMKOQNIDBSRMDSRS@S M@S c.DSVNQJc  14.7screen 3BQDDM@LTRSG@UD G@RSVNL@HMETMBSHNM@KHSHDR a2TMLTKSHOKDSDQLHM@KRDRRHNMVHSGHM@RHMFKDSDQLHM@K a!RS@QSDCOQNFQ@LHRCDBNTOKDCEQNLSGDQD@KSDQLHM@K@MCB@MSGTRQTMHMSGDA@BJFQNTMC 4GDQD@KSDQLHM@KB@MADBKNRDC@MCQD@SS@BGDCK@SDQ Shortstartexample RS@QSRBQDDMVHSG #screen 7HSGHMSGDRBQDDMRDRRHNMVDB@MRS@QS@KNMFK@RSHMFOQNFQ@LKHJDSNO  #top .NVCDS@BGVHSGCtrl-aCtrl-d2D@SS@BGSGDSDQLHM@KVHSG #screen-R-D )MCDS@HKSGHRLD@MR)E@RDRRHNMHRQTMMHMF
  • 112. SGDMQD@SS@BG)EMDBDRR@QXCDS@BG@MCKNFNTSQDLNSDKX EHQRS)EHSV@RMNSQTMMHMFBQD@SDHS@MCMNSHEXSGDTRDQ/Q #screen-x !SS@BGSN@QTMMHMFRBQDDMHM@LTKSHCHROK@XLNCD4GDBNMRNKDHRSGTRRG@QDC@LNMFLTKSHOKD TRDQR6DQXTRDETKENQSD@LVNQJCDATF Screencommands(withinscreen) !KKRBQDDMBNLL@MCRRS@QSVHSGCtrl-a aCtrl-a?GDKO@MCRTLL@QXNEETMBSHNMR aCtrl-acBQD@SD@MMDVVHMCNVSDQLHM@K aCtrl-aCtrl-nandCtrl-aCtrl-pSNRVHSBGSNSGDMDWSNQOQDUHNTRVHMCNVHMSGDKHRS
  • 113. AX MTLADQ aCtrl-aCtrl-NVGDQD.HR@MTLADQEQNLSN
  • 114. SNRVHSBGSNSGDBNQQDRONMCHMFVHMCNV aCtrl-a"SNFDS@M@UHF@AKDKHRSNEQTMMHMFVHMCNVR aCtrl-aaSNBKD@Q@LHRRDC#SQK @ aCtrl-aCtrl-dSNCHRBNMMDBS@MCKD@UDSGDRDRRHNMQTMMHMFHMSGDA@BJFQNTMC aCtrl-axKNBJSGDRBQDDMSDQLHM@KVHSG@O@RRVNQC aCtrl-a[DMSDQHMSNscrollbackLNCD
  • 115. DWHSVHSGesc 5RDecho"defscrollback5000">~/.screenrcSNHMBQD@RDATEEDQCDE@TKSHR dC-u3BQNKKR@G@KEO@FDTO dC-b3BQNKK@ETKKO@FDTO dC-d3BQNKK@G@KEO@FDCNVM dC-f3BQNKK@ETKKO@FDCNVM d/3D@QBGENQV@QC d?3D@QBGA@BJV@QC 4GDRBQDDMRDRRHNMHRSDQLHM@SDCVGDMSGDOQNFQ@LVHSGHMSGDQTMMHMFSDQLHM@KHRBKNRDC@MCXNT KNFNTSEQNLSGDSDQLHM@K 14.8Find 3NLDHLONQS@MSNOSHNMR -xNM"3$ -xdevNM,HMTW 3S@XNMSGDR@LDEHKDRXRSDLCDUHMERS@A  -execcmd{};%WDBTSDSGDBNLL@MC@MCQDOK@BDZVHSGSGDETKKO@SG -iname,HJD M@LDATSHRB@RDHMRDMRHSHUD -ls$HROK@XHMENQL@SHNM@ANTSSGDEHKDKHJDKR K@ -sizenMHR MJ-'40 -cminn&HKDRRS@STRV@RK@RSBG@MFDCMLHMTSDR@FN #find.-typef!-perm-444#Findfilesnotreadablebyall #find.-typed!-perm-111#Finddirsnotaccessiblebyall #find/home/user/-cmin10-print#Filescreatedormodifiedinthelast10min. #find.-name'*.[ch]'|xargsgrep-E'expr'#Search'expr'inthisdirandbelow. c5RDETK#NLL@MCRc 
  • 116. 14.6dd 4GDOQNFQ@LddCHRJCTLONQCDRSQNXCHRJNQRDDSGDLD@MHMFNECC HRTRDCSNBNOXO@QSHSHNMR @MCCHRJR@MCENQNSGDQBNOXSQHBJR4XOHB@KTR@FD #ddif=<source>of=<target>bs=<bytesize>conv=<conversion> #kill-INFOPID#Viewddprogress(FreeBSD,OSX) )LONQS@MSBNMUNOSHNMR notruncCNMNSSQTMB@SDSGDNTSOTSEHKD
  • 117. @KKYDQNRVHKKADVQHSSDM@RYDQNR noerrorBNMSHMTD@ESDQQD@CDQQNQRDFA@CAKNBJR syncO@CDUDQXHMOTSAKNBJVHSG.TKKRSNHAR RHYD 4GDCDE@TKSAXSDRHYDHRNMDAKNBJ 4GD-"2
  • 118. VGDQDSGDO@QSHSHNMS@AKDHRKNB@SDC
  • 119. HRNMSGD EHQRSAKNBJ
  • 120. SGDEHQRSAKNBJRNE@CHRJ@QDDLOSX,@QFDQAXSDRHYDR@QDE@RSDQSNBNOXATSQDPTHQD @KRNLNQDLDLNQX Backupandrestore #ddif=/dev/hdaof=/dev/hdcbs=16065b#Copydisktodisk(samesize) #ddif=/dev/sda7of=/home/root.imgbs=4096conv=notrunc,noerror#Backup/ #ddif=/home/root.imgof=/dev/sda7bs=4096conv=notrunc,noerror#Restore/ #ddbs=1Mif=/dev/ad4s3e|gzip-c>ad4s3e.gz#Zipthebackup #gunzip-dcad4s3e.gz|ddof=/dev/ad0s3ebs=1M#Restorethezip #ddbs=1Mif=/dev/ad4s3e|gzip|ssheedcoba@fry'ddof=ad4s3e.gz'#alsoremote #gunzip-dcad4s3e.gz|ssheedcoba@host'ddof=/dev/ad0s3ebs=1M' #ddif=/dev/ad0of=/dev/ad2skip=1seek=1bs=4kconv=noerror#SkipMBR #Thisisnecessaryifthedestination(ad2)issmaller. #ddif=/vm/FreeBSD-8.2-RELEASE-amd64-memstick.imgof=/dev/disk1bs=10240conv=sync #CopyFreeBSDimagetoUSBmemorystick Recover 4GDBNLL@MCddVHKKQD@CeverysingleblockNESGDO@QSHSHNM)MB@RDNEOQNAKDLRHSHRADSSDQSN TRDSGDNOSHNMconv=sync,noerrorRNCCVHKKRJHOSGDA@CAKNBJ@MCVQHSDYDQNR@SSGDCDRSHM@SHNM !BBNQCHMFKXHSHRHLONQS@MSSNRDSSGDAKNBJRHYDDPT@KNQRL@KKDQSG@MSGDCHRJAKNBJRHYD!JRHYD RDDLRR@ED
  • 121. RDSHSVHSGbs=1k)E@CHRJG@RA@CRDBSNQR@MCSGDC@S@RGNTKCADQDBNUDQDCEQNL @O@QSHSHNM
  • 122. BQD@SD@MHL@FDEHKDVHSGCC
  • 123. LNTMSSGDHL@FD@MCBNOXSGDBNMSDMSSN@MDVCHRJ 7HSGSGDNOSHNMnoerror
  • 124. CCVHKKRJHOSGDA@CRDBSNQR@MCVQHSDYDQNRHMRSD@C
  • 125. SGTRNMKXSGDC@S@ BNMS@HMDCHMSGDA@CRDBSNQRVHKKADKNRS #ddif=/dev/hdaof=/dev/nullbs=1m#Checkforbadblocks #ddbs=1kif=/dev/hda1conv=sync,noerror,notrunc|gzip|ssh#Sendtoremote root@fry'ddof=hda1.gzbs=1k' #ddbs=1kif=/dev/hda1conv=sync,noerror,notruncof=hda1.img#Storeintoanimage #mount-oloop/hda1.img/mnt#Mounttheimage(page13) #rsync-ax/mnt//newdisk/#Copyonanewdisk #ddif=/dev/hdaof=/dev/hda#Refreshthemagneticstate #Theaboveisusefultorefreshadisk.Itisperfectlysafe,butmustbeunmounted. Delete #ddif=/dev/zeroof=/dev/hdc#Deletefulldisk #ddif=/dev/urandomof=/dev/hdc#Deletefulldiskbetter #kill-USR1PID#Viewddprogress(Linux) #kill-INFOPID#Viewddprogress(FreeBSD) MBRtricks 4GD-"2BNMS@HMRSGDANNSKN@CDQ@MCSGDO@QSHSHNMS@AKD@MCHRAXSDRRL@KK4GDEHQRS@QD ENQSGDANNSKN@CDQ
  • 126. SGDAXSDRSN@QDENQSGDO@QSHSHNMS@AKD #ddif=/dev/sdaof=/mbr_sda.bakbs=512count=1#BackupthefullMBR #ddif=/dev/zeroof=/dev/sdabs=512count=1#DeleteMBRandpartitiontable #ddif=/mbr_sda.bakof=/dev/sdabs=512count=1#RestorethefullMBR #ddif=/mbr_sda.bakof=/dev/sdabs=446count=1#Restoreonlythebootloader #ddif=/mbr_sda.bakof=/dev/sdabs=1count=64skip=446seek=446#Restorepartitiontable c5RDETK#NLL@MCRc  4GDQNTSDQ@MRVDQDC@MCSGDQDRONMRDHRSGD!DMSQX!MXDMSQXB@MADPTDQHDC @MCSGD$.3RDQUDQB@MADRDKDBSDCVHSG #digMXgoogle.com #dig@127.0.0.1NSsun.com#Totestthelocalserver #dig@204.97.212.10NSMXheise.de#Queryanexternalserver #digAXFR@ns1.xname.orgcb.vu#Getthefullzone(zonetransfer) 4GDOQNFQ@LGNRSHR@KRNONVDQETK #host-tMXcb.vu#GetthemailMXentry #host-tNS-Tsun.com#GettheNSrecordoveraTCPconnection #host-asleepyowl.net#Geteverything Reversequeries &HMCSGDM@LDADKNMFHMFSN@M)0@CCQDRRHM @CCQ@QO@ 4GHRB@MADCNMDVHSGdig
  • 127. host@MC nslookup #dig-x78.31.70.238 #host78.31.70.238 #nslookup78.31.70.238 /etc/hosts 3HMFKDGNRSRB@MADBNMEHFTQDCHMSGDEHKDDSBGNRSRHMRSD@CNEQTMMHMFnamedKNB@KKXSNQDRNKUDSGD GNRSM@LDPTDQHDR4GDENQL@SHRRHLOKD
  • 128. ENQDW@LOKD 78.31.70.238sleepyowl.netsleepyowl 4GDOQHNQHSXADSVDDMGNRSR@MC@CMRPTDQX
  • 129. SG@SHRSGDM@LDQDRNKTSHNMNQCDQ
  • 130. B@MADBNMEHFTQDCHM /etc/nsswitch.conf!.$DSBGNRSBNME4GDEHKD@KRNDWHRSRNM7HMCNVR
  • 131. HSHRTRT@KKXHM C:WINDOWSSYSTEM32DRIVERSETC 4.10DHCP Linux 3NLDCHRSQHATSHNMR3T3% TRDCGBOBC@RBKHDMS4GDCDE@TKSHMSDQE@BDHRDSG #dhcpcd-neth0#Triggerarenew(doesnotalwayswork) #dhcpcd-keth0#releaseandshutdown 4GDKD@RDVHSGSGDETKKHMENQL@SHNMHRRSNQDCHM /var/lib/dhcpcd/dhcpcd-eth0.info FreeBSD &QDD"3$@MC$DAH@M TRDRCGBKHDMS4NBNMEHFTQD@MHMSDQE@BDENQDW@LOKDAFD QTM #dhclientbge0 4GDKD@RDVHSGSGDETKKHMENQL@SHNMHRRSNQDCHM /var/db/dhclient.leases.bge0 5RD /etc/dhclient.conf SNOQDODMCNOSHNMRNQENQBDCHEEDQDMSNOSHNMR #cat/etc/dhclient.conf interface"rl0"{ prependdomain-name-servers127.0.0.1; defaultdomain-name"sleepyowl.net"; supersededomain-name"sleepyowl.net"; } Windows 4GDCGBOKD@RDB@MADQDMDVDCVHSGipconfig c.DSVNQJc 
  • 132. #ipconfig/renew#renewalladapters #ipconfig/renewLAN#renewtheadapternamed"LAN" #ipconfig/releaseWLAN#releasetheadapternamed"WLAN" 9DRHSHR@FNNCHCD@SNQDM@LDXNT@C@OSDQVHSGRHLOKDM@LDR 4.11Trafficanalysis "LNM HR@RL@KKBNMRNKDA@MCVHCSGLNMHSNQ@MCB@MCHROK@XSGDEKNVNMCHEEDQDMSHMSDQE@BDR Sniffwithtcpdump #tcpdump-nl-ibge0notportsshandsrc(192.168.16.121or192.168.16.54) #tcpdump-n-ieth1net192.168.16.121#selectto/fromasingleIP #tcpdump-n-ieth1net192.168.16.0/24#selecttrafficto/fromanetwork #tcpdump-l>dump&&tail-fdump#Bufferedoutput #tcpdump-irl0-wtraffic.rl0#Writetrafficheadersinbinaryfile #tcpdump-irl0-s0-wtraffic.rl0#Writetraffic+payloadinbinaryfile #tcpdump-rtraffic.rl0#Readfromfile(alsoforethereal #tcpdumpport80#Thetwoclassiccommands #tcpdumphostgoogle.com #tcpdump-ieth0-Xport(110or143)#Checkifpoporimapissecure #tcpdump-n-ieth0icmp#Onlycatchpings #tcpdump-ieth0-s0-Aport80|grepGET#-s0forfullpacket-AforASCII !CCHSHNM@KHLONQS@MSNOSHNMR -A0QHMSD@BGO@BJDSRHMBKD@QSDWSVHSGNTSGD@CDQ -X0QHMSO@BJDSRHMGDW@MC!3#)) -l-@JDRSCNTSKHMDATEEDQDC -D0QHMS@KKHMSDQE@BDR@U@HK@AKD /M7HMCNVRTRDVHMCTLOEQNLVVVVHMOB@ONQF5RDVHMCTLO $SNKHRSSGDHMSDQE@BDR Scanwithnmap .L@O HR@ONQSRB@MMDQVHSG/3CDSDBSHNM
  • 133. HSHRTRT@KKXHMRS@KKDCNMLNRSCHRSQHATSHNMR@MCHR@KRN @U@HK@AKDENQ7HMCNVR)EXNTCNMSRB@MXNTQRDQUDQR
  • 134. G@BJDQRCNHSENQXNT #nmapcb.vu#scansallreservedTCPportsonthehost #nmap-sP192.168.16.0/24#FindoutwhichIPareusedandbywhichhoston0/24 #nmap-sS-sV-Ocb.vu#DoastealthSYNscanwithversionandOSdetection PORTSTATESERVICEVERSION 22/tcpopensshOpenSSH3.8.1p1FreeBSD-20060930(protocol2.0) 25/tcpopensmtpSendmailsmtpd8.13.6/8.13.6 80/tcpopenhttpApachehttpd2.0.59((FreeBSD)DAV/2PHP/4. [...] Running:FreeBSD5.X Uptime33.120days(sinceFriAug3111:41:042007) /SGDQMNMRS@MC@QCATSTRDETKSNNKR@QDhpingVVVGOHMFNQF @M)0O@BJDS@RRDLAKDQ@M@KXYDQ @MCfpingEOHMFRNTQBDENQFDMDS EOHMFB@MBGDBJLTKSHOKDGNRSRHM@QNTMC QNAHME@RGHNM 4.12Trafficcontrol(QoS) 4Q@EEHBBNMSQNKL@M@FDRSGDPTDTHMF
  • 135. ONKHBHMF
  • 136. RBGDCTKHMF
  • 137. @MCNSGDQSQ@EEHBO@Q@LDSDQRENQ@ MDSVNQJ4GDENKKNVHMFDW@LOKDR@QDRHLOKDOQ@BSHB@KTRDRNESGD,HMTW@MC&QDD"3$B@O@AHKHSHDRSN ADSSDQTRDSGD@U@HK@AKDA@MCVHCSG Limitupload $3,NQB@AKDLNCDLRG@UD@KNMFPTDTDSNHLOQNUDSGDTOKN@CSGQNTFGOTS(NVDUDQEHKKHMFSGD PTDTDVHSG@E@RSCDUHBDDFDSGDQMDS VHKKCQ@L@SHB@KKXCDBQD@RDSGDHMSDQ@BSHUHSX)SHRSGDQDENQD TRDETKSNKHLHSSGDCDUHBDTOKN@CQ@SDSNL@SBGSGDOGXRHB@KB@O@BHSXNESGDLNCDL
  • 138. SGHRRGNTKC FQD@SKXHLOQNUDSGDHMSDQ@BSHUHSX3DSSN@ANTSNESGDLNCDLL@WHL@KB@AKD RODDC GSSOODNOKDRTTFBG]SFQALNM GSSOHMRDBTQDNQFML@O c.DSVNQJc  14.3mail 4GDmailBNLL@MCHR@A@RHB@OOKHB@SHNMSNQD@C@MCRDMCDL@HK
  • 139. HSHRTRT@KKXHMRS@KKDC4NRDMC @MDL@HKRHLOKXSXODL@HKTRDQCNL@HM4GDEHQRSKHMDHRSGDRTAIDBS
  • 140. SGDMSGDL@HKBNMSDMS 4DQLHM@SD@MCRDMCSGDDL@HKVHSG@RHMFKDCNS HM@MDVKHMD%W@LOKD #mailc@cb.vu Subject:Yourtextisfulloftypos "Foramoment,nothinghappened.Then,afterasecondorso, nothingcontinuedtohappen." . EOT # 4GHRHR@KRNVNQJHMFVHSG@OHOD #echo"Thisisthemailbody"|mailc@cb.vu 4GHRHR@KRN@RHLOKDV@XSNSDRSSGDL@HKRDQUDQ 14.4tar 4GDBNLL@MCtarS@OD@QBGHUD BQD@SDR@MCDWSQ@BSR@QBGHUDRNEEHKD@MCCHQDBSNQHDR4GD@QBGHUD S@QHRTMBNLOQDRRDC
  • 141. @BNLOQDRRDC@QBGHUDG@RSGDDWSDMRHNMSFYNQS@QFYYHO NQSAYAYHO  $NMNSTRD@ARNKTSDO@SGVGDMBQD@SHMF@M@QBGHUD
  • 142. XNTOQNA@AKXV@MSSNTMO@BJHSRNLDVGDQD DKRD3NLDSXOHB@KBNLL@MCR@QD Create #cd/ #tar-cfhome.tarhome/#archivethewhole/homedirectory(cforcreate) #tar-czfhome.tgzhome/#samewithzipcompression #tar-cjfhome.tbzhome/#samewithbzip2compression /MKXHMBKTCDNMDNQSVN CHQDBSNQHDREQNL@SQDD
  • 143. ATSJDDOSGDQDK@SHUDRSQTBSTQD&NQDW@LOKD @QBGHUDTRQKNB@KDSB@MCTRQKNB@KVVV@MCSGDEHQRSCHQDBSNQXHMSGD@QBGHUDRGNTKCADKNB@K #tar-C/usr-czflocal.tgzlocal/etclocal/www #tar-C/usr-xzflocal.tgz#Tountarthelocaldirinto/usr #cd/usr;tar-xzflocal.tgz#Isthesameasabove Extract #tar-tzfhome.tgz#lookinsidethearchivewithoutextracting(list) #tar-xfhome.tar#extractthearchivehere(xforextract) #tar-xzfhome.tgz#samewithzipcompression(-xjfforbzip2compression) #removeleadingpathgallery2andextractintogallery #tar--strip-components1-zxvfgallery2.tgz-Cgallery/ #tar-xjfhome.tbzhome/colin/file.txt#Restoreasinglefile #tar-xOfhome.tbzhome/colin/file.txt#Printfiletostdout(noextraction) Moreadvanced #tarcdir/|gzip|sshuser@remote'ddof=dir.tgz'#archdir/andstoreremotely. #tarcvf-`find.-print`>backup.tar#archthecurrentdirectory. #tar-cf--C/etc.|tarxpf--C/backup/etc#Copydirectories #tar-cf--C/etc.|sshuser@remotetarxpf--C/backup/etc#Remotecopy. #tar-czfhome.tgz--exclude'*.o'--exclude'tmp/'home/ 14.5zip/unzip :HOEHKDRB@MADD@RHDQSNRG@QDVHSG7HMCNVR #zip-rfileName.zip/path/to/dir#zipdirintofilefileName.zip #unzipfileName.zip#uncompresszipfile #unzip-lfileName.zip#listfilesinsidearchive #unzip-cfileName.zipfileinside.txt#printonefiletostdout(noextraction) #unzipfileName.zipfileinside.txt#extractonefileonly c5RDETK#NLL@MCRc 
  • 144. #svnmovefoo.cbar.c#Move(rename)files #svndeletesome_old_file#Deletefiles 14USEFULCOMMANDS KDRRO [UHO [L@HKO [S@QO [YHOO [CCO [RBQDDMO [EHMCO [ -HRBDKK@MDNTRO 14.1less 4GDlessBNLL@MCCHROK@XR@SDWSCNBTLDMSNMSGDBNMRNKD)SHROQDRDMSNMLNRSHMRS@KK@SHNM #lessunixtoolbox.xhtml 3NLDHLONQS@MSBNLL@MCR@QD>.RS@MCRENQ;BNMSQNK= ;.=  hHFNNCGDKONMCHROK@X f^F^VSPACE&NQV@QCNMDVHMCNVNQ.KHMDR  b^BESC-v"@BJV@QCNMDVHMCNVNQ.KHMDR  F&NQV@QCENQDUDQKHJDS@HK E /pattern3D@QBGENQV@QCENQ. SG L@SBGHMFKHMD ?pattern3D@QBGA@BJV@QCENQ. SG L@SBGHMFKHMD n2DOD@SOQDUHNTRRD@QBGENQ. SGNBBTQQDMBD  N2DOD@SOQDUHNTRRD@QBGHMQDUDQRDCHQDBSHNM qPTHS 14.2vi 6HHROQDRDMSNM!.9,HMTW5MHWHMRS@KK@SHNMMNSFDMSNN @MCHSHRSGDQDENQDTRDETKSNJMNVRNLD A@RHBBNLL@MCR4GDQD@QDSVNLNCDRBNLL@MCLNCD@MCHMRDQSHNMLNCD4GDBNLL@MCRLNCD HR@BBDRRDCVHSG[ESC]
  • 145. SGDHMRDQSHNMLNCDVHSGi5RD:helpHEXNT@QDKNRS 4GDDCHSNQRnano@MCpico@QDTRT@KKX@U@HK@AKDSNN@MC@QDD@RHDQ)-(/ SNTRD Quit :wMDVEHKDM@LDR@UDSGDEHKDSNMDVEHKDM@LD :wqor:xR@UD@MCPTHS :q!PTHSVHSGNTSR@UHMF Searchandmove /string3D@QBGENQV@QCENQRSQHMF ?string3D@QBGA@BJENQRSQHMF n3D@QBGENQMDWSHMRS@MBDNERSQHMF N3D@QBGENQOQDUHNTRHMRS@MBDNERSQHMF {-NUD@O@Q@FQ@OGA@BJ }-NUD@O@Q@FQ@OGENQV@QC 1G-NUDSNSGDEHQRSKHMDNESGDEHKD nG-NUDSNSGDMSGKHMDNESGDEHKD G-NUDSNSGDK@RSKHMDNESGDEHKD :%s/OLD/NEW/g3D@QBG@MCQDOK@BDDUDQXNBBTQQDMBD Deletecopypastetext dd(dw)#TSBTQQDMSKHMDVNQC D#TSSNSGDDMCNESGDKHMD x$DKDSDBTS BG@Q@BSDQ yy(yw)#NOXKHMDVNQC @ESDQBTQRNQ P0@RSD@ESDQBTQRNQ u5MCNK@RSLNCHEHB@SHNM U5MCN@KKBG@MFDRSNBTQQDMSKHMD c5RDETK#NLL@MCRc  Linux &NQ@+AHSTOKN@CLNCDL #tcqdiscadddeveth0roottbfrate480kbitlatency50msburst1540 #tc-sqdisclsdeveth0#Status #tcqdiscdeldeveth0root#Deletethequeue #tcqdiscchangedeveth0roottbfrate220kbitlatency50msburst1540 FreeBSD &QDD"3$TRDRSGDdummynetSQ@EEHBRG@ODQVGHBGHRBNMEHFTQDCVHSGHOEV0HODR@QDTRDCSNRDSKHLHSR SGDA@MCVHCSGHMTMHSRNE;+[-=ZAHSR["XSDR
  • 146. LD@MRTMKHLHSDCA@MCVHCSG5RHMFSGDR@LDOHOD MTLADQVHKKQDBNMEHFTQDHS&NQDW@LOKDKHLHSSGDTOKN@CA@MCVHCSGSN+AHS #kldloaddummynet#loadthemoduleifnecessary #ipfwpipe1configbw500Kbit/s#createapipewithlimitedbandwidth #ipfwaddpipe1ipfrommetoany#divertthefulluploadintothepipe Qualityofservice Linux 0QHNQHSXPTDTHMFVHSGtcSNNOSHLHYD6N)03DDSGDETKKDW@LOKDNMUNHO HMENNQFNQ VVVGNVSNENQFDBNL3TOONRD6N)0TRDRTCONMONQSR@MCCDUHBDDSGBNTKC@KRN ADOOONQRN 4GDENKKNVHMFBNLL@MCRCDEHMDSGD1N3SNSGQDDPTDTDR@MCENQBDSGD6N)0SQ@EEHB SNPTDTDVHSG1N30x1e@KKAHSRRDS 4GDCDE@TKSSQ@EEHBEKNVRHMSNPTDTD@MC1N3Minimize- DelayEKNVRHMSNPTDTD #tcqdiscadddeveth0roothandle1:priopriomap2222222211111110 #tcqdiscadddeveth0parent1:1handle10:sfq #tcqdiscadddeveth0parent1:2handle20:sfq #tcqdiscadddeveth0parent1:3handle30:sfq #tcfilteradddeveth0protocolipparent1:prio1u32 matchipdport100000x3C00flowid1:1#useserverportrange matchipdst123.23.0.1flowid1:1#or/anduseserverIP 3S@STR@MCQDLNUDVHSG #tc-sqdisclsdeveth0#queuestatus #tcqdiscdeldeveth0root#deleteallQoS Calculateportrangeandmask 4GDSBEHKSDQCDEHMDRSGDONQSQ@MFDVHSGONQS@MCL@RJVGHBGXNTG@UDSNB@KBTK@SD&HMCSGD>. endingNESGDONQSQ@MFD
  • 147. CDCTBDSGDQ@MFD@MCBNMUDQSSN(%84GHRHRXNTQL@RJ%W@LOKDENQ  
  • 148. SGDQ@MFDHR #2^13(8192)<10000<2^14(16384)#endingis2^14=16384 #echo"obase=16;(2^14)-1024"|bc#maskis0x3C00 FreeBSD 4GDL@WKHMJA@MCVHCSGHR+AHSR@MCVDCDEHMDPTDTDRVHSGOQHNQHSXENQ6N)0RRG@KK SGDQDRS #ipfwpipe1configbw500Kbit/s #ipfwqueue1configpipe1weight100 #ipfwqueue2configpipe1weight10 #ipfwqueue3configpipe1weight1 #ipfwadd10queue1protoudpdst-port10000-11024 #ipfwadd11queue1protoudpdst-ip123.23.0.1#or/anduseserverIP #ipfwadd20queue2dsp-portssh #ipfwadd30queue3frommetoany#alltherest 3S@STR@MCQDLNUDVHSG #ipfwlist#rulesstatus #ipfwpipelist#pipestatus #ipfwflush#deletesallrulesbutdefault c.DSVNQJc 
  • 149. 4.13NISDebugging 3NLDBNLL@MCRVGHBGRGNTKCVNQJNM@VDKKBNMEHFTQDC.)3BKHDMS #ypwhich#gettheconnectedNISservername #domainname#TheNISdomainnameasconfigured #ypcatgroup#shoulddisplaythegroupfromtheNISserver #cd/var/yp&&make#Rebuildtheypdatabase #rpcinfo-pservername#ReportRPCservicesoftheserver )RXOAHMCQTMMHMF #psauxww|grepypbind /usr/sbin/ypbind-s-m-Sservername1,servername2#FreeBSD /usr/sbin/ypbind#Linux #yppollpasswd.byname Mappasswd.bynamehasordernumber1190635041.MonSep2413:57:212007 Themasterserverisservername.domain.net. Linux #cat/etc/yp.conf ypserverservername domaindomain.netbroadcast 4.14Netcat .DSB@S MB HRADSSDQJMNVM@RSGDMDSVNQJ3VHRR!QLX+MHED
  • 150. HSB@ML@MHOTK@SD
  • 151. BQD@SDNQ QD@CVQHSD4#0)0BNMMDBSHNMR(DQDRNLDTRDETKDW@LOKDR
  • 152. SGDQD@QDL@MXLNQDNMSGDMDS
  • 153. ENQ DW@LOKDF KN@CDCDT;= @MCGDQD  9NTLHFGSMDDCSNTRDSGDBNLL@MCnetcatHMRSD@CNEnc!KRNRDDSGDRHLHK@QBNLL@MCRNB@S Filetransfer #NOX@K@QFDENKCDQNUDQ@Q@VSBOBNMMDBSHNM4GDSQ@MREDQHRUDQXPTHBJMNOQNSNBNKNUDQGD@C @MCXNTCNMSMDDCSNLDRRTOVHSG.&3NQ3-"NQ&40NQRN
  • 154. RHLOKXL@JDSGDEHKD@U@HK@AKDNMSGD RDQUDQ
  • 155. @MCFDSHSEQNLSGDBKHDMS(DQDHRSGDRDQUDQ)0@CCQDRR server#tar-cf--CVIDEO_TS.|nc-l-p4444#Servetarfolderonport4444 client#nc192.168.1.14444|tarxpf--CVIDEO_TS#Pullthefileonport4444 server#catlargefile|nc-l5678#Serverasinglefile client#nc192.168.1.15678>largefile#Pullthesinglefile server#ddif=/dev/da0|nc-l4444#Serverpartitionimage client#nc192.168.1.14444|ddof=/dev/da0#Pullpartitiontoclone client#nc192.168.1.14444|ddof=da0.img#Pullpartitiontofile Otherhacks 3ODBH@KKXGDQD
  • 156. XNTLTRSJMNVVG@SXNT@QDCNHMF Remoteshell /OSHNM DNMKXNMSGD7HMCNVRUDQRHNM/QTRDMB #nc-lp4444-e/bin/bash#Providearemoteshell(serverbackdoor) #nc-lp4444-ecmd.exe#remoteshellforWindows Emergencywebserver 3DQUD@RHMFKDEHKDNMONQSHM@KNNO #whiletrue;donc-l-p80<unixtoolbox.xhtml;done Chat !KHBD@MC"NAB@MBG@SNUDQ@RHLOKD4#0RNBJDS4GDSDWSHRSQ@MREDQQDCVHSGSGDDMSDQJDX alice#nc-lp4444 bob#nc192.168.1.14444 GSSOMDSB@SRNTQBDENQFDMDS GSSOVVVF KN@CDCDTMDSB@S @ BNTOKD NE TRDETK DW@LOKDR GSSOVVVSDQLHM@KKX HMBNGDQDMSBNLAKNFEDV TRDETK MDSB@S SQHBJR c.DSVNQJc  #groupaddsubversion #groupmod-Auser1subversion #chown-Rroot:subversion/home/svn #chmod-R770/home/svn Remoteaccesswithhttp(apache) 2DLNSD@BBDRRNUDQGSSOGSSOR HRSGDNMKXFNNCRNKTSHNMENQ@K@QFDQTRDQFQNTO4GHRLDSGNCTRDR SGD@O@BGD@TSGDMSHB@SHNM
  • 157. MNSSGDKNB@K@BBNTMSR4GHRHR@SXOHB@KATSRL@KK@O@BGDBNMEHFTQ@SHNM LoadModuledav_modulemodules/mod_dav.so LoadModuledav_svn_modulemodules/mod_dav_svn.so LoadModuleauthz_svn_modulemodules/mod_authz_svn.so#Onlyforaccesscontrol <Location/svn> DAVsvn #any"/svn/foo"URLwillmaptoarepository/home/svn/foo SVNParentPath/home/svn AuthTypeBasic AuthName"Subversionrepository" AuthzSVNAccessFile/etc/apache2/svn.acl AuthUserFile/etc/apache2/svn-passwd Requirevalid-user </Location> 4GD@O@BGDRDQUDQMDDCRETKK@BBDRRSNSGDQDONRHSNQX #chown-Rwww:www/home/svn #QD@SD@TRDQVHSGGSO@RRVC #htpasswd-c/etc/svn-passwduser1#-ccreatesthefile Accesscontrolsvn.aclexample #Defaultitreadaccess."*="wouldbedefaultnoaccess [/] *=r [groups] project1-developers=joe,jack,jane #Givewriteaccesstothedevelopers [project1:] @project1-developers=rw 13.2SVNcommandsandusage 3DD@KRNSGD3TAUDQRHNM1THBJ2DEDQDMBD#@QC 4NQSNHRD36. HR@MHBD7HMCNVRHMSDQE@BD Import !MDVOQNIDBS
  • 158. SG@SHR@CHQDBSNQXVHSGRNLDEHKDR
  • 159. HRHLONQSDCHMSNSGDQDONRHSNQXVHSGSGDimport BNLL@MC)LONQSHR@KRNTRDCSN@CC@CHQDBSNQXVHSGHSRBNMSDMSSN@MDWHRSHMFOQNIDBS #svnhelpimport#Gethelpforanycommand #Addanewdirectory(withcontent)intothesrcdironproject1 #svnimport/project1/newdirhttp://host.url/svn/project1/trunk/src-m'addnewdir' TypicalSVNcommands #svncohttp://host.url/svn/project1/trunk#Checkoutthemostrecentversion #Tagsandbranchesarecreatedbycopying #svnmkdirhttp://host.url/svn/project1/tags/#Createthetagsdirectory #svncopy-m"Tagrc1rel."http://host.url/svn/project1/trunk http://host.url/svn/project1/tags/1.0rc1 #svnstatus[--verbose]#Checkfilesstatusintoworkingdir #svnaddsrc/file.hsrc/file.cpp#Addtwofiles #svncommit-m'Addednewclassfile'#Committhechangeswithamessage #svnlshttp://host.url/svn/project1/tags/#Listalltags GSSOVVVBROTSONYM@MOKBRNA@MHDB0@ODQRRUM QDEB@QCOCE GSSOSNQSNHRDRUMSHFQHRNQF c36.c 
  • 160. #cvsupdate-A#Resetanystickytag(ordate,option) #cvsaddnewfile#Addanewfile #cvsadd-kbnewfile#Addanewbinaryfile #cvscommitfile1file2#Committhetwofilesonly #cvscommit-m"message"#Commitallchangesdonewithamessage Createapatch )SHRADRSSNBQD@SD@MC@OOKX@O@SBGEQNLSGDVNQJHMFCDUDKNOLDMSCHQDBSNQXQDK@SDCSNSGDOQNIDBS
  • 161. NQEQNLVHSGHMSGDRNTQBDCHQDBSNQX #cd/devel/project #diff-Naurolddirnewdir>patchfile#Createapatchfromadirectoryorafile #diff-Nauroldfilenewfile>patchfile Applyapatch 3NLDSHLDRHSHRMDBDRR@QXSNRSQHO@CHQDBSNQXKDUDKEQNLSGDO@SBG
  • 162. CDODMCHMFGNVHSV@RBQD@SDC )MB@RDNECHEEHBTKSHDR
  • 163. RHLOKXKNNJ@SSGDEHQRSKHMDRNESGDO@SBG@MCSQX O
  • 164.  ONQ O #cd/devel/project #patch--dry-run-p0<patchfile#Testthepathwithoutapplyingit #patch-p0<patchfile #patch-p1<patchfile#stripoffthe1stlevelfromthepath 13SVN 3DQUDQRDSTOO [36. 33(O [36.NUDQGSSOO [36.TR@FDO 3TAUDQRHNM36.  HR@UDQRHNMBNMSQNKRXRSDLCDRHFMDCSNADSGDRTBBDRRNQNE#63#NMBTQQDMS 6DQRHNMR3XRSDL 4GDBNMBDOSHRRHLHK@QSN#63
  • 165. ATSL@MXRGNQSBNLHMFRVGDQDHLOQNUDC3DD@KRN SGD36.ANNJ  13.1Serversetup 4GDHMHSH@SHNMNESGDQDONRHSNQXHRE@HQKXRHLOKDGDQDENQDW@LOKD/home/svn/LTRSDWHRS  #svnadmincreate--fs-typefsfs/home/svn/project1 .NVSGD@BBDRRSNSGDQDONRHSNQXHRL@CDONRRHAKDVHSG afile://$HQDBSEHKDRXRSDL@BBDRRVHSGSGDRUMBKHDMSVHSG4GHRQDPTHQDRKNB@KODQLHRRHNMR NMSGDEHKDRXRSDL asvn://NQsvn+ssh://2DLNSD@BBDRRVHSGSGDRUMRDQUDRDQUDQ@KRNNUDQ33( 4GHR QDPTHQDRKNB@KODQLHRRHNMRNMSGDEHKDRXRSDLCDE@TKSONQSSBO  ahttp://2DLNSD@BBDRRVHSGVDAC@UTRHMF@O@BGD.NKNB@KTRDQR@QDMDBDRR@QXENQSGHR LDSGNC 5RHMFSGDKNB@KEHKDRXRSDL
  • 166. HSHRMNVONRRHAKDSNHLONQS@MCSGDMBGDBJNTS@MDWHRSHMFOQNIDBS 5MKHJDVHSG#63HSHRMNSMDBDRR@QXSNBCHMSNSGDOQNIDBSCHQDBSNQX
  • 167. RHLOKXFHUDSGDETKKO@SG #svnimport/project1/file:///home/svn/project1/trunk-m'Initialimport' #svncheckoutfile:///home/svn/project1 4GDMDVCHQDBSNQXSQTMJHRNMKX@BNMUDMSHNM
  • 168. SGHRHRMNSQDPTHQDC Remoteaccesswithssh .NRODBH@KRDSTOHRQDPTHQDCSN@BBDRRSGDQDONRHSNQXUH@RRG
  • 169. RHLOKXQDOK@BDfile://VHSGsvn+ssh/ hostname&NQDW@LOKD #svncheckoutsvn+ssh://hostname/home/svn/project1 !RVHSGSGDKNB@KEHKD@BBDRR
  • 170. DUDQXTRDQMDDCR@MRRG@BBDRRSNSGDRDQUDQVHSG@KNB@K@BBNTMS @MC@KRNQD@CVQHSD@BBDRR4GHRLDSGNCLHFGSADRTHS@AKDENQ@RL@KKFQNTO!KKTRDQRBNTKCADKNMF SN@RTAUDQRHNMFQNTOVGHBGNVMRSGDQDONRHSNQX
  • 171. ENQDW@LOKD GSSORTAUDQRHNMSHFQHRNQF GSSORUMANNJQDC AD@MBNLDM c36.c  5SSHSCP 0TAKHBJDXO [&HMFDQOQHMSO [3#0O [4TMMDKHMFO 3DDNSGDQSQHBJRRRGBLC 5.1Publickeyauthentication #NMMDBSSN@GNRSVHSGNTSO@RRVNQCTRHMFOTAKHBJDX@TSGDMSHB@SHNM4GDHCD@HRSN@OODMCXNTQ OTAKHBJDXSNSGD@TSGNQHYDC?JDXREHKDNMSGDQDLNSDGNRS&NQSGHRDW@LOKDKDSRconnecthost- clienttohost-server
  • 172. SGDJDXHRFDMDQ@SDCNMSGDBKHDMS7HSGBXFVHMXNTLHFGSG@UDSNBQD@SD XNTQGNLDCHQDBSNX@MCSGDRRGCHQDBSNQXVHSG#mkdir-p/home/USER/.ssh a5RDRRG JDXFDMSNFDMDQ@SD@JDXO@HQ~/.ssh/id_dsaHRSGDOQHU@SDJDX
  • 173. ~/.ssh/ id_dsa.pubHRSGDOTAKHBJDX a#NOXNMKXSGDOTAKHBJDXSNSGDRDQUDQ@MC@OODMCHSSNSGDEHKD~/.ssh/authorized_keys2 NMXNTQGNLDNMSGDRDQUDQ #ssh-keygen-tdsa-N'' #cat~/.ssh/id_dsa.pub|sshyou@host-server"cat->>~/.ssh/authorized_keys2" UsingtheWindowsclientfromssh.com 4GDMNMBNLLDQBH@KUDQRHNMNESGDRRGBNLBKHDMSB@MADCNVMKN@CDCSGDL@HMESORHSD ESORRGBNLOTARRG+DXRFDMDQ@SDCAXSGDRRGBNLBKHDMSMDDCSNADBNMUDQSDCENQSGD/ODM33( RDQUDQ4GHRB@MADCNMDVHSGSGDRRG JDXFDMBNLL@MC a#QD@SD@JDXO@HQVHSGSGDRRGBNLBKHDMS3DSSHMFR 5RDQ!TSGDMSHB@SHNM 'DMDQ@SD.DV a)TRD+DXSXOD$3!JDXKDMFSG a#NOXSGDOTAKHBJDXFDMDQ@SDCAXSGDRRGBNLBKHDMSSNSGDRDQUDQHMSNSGD]RRGENKCDQ a4GDJDXR@QDHM#<$NBTLDMSR@MC3DSSHMFR<53%2.!-%<!OOKHB@SHNM $@S@<33(<5RDQ+DXR a5RDSGDRRG JDXFDMBNLL@MCNMSGDRDQUDQSNBNMUDQSSGDJDX #cd~/.ssh #ssh-keygen-i-fkeyfilename.pub>>authorized_keys2 Notice:7DTRDC@$3!JDX
  • 174. 23!HR@KRNONRRHAKD4GDJDXHRMNSOQNSDBSDCAX@O@RRVNQC UsingputtyforWindows 0TSSX HR@RHLOKD@MCEQDDRRGBKHDMSENQ7HMCNVR a#QD@SD@JDXO@HQVHSGSGDOT449FDMOQNFQ@L a3@UDSGDOTAKHB@MCOQHU@SDJDXRENQDW@LOKDHMSN#<$NBTLDMSR@MC 3DSSHMFR<53%2.!-%<RRG  a#NOXSGDOTAKHBJDXSNSGDRDQUDQHMSNSGD]RRGENKCDQ #scp.ssh/puttykey.pubroot@192.168.51.254:.ssh/ a5RDSGDRRG JDXFDMBNLL@MCNMSGDRDQUDQSNBNMUDQSSGDJDXENQ/ODM33( #cd~/.ssh #ssh-keygen-i-fputtykey.pub>>authorized_keys2 a0NHMSSGDOQHU@SDJDXKNB@SHNMHMSGDOTSSXRDSSHMFR#NMMDBSHNM 33( !TSG 5.2Checkfingerprint !SSGDEHQRSKNFHM
  • 175. RRGVHKK@RJHESGDTMJMNVMGNRSVHSGSGDEHMFDQOQHMSG@RSNADRSNQDCHMSGDJMNVM GNRSR4N@UNHC@L@M HM SGD LHCCKD@SS@BJSGD@CLHMHRSQ@SNQNESGDRDQUDQB@MRDMCXNTSGDRDQUDQ EHMFDQOQHMSVGHBGHRSGDMBNLO@QDCNMSGDEHQRSKNFHM5RDssh-keygen-lSNFDSSGDEHMFDQOQHMSNM SGDRDQUDQ  #ssh-keygen-l-f/etc/ssh/ssh_host_rsa_key.pub#ForRSAkey 204861:33:be:9b:ae:6c:36:31:fd:83:98:b7:99:2d:9f:cd/etc/ssh/ssh_host_rsa_key.pub GSSOAKNFTQEHWBNL RRG BNLL@MCR SQHBJR GSSOVVVBGH@QJFQDDMDMCNQFTJ]RFS@SG@LOTSSXCNVMKN@CGSLK c33(3#0c 
  • 176. #ssh-keygen-l-f/etc/ssh/ssh_host_dsa_key.pub#ForDSAkey(default) 204814:4a:aa:d9:73:25:46:6d:0a:48:35:c7:f4:16:d4:ee/etc/ssh/ssh_host_dsa_key.pub .NVSGDBKHDMSBNMMDBSHMFSNSGHRRDQUDQB@MUDQHEXSG@SGDHRBNMMDBSHMFSNSGDQHFGSRDQUDQ #sshlinda Theauthenticityofhost'linda(192.168.16.54)'can'tbeestablished. DSAkeyfingerprintis14:4a:aa:d9:73:25:46:6d:0a:48:35:c7:f4:16:d4:ee. Areyousureyouwanttocontinueconnecting(yes/no)?yes 5.3Securefiletransfer 3NLDRHLOKDBNLL@MCR #scpfile.txthost-two:/tmp #scpjoe@host-two:/www/*.html/www/tmp #scp-rjoe@host-two:/www/www/tmp )M+NMPTDQNQNQ-HCMHFGS#NLL@MCDQHSHRONRRHAKDSN@BBDRR@QDLNSDEHKDRXRSDLVHSGSGD@CCQDRR fish://user@gate(NVDUDQSGDHLOKDLDMS@SHNMHRUDQXRKNV &TQSGDQLNQDHSHRONRRHAKDSNLNTMS@QDLNSDENKCDQVHSGsshfs@EHKDRXRSDLBKHDMSA@RDCNM3#0 3DDETRDRRGER  ssh_exchange_identification:Connectionclosedbyremotehost 7HSGSGHRDQQNQSQXSGDENKKNVHMFNMSGDRDQUDQ echo'SSHD:ALL'>>/etc/hosts.allow /etc/init.d/sshdrestart 5.4Tunneling 33(STMMDKHMF@KKNVRSNENQV@QCNQQDUDQRDENQV@QC@ONQSNUDQSGD33(BNMMDBSHNM
  • 177. SGTRRDBTQHMF SGDSQ@EEHB@MC@BBDRRHMFONQSRVGHBGVNTKCNSGDQVHRDADAKNBJDC4GHRNMKXVNQJRVHSG4#04GD FDMDQ@KMNLDMBK@STQDENQENQV@QC@MCQDUDQRDHRRDD@KRNRRG@MC.!4DW@LOKD  #ssh-Llocalport:desthost:destportuser@gate#desthostasseenfromthegate #ssh-Rdestport:desthost:localportuser@gate#forwardsyourlocalporttodestination #desthost:localportasseenfromtheclientinitiatingthetunnel #ssh-Xuser@gate#ToforceXforwarding 4GHRVHKKBNMMDBSSNF@SD@MCENQV@QCSGDKNB@KONQSSNSGDGNRSCDRSGNRSCDRSONQS.NSDCDRSGNRS HRSGDCDRSHM@SHNMGNRSasseenbythegate
  • 178. RNHESGDBNMMDBSHNMHRSNSGDF@SD
  • 179. SGDMCDRSGNRSHR KNB@KGNRS-NQDSG@MNMDONQSENQV@QCHRONRRHAKD Directforwardonthegate ,DSR@XVDV@MSSN@BBDRRSGD#63ONQS @MCGSSOONQS VGHBG@QDQTMMHMFNMSGDF@SD 4GHRHRSGDRHLOKDRSDW@LOKD
  • 180. CDRSGNRSHRSGTRKNB@KGNRS
  • 181. @MCVDTRDSGDONQSKNB@KKXHMRSD@CNE RNVDCNMSMDDCSNADQNNS/MBDSGDRRGRDRRHNMHRNODM
  • 182. ANSGRDQUHBDR@QD@BBDRRHAKDNMSGD KNB@KONQSR #ssh-L2401:localhost:2401-L8080:localhost:80user@gate Netbiosandremotedesktopforwardtoasecondserver ,DSR@X@7HMCNVRRLARDQUDQHRADGHMCSGDF@SD@MCHRMNSQTMMHMFRRG7DMDDC@BBDRRSNSGD RLARG@QD@MC@KRNQDLNSDCDRJSNOSNSGDRDQUDQ #ssh-L139:smbserver:139-L3388:smbserver:3389user@gate 4GDRLARG@QDB@MMNVAD@BBDRRDCVHSG<<<
  • 183. ATSNMKXHESGDKNB@KRG@QDHRCHR@AKDC
  • 184. ADB@TRDthelocalshareislisteningonport139 )SHRONRRHAKDSNJDDOSGDKNB@KRG@QDDM@AKDC
  • 185. ENQSGHRVDMDDCSNBQD@SD@MDVUHQST@KCDUHBDVHSG@ MDV)0@CCQDRRENQSGDSTMMDK
  • 186. SGDRLARG@QDVHKKADBNMMDBSDCNUDQSGHR@CCQDRR&TQSGDQLNQDthe localRDPisalreadylisteningon3389
  • 187. RNVDBGNNRD&NQSGHRDW@LOKDKDSRTRD@UHQST@K)0NE  a7HSGOTSSXTRD3NTQBDONQS)SHRONRRHAKDSNBQD@SDLTKSHOKDKNNOCDUHBDR@MC STMMDK/M7HMCNVR
  • 188. NMKXOTSSXVNQJDCENQLD/M7HMCNVR6HRS@@KRNENQV@QCSGD GSSOETRDRNTQBDENQFDMDSRRGERGSLK c33(3#0c  CVSROOTvariable 4GHRHR@MDMUHQNMLDMSU@QH@AKDTRDCSNRODBHEXSGDKNB@SHNMNESGDQDONRHSNQXVDQDCNHMFNODQ@SHNMR NM&NQKNB@KTRD
  • 189. HSB@MADITRSRDSSNSGDCHQDBSNQXNESGDQDONRHSNQX&NQTRDNUDQSGDMDSVNQJ
  • 190. SGD SQ@MRONQSOQNSNBNKLTRSADRODBHEHDC3DSSGD#632//4U@QH@AKDVHSGsetenvCVSROOTstringNM @BRG
  • 191. SBRGRGDKK
  • 192. NQVHSGexportCVSROOT=stringNM@RG
  • 193. A@RGRGDKK #setenvCVSROOT:pserver:<username>@<host>:/cvsdirectory Forexample: #setenvCVSROOT/usr/local/cvs#Usedlocallyonly #setenvCVSROOT:local:/usr/local/cvs#Sameasabove #setenvCVSROOT:ext:user@cvsserver:/usr/local/cvs#DirectaccesswithSSH #setenvCVS_RSHssh#fortheextaccess #setenvCVSROOT:pserver:user@cvsserver.254:/usr/local/cvs#networkwithpserver 7GDMSGDKNFHMRTBBDDCDCNMDB@MHLONQS@MDVOQNIDBSHMSNSGDQDONRHSNQXcdintoXNTQOQNIDBS QNNSCHQDBSNQX cvsimport<modulename><vendortag><initialtag> cvs-d:pserver:colin@192.168.50.254:/usr/local/cvsimportMyProjectMyCompanySTART 7GDQD-X0QNIDBSHRSGDM@LDNESGDMDVOQNIDBSHMSGDQDONRHSNQXTRDCK@SDQSNBGDBJNTS #URVHKK HLONQSSGDBTQQDMSCHQDBSNQXBNMSDMSHMSNSGDMDVOQNIDBS 4NBGDBJNTS #cvs-d:pserver:colin@192.168.50.254:/usr/local/cvscheckoutMyProject or #setenvCVSROOT:pserver:colin@192.168.50.254:/usr/local/cvs #cvscheckoutMyProject 12.3SSHtunnelingforCVS 7DMDDCRGDKKRENQSGHR/MSGDEHQRSRGDKKVDBNMMDBSSNSGDBURRDQUDQVHSGRRG@MCONQS ENQV@QC SGDBURBNMMDBSHNM/MSGDRDBNMCRGDKKVDTRDSGDBURMNQL@KKX@RHEHSVGDQDQTMMHMFKNB@KKX NMRGDKK #ssh-L2401:localhost:2401colin@cvs_server#ConnectdirectlytotheCVSserver.Or: #ssh-L2401:cvs_server:2401colin@gateway#UseagatewaytoreachtheCVS NMRGDKK #setenvCVSROOT:pserver:colin@localhost:/usr/local/cvs #cvslogin Logginginto:pserver:colin@localhost:2401/usr/local/cvs CVSpassword: #cvscheckoutMyProject/src 12.4CVScommandsandusage Import 4GDHLONQSBNLL@MCHRTRDCSN@CC@VGNKDCHQDBSNQX
  • 194. HSLTRSADQTMEQNLVHSGHMSGDCHQDBSNQX SNADHLONQSDC3@XSGDCHQDBSNQXCDUDKBNMS@HMR@KKEHKDR@MCRTACHQDBSNQHDRSNADHLONQSDC4GD CHQDBSNQXM@LDNMSGD#63SGDLNCTKD VHKKADB@KKDCLX@OO #cvsimport[options]directory-namevendor-tagrelease-tag #cd/devel#Mustbeinsidetheprojecttoimportit #cvsimportmyappCompanyR1_0#Releasetagcanbeanythinginoneword !ESDQ@VGHKD@MDVCHQDBSNQXCDUDKSNNKRV@R@CCDC@MCHSG@RSNADHLONQSDCSNN #cd/devel/tools #cvsimportmyapp/toolsCompanyR1_0 Checkoutupdateaddcommit #cvscomyapp/tools#Willonlycheckoutthedirectorytools #cvsco-rR1_1myapp#CheckoutmyappatreleaseR1_1(issticky) #cvs-q-dupdate-P#AtypicalCVSupdate c#63c 
  • 195. colin ^D#Use[Control][D]toquittheedit #cvsaddwriters#Addthefilewritersintotherepository #cvseditcheckoutlist #cat>>checkoutlist writers ^D#Use[Control][D]toquittheedit #cvscommit#Commitalltheconfigurationchanges !CC@readersEHKDHEXNTV@MSSNCHEEDQDMSH@SDQD@C@MCVQHSDODQLHRRHNMRNote:$NMNSDUDQ DCHS EHKDRCHQDBSKXHMSNSGDL@HMBUR
  • 196. ATSQ@SGDQBGDBJNTSSGDEHKD
  • 197. LNCHEXHS@MCBGDBJHSHM7DCHCSGHR VHSGSGDEHKDwritersSNCDEHMDSGDVQHSD@BBDRR 4GDQD@QDSGQDDONOTK@QV@XRSN@BBDRRSGD#63@SSGHRONHMS4GDEHQRSSVNCNMSMDDC@MXETQSGDQ BNMEHFTQ@SHNM3DDSGDDW@LOKDRNM#632//4ADKNVENQGNVSNTRDSGDL a$HQDBSKNB@K@BBDRRSNSGDEHKDRXRSDL4GDTRDQR MDDCRTEEHBHDMSEHKDODQLHRRHNMSN@BBDRR SGD#3CHQDBSKX@MCSGDQDHRMNETQSGDQ@TSGDMSHB@SHNMHM@CCHSHNMSNSGD/3KNFHM(NVDUDQ SGHRHRNMKXTRDETKHESGDQDONRHSNQXHRKNB@K a2DLNSD@BBDRRVHSGRRGVHSGSGDDWSOQNSNBNK!MXTRDVHSG@MRRGRGDKK@BBNTMS@MCQD@C VQHSDODQLHRRHNMRNMSGD#63RDQUDQB@M@BBDRRSGD#63CHQDBSKXVHSGDWSNUDQRRGVHSGNTS @MX@CCHSHNM@KSTMMDK4GDQDHRMNRDQUDQOQNBDRRQTMMHMFNMSGD#63ENQSGHRSNVNQJ4GD RRGKNFHMCNDRSGD@TSGDMSHB@SHNM a2DLNSD@BBDRRVHSGORDQUDQCDE@TKSONQSSBO 4GHRHRSGDOQDEDQQDCTRDENQK@QFDQ TRDQA@RD@RSGDTRDQR@QD@TSGDMSHB@SDCAXSGD#63ORDQUDQVHSG@CDCHB@SDCO@RRVNQC C@S@A@RD
  • 198. SGDQDHRSGDQDENQDMNMDDCENQKNB@KTRDQR@BBNTMSR4GHRRDSTOHRDWOK@HMDCADKNV Networksetupwithinetd 4GD#63B@MADQTMKNB@KKXNMKXHE@MDSVNQJ@BBDRRHRMNSMDDCDC&NQ@QDLNSD@BBDRR
  • 199. SGDC@DLNM HMDSCB@MRS@QSSGDORDQUDQVHSGSGDENKKNVHMFKHMDHMDSBHMDSCBNMEDSBWHMDSCCBURNM3T3%  cvspserverstreamtcpnowaitcvs/usr/bin/cvscvs --allow-root=/usr/local/cvspserver )SHR@FNNCHCD@SNAKNBJSGDBURONQSEQNLSGD)MSDQMDSVHSGSGDEHQDV@KK@MCTRD@MRRGSTMMDKSN @BBDRRSGDQDONRHSNQXQDLNSDKX Separateauthentication )SHRONRRHAKDSNG@UDBURTRDQRVGHBG@QDMNSO@QSNESGD/3MNKNB@KTRDQR 4GHRHR@BST@KKX OQNA@AKXV@MSDCSNNEQNLSGDRDBTQHSXONHMSNEUHDV3HLOKX@CC@EHKDM@LDCpasswdHMSGD #632//4CHQDBSNQX BNMS@HMHMFSGDTRDQRKNFHM@MCO@RRVNQCHMSGDBQXOSENQL@S4GHRHRB@MAD CNMDVHSGSGD@O@BGDGSO@RRVCSNNK Note:4GHRO@RRVCEHKDHRSGDNMKXEHKDVGHBGG@RSNADDCHSDCCHQDBSKXHMSGD#632//4CHQDBSNQX!KRN HSVNMSADBGDBJDCNTS-NQDHMENVHSGGSO@RRVC GDKO #htpasswd-cbpasswduser1password1#-ccreatesthefile #htpasswd-bpasswduser2password2 .NV@CC:cvs@SSGDDMCNED@BGKHMDSNSDKKSGDBURRDQUDQSNBG@MFDSGDTRDQSNBURNQVG@SDUDQ XNTQBURRDQUDQHRQTMMHMFTMCDQ )SKNNJRKHJDSGHR #catpasswd user1:xsFjhU22u8Fuo:cvs user2:vnefJOsnnvToM:cvs 12.2Testit 4DRSSGDKNFHM@RMNQL@KTRDQENQDW@LOKDGDQDLD #cvs-d:pserver:colin@192.168.50.254:/usr/local/cvslogin Logginginto:pserver:colin@192.168.50.254:2401/usr/local/cvs CVSpassword: c#63c  ONQSHM@CCHSHNMSNSGDONQS!KRNNM6HRS@SGDO@SBG+"OQDUDMSRSGDONQS SNADENQV@QCDC
  • 200. RN)G@CSNTMHMRS@KKSGHRO@SGHM6HRS@ a7HSGSGDRRGBNLBKHDMS
  • 201. CHR@AKD!KKNVKNB@KBNMMDBSHNMRNMKX3HMBDRRGBNLVHKKAHMCSN @KK@CCQDRRDR
  • 202. NMKX@RHMFKDRG@QDB@MADBNMMDBSDC .NVBQD@SDSGDKNNOA@BJHMSDQE@BDVHSG)0 a3XRSDL #NMSQNK0@MDK !CC(@QCV@QD9DR
  • 203. (@QCV@QDHR@KQD@CXBNMMDBSDC!CC@ MDVG@QCV@QDCDUHBD@SANSSNL  a)MRS@KKSGDG@QCV@QDSG@S)L@MT@KKXRDKDBS.DSVNQJ@C@OSDQR-HBQNRNES
  • 204. -HBQNRNES ,NNOA@BJ!C@OSDQ a#NMEHFTQDSGD)0@CCQDRRNESGDE@JDCDUHBDSNL@RJ
  • 205. MNF@SDV@X a@CU@MBDC 7).3
  • 206. %M@AKD,-(NRSR,NNJTO$HR@AKD.DS")/3NUDQ4#0)0 a%M@AKD#KHDMSENQ-HBQNRNES.DSVNQJR$HR@AKD&HKD@MC0QHMSDQ3G@QHMFENQ-HBQNRNES .DSVNQJR )(!$SNQDANNSENQSGHRSNVNQJ.NVBNMMDBSSNSGDRLARG@QDVHSG<<@MCQDLNSDCDRJSNO SN Debug )EHSHRMNSVNQJHMF a!QDSGDONQSRENQV@QCDCMDSRS@S @M,NNJ@SNQ a$NDRSDKMDSBNMMDBS a9NTMDDCSGDBGDBJANW,NB@KONQSR@BBDOSBNMMDBSHNMREQNLNSGDQGNRSR a)R&HKD@MC0QHMSDQ3G@QHMFENQ-HBQNRNES.DSVNQJRCHR@AKDCNMSGDKNNOA@BJHMSDQE@BD ConnecttwoclientsbehindNAT 3TOONRDSVNBKHDMSR@QDADGHMC@.!4F@SDV@X@MCBKHDMSBKH@CLHMG@RSNBNMMDBSSNBKHDMSBKHTRDQ SGDCDRSHM@SHNM
  • 207. ANSGB@MKNFHMSNSGDF@SDVHSGRRG@MC@QDQTMMHMF,HMTWVHSGRRGC9NTCNMS MDDCQNNS@BBDRR@MXVGDQD@RKNMF@RSGDONQSRNMF@SD@QD@ANUD7DTRDNMF@SD !KRNRHMBDSGDF@SDHRTRDCKNB@KKX
  • 208. SGDNOSHNM'@SDV@X0NQSRHRMNSMDBDRR@QX /MBKHDMSBKHTRDQEQNLCDRSHM@SHNMSNF@SD  #ssh-R2022:localhost:22user@gate#forwardsclient22togate:2022 /MBKHDMSBKH@CLHMEQNLGNRSSNF@SD  #ssh-L3022:localhost:2022admin@gate#forwardsclient3022togate:2022 .NVSGD@CLHMB@MBNMMDBSCHQDBSKXSNSGDBKHDMSBKHTRDQVHSG #ssh-p3022admin@localhost#local:3022->gate:2022->client:22 ConnecttoVNCbehindNAT 3TOONRD@7HMCNVRBKHDMSVHSG6.#KHRSDMHMFNMONQSG@RSNAD@BBDRRDCEQNLADGHMC.!4/M BKHDMSBKHVHMSNF@SD #ssh-R15900:localhost:5900user@gate /MBKHDMSBKH@CLHMEQNLGNRSSNF@SD  #ssh-L5900:localhost:15900admin@gate .NVSGD@CLHMB@MBNMMDBSCHQDBSKXSNSGDBKHDMS6.#VHSG #vncconnect-display:0localhost Digamulti-hopsshtunnel 3TOONRDXNTB@MMNSQD@BG@RDQUDQCHQDBSKXVHSGRRG
  • 209. ATSNMKXUH@LTKSHOKDHMSDQLDCH@SDGNRSRENQ DW@LOKDADB@TRDNEQNTSHMFHRRTDR 3NLDSHLDRHSHRRSHKKMDBDRR@QXSNFDS@CHQDBSBKHDMS RDQUDQ BNMMDBSHNM
  • 210. ENQDW@LOKDSNBNOXEHKDRVHSGRBO
  • 211. NQENQV@QCNSGDQONQSRKHJDRLANQUMB/MDV@XSN CNSGHRHRSNBG@HMSTMMDKRSNFDSGDQSNENQV@QC@ONQSSNSGDRDQUDQ@KNMFSGDGNOR4GHRB@QQHDQ ONQSNMKXQD@BGDRHSREHM@KCDRSHM@SHNMNMSGDK@RSBNMMDBSHNMSNSGDRDQUDQ 3TOONRDVDV@MSSNENQV@QCSGDRRGONQSEQNL@BKHDMSSN@RDQUDQNUDQSVNGNOR/MBDSGDSTMMDK HRATHKC
  • 212. HSHRONRRHAKDSNBNMMDBSSNSGDRDQUDQCHQDBSKXEQNLSGDBKHDMS@MC@KRN@CC@MNSGDQONQS ENQV@QC  c33(3#0c 
  • 213. Createtunnelinoneshell BKHDMS GNRS GNRS RDQUDQ@MCCHFSTMMDK client>#ssh-L5678:localhost:5678host1#5678isanarbitraryportforthetunnel host_1>#ssh-L5678:localhost:5678host2#chain5678fromhost1tohost2 host_2>#ssh-L5678:localhost:22server#endthetunnelonport22ontheserver Usetunnelwithanothershell BKHDMS RDQUDQTRHMFSTMMDK #ssh-p5678localhost#connectdirectlyfromclienttoserver #scp-P5678myfilelocalhost:/tmp/#orcopyafiledirectlyusingthetunnel #rsync-e'ssh-p5678'myfilelocalhost:/tmp/#orrsyncafiledirectlytotheserver Autoconnectandkeepalivescript )TRDU@QH@SHNMRNESGDENKKNVHMFRBQHOSSNJDDO@L@BGHMDQD@BGD@AKDNUDQ@QDUDQRDRRGSTMMDK4GD BNMMDBSHNMHR@TSNL@SHB@KKXQDATHKSHEBKNRDC9NTB@M@CCLTKSHOKD-LNQ-RSTMMDKRNMNMDKHMD #!/bin/sh COMMAND="ssh-N-f-g-R3022:localhost:22colin@cb.vu" pgrep-f-x"$COMMAND">/dev/null2>&1||$COMMAND exit0 1****colin/home/colin/port_forward.sh#crontabentry(herehourly) 6VPNWITHSSH !RNEUDQRHNM
  • 214. /ODM33(B@MTRDSGDSTMS@OCDUHBDSNDMBQXOS@STMMDK4GHRHRUDQXRHLHK@QSN NSGDQ4,3A@RDC60.RNKTSHNMRKHJD/ODM60./MD@CU@MS@FDVHSG33(HRSG@SSGDQDHRMNMDDCSN HMRS@KK@MCBNMEHFTQD@CCHSHNM@KRNESV@QD!CCHSHNM@KKXSGDSTMMDKTRDRSGD33(@TSGDMSHB@SHNMKHJD OQDRG@QDCJDXR4GDCQ@VA@BJHRSG@SSGDDMB@ORTK@SHNMHRCNMDNUDQ4#0VGHBGLHFGSQDRTKSHM ONNQODQENQL@MBDNM@RKNVKHMJ!KRNSGDSTMMDKHRQDKXHMFNM@RHMFKDEQ@FHKD 4#0BNMMDBSHNM4GHR SDBGMHPTDHRUDQXTRDETKENQ@PTHBJ)0A@RDC60.RDSTO4GDQDHRMNKHLHS@SHNM@RVHSGSGDRHMFKD 4#0ONQSENQV@QC
  • 215. @KKK@XDQOQNSNBNKRKHJD)#-0
  • 216. 4#05$0
  • 217. DSB@QDENQV@QCDCNUDQSGD60.)M @MXB@RD
  • 218. SGDENKKNVHMFNOSHNMR@QDMDDCDCHMSGDRRGC?BNMEEHKD PermitRootLoginyes PermitTunnelyes 6.1SingleP2Pconnection (DQDVD@QDBNMMDBSHMFSVNGNRSR
  • 219. GBKHDMS@MCGRDQUDQVHSG@ODDQSNODDQSTMMDK4GDBNMMDBSHNMHR startedfromhclientSNGRDQUDQ@MCHRCNMD@RQNNS4GDSTMMDKDMCONHMSR@QDRDQUDQ @MC BKHDMS @MCVDBQD@SD@CDUHBDSTMSGHRBNTKC@KRNAD@MNSGDQMTLADQ 4GDOQNBDCTQD HRUDQXRHLOKD a#NMMDBSVHSG33(TRHMFSGDSTMMDKNOSHNM V a#NMEHFTQDSGD)0@CCQDRRDRNESGDSTMMDK/MBDNMSGDRDQUDQ@MCNMBDNMSGDBKHDMS Connecttotheserver #NMMDBSHNMRS@QSDCNMSGDBKHDMS@MCBNLL@MCR@QDDWDBTSDCNMSGDRDQUDQ ServerisonLinux cli>#ssh-w5:5root@hserver srv>#ifconfigtun510.0.1.1netmask255.255.255.252#Executedontheservershell ServerisonFreeBSD cli>#ssh-w5:5root@hserver srv>#ifconfigtun510.0.1.110.0.1.2#Executedontheservershell Configuretheclient #NLL@MCRDWDBTSDCNMSGDBKHDMS c60.VHSG33(c  11.5Signthecertificate 4GDBDQSHEHB@SDQDPTDRSG@RSNADRHFMDCAXSGD#!SNADU@KHC
  • 220. SGHRRSDOHRTRT@KKXCNMDAXSGD UDMCNQNote:replace"servername"withthenameofyourserverinthenextcommands #catnewreq.pemnewkey.pem>new.pem #opensslca-policypolicy_anything-outservernamecert.pem -config/etc/ssl/openssl.cnf-infilesnew.pem #mvnewkey.pemservernamekey.pem .NVRDQUDQM@LDJDXODLHRSGDOQHU@SDJDX@MCRDQUDQM@LDBDQSODLHRSGDRDQUDQBDQSHEHB@SD 11.6Createunitedcertificate 4GD)-!0RDQUDQV@MSRSNG@UDANSGOQHU@SDJDX@MCRDQUDQBDQSHEHB@SDHMSGDR@LDEHKD!MCHM FDMDQ@K
  • 221. SGHRHR@KRND@RHDQSNG@MCKD
  • 222. ATSSGDEHKDG@RSNADJDOSRDBTQDKX!O@BGD@KRNB@MCD@K VHSGHSVDKK#QD@SD@EHKDRDQUDQM@LDODLBNMS@HMHMFANSGSGDBDQSHEHB@SD@MCJDX a/ODMSGDOQHU@SDJDXRDQUDQM@LDJDXODL VHSG@SDWSDCHSNQ@MCBNOXSGDOQHU@SDJDXHMSN SGDRDQUDQM@LDODLEHKD a$NSGDR@LDVHSGSGDRDQUDQBDQSHEHB@SDRDQUDQM@LDBDQSODL  4GDEHM@KRDQUDQM@LDODLEHKDRGNTKCKNNJKHJDSGHR -----BEGINRSAPRIVATEKEY----- MIICXQIBAAKBgQDutWy+o/XZ/[...]qK5LqQgT3c9dU6fcR+WuSs6aejdEDDqBRQ -----ENDRSAPRIVATEKEY----- -----BEGINCERTIFICATE----- MIIERzCCA7CgAwIBAgIBBDANB[...]iG9w0BAQQFADCBxTELMAkGA1UEBhMCREUx -----ENDCERTIFICATE----- 7G@SVDG@UDMNVHMSGDCHQDBSNQXTRQKNB@KBDQSR #!OQHU@SDB@JDXODL(CAserverprivatekey) #!B@BDQSODL(CAserverpublickey) BDQSRRDQUDQM@LDJDXODL(serverprivatekey) BDQSRRDQUDQM@LDBDQSODL(serversignedcertificate) BDQSRRDQUDQM@LDODL(servercertificatewithprivatekey) +DDOSGDOQHU@SDJDXRDBTQD 11.7Viewcertificateinformation 4NUHDVSGDBDQSHEHB@SDHMENQL@SHNMRHLOKXCN #opensslx509-text-inservernamecert.pem#Viewthecertificateinfo #opensslreq-noout-text-inserver.csr#Viewtherequestinfo #openssls_client-connectcb.vu:443#Checkawebservercertificate 12CVS 3DQUDQRDSTOO [#63SDRSO [33(STMMDKHMFO [#63TR@FDO 12.1Serversetup InitiatetheCVS $DBHCDVGDQDSGDL@HMQDONRHSNQXVHKKQDRS@MCBQD@SD@QNNSBUR&NQDW@LOKDTRQKNB@KBUR@R QNNS  #mkdir-p/usr/local/cvs #setenvCVSROOT/usr/local/cvs#SetCVSROOTtothenewlocation(local) #cvsinit#CreatesallinternalCVSconfigfiles #cd/root #cvscheckoutCVSROOT#Checkouttheconfigfilestomodifythem #cdCVSROOT editconfig(fineasitis) #cvscommitconfig cat>>writers#Createawritersfile(optionallyalsoreaders) c#63c 
  • 223. 11SSLCERTIFICATES 3NB@KKDC33,4,3BDQSHEHB@SDR@QDBQXOSNFQ@OGHBOTAKHBJDXBDQSHEHB@SDR@MC@QDBNLONRDCNE@OTAKHB @MC@OQHU@SDJDX4GDBDQSHEHB@SDR@QDTRDCSN@TSGDMSHB@SDSGDDMCONHMSR@MCDMBQXOSSGDC@S@ 4GDX@QDTRDCENQDW@LOKDNM@VDARDQUDQGSSOR NQL@HKRDQUDQHL@OR  11.1Procedure a7DMDDC@BDQSHEHB@SD@TSGNQHSXSNRHFMNTQBDQSHEHB@SD4GHRRSDOHRTRT@KKXOQNUHCDCAX@ UDMCNQKHJD4G@VSD
  • 224. 6DQHRHFM
  • 225. DSB
  • 226. GNVDUDQVDB@M@KRNBQD@SDNTQNVM a#QD@SD@BDQSHEHB@SDRHFMHMFQDPTDRS4GHRQDPTDRSHRKHJD@MTMRHFMDCBDQSHEHB@SDSGDOTAKHB O@QS @MC@KQD@CXBNMS@HMR@KKMDBDRR@QXHMENQL@SHNM4GDBDQSHEHB@SDQDPTDRSHRMNQL@KKX RDMSSNSGD@TSGNQHSXUDMCNQENQRHFMHMF4GHRRSDO@KRNBQD@SDRSGDOQHU@SDJDXNMSGDKNB@K L@BGHMD a3HFMSGDBDQSHEHB@SDVHSGSGDBDQSHEHB@SD@TSGNQHSX a)EMDBDRR@QXINHMSGDBDQSHEHB@SD@MCSGDJDXHM@RHMFKDEHKDSNADTRDCAXSGD@OOKHB@SHNM VDARDQUDQ
  • 227. L@HKRDQUDQDSB  11.2ConfigureOpenSSL 7DTRDTRQKNB@KBDQSR@RCHQDBSNQXENQSGHRDW@LOKDBGDBJNQDCHSDSBRRKNODMRRKBME@BBNQCHMFKX SNXNTQRDSSHMFRRNXNTJMNVVGDQDSGDEHKDRVHKKADBQD@SDC(DQD@QDSGDQDKDU@MSO@QSNE NODMRRKBME [CA_default] dir=/usr/local/certs/CA#Whereeverythingiskept certs=$dir/certs#Wheretheissuedcertsarekept crl_dir=$dir/crl#Wheretheissuedcrlarekept database=$dir/index.txt#databaseindexfile. -@JDRTQDSGDCHQDBSNQHDRDWHRSNQBQD@SDSGDL #mkdir-p/usr/local/certs/CA #cd/usr/local/certs/CA #mkdircertscrlnewcertsprivate #echo"01">serial#Onlyifserialdoesnotexist #touchindex.txt )EXNTHMSDMCSNFDS@RHFMDCBDQSHEHB@SDEQNL@UDMCNQ
  • 228. XNTNMKXMDDC@BDQSHEHB@SDRHFMHMFQDPTDRS #32 4GHR#32VHKKSGDMADRHFMDCAXSGDUDMCNQENQ@KHLHSDCSHLDDFXD@Q  11.3Createacertificateauthority )EXNTCNMNSG@UD@BDQSHEHB@SD@TSGNQHSXEQNL@UDMCNQ
  • 229. XNTKKG@UDSNBQD@SDXNTQNVM4GHRRSDO HRMNSMDBDRR@QXHENMDHMSDMCSNTRD@UDMCNQSNRHFMSGDQDPTDRS4NL@JD@BDQSHEHB@SD@TSGNQHSX #!  #opensslreq-new-x509-days730-config/etc/ssl/openssl.cnf -keyoutCA/private/cakey.pem-outCA/cacert.pem 11.4Createacertificatesigningrequest 4NL@JD@MDVBDQSHEHB@SDENQL@HKRDQUDQNQVDARDQUDQENQDW@LOKD
  • 230. EHQRSBQD@SD@QDPTDRS BDQSHEHB@SDVHSGHSROQHU@SDJDX)EXNTQ@OOKHB@SHNMCNMNSRTOONQSDMBQXOSDCOQHU@SDJDXENQDW@LOKD 57 )-!0CNDRMNS
  • 231. SGDMCHR@AKDDMBQXOSHNMVHSG-nodes #opensslreq-new-keyoutnewkey.pem-outnewreq.pem -config/etc/ssl/openssl.cnf #opensslreq-nodes-new-keyoutnewkey.pem-outnewreq.pem -config/etc/ssl/openssl.cnf#Noencryptionforthekey +DDOSGHRBQD@SDC#32newreq.pem @RHSB@MADRHFMDC@F@HM@SSGDMDWSQDMDV@K
  • 232. SGDRHFM@STQD NMKSVHKKKHLHSSGDU@KHCHSXNESGDBDQSHEHB@SD4GHROQNBDRR@KRNBQD@SDCSGDOQHU@SDJDXnewkey.pem GSSORTOONQS@OOKDBNLJAGS c33,#DQSHEHB@SDRc  cli>#ifconfigtun510.0.1.2netmask255.255.255.252#ClientisonLinux cli>#ifconfigtun510.0.1.210.0.1.1#ClientisonFreeBSD 4GDSVNGNRSR@QDMNVBNMMDBSDC@MCB@MSQ@MRO@QDMSKXBNLLTMHB@SDVHSG@MXK@XDQOQNSNBNK TRHMFSGDSTMMDK)0@CCQDRRDR 6.2Connecttwonetworks )M@CCHSHNMSNSGDOORDSTO@ANUD
  • 233. HSHRLNQDTRDETKSNBNMMDBSSVNOQHU@SDMDSVNQJRVHSG@M33( 60.TRHMFSVNF@SDR3TOONRDENQSGDDW@LOKD
  • 234. MDS!HR@MCMDS" 4GDOQNBDCTQDHRRHLHK@Q@R@ANUD
  • 235. VDNMKXMDDCSN@CCSGDQNTSHMF.!4LTRSAD@BSHU@SDCNM SGDOQHU@SDHMSDQE@BDNMKXHESGDF@SDR@QDMNSSGDR@LD@RSGDCDE@TKSF@SDV@XNESGDHQMDSVNQJ MDS! [F@SD! F@SD"[MDS" a#NMMDBSVHSG33(TRHMFSGDSTMMDKNOSHNM V a#NMEHFTQDSGD)0@CCQDRRDRNESGDSTMMDK/MBDNMSGDRDQUDQ@MCNMBDNMSGDBKHDMS a!CCSGDQNTSHMFENQSGDSVNMDSVNQJR a)EMDBDRR@QX
  • 236. @BSHU@SD.!4NMSGDOQHU@SDHMSDQE@BDNESGDF@SD 4GDRDSTOHRstartedfromgateAinnetA ConnectfromgateAtogateB #NMMDBSHNMHRRS@QSDCEQNLF@SD!@MCBNLL@MCR@QDDWDBTSDCNMF@SD" gateBisonLinux gateA>#ssh-w5:5root@gateB gateB>#ifconfigtun510.0.1.1netmask255.255.255.252#ExecutedonthegateBshell gateB>#routeadd-net192.168.51.0netmask255.255.255.0devtun5 gateB>#echo1>/proc/sys/net/ipv4/ip_forward#Onlyneededifnotdefaultgw gateB>#iptables-tnat-APOSTROUTING-oeth0-jMASQUERADE gateBisonFreeBSD gateA>#ssh-w5:5root@gateB#Createsthetun5devices gateB>#ifconfigtun510.0.1.110.0.1.2#ExecutedonthegateBshell gateB>#routeadd192.168.51.0/2410.0.1.2 gateB>#sysctlnet.inet.ip.forwarding=1#Onlyneededifnotdefaultgw gateB>#natd-s-m-u-dynamic-nfxp0#seeNAT(page17) gateA>#sysctlnet.inet.ip.fw.enable=1 ConfiguregateA #NLL@MCRDWDBTSDCNMF@SD! gateAisonLinux gateA>#ifconfigtun510.0.1.2netmask255.255.255.252 gateA>#routeadd-net192.168.16.0netmask255.255.255.0devtun5 gateA>#echo1>/proc/sys/net/ipv4/ip_forward gateA>#iptables-tnat-APOSTROUTING-oeth0-jMASQUERADE gateAisonFreeBSD gateA>#ifconfigtun510.0.1.210.0.1.1 gateA>#routeadd192.168.16.0/2410.0.1.2 gateA>#sysctlnet.inet.ip.forwarding=1 gateA>#natd-s-m-u-dynamic-nfxp0#seeNAT(page17) gateA>#sysctlnet.inet.ip.fw.enable=1 4GDSVNOQHU@SDMDSVNQJR@QDMNVSQ@MRO@QDMSKXBNMMDBSDCUH@SGD33(60.4GD)0ENQV@QC@MC .!4RDSSHMFR@QDNMKXMDBDRR@QXHESGDF@SDR@QDMNSSGDCDE@TKSF@SDV@XR)MSGHRB@RDSGDBKHDMSR VNTKCMNSJMNVVGDQDSNENQV@QCSGDQDRONMRD
  • 237. @MCM@SLTRSAD@BSHU@SDC c60.VHSG33(c 
  • 238. 7RSYNC 2RXMBB@M@KLNRSBNLOKDSDKXQDOK@BDBO@MCRBO
  • 239. ETQSGDQLNQDHMSDQQTOSDCSQ@MREDQR@QDDEEHBHDMSKX QDRS@QSDC!SQ@HKHMFRK@RG@MCSGD@ARDMBDSGDQDNE G@RCHEEDQDMSLD@MHMFR
  • 240. SGDL@MO@FDHR FNNC(DQDRNLDDW@LOKDR #NOXSGDCHQDBSNQHDRVHSGETKKBNMSDMS #rsync-a/home/colin//backup/colin/#"archive"mode.e.gkeepthesame #rsync-a/var//var_bak/ #rsync-aR--delete-during/home/user//backup/#userelative(seebelow) #/opt/local/bin/rsync-azv--iconv=UTF-8-MAC,UTF-8~/Music/flac/me@server:/dst/ #convertfilenamesOSXUTF8toWindowsUTF8 3@LD@RADENQDATSNUDQSGDMDSVNQJ@MCVHSGBNLOQDRRHNM2RXMBTRDR33(ENQSGDSQ@MRONQSODQ CDE@TKS@MCVHKKTRDSGDRRGJDXHESGDX@QDRDS5RD@RVHSG3#0!SXOHB@KQDLNSDBNOX #rsync-axSRzv/home/user/user@server:/backup/user/#Copytoremote #rsync-a'user@server:MyDocuments'MyDocuments#QuoteANDescapespacesfortheremoteshell %WBKTCD@MXCHQDBSNQXSLOVHSGHMGNLDTRDQ@MCJDDOSGDQDK@SHUDENKCDQRGHDQ@QBGX
  • 241. SG@SHRSGD QDLNSDCHQDBSNQXVHKKG@UDSGDRSQTBSTQDA@BJTOGNLDTRDQ4GHRHRSXOHB@KKXTRDCENQA@BJTOR #rsync-azR--exclude=tmp//home/user/user@server:/backup/ 5RDONQSENQSGDRRGBNMMDBSHNM #rsync-az-e'ssh-p20022'/home/colin/user@server:/backup/colin/ 5RHMFSGDQRXMBC@DLNMTRDCVHSG HRLTBGE@RSDQ
  • 242. ATSMNSDMBQXOSDCNUDQRRG4GDKNB@SHNM NEA@BJTOHRCDEHMDCAXSGDBNMEHFTQ@SHNMHMDSBQRXMBCBNME4GDU@QH@AKD239.#?0!337/2$B@M ADRDSSN@UNHCSGDMDDCSNDMSDQSGDO@RRVNQCL@MT@KKX #rsync-axSRz/home/ruser@hostname::rmodule/backup/ #rsync-axSRzruser@hostname::rmodule/backup//home/#Tocopyback 3NLDHLONQS@MSNOSHNMR -a,--archive@QBGHUDLNCDR@LD@R QKOSFN$MN ( -r,--recursiveQDBTQRDHMSNCHQDBSNQHDR -R,--relativeTRDQDK@SHUDO@SGM@LDR -H,--hard-linksOQDRDQUDG@QCKHMJR -S,--sparseG@MCKDRO@QRDEHKDRDEEHBHDMSKX -x,--one-file-systemCNMSBQNRREHKDRXRSDLANTMC@QHDR --exclude=PATTERNDWBKTCDEHKDRL@SBGHMF0!44%2. --delete-duringQDBDHUDQCDKDSDRCTQHMFWEDQ
  • 243. MNSADENQD --delete-afterQDBDHUDQCDKDSDR@ESDQSQ@MREDQ
  • 244. MNSADENQD 7.1RsynconWindows 2RXMBHR@U@HK@AKDENQ7HMCNVRSGQNTFGBXFVHMNQ@RRS@MC @KNMDO@BJ@FDCHMBVQRXMB 4GHRHRUDQX BNMUDMHDMSENQ@TSNL@SDCA@BJTOR)MRS@KKNMDNESGDLnotboth @MC@CCSGDO@SGSNSGD7HMCNVR RXRSDLU@QH@AKDR#NMSQNK0@MDK 3XRSDL S@A!CU@MBDC
  • 245. ATSSNM%MUHQNMLDMS6@QH@AKDR %CHSSGD0@SGRXRSDLU@QH@AKD@MC@CCSGDETKKO@SGSNSGDHMRS@KKDCQRXMB
  • 246. DF#<0QNFQ@L &HKDR<BV2RXMB<AHMNQ#<BXFVHM<AHM4GHRV@XSGDBNLL@MCRrsync@MCssh@QD@U@HK@AKDHM@ 7HMCNVRBNLL@MCRGDKK Publickeyauthentication 2RXMBHR@TSNL@SHB@KKXSTMMDKDCNUDQ33(@MCSGTRTRDRSGD33(@TSGDMSHB@SHNMNMSGDRDQUDQ !TSNL@SHBA@BJTORG@UDSN@UNHC@TRDQHMSDQ@BSHNM
  • 247. ENQSGHRSGD33(OTAKHBJDX@TSGDMSHB@SHNMB@M ADTRDC@MCSGDQRXMBBNLL@MCVHKKQTMVHSGNTS@O@RRVNQC !KKSGDENKKNVHMFBNLL@MCR@QDDWDBTSDCVHSGHM@7HMCNVRBNMRNKD)M@BNMRNKD3S@QS 2TM  BLC BQD@SD@MCTOKN@CSGDJDX@RCDRBQHADCHM33(
  • 248. BG@MFDTRDQ@MCRDQUDQ@R@OOQNOQH@SD )ESGDEHKD@TSGNQHYDC?JDXRCNDRMNSDWHRSXDS
  • 249. RHLOKXBNOXHC?CR@OTASN@TSGNQHYDC?JDXR@MC TOKN@CHS GSSORNTQBDENQFDMDSOQNIDBSRRDQDCR c239.#c  optionsGEOM_ELI devicecrypto#orasmodule: #echo'geom_eli_load="YES"'>>/boot/loader.conf#ordo:kldloadgeom_eli Usepasswordandkey )TRDSGNRDRDSSHMFRENQ@SXOHB@KCHRJDMBQXOSHNM
  • 250. HSTRDR@O@RROGQ@RD!.$@JDXSNDMBQXOSSGD L@RSDQJDX4G@SHRXNTMDDCANSGSGDO@RRVNQC@MCSGDFDMDQ@SDCJDX/root/ad1.keySN@SS@BG SGDO@QSHSHNM4GDL@RSDQJDXHRRSNQDCHMRHCDSGDO@QSHSHNM@MCHRMNSUHRHAKD3DDADKNVENQSXOHB@K 53"NQEHKDA@RDCHL@FD Createencryptedpartition #ddif=/dev/randomof=/root/ad1.keybs=64count=1#thiskeyencryptsthematerkey #geliinit-s4096-K/root/ad1.key/dev/ad1#-s8192isalsoOKfordisks #geliattach-k/root/ad1.key/dev/ad1#DOmakeabackupof/root/ad1.key #ddif=/dev/randomof=/dev/ad1.elibs=1m#Optionalandtakesalongtime #newfs/dev/ad1.eli#Createfilesystem #mount/dev/ad1.eli/mnt Attach #geliattach-k/root/ad1.key/dev/ad1 #fsck-ny-tffs/dev/ad1.eli#Indoubtcheckthefilesystem #mount/dev/ad1.eli/mnt Detach 4GDCDS@BGOQNBDCTQDHRCNMD@TSNL@SHB@KKXNMRGTSCNVM #umount/mnt #gelidetach/dev/ad1.eli /etc/fstab 4GDDMBQXOSDCO@QSHSHNMB@MADBNMEHFTQDCSNADLNTMSDCVHSGDSBERS@A4GDO@RRVNQCVHKKAD OQNLOSDCVGDMANNSHMF4GDENKKNVHMFRDSSHMFR@QDQDPTHQDCENQSGHRDW@LOKD #grepgeli/etc/rc.conf geli_devices="ad1" geli_ad1_flags="-k/root/ad1.key" #grepgeli/etc/fstab /dev/ad1.eli/home/privateufsrw00 Usepasswordonly )SHRLNQDBNMUDMHDMSSNDMBQXOS@53"RSHBJNQEHKDA@RDCHL@FDVHSG@O@RROGQ@RDNMKX@MCMNJDX )MSGHRB@RDHSHRMNSMDBDRR@QXSNB@QQXSGD@CCHSHNM@KJDXEHKD@QNTMC4GDOQNBDCTQDHRUDQXLTBG SGDR@LD@R@ANUD
  • 251. RHLOKXVHSGNTSSGDJDXEHKD,DSRDMBQXOS@EHKDA@RDCHL@FD/cryptedfileNE '" #ddif=/dev/zeroof=/cryptedfilebs=1Mcount=1000#1GBfile #mdconfig-atvnode-f/cryptedfile #geliinit/dev/md0#encryptswithpasswordonly #geliattach/dev/md0 #newfs-U-m0/dev/md0.eli #mount/dev/md0.eli/mnt #umount/dev/md0.eli #gelidetachmd0.eli )SHRMNVONRRHAKDSNLNTMSSGHRHL@FDNM@MNSGDQRXRSDLVHSGSGDO@RRVNQCNMKX #mdconfig-atvnode-f/cryptedfile #geliattach/dev/md0 #mount/dev/md0.eli/mnt 10.1OSXEncryptedDiskImage $NMSJMNVAXBNLL@MCKHMDNMKX3DD/38%MBQXOSDC$HRJ)L@FD @MC!OOKDRTOONQS GSSOVVVEQDDARCNQFG@MCANNJCHRJR DMBQXOSHMFGSLK GSSORVHJHSG@XDQC@QSLNTSGDCTCHROK@XBNLOTSHMF#QD@SHMF @ -@B /3 8 %MBQXOSDC $HRJ )L@FD c%MBQXOS0@QSHSHNMRc 
  • 252. 10ENCRYPTPARTITIONS ,HMTWVHSG,5+3O [,HMTWCL BQXOSNMKXO [&QDD"3$'%,)O [&"3$OVCNMKXO [ /38HL@FDO 4GDQD@QDL@MX NSGDQ@KSDQM@SHUDLDSGNCRSNDMBQXOSCHRJR
  • 253. )NMKXRGNVGDQDSGDLDSGNCR)JMNV @MCTRD+DDOHMLHMCSG@SSGDRDBTQHSXHRNMKXFNNC@RKNMFSGD/3G@RMNSADDMSDLODQDCVHSG !MHMSQTCDQBNTKCD@RHKXQDBNQCSGDO@RRVNQCEQNLSGDJDXAN@QCDUDMSR&TQSGDQLNQDSGDC@S@HR EQDDKX@BBDRRHAKDVGDMSGDO@QSHSHNMHRattached@MCVHKKMNSOQDUDMS@MHMSQTCDQSNG@UD@BBDRRSNHS HMSGHRRS@SD 10.1Linux 4GNRDHMRSQTBSHNMRTRDSGD,HMTWdm-cryptCDUHBD L@OODQ E@BHKHSX@U@HK@AKDNMSGDJDQMDK )MSGHRDW@LOKD
  • 254. KDSRDMBQXOSSGDO@QSHSHNM/dev/sdc1
  • 255. HSBNTKCADGNVDUDQ@MXNSGDQO@QSHSHNMNQ CHRJ
  • 256. NQ53"NQ@EHKDA@RDCO@QSHSHNMBQD@SDCVHSGlosetup)MSGHRB@RDVDVNTKCTRD/dev/loop0 3DDEHKDHL@FDO@QSHSHNM4GDCDUHBDL@OODQTRDRK@ADKRSNHCDMSHEX@O@QSHSHNM7DTRDsdc1HMSGHR DW@LOKD
  • 257. ATSHSBNTKCAD@MXRSQHMF dm-cryptwithLUKS ,5+3VHSGCL BQXOSG@RADSSDQDMBQXOSHNM@MCL@JDRHSONRRHAKDSNG@UDLTKSHOKDO@RROGQ@RDENQ SGDR@LDO@QSHSHNMNQSNBG@MFDSGDO@RRVNQCD@RHKX4NSDRSHE,5+3HR@U@HK@AKD
  • 258. RHLOKXSXOD# cryptsetup--help
  • 259. HEMNSGHMF@ANTS,5+3RGNVRTO
  • 260. TRDSGDHMRSQTBSHNMRADKNV7HSGNTS,5+3 &HQRSBQD@SD@O@QSHSHNMHEMDBDRR@QXfdisk/dev/sdc Createencryptedpartition #ddif=/dev/urandomof=/dev/sdc1#Optional.Forparanoidsonly(takesdays) #cryptsetup-yluksFormat/dev/sdc1#Thisdestroysanydataonsdc1 #cryptsetupluksOpen/dev/sdc1sdc1 #mkfs.ext3/dev/mapper/sdc1#createext3filesystem #mount-text3/dev/mapper/sdc1/mnt #umount/mnt #cryptsetupluksClosesdc1#Detachtheencryptedpartition Attach #cryptsetupluksOpen/dev/sdc1sdc1 #mount-text3/dev/mapper/sdc1/mnt Detach #umount/mnt #cryptsetupluksClosesdc1 dm-cryptwithoutLUKS #cryptsetup-ycreatesdc1/dev/sdc1#oranyotherpartitionlike/dev/loop0 #dmsetupls#checkit,willdisplay:sdc1(254,0) #mkfs.ext3/dev/mapper/sdc1#Thisisdoneonlythefirsttime! #mount-text3/dev/mapper/sdc1/mnt #umount/mnt/ #cryptsetupremovesdc1#Detachtheencryptedpartition $NDW@BSKXSGDR@LDVHSGNTSSGDLJERO@QS SNQD @SS@BGSGDO@QSHSHNM)ESGDO@RRVNQCHRMNS BNQQDBS
  • 261. SGDLNTMSBNLL@MCVHKKE@HK)MSGHRB@RDRHLOKXQDLNUDSGDL@ORCBcryptsetup removesdc1 @MCBQD@SDHS@F@HM 10.2FreeBSD 4GDSVNONOTK@Q&QDD"3$CHRJDMBQXOSHNMLNCTKDR@QDgbde@MCgeli)MNVTRDFDKHADB@TRDHS HRE@RSDQ@MC@KRNTRDRSGDBQXOSNCDUHBDENQG@QCV@QD@BBDKDQ@SHNM3DD4GD&QDD"3$G@MCANNJ #G@OSDQ ENQ@KKSGDCDS@HKR4GDFDKHLNCTKDLTRSADKN@CDCNQBNLOHKDCHMSNSGDJDQMDK c%MBQXOS0@QSHSHNMRc  #ssh-keygen-tdsa-N''#Createsapublicandaprivatekey #rsyncuser@server:.ssh/authorized_keys2.#Copythefilelocallyfromtheserver #catid_dsa.pub>>authorized_keys2#Oruseaneditortoaddthekey #rsyncauthorized_keys2user@server:.ssh/#Copythefilebacktotheserver #delauthorized_keys2#Removethelocalcopy .NVSDRSHSVHSGHMNMDKHMD  rsync-rv"/cygdrive/c/DocumentsandSettings/%USERNAME%/MyDocuments/" 'user@server:MyDocuments/' Automaticbackup 5RD@A@SBGEHKDSN@TSNL@SDSGDA@BJTO@MC@CCSGDEHKDHMSGDRBGDCTKDCS@RJR0QNFQ@LR  !BBDRRNQHDR 3XRSDL4NNKR 3BGDCTKDC4@RJR &NQDW@LOKDBQD@SDSGDEHKDA@BJTOA@S@MC QDOK@BDTRDQRDQUDQ @ECHOOFF REMrsyncthedirectoryMyDocuments SETLOCAL SETCWRSYNCHOME=C:PROGRAMFILESCWRSYNC SETCYGWIN=nontsec SETCWOLDPATH=%PATH% REMuncommentthenextlinewhenusingcygwin SETPATH=%CWRSYNCHOME%BIN;%PATH% echoPressControl-Ctoabort rsync-av"/cygdrive/c/DocumentsandSettings/%USERNAME%/MyDocuments/" 'user@server:MyDocuments/' pause 8SUDO 3TCNHR@RS@MC@QCV@XSNFHUDTRDQRRNLD@CLHMHRSQ@SHUDQHFGSRVHSGNTSFHUHMFNTSSGDQNNS O@RRVNQC3TCNHRUDQXTRDETKHM@LTKSHTRDQDMUHQNMLDMSVHSG@LHWNERDQUDQ@MCVNQJRS@SHNMR 3HLOKXB@KKSGDBNLL@MCVHSGRTCN #sudo/etc/init.d/dhcpdrestart#Runthercscriptasroot #sudo-usysadminwhoami#Runcmdasanotheruser 8.1Configuration 3TCNHRBNMEHFTQDCHM/etc/sudoers@MCLTRSNMKXADDCHSDCVHSGvisudo4GDA@RHBRXMS@WHRSGD KHRSR@QDBNLL@RDO@Q@SDC  userhosts=(runas)commands#In/etc/sudoers usersNMDNQLNQDTRDQRNQFQNTOKHJDVGDDK SNF@HMSGDQHFGSR hostsKHRSNEGNRSRNQ!,, runasKHRSNETRDQRNQ!,, SG@SSGDBNLL@MCQTKDB@MADQTM@R)SHRDMBKNRDCHM  commandsKHRSNEBNLL@MCRNQ!,, SG@SVHKKADQTM@RQNNSNQ@RQTM@R !CCHSHNM@KKXSGNRDJDXVNQCRB@MADCDEHMDC@R@KH@R
  • 262. SGDX@QDB@KKDC5RDQ?!KH@R
  • 263. (NRS?!KH@R
  • 264. 2TM@R?!KH@R@MC#LMC?!KH@R4GHRHRTRDETKENQK@QFDQRDSTOR(DQD@RTCNDQRDW@LOKD #cat/etc/sudoers #Hostaliasesaresubnetsorhostnames. Host_AliasDMZ=212.118.81.40/28 Host_AliasDESKTOP=work1,work2 #Useraliasesarealistofuserswhichcanhavethesamerights User_AliasADMINS=colin,luca,admin User_AliasDEVEL=joe,jack,julia Runas_AliasDBA=oracle,pgsql #Commandaliasesdefinethefullpathofalistofcommands Cmnd_AliasSYSTEM=/sbin/reboot,/usr/bin/kill,/sbin/halt,/sbin/shutdown,/etc/init.d/ c35$/c 
  • 265. Cmnd_AliasPW=/usr/bin/passwd[A-z]*,!/usr/bin/passwdroot#Notrootpwd! Cmnd_AliasDEBUG=/usr/sbin/tcpdump,/usr/bin/wireshark,/usr/bin/nmap #Theactualrules root,ADMINSALL=(ALL)NOPASSWD:ALL#ADMINScandoanythingw/oapassword. DEVELDESKTOP=(ALL)NOPASSWD:ALL#Developershavefullrightondesktops DEVELDMZ=(ALL)NOPASSWD:DEBUG#DeveloperscandebugtheDMZservers. #UsersysadmincanmessaroundintheDMZserverswithsomecommands. sysadminDMZ=(ALL)NOPASSWD:SYSTEM,PW,DEBUG sysadminALL,!DMZ=(ALL)NOPASSWD:ALL#CandoanythingoutsidetheDMZ. %dbaALL=(DBA)ALL#Groupdbacanrunasdatabaseuser. #anyonecanmount/unmountacd-romonthedesktopmachines ALLDESKTOP=NOPASSWD:/sbin/mount/cdrom,/sbin/umount/cdrom 9ENCRYPTFILES 9.1OpenSSL Asinglefile %MBQXOS@MCCDBQXOS #opensslaes-128-cbc-salt-infile-outfile.aes #opensslaes-128-cbc-d-salt-infile.aes-outfile .NSDSG@SSGDEHKDB@MNEBNTQRDAD@S@Q@QBGHUD tarandencryptawholedirectory #tar-cf-directory|opensslaes-128-cbc-salt-outdirectory.tar.aes#Encrypt #opensslaes-128-cbc-d-salt-indirectory.tar.aes|tar-x-f-#Decrypt tarzipandencryptawholedirectory #tar-zcf-directory|opensslaes-128-cbc-salt-outdirectory.tar.gz.aes#Encrypt #opensslaes-128-cbc-d-salt-indirectory.tar.gz.aes|tar-xz-f-#Decrypt a5RD JLXRDBQDSO@RRVNQC@ESDQ@DR  BABSN@UNHCSGDHMSDQ@BSHUDO@RRVNQCQDPTDRS (NVDUDQMNSDSG@SSGHRHRGHFGKXHMRDBTQD a5RDaes-256-cbcHMRSD@CNEaes-128-cbcSNFDSDUDMRSQNMFDQDMBQXOSHNM4GHRTRDR@KRN LNQD#05 9.2GPG 'MT0'HRVDKKJMNVMSNDMBQXOS@MCRHFMDL@HKRNQ@MXC@S@&TQSGDQLNQDFOF@MC@KRNOQNUHCDR @M@CU@MBDCJDXL@M@FDLDMSRXRSDL4GHRRDBSHNMNMKXBNUDQREHKDRDMBQXOSHNM
  • 266. MNSDL@HKTR@FD
  • 267. RHFMHMFNQSGD7DA /E 4QTRS 4GDRHLOKDRSDMBQXOSHNMHRVHSG@RXLLDSQHBBHOGDQ)MSGHRB@RDSGDEHKDHRDMBQXOSDCVHSG@ O@RRVNQC@MC@MXNMDVGNJMNVRSGDO@RRVNQCB@MCDBQXOSHS
  • 268. SGTRSGDJDXR@QDMNSMDDCDC'OF @CCR@MDWSDMSHNMFOFSNSGDDMBQXOSDCEHKDM@LDR #gpg-cfile#Encryptfilewithpassword #gpgfile.gpg#Decryptfile(optionally-ootherfile) Usingkeys &NQLNQDCDS@HKRRDD'0'1THBJ3S@QS @MC'0'0'0"@RHBR @MCSGDFMTOFCNBTLDMS@SHNM @LNMF NSGDQR 4GDOQHU@SD@MCOTAKHBJDXR@QDSGDGD@QSNE@RXLLDSQHBBQXOSNFQ@OGX7G@SHRHLONQS@MSSN QDLDLADQ GSSOVVVL@CAN@BNLFDDJFOF PTHBJRS@QS GSSO@OK@VQDMBDBNL"@RHBRFOFGSLK GSSOFMTOFNQFCNBTLDMS@SHNM c%MBQXOS&HKDRc  a9NTQOTAKHBJDXHRTRDCAXothersSNDMBQXOSEHKDRSG@SNMKXXNT@RSGDQDBDHUDQB@MCDBQXOS MNSDUDMSGDNMDVGNDMBQXOSDCSGDEHKDB@MCDBQXOSHS 4GDOTAKHBJDXHRSGTRLD@MSSNAD CHRSQHATSDC a9NTQOQHU@SDJDXHRDMBQXOSDCVHSGXNTQO@RROGQ@RD@MCHRTRDCSNCDBQXOSEHKDRVGHBGVDQD DMBQXOSDCVHSGyourOTAKHBJDX4GDOQHU@SDJDXLTRSADJDOSsecure!KRNHESGDJDXNQ O@RROGQ@RDHRKNRS
  • 269. RN@QD@KKSGDEHKDRDMBQXOSDCVHSGXNTQOTAKHBJDX a4GDJDXEHKDR@QDB@KKDCJDXQHMFR@RSGDXB@MBNMS@HMLNQDSG@MNMDJDX &HQRSFDMDQ@SD@JDXO@HQ4GDCDE@TKSR@QDEHMD
  • 270. GNVDUDQXNTVHKKG@UDSNDMSDQ@SKD@RSXNTQETKK M@LD@MCDL@HK@MCNOSHNM@KKX@BNLLDMS4GDBNLLDMSHRTRDETKSNBQD@SDLNQDSG@MNMDJDX VHSGSGDR@LDM@LD@MCDL@HK!KRNXNTRGNTKCTRD@O@RROGQ@RD
  • 271. MNS@RHLOKDO@RRVNQC #gpg--gen-key#Thiscantakealongtime 4GDJDXR@QDRSNQDCHM]FMTOFNM5MHW
  • 272. NM7HMCNVRSGDX@QDSXOHB@KKXRSNQDCHM #$NBTLDMSR@MC3DSSHMFR53%2.!-%!OOKHB@SHNM$@S@FMTOF ~/.gnupg/pubring.gpg#Containsyourpublickeysandallothersimported ~/.gnupg/secring.gpg#Cancontainmorethanoneprivatekey 3GNQSQDLHMCDQNMLNRSTRDCNOSHNMR -eDMBQXOSC@S@ -dCDBQXOSC@S@ -r.!-%DMBQXOSENQQDBHOHDMS.!-%NQ&TKK.@LDNQDL@HKCNL@HM -aBQD@SD@RBHH@QLNQDCNTSOTSNE@JDX -oTRD@RNTSOTSEHKD 4GDDW@LOKDRTRD9NTQ.@LD@MC!KHBD@RSGDJDXR@QDQDEDQQDCSNAXSGDDL@HKNQETKKM@LD NQO@QSH@KM@LD&NQDW@LOKD)B@MTRD#NKHMNQBBAUTENQLXJDX;#NKHM"@QRBGDKBAUT BBAUT= Encryptforpersonaluseonly .NMDDCSNDWONQSHLONQS@MXJDXENQSGHR9NTG@UDANSG@KQD@CX #gpg-e-r'YourName'file#Encryptwithyourpublickey #gpg-ofile-dfile.gpg#Decrypt.Use-ooritgoestostdout Encrypt-Decryptwithkeys &HQRSXNTMDDCSNDWONQSXNTQOTAKHBJDXENQRNLDNMDDKRDSNTRDHS!MCXNTMDDCSNHLONQSSGD OTAKHBR@XEQNL!KHBDSNDMBQXOS@EHKDENQGDQ9NTB@MDHSGDQG@MCKDSGDJDXRHMRHLOKD@RBHHEHKDRNQ TRD@OTAKHBJDXRDQUDQ &NQDW@LOKD!KHBDDWONQSGDQOTAKHBJDX@MCXNTHLONQSHS
  • 273. XNTB@MSGDMDMBQXOS@EHKDENQGDQ4G@S HRNMKX!KHBDVHKKAD@AKDSNCDBQXOSHS #gpg-a-oalicekey.asc--export'Alice'#Aliceexportedherkeyinasciifile. #gpg--send-keys--keyserversubkeys.pgp.netKEYID#Aliceputherkeyonaserver. #gpg--importalicekey.asc#Youimportherkeyintoyourpubring. #gpg--search-keys--keyserversubkeys.pgp.net'Alice'#orgetherkeyfromaserver. /MBDSGDJDXR@QDHLONQSDCHSHRUDQXD@RXSNDMBQXOSNQCDBQXOS@EHKD #gpg-e-r'Alice'file#EncryptthefileforAlice. #gpg-dfile.gpg-ofile#DecryptafileencryptedbyAliceforyou. Keyadministration #gpg--list-keys#listpublickeysandseetheKEYIDS TheKEYIDfollowsthe'/'e.g.for:pub1024D/D12B77CEtheKEYIDisD12B77CE #gpg--gen-revoke'YourName'#generaterevocationcertificate #gpg--list-secret-keys#listprivatekeys #gpg--delete-keysNAME#deleteapublickeyfromlocalkeyring #gpg--delete-secret-keyNAME#deleteasecretkeyfromlocalkeyring #gpg--fingerprintKEYID#Showthefingerprintofthekey #gpg--edit-keyKEYID#Editkey(e.gsignoradd/delemail) c%MBQXOS&HKDRc