How to investigate on Linux
Posted Updated linuxa few seconds read (About 83 words)

How to investigate on Linux

Some commands

Logs from SSH and others

1
sudo cat /var/log/auth.log | grep failure
1
sudo cat /var/log/auth.log | grep sshd

SSH keys directory

1
sudo ls -la .ssh/

~/.ssh/authorized_keys

Check the bash history

1
history

Check the CPU usage

1
htop

Diplay current connections

1
last -a | grep -i still
1
who
1
w

Networking connections

1
netstat -tnpa

List last files modified

1
sudo find /tmp -newermt "1 day ago" -ls

Check the crontab

1
crontab -l

Check the strings in the script

1
strings x | more

How to investigate on Linux

https://ezzko.gitlab.io/2022/12/21/Commands-to-investigate-on-Linux/

Author

Loris

Posted on

2022-12-21

Updated on

2022-12-21

Licensed under

#
You need to set install_url to use ShareThis. Please set it in _config.yml.

Like this article? Support the author with

You forgot to set the business or currency_code for Paypal. Please set it in _config.yml.

Comments

Follow

Categories

Tags

ACL1
Active directory1
Forensic1
Kerberos1
Monitoring1
linux4
pentest1
security1
vpn1
windows1
×