LINUX SYSADMIN COMMANDS ( WORKSTATION / SERVER )
All commands tested on Ubuntu Server.
Some of the commands may, or may not work, or be useful in desktop enviroment.
Please use these tools with
caution, data loss can happen.
use -h or -help if necessary.
( Example: [interface] = eth0 or ens33 )
( Example: [ip address] = 192.168.2.1 )
( Example: [ip address range/subnetmask] = 192.168.2.0/24 )
( Example: [command name] = vsftp )
( Example: [sec] = seconds )
---
USEFUL COMMANDS
| command | description |
|---|---|
| sudo ifconfig | # Basic networking information |
| sudo dpkg --list | # List all installed packages on the system |
| sudo nmap [ip address] | # Display open ports |
| sudo bmon | # Watch network traffic in realtime |
| sudo iftop | # Watch network traffic in realtime |
| sudo tcpdump -i [interface] | # Watch network traffic in realtime from your interface |
| # Example: Track traffic on network's device with
it's ip address: sudo tcpdump -i [host interface] host [target ip address] # Example: Track network traffic: sudo tcpdump -i [host interface] net [network ip address/subnet] ( Example of network address with subnet mask (class C): 192.168.2.0/24 ) |
|
| sudo dhclient [interface] | # Renew dynamic addresses |
| sudo dstat | # Recource monitor |
| sudo tshark -i [interface] | # Capture network packets (Terminal version of wireshark) |
| sudo ethtool [interface] | # Info of network device |
| sudo ip addr add [ip address/subnet mask] dev [interface] | # Temporary assign static ip address |
| sudo ip link set dev [interface] up | # The ip can then be used to set the link up |
| sudo ip link set dev [interface] down | # The ip can then be used to set the link down |
| sudo ip route add default via [ip address] | # Set default gateway address |
| sudo ip route show | # Show default gateway |
| sudo ip addr flush [interface] | # Reset network configuration |
| sudo /etc/init.d/networking restart | # Start with new configuration |
| sudo service vsftpd start | # Start vsftpd |
| sudo ufw status verbose | # Enable UFW and check its status |
| sudo ufw reload | # Restart ufw |
| sudo smbstatus | # Check is samba active |
| sudo service --status-all | # Show services installed |
| sudo service [service name] start | # Start service |
| sudo apt install open-vm-tools | # Install vmware tools terminal |
| sudo ip a | # To quickly identify all available Ethernet interfaces |
| sudo ip addr add [ip address/subnet mask] [interface] | # To temporarily configure an IP address |
| sudo apt install ubuntu-mate-core | # Install desktop on server |
| sudo apt install ne | # Install ne text editor, vim alternative |
| sudo nautilus | # Access the filesystem with full priviledges with default gnome file manager gui |
| sudo aptitude | # Text based manager for installing software |
| sudo atop | # System and process monitor |
| sudo iotop | # Linux I/O monitor |
| sudo powertop | # Power management monitor |
| sudo ifstat -i[interface] [sec] | # Network usage statistics |
---
# here is a example network configuration file used by netplan to put static address:
# configuration file can be found at: /etc/netplannetwork:
version: 2
renderer: networkd
ethernets:
[interface]:
dhcp4: no
addresses: [host ip address/subnet mask]
gateway4: [default gateway ip address]
nameservers:
addresses: [dns ip address,sec dns ip address]
# here is a example network configuration file used by netplan to put dynamic address:
# configuration file can be found at: /etc/netplannetwork:
version: 2
renderer: networkd
ethernets:
[interface]:
dhcp4: true
---
# Wireshark network monitors capture filters:
Capture traffic from a range of IP addresses:
net 192.168.2.0/24
capture ip:
host 192.168.2.1
---
Sysadmin app's for linux:
Terminal emulator: tilix
terminal recource monitor: bashtop
Network sniffer: wireshark
Terminal effect: cmatrix
Linux full Office suite: libre office
Media player: vlc
Archive manager with GUI: peazip
Email software: thunderbird
Code editor: Visual Studio Code
Alternative to firefox: chromium
Nmap GUI: nmapsi4
Disk encryption: zulucrypt
Software packgace installer: gdebi
Software packgace manager: synaptic
Disk partition manager: gnome disks
Samba GUI: smb4k
Task manager: stacer
TOR connection system: anonsurf
TOR surfing: TOR browser
A graphical network monitor: etherape
| Well-known FireWall ports: | ||||
|---|---|---|---|---|
| Port | TCP | UDP | Name | Description |
| 1 | ✓ | ✓ | tcpmux | TCP port multiplexer |
| 5 | ✓ | ✓ | rje | Remote job entry |
| 7 | ✓ | ✓ | echo | Echo service |
| 9 | ✓ | ✓ | discard | Zero service for test purposes |
| 11 | ✓ | ✓ | systat | System information |
| 13 | ✓ | ✓ | daytime | Time and date |
| 17 | ✓ | ✓ | qotd | Sends quote of the day |
| 18 | ✓ | ✓ | msp | Sends text messages |
| 19 | ✓ | ✓ | chargen | Sends an infinite character string |
| 20 | ✓ | ftp-data | FTP data transfer | |
| 21 | ✓ | ✓ | ftp | FTP connection |
| 22 | ✓ | ✓ | ssh | Secure Shell Service |
| 23 | ✓ | telnet | Telnet service | |
| 25 | ✓ | smtp | Simple Mail Transfer Protocol | |
| 37 | ✓ | ✓ | time | Machine-readable time protocol |
| 39 | ✓ | ✓ | rlp | Resource location protocol |
| 42 | ✓ | ✓ | nameserver | Name service |
| 43 | ✓ | nicname | WHOIS directory service | |
| 49 | ✓ | ✓ | tacacs | Terminal access controller access control system |
| 50 | ✓ | ✓ | re-mail-ck | Remote mail checking |
| 53 | ✓ | ✓ | domain | DNS name resolver |
| 67 | ✓ | bootps | Bootstrap protocol services | |
| 68 | ✓ | bootpc | Bootstrap client | |
| 69 | ✓ | tftp | Trivial file transfer protocol | |
| 70 | ✓ | gopher | Document search | |
| 71 | ✓ | genius | Genius protocol | |
| 79 | ✓ | finger | Delivers user contact information | |
| 80 | ✓ | http | Hypertext transfer protocol | |
| 81 | ✓ | Torpark: | Onion routing (unofficial) | |
| 82 | ✓ | Torpark: | Control (unofficial) | |
| 88 | ✓ | ✓ | kerberos | Network authentication system |
| 101 | ✓ | hostname | NIC host name | |
| 102 | ✓ | Iso-tsap | ISO TSAP protocol | |
| 105 | ✓ | ✓ | csnet-ns | Mailbox mail server |
| 107 | ✓ | rtelnet | Remote telnet | |
| 109 | ✓ | pop2 | Post office protocol v2 for e-mail communication | |
| 110 | ✓ | pop3 | Post office protocol v3 for e-mail communication | |
| 111 | ✓ | ✓ | sunrpc | RPC protocol for NFS |
| 113 | ✓ | auth | Authentication service | |
| 115 | ✓ | sftp | Simple file transfer protocol | |
| 117 | ✓ | uucp-path | File transfer between Unix systems | |
| 119 | ✓ | nntp | Transfer of messages in news groups | |
| 123 | ✓ | ntp | Time synchronization service | |
| 137 | ✓ | ✓ | netbios-ns | NETBIOS name service |
| 138 | ✓ | ✓ | netbios-dgm | NETBIOS datagram service |
| 139 | ✓ | ✓ | netbios-ssn | NETBIOS session service |
| 143 | ✓ | ✓ | imap | Internet message access protocol for e-mail communication |
| 161 | ✓ | snmp | Simple network management protocol | |
| 162 | ✓ | ✓ | snmptrap | Simple network management protocol trap |
| 177 | ✓ | ✓ | xdmcp | X display manager |
| 179 | ✓ | bgp | Border gateway protocol | |
| 194 | ✓ | ✓ | irc | Internet relay chat |
| 199 | ✓ | ✓ | smux | SNMP UNIX multiplexer |
| 201 | ✓ | ✓ | at-rtmp | AppleTalk routing |
| 209 | ✓ | ✓ | qmtp | Quick mail transfer protocol |
| 210 | ✓ | ✓ | z39.50 | Bibliographic information system |
| 213 | ✓ | ✓ | ipx | Internetwork packet exchange |
| 220 | ✓ | ✓ | imap3 | IMAP v3 for e-mail communication |
| 369 | ✓ | ✓ | rpc2portmap | Coda file system port mapper |
| 370 | ✓ | ✓ | codaauth2 | Coda file system authentication service |
| 389 | ✓ | ✓ | ldap | Lightweight directory access protocol |
| 427 | ✓ | ✓ | svrloc | Service location protocol |
| 443 | ✓ | https | HTTPS (HTTP over SSL/TLS) | |
| 444 | ✓ | ✓ | snpp | Simple network paging protocol |
| 445 | ✓ | microsoft-ds | SMB over TCP/IP | |
| 64 | ✓ | ✓ | kpasswd | Kerberos password change |
| 500 | ✓ | isakmp | Security protocol | |
| 512 | ✓ | exec | Remote process execution | |
| 512 | ✓ | comsat/biff | Mail client and server | |
| 513 | ✓ | login | Login to remote computer | |
| 513 | ✓ | who | Whod user logging daemon | |
| 514 | ✓ | shell | Remote shell | |
| 514 | ✓ | syslog | Unix system logging service | |
| 515 | ✓ | printer | Line printer daemon print services | |
| 517 | ✓ | talk | Talk remote calling | |
| 518 | ✓ | ntalk | Network talk | |
| 520 | ✓ | efs | Extended file name server | |
| 520 | ✓ | router | Routing information protocol | |
| 521 | ✓ | ripng | Routing information protocol for IPv6 | |
| 525 | ✓ | timed | Time server | |
| 530 | ✓ | ✓ | courier | Courier remote procedure call |
| 531 | ✓ | ✓ | conference | Chat over AIM and IRC |
| 532 | ✓ | netnews | Netnews newsgroup service | |
| 533 | ✓ | netwall | Emergency broadcasts | |
| 540 | ✓ | uucp | Unix-to-Unix copy protocol | |
| 543 | ✓ | klogin | Kerberos v5 remote login | |
| 544 | ✓ | kshell | Kerberos v5 remote shell | |
| 546 | ✓ | ✓ | dhcpv6-client | DHCP v6 client |
| 547 | ✓ | ✓ | dhcpv6-server | DHCP v6 server |
| 548 | ✓ | afpovertcp | Apple filing protocol over TCP | |
| 554 | ✓ | ✓ | rtsp | Real time streaming protocol |
| 556 | ✓ | remotefs | Remote file system | |
| 563 | ✓ | ✓ | nntps | NNTP over SSL/TLS |
| 587 | ✓ | submission | Message submission agent | |
| 631 | ✓ | ✓ | ipp | Internet printing protocol |
| 631 | ✓ | ✓ | Common Unix printing system (unofficial) | |
| 636 | ✓ | ✓ | ldaps | LDAP over SSL/TLS |
| 674 | ✓ | acap | Application configuration access protocol | |
| 694 | ✓ | ✓ | ha-cluster | Heartbeat service |
| 749 | ✓ | ✓ | kerberos-adm | Kerberos v5 administration |
| 750 | ✓ | kerberos-iv | Kerberos v4 services | |
| 873 | ✓ | rsync | rsync file transfer services | |
| 992 | ✓ | ✓ | telnets | Telnet over SSL/TLS |
| 993 | ✓ | imaps | IMAP over SSL/TLS | |
| 995 | ✓ | pop3s | POP3 over SSL/TLS |
SUBNETTING (example in yellow):
| number of subnets: |
1 | 2 | 4 | 8 | 16 | 32 | 64 | 128 | 256 |
|---|---|---|---|---|---|---|---|---|---|
| number of hosts per subnet: | 256 | 128 | 64 | 32 |
16 | 8 | 4 | 2 | 1 |
| subnet mask: | /24 | /25 | /26 | /27 | /28 | /29 | /30 | /31 | /32 |
| network ID: | subnet mask: | host ID range: | number of usable hosts: | broadcast ID: |
|---|---|---|---|---|
| 192.168.4.0 | /26 | 192.168.4.1 - 192.168.4.62 | 62 | 192.168.4.63 |
| 192.168.4.64 | /26 | 192.168.4.65 - 192.168.4.126 | 62 | 192.168.4.127 |
| 192.168.4.128 | /26 | 192.168.4.129 - 192.168.4.190 | 62 | 192.168.4.191 |
| 192.168.4.192 | /26 | 192.168.4.193 - 192.168.4.254 | 62 | 192.168.4.255 |
| subnet mask: 255.255.255.192 wildcard mask: 0.0.0.63 binary subnet mask: 11111111.11111111.11111111.11000000 IP / network class type: C CIDR notation: /26 |
||||
| CIDR subnet mask: | subnet mask: | binary subnet mask: |
|---|---|---|
| /24 | 255.255.255.0 | 11111111.11111111.11111111.00000000 |
| /25 | 255.255.255.128 | 11111111.11111111.11111111.10000000 |
| /26 | 255.255.255.192 | 11111111.11111111.11111111.11000000 |
| /27 | 255.255.255.224 | 11111111.11111111.11111111.11100000 |
| /28 | 255.255.255.240 | 11111111.11111111.11111111.11110000 |
| /29 | 255.255.255.248 | 11111111.11111111.11111111.11111000 |
| /30 | 255.255.255.252 | 11111111.11111111.11111111.11111100 |
| /31 | 255.255.255.254 | 11111111.11111111.11111111.11111110 |
| /32 | 255.255.255.255 | 11111111.11111111.11111111.11111111 |