Showing posts from February, 2016

Common ports used in Linux

20 FTP data (File Transfer Protocol)  21 FTP (File Transfer Protocol)  22 SSH (Secure Shell)  23 Telnet  25 SMTP (Send Mail Transfer Protocol)  43 whois  53 DNS (Domain Name Service)  68 DHCP (Dynamic Host Control Protocol)  79 Finger  80 HTTP (HyperText Transfer Protocol)  110 POP3 (Post Office Protocol, version 3)  115 SFTP (Secure File Transfer Protocol)  119 NNTP (Network New Transfer Protocol)  123 NTP (Network Time Protocol)  137 NetBIOS-ns  138 NetBIOS-dgm  139 NetBIOS  143 IMAP (Internet Message Access Protocol)  161 SNMP (Simple Network Management Protocol)  194 IRC (Internet Relay Chat)  220 IMAP3 (Internet Message Access Protocol 3)  389 LDAP (Lightweight Directory Access Protocol)  443 SSL (Secure Socket Layer)  445 SMB (NetBIOS over TCP)  666 Doom  993 SIMAP (Secure Internet Message Access Protocol)  995 SPOP (Secure Post Office Protocol) 

Find command usage in *nix

• Find all files of a given type from current directory on down: find ./ -name "*.conf" -print • Find all user files larger than 5Mb: find /home -size +5000000c -print • Find all files owned by a user (defined by user id number. see /etc/passwd) on the system: (could take a very long time) find / -user 501 -print • Find all files created or updated in the last five minutes: (Great for finding effects of make install) find / -cmin -5 • Find all users in group 20 and change them to group 102: (execute as root) find / -group 20 -exec chown :102 {} \; • Find all suid and setgid executables: find / \( -perm -4000 -o -perm -2000 \) -type f -exec ls -ldb {} \; find / -type f -perm +6000 -ls Note: suid executable binaries are programs which switch to root privileges to perform their tasks. These are created by applying a "sticky" bit: chmod +s. These programs should be watched as they are often the first point of entry for hackers. Thus it is prud