mirror of
https://github.com/trimstray/the-book-of-secret-knowledge.git
synced 2024-12-18 17:36:14 +00:00
moved 'lsof' sub-section
- signed-off-by: trimstray <trimstray@gmail.com>
This commit is contained in:
parent
ccc8f40206
commit
01875960f4
122
README.md
122
README.md
@ -1033,6 +1033,7 @@ Linux Security Expert</b></a> - trainings, howtos, checklists, security tools an
|
|||||||
* [terminal](#tool-terminal)
|
* [terminal](#tool-terminal)
|
||||||
* [mount](#tool-mount)
|
* [mount](#tool-mount)
|
||||||
* [fuser](#tool-fuser)
|
* [fuser](#tool-fuser)
|
||||||
|
* [lsof](#tool-lsof)
|
||||||
* [ps](#tool-ps)
|
* [ps](#tool-ps)
|
||||||
* [top](#tool-top)
|
* [top](#tool-top)
|
||||||
* [strace](#tool-strace)
|
* [strace](#tool-strace)
|
||||||
@ -1068,7 +1069,6 @@ Linux Security Expert</b></a> - trainings, howtos, checklists, security tools an
|
|||||||
* [socat](#tool-socat)
|
* [socat](#tool-socat)
|
||||||
* [p0f](#tool-p0f)
|
* [p0f](#tool-p0f)
|
||||||
* [gnutls-cli](#tool-gnutls-cli)
|
* [gnutls-cli](#tool-gnutls-cli)
|
||||||
* [lsof](#tool-lsof)
|
|
||||||
* [netstat](#tool-netstat)
|
* [netstat](#tool-netstat)
|
||||||
* [rsync](#tool-rsync)
|
* [rsync](#tool-rsync)
|
||||||
* [host](#tool-host)
|
* [host](#tool-host)
|
||||||
@ -1255,6 +1255,66 @@ fuser -v 53/udp
|
|||||||
|
|
||||||
___
|
___
|
||||||
|
|
||||||
|
##### Tool: [lsof](https://en.wikipedia.org/wiki/Lsof)
|
||||||
|
|
||||||
|
###### Show process that use internet connection at the moment
|
||||||
|
|
||||||
|
```bash
|
||||||
|
lsof -P -i -n
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Show process that use specific port number
|
||||||
|
|
||||||
|
```bash
|
||||||
|
lsof -i tcp:443
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Lists all listening ports together with the PID of the associated process
|
||||||
|
|
||||||
|
```bash
|
||||||
|
lsof -Pan -i tcp -i udp
|
||||||
|
```
|
||||||
|
|
||||||
|
###### List all open ports and their owning executables
|
||||||
|
|
||||||
|
```bash
|
||||||
|
lsof -i -P | grep -i "listen"
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Show all open ports
|
||||||
|
|
||||||
|
```bash
|
||||||
|
lsof -Pnl -i
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Show open ports (LISTEN)
|
||||||
|
|
||||||
|
```bash
|
||||||
|
lsof -Pni4 | grep LISTEN | column -t
|
||||||
|
```
|
||||||
|
|
||||||
|
###### List all files opened by a particular command
|
||||||
|
|
||||||
|
```bash
|
||||||
|
lsof -c "process"
|
||||||
|
```
|
||||||
|
|
||||||
|
###### View user activity per directory
|
||||||
|
|
||||||
|
```bash
|
||||||
|
lsof -u username -a +D /etc
|
||||||
|
```
|
||||||
|
|
||||||
|
###### Show 10 largest open files
|
||||||
|
|
||||||
|
```bash
|
||||||
|
lsof / | \
|
||||||
|
awk '{ if($7 > 1048576) print $7/1048576 "MB" " " $9 " " $1 }' | \
|
||||||
|
sort -n -u | tail | column -t
|
||||||
|
```
|
||||||
|
|
||||||
|
___
|
||||||
|
|
||||||
##### Tool: [ps](https://en.wikipedia.org/wiki/Ps_(Unix))
|
##### Tool: [ps](https://en.wikipedia.org/wiki/Ps_(Unix))
|
||||||
|
|
||||||
###### Show a 4-way scrollable process tree with full details
|
###### Show a 4-way scrollable process tree with full details
|
||||||
@ -2644,66 +2704,6 @@ p0f -i enp0s25 -p -d -o /dump/enp0s25.log
|
|||||||
|
|
||||||
___
|
___
|
||||||
|
|
||||||
##### Tool: [lsof](https://en.wikipedia.org/wiki/Lsof)
|
|
||||||
|
|
||||||
###### Show process that use internet connection at the moment
|
|
||||||
|
|
||||||
```bash
|
|
||||||
lsof -P -i -n
|
|
||||||
```
|
|
||||||
|
|
||||||
###### Show process that use specific port number
|
|
||||||
|
|
||||||
```bash
|
|
||||||
lsof -i tcp:443
|
|
||||||
```
|
|
||||||
|
|
||||||
###### Lists all listening ports together with the PID of the associated process
|
|
||||||
|
|
||||||
```bash
|
|
||||||
lsof -Pan -i tcp -i udp
|
|
||||||
```
|
|
||||||
|
|
||||||
###### List all open ports and their owning executables
|
|
||||||
|
|
||||||
```bash
|
|
||||||
lsof -i -P | grep -i "listen"
|
|
||||||
```
|
|
||||||
|
|
||||||
###### Show all open ports
|
|
||||||
|
|
||||||
```bash
|
|
||||||
lsof -Pnl -i
|
|
||||||
```
|
|
||||||
|
|
||||||
###### Show open ports (LISTEN)
|
|
||||||
|
|
||||||
```bash
|
|
||||||
lsof -Pni4 | grep LISTEN | column -t
|
|
||||||
```
|
|
||||||
|
|
||||||
###### List all files opened by a particular command
|
|
||||||
|
|
||||||
```bash
|
|
||||||
lsof -c "process"
|
|
||||||
```
|
|
||||||
|
|
||||||
###### View user activity per directory
|
|
||||||
|
|
||||||
```bash
|
|
||||||
lsof -u username -a +D /etc
|
|
||||||
```
|
|
||||||
|
|
||||||
###### Show 10 largest open files
|
|
||||||
|
|
||||||
```bash
|
|
||||||
lsof / | \
|
|
||||||
awk '{ if($7 > 1048576) print $7/1048576 "MB" " " $9 " " $1 }' | \
|
|
||||||
sort -n -u | tail | column -t
|
|
||||||
```
|
|
||||||
|
|
||||||
___
|
|
||||||
|
|
||||||
##### Tool: [netstat](https://en.wikipedia.org/wiki/Netstat)
|
##### Tool: [netstat](https://en.wikipedia.org/wiki/Netstat)
|
||||||
|
|
||||||
###### Graph # of connections for each hosts
|
###### Graph # of connections for each hosts
|
||||||
|
Loading…
Reference in New Issue
Block a user