background preloader

Commands

Facebook Twitter

Speaking UNIX: Stayin' alive with Screen. Harry Potter may have his wand, Thor may have Mjöllnir, and Buckethead may have his axe, but all those gizmos pale in power to the QWERTY. With a few taps at the command line, you can launch a Web site, recruit legions to your cause, or vanquish a marauding thunder lizard. Alas, even the mighty QWERTY has a fatal weakness: It succumbs easily to a cut connection. A noisy phone line, a lost cellular or wireless connection, or a network time-out spells certain death for a remote shell. If you've spent hours on a task, such as debugging an application, it can be frustrating and maddening to lose your work in an instant. But don't smash Mjöllnir into your head. Figures 1 through 5 picture the features and operation of Screen.

Figure 1. Figure 2 depicts state after you launch Screen on the remote host. Figure 2. Screen does not have a presence per se; it's a proxy to select among the available and running windows it manages. But you can also detach from Screen, as shown in Figure 3. Figure 3. Power Sessions with Screen. Screen is a terminal multiplexer that allows you to manage many processes through one physical terminal. Each process gets its own virtual window, and you can bounce between virtual windows interacting with each process. The processes managed by screen continue to run when their window is not active. Thus far, the screen features described aren't all that exciting or new. In fact, there already are X11 terminal applications that provide this functionality (konsole and multi-gnome-terminal).

What differentiates screen from the others are some of the core features screen provides. Screen offers the ability to detach from a session and then attach to it at a later time. Screen also maintains individual, searchable scrollback buffers for each of the windows it manages. Before actually running screen, it's important to understand how to interact with it. The command character is used to notify screen that you'd like to control screen itself, rather than the application in the current window. A tcpdump Tutorial and Primer. Image from securitywizardry.com tcpdump is the premier network analysis tool for information security professionals. Having a solid grasp of this über-powerful application is mandatory for anyone desiring a thorough understanding of TCP/IP. Many prefer to use higher level analysis tools such as Ethereal Wireshark, but I believe this to usually be a mistake.

In a discipline so dependent on a true understanding of concepts vs. rote learning, it's important to stay fluent in the underlying mechanics of the TCP/IP suite. A thorough grasp of these protocols allows one to troubleshoot at a level far beyond the average analyst, but mastery of the protocols is only possible through continued exposure to them.

When using a tool that displays network traffic a more natural (raw) way the burden of analysis is placed directly on the human rather than the application. Options Below are a few options (with examples) that will help you greatly when working with the tool. Basic Usage Common Syntax Grouping. An lsof Tutorial and Primer. [ Check out my latest post on the HP Security Blog: “Thoughts on the Heartbleed Bug” ] lsof is the sysadmin/security über-tool. I use it most for getting network connection related information from a system, but that's just the beginning for this powerful and too-little-known application. The tool is aptly called lsof because it "lists open files". And remember, in UNIX just about everything (including a network socket) is a file.

Interestingly, lsof is also the Linux/Unix command with the most switches. It has so many it has to use both minuses and pluses. usage: [-? As you can see, lsof has a truly staggering number of options. For me, lsof replaces both netstat and ps entirely. Key Options It's important to understand a few key things about how lsof works. Here are a few others like that to keep in mind: default : without options, lsof lists all open files for active processesgrouping : it's possible to group options, e.g. Getting Information About the Network Show all connections with -i. Tmux::Tutorial and Primer. [ Check out my latest post on the HP Security Blog: “HP Security and the Internet of Things” ] There are 4,257 tutorials on tmux.

That's a rough number that I just made up. This one is designed to take you from "wtf tmux" to "omg tmux" with extreme haste. Let's get started. Why Tmux tmux is useful to people in different ways. You could, for example, have a session on your server for hacking on a node REST API (my current project), and call it "nodeapi". That's handy. Others like to focus on how you can use tmux to have multiple panes within multiple windows within multiple tabs within multiple sessions. A remote computing lifestyle Mobility is a central theme for tmux users. A related advantage to this mobile approach is the fact that your client machine is not too terribly important. Anyway, those are some reasons that people love tmux, but you don't have to make this lifestyle change in order to see its benefits. What about screen? Good question. tmux is a lot like screen, only better. ?