Other useful commands

• netstat

• ps

• tail

• kill

netstatPrint network connections, routing tables, interface statistics, masquerade

connections, and multicast memberships.

Examples: which services are on[root@clump coursefiles]# netstat --listenActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address Statetcp 0 0 *:ssh *:* LISTENActive UNIX domain sockets (only servers)Proto RefCnt Flags Type State I-Node Pathunix 2 [ ACC ] STREAM LISTENING 4280 /var/run/dbus/system_bus_socketunix 2 [ ACC ] STREAM LISTENING 4299 @/tmp/hald-local/dbus eJfE5o936g

netstat example[root@firewall man]# netstat -anptActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp 0 0 127.0.0.1:47806 127.0.0.1:22 ESTABLISHED 7877/sshtcp 0 0 172.24.16.240:56108 193.166.135.6:22 ESTABLISHED 15463/sshtcp 0 0 :::22 :::* LISTEN 1254/sshdtcp 0 0 ::ffff:172.24.16.240:22 ::ffff:193.166.135.10:39625 ESTABLISHED 16288/0tcp 0 0 ::ffff:172.24.16.240:22 ::ffff:193.166.135.10:38258 ESTABLISHED 16235/1tcp 0 0 ::ffff:127.0.0.1:22 ::ffff:127.0.0.1:47806 ESTABLISHED 7878/5

ps

report a snapshot of the current processes.

Example: ps faux

(see all processes in tree like mode, where you can see parent processes etc)

[root@firewall man]# ps fauxUSER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMANDroot 1 0.0 0.3 1740 396 ? S Sep27 0:03 init [3]root 2 0.0 0.0 0 0 ? SN Sep27 0:00 [ksoftirqd/0]root 3 0.0 0.0 0 0 ? S< Sep27 0:00 [events/0]root 4 0.0 0.0 0 0 ? S< Sep27 0:00 [khelper]root 5 0.0 0.0 0 0 ? S< Sep27 0:00 [kthread]root 7 0.0 0.0 0 0 ? S< Sep27 0:00 \_ [kblockd/0]root 69 0.0 0.0 0 0 ? S Sep27 0:01 \_ [pdflush]root 70 0.0 0.0 0 0 ? S Sep27 0:00 \_ [pdflush]root 72 0.0 0.0 0 0 ? S< Sep27 0:00 \_ [aio/0]root 1511 0.0 0.0 0 0 ? S< Sep27 0:00 \_ [kauditd]root 905 0.0 0.0 0 0 ? S Sep27 0:28 [kjournald]root 1199 0.0 0.3 1616 484 ? Ss Sep27 0:14 syslogd -m 0root 1201 0.0 0.3 1564 380 ? Ss Sep27 0:00 klogd -xroot 1212 0.0 0.4 1848 620 ? S Sep27 0:01 /usr/sbin/smartdroot 1254 0.0 0.7 4396 984 ? Ss Sep27 0:00 /usr/sbin/sshdroot 16235 0.0 1.2 7428 1584 ? Ss Nov01 0:05 \_ sshd: root@pts/1root 16237 0.0 0.8 4512 1076 pts/1 Ss+ Nov01 0:01 | \_ -bashroot 16288 0.0 1.3 7432 1644 ? Ss Nov01 0:07 \_ sshd: root@pts/0root 16290 0.0 0.8 4512 1044 pts/0 Ss Nov01 0:00 | \_ -bashroot 7877 0.0 1.5 4256 1968 pts/0 S+ Nov07 0:04 | \_ ssh root@localhostroot 7878 0.0 1.9 7428 2508 ? Ss Nov07 0:05 \_ sshd: root@pts/5root 7880 0.0 1.1 4512 1480 pts/5 Ss Nov07 0:01 \_ -bashroot 24515 0.0 0.6 4452 856 pts/5 R+ 22:28 0:00 \_ ps faux

tailtail - output the last part of files

When installing/watching server logs, use option -f which outputs appended data as the file grows.

Example: tail –f /var/log/messages &(starts tailing /var/log/messages and puts process in background)

killKill is used to terminate a process.

The command kill sends the specified signal to the specified process or process group. If no signal is specified, the TERM signal is sent. The TERM signal will kill processes which do not catch this signal. For other processes, it may be necessary to use the KILL (9) signal, since this signal cannot be caught. You need signal 9 to kill a shell.

Example: Killing normal process. First search process with ps.

[root@firewall man]# ps faux | grep –I dbusdbus 1282 0.0 0.7 12804 984 ? Ssl Sep27 0:00 dbus-daemon[root@firewall man]# kill 1282

Example: Killing shell or other process that doesn’t shutdown normally.

root 16237 0.0 0.8 4512 1076 pts/1 Ss+ Nov01 0:01 | \_ -bashroot 16288 0.0 1.3 7432 1644 ? Ss Nov01 0:07 \_ sshd: root@pts/0root 16290 0.0 0.8 4512 1044 pts/0 Ss Nov01 0:00 | \_ -bashroot 7877 0.0 1.5 4256 1968 pts/0 S+ Nov07 0:04 | \_ ssh root@localhostroot 7878 0.0 1.9 7428 2508 ? Ss Nov07 0:05 \_ sshd: root@pts/5root 7880 0.0 1.1 4512 1488 pts/5 Ss Nov07 0:01 \_ -bashroot 24519 0.0 0.6 4452 856 pts/5 R+ 22:34 0:00 \_ ps xaufwwroot 1269 0.0 0.8 4548 1016 ? Ss Sep27 0:00 crondroot 1290 0.0 14.7 42100 18568 ? Ss Sep27 39:17 hald --retain-privilegesroot 1303 0.0 0.2 2148 340 ? S Sep27 21:51 \_ hald-addon-storageroot 1339 0.0 0.4 2408 536 ? Ss Sep27 0:00 login -- rootroot 15429 0.0 0.3 4508 444 tty2 Ss Oct31 0:00 \_ -bash

[root@firewall man]# kill -9 16237

OpenSSH• OpenSSH is a FREE version of the SSH protocol suite of network

connectivity tools that increasing numbers of people on the Internet are coming to rely on. Many users of telnet, rlogin, ftp, and other such programs might not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety of authentication methods.

• The OpenSSH suite includes the ssh program which replaces rlogin and telnet, scp which replaces rcp, and sftp which replaces ftp. Also included is sshd which is the server side of the package, and the other basic utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0.

More information

• man netstat

• man ps

• man kill

• man tail

• http://www.openssh.org