How to investigate on Linux
Posted Updated linuxa few seconds read (About 83 words)

How to investigate on Linux

Some commands

Logs from SSH and others

1
sudo cat /var/log/auth.log | grep failure
1
sudo cat /var/log/auth.log | grep sshd

SSH keys directory

1
sudo ls -la .ssh/

~/.ssh/authorized_keys

Check the bash history

1
history

Check the CPU usage

1
htop

Diplay current connections

1
last -a | grep -i still
1
who
1
w

Networking connections

1
netstat -tnpa

List last files modified

1
sudo find /tmp -newermt "1 day ago" -ls

Check the crontab

1
crontab -l

Check the strings in the script

1
strings x | more
Follow

Links

Subscribe for updates

You need to set client_id and slot_id to show this AD unit. Please set it in _config.yml.

follow.it

Categories

Recents

Archives

Tags

ACL1
Active directory1
Forensic1
Kerberos1
Monitoring1
linux4
pentest1
security1
vpn1
windows1
×