| Commands | Logs and Auditing | Networking | Surveys | Boot Process |
|---|---|---|---|---|
|
What is the command to see a listing of the last logged in users?
last
|
Where is the syslog.conf file located?
/etc/syslog.conf
|
Where is the local name resolution file?
/etc/hosts
|
Where can you find computer hostname information?
uname -a
|
What is the first process on a SysV system?
init
|
|
What is command to see all firewall rules?
iptables -L -n
|
What command is used to view reports from the auditing daemon?
aureport
|
What is the command to see your IPv6 neighbors?
ip neigh show
|
What two things should you look at first when conducting a survey?
processes then network connections
|
What is the location of init's configuration file?
/etc/inittab
|
|
What is the command to see all connections with name resolution disabled?
netstat -an
|
What are the two parts of a selector?
facility.priority
|
When looking at a socket table, why doesn't UDP list a state?
Because it is connection-less
|
What are the 3 locations of user password information?
/etc/passwd
/etc/shadow /etc/group |
SysV is being replaced by SystemD for what primary reason?
sequential startup vs parallel
|
|
What is the command to see every running process?
ps -ef
|
The most common system log file is?
/var/log/messages
|
In an IPtable what is the difference between DROP and REJECT?
REJECT responds with ACK/RST
DROP does not respond. |
What is the command to disable command logging?
unset histfile
|
What is the command to start the ssh service for systemD?
systemctl start ssh.service
|
|
What is the command to see open files for solaris
pfiles
|
What is the selector to log all emergency cron events.
cron.emerg
|
What distinguishes a Solaris netstat from a Kali?
ip.port vs ip:port
|
What is the command to view the signature of a particular module?
modinfo
|
What inittab action runs once only at boot, ignoring the runlevel field, and does not run during runlevel changes?
sysinit
|
Support Us on Ko-fi