Cheat Sheets
Upgrade Firmware
$ sudo apt install linux-firmware
$ sudo apt install linux-generic-hwe-`lsb_release -rs`
Remove n first lines in file
cat foo.txt
1
2
3
4
5
6
$ sed -e '1,3d' < foo.txt
4
5
6
date
cat /etc/timezone
uname -a
uname -m
cat /etc/*-release
lsb_release -as
lsb_release -cs
lsb_release -rs
lsb_release -ds
curl https://ipinfo.io/ip -> to have the public IP
Users
echo $USER
passwd -S $USER
grep :0 /etc/passwd
cat /etc/passwd
cat /etc/shadow
cat /etc/group
cat /etc/sudoers
System resources
uptime
free
df
cat /proc/meminfo
cat /proc/mounts
mount
Network settings
lsof -i
ss -ano
ss -nap
ss -antp
netstat -rn
route
arp -a
Processes
ps aux --sort=-%mem | head -n 10
vmstat -s
lsof -p <PID>
pstree
Services
server --status-all
cat /etc/crontab
crontab -u <USER> -l
cat /etc/cron.*
Log entries
lastlog
last cat /var/log/lastlog
grep -v cron /var/log/auth.log* | grep -v sudo | grep -i user
grep -v cron /var/log/auth.log* | grep -v sudo | grep -i Accepted
grep -v cron /var/log/auth.log* | grep -v sudo | grep -i failed
grep -v cron /var/log/auth.log* | grep -i "login:session"
Files
find /home/ -type f -size +512k -exec ls -lh {} \;
find /etc/ -readable -type f 2>/dev/null
find / -perm -4000 -user root -type f
find / -mtime -0 -ctime -7
find / -atime 2 -ls 2>/dev/null
find / -mtime -2 -ls 2>/dev/null
Review activities
cat /home/$USER/.*_history
cat /home/$USER/.bash_history
cat /home/$USER/.ftp_history
cat /root/.bash_history
cat /root/.mysql_history
Files
cat /etc/passwd
cat /etc/sudoers
cat /home/$USER/.ssh/authorized_keys
cat /home/$USER/.bashrc