Scratchpaper.txt - the intestinal tract of linux notes

Revision as of 14:00, 26 June 2007 by Admin (Talk | contribs)

scratchpaper.txt - the intestinal tract of linux notes     created June 1998
/sbin/ifconfig     pico -w disables word wrap
/sbin/ifup eth0     su -l login as root
      *from telnet CTRL-H backspace, CTRL-D delete
/etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT YES
/usr/sbin/in.telnetd
/var/log/*
/etc/inetd.conf
talcon=zygotech@itsnet.com
/etc/passwd
/etc/securetty

ftp.linpeople.org/pub/incoming

diff               ls -la .xdefaults
.Xmodmap 22=backspace 
  /--> DontZap in section 'ServerFlags' in /etc/X11/XF86Config
 <
  \--> shift-control-alt-backspace                                     /etc/skel
  • Jun 7 12:37:43 host inetd[736]:getpwnam:root:No such user

telnet stream tcp nowait root /usr.sbin/tcpd in.telnetd

modprobe /lib/modules/2.0.32/net/tulip.o
/sbin/ifup eth0


#!/bin/bash      
PATH=/sbin/:/usr/sbin      
      route del -net 192.168.12.0
/etc/sysconfig/network-scripts/dwifup     route add 192.168.12.0 gw 192.168.12.254
/sbin/ifup      
      route add default gw 192.168.12.254 eth0
/proc/net/socket      
/proc/net/dev      
/etc/init.d/network     sysctl: ip forwarding off
        
                 192.168.12.128
   network mask: 255.255.255.0
network address: 192.168.12.0
        gateway: 192.168.12.254

route -v

3c59c.c 3com 905B
192.168.12.253
  • net-tools-1.33-4.src.rpm
  • netcfg-2.19-3.src.rpm
  • netkit-base-0.10-5.src.rpm
/lib/modules/2.0.32/net
/etc/rc.d/rc2.d

warning: unknown PCI device (10b7:9055) please read include/linux/pci.h 

/msdos         502             /               hda1    78      LN
/usr           1004            /usr            hda5    1004    LN
/home          1004            /home           hda6    1004    LN
/usr/local     1004            /usr/local      hda7    1004    LN
/sur/src       282             /msdos          hda8    502     dos 16bit >=32
/tmp           133             /usr/src        hda9    282     LN
/              78              /tmp            hda10   133     LN
SWAP           125             SWAP            hda11   125     swap
/tmp/install.log
300hex 10irq cc000 8013 
[root@bigdog /root]# cat /etc/sysconfig/network
NETWORKING=yes
FORWARD_IPV4=no
HOSTNAME=bigdog.robotz.com
GATEWAYDEV=eth0
GATEWAY=192.168.12.254

    if [ "${GATEWAY}" != "" ]; then
        if [ "${GATEWAYDEV}" = "" -o "${GATEWAYDEV}" = "${DEVICE}" ]; then
            # set up default gateway
            route add default gw ${GATEWAY} ${DEVICE}
            DEFGW=${GATEWAY}
        fi
    fi  



                                _______________________________________
                               |                                       |
                               | this is really old and inacurate:     |
                               | 1114mb 222x5                          |
                               |                                       |
                               | /usr           300                    |
                               | /home          264                    |
                               | /usr/local     300                    |
                               | /usr/src       200                    |
                               | /tmp            50                    |
                               | /               80                    |
                               | SWAP            32                    |
                               | --------------------                  |
                               |_______________________________________|

I am trapped in telnet: press CNTRL-] to get telnet> prompt

There are three: (port 113), time (port 37), and daytime (port 13).

NTP runs on port 123 using udp

  • ipchains -A input -p udp -j ACCEPT -s 10.0.0.0/8 -d 0.0.0.0/0 123
  • ipchains -A input -p udp -j ACCEPT -s some.trusted.host -d 0.0.0.0/0 123
  • ipchains -A input -p udp -j DENY -s 0.0.0.0/0 -d 0.0.0.0/0 123

More on ipchains

First estable default policies

You may deny all or accept all depending on how paranoid you are. 

 :input ACCEPT
 :forward DENY
 :output ACCEPT
 ipchains -A input -s 0/0 -d 0/0 -i lo -j ACCEPT

This annoying tosser doesn't even get to see our web site*** 

 ipchains -A input -p tcp -s x.x.x.x -d 0/0 80 -y -j REJECT

Below we block access to port 110 pop3 and ssh so we let a few friends in*** 

 ipchains -A input -p tcp -s x.x.x.x -d 0/0 22 -y -j ACCEPT
 ipchains -A input -p tcp -s x.x.x.x -d 0/0 110 -y -j ACCEPT

Since we were not paranoid we should block ports not being used. 

 ipchains -A input -p tcp -s 0/0 -d 0/0 0:19 -y -j REJECT
 ipchains -A input -p tcp -s 0/0 -d 0/0 23:24 -y -j REJECT
 ipchains -A input -p tcp -s 0/0 -d 0/0 26:79 -y -j REJECT
 ipchains -A input -p tcp -s 0/0 -d 0/0 81:1023 -y -j REJECT

You may wish to block udp on all standard ports below 1024 

 ipchains -A input -p udp -s 0/0 -d 0/0 0:1023 -j REJECT

Do not reply to ICMP TIMESTAMP packets 

 ipchains -A output -j REJECT -i eth0 -p icmp -s x.x.x.x/yy -d 0/0 --icmp-type timestamp-request -l
 ipchains -A output -j REJECT -i eth0 -p icmp -s x.x.x.x/yy -d 0/0 --icmp-type timestamp-reply -l

*ipchains are processed in the order read from the top down. See how IP x.x.x.x is blocked right away. Also, we accept ssh and pop from another IP address x.x.x.x before the port is blocked 3 lines later.

wow, new stuff 2003!

I want to find out what version of bind you are running: 

nslookup -q=txt -class=chaos version.bind. <host address>

I want to hide from people what version of bind I am running: 

vi /etc/named.conf

options {
        directory "/var/named";
        auth-nxdomain yes;
        version "x";
};

It's the version part that allows you to spoof your bind version. 

nslookup -q=txt -class=CHAOS version.bind. localhost

lilo: linux single

grub: When GRUB boots up, select the version of the kernel that you wish to boot and type e for edit. You will be presented with a list of items in the configuration file for the title you just selected.

Select the line that starts with kernel and type e to edit the line.

Go to the end of the line and type single as a separate word (press the [Spacebar] and then type single). Press [Enter] to exit edit mode.

Back at the GRUB screen, type b to boot into single user mode. 

server:               client:
ntpd -dddd &_         ntpdate addressof.timeserver.com
ntpq -p               ntptimeset

Parse a password file, removing everything but the username [with vi and Regular Expressions] 

:1,$s/:x:.*false//

The central concepts are superblock, inode, data block, directory block, and indirection block. The superblock contains information about the filesystem as a whole, such as its size (the exact information here depends on the filesystem). An inode contains all information about a file, except its name. The name is stored in the directory, together with the number of the inode. A directory entry consists of a filename and the number of the inode which represents the file. The inode contains the numbers of several data blocks, which are used to store the data in the file. There is space only for a few data block numbers in the inode, however, and if more are needed, more space for pointers to the data blocks is allocated dynamically. These dynamically allocated blocks are indirect blocks; the name indicates that in order to find the data block, one has to find its number in the indirect block first.

  • wrong: 
STMP = `stty size`:echo $STMP
  • right: 
STMP=`stty size`;echo $STMP

echo "test"|sed "s/test/cat/"
echo "test"|sed "s/.//"

STMP=`stty size`;echo $STMP|sed "s/.*//"

screen terminal size:
STMP=`stty size`;echo $STMP|sed "s/\ .*$//"
STMP=`stty size`;echo $STMP|sed "s/^.*\ //"

while $null; do echo "hi"; sleep 2s; done

he often stops jobs and then forgets about them He uses his prompt to remind himself of stopped jobs export PS1='\W[\j]\$ ' 

 Redhat Linux default prompt:  PS1='[\u@\h \W]\$ '
Trustix Linux default prompt:  PS1='\u@\h \w\$ '

want the complete count 

function stoppedjobs {
-- jobs -s | wc -l | sed -e "s/ //g"
-- }
Last modified on 26 June 2007, at 14:00