Top 7 useful Linux commands for Sysadmins

Top 7 useful Linux commands for Sysadmins

As a system administrator, it’s your job to ensure your systems are running smoothly. This requires you to identify and solve problems, fix security vulnerabilities, and ensure your IT infrastructure is always working efficiently.

If you’re new to this role, you probably already know that being a sysadmin is a pretty demanding job. You have a lot of responsibilities to manage.

But we’re here to help make your job a little bit easier.?Below are seven Linux commands every sysadmin should know.

Let’s get started.

1. Nmap

The?nmap?command is?short for “Network Mapper.”?It’s an?open-source monitoring tool?commonly used by sysadmins?to scan and discover networks.

Thanks to its versatility, nmap has become one of the most popular tools among administrators.?You can use it to:

  • Find live hosts on a network
  • Scan ports and perform ping sweeps
  • Detect operating systems running on your network
  • Perform security audits

You can even use nmap to scan for malware. Nmap comes with an expansive library of scripts, making it?one of the most comprehensive tools?in your arsenal.

You have to download and install nmap before you can use it. If you’re using?CentOS or Fedora, use the following command:

sudo dnf install nmap

If you’re using?Ubuntu or Debian, use:

sudo apt-get install nmap

2. Autoremove

Having a bunch of?unwanted and unused packages?on your system can be a security vulnerability. One of those packages?could become an entry point for a cyberattack––and as the system administrator, it’s your job to reduce the threat vectors within your system.

That’s why?we suggest?removing any packages that you don’t use. This will reduce the chances of you falling victim to a cyberattack because of a software vulnerability or misconfiguration.

Use the?autoremove command to delete all unwanted packages?from your system. You can do this by running?apt-get autoremove. This will remove any uninstalled packages that remain on your server.

Once you’re done with that, use the?apt-cache pkgnames?command?to see a list of all your packages. When you find one or more packages you don’t need,?delete?them with sudo?apt-get purge –auto-remove [packagename].

3. Sysv-rc-conf

This command lets you see?which services are running in the background, as well as the boot time of every service you have running. You can use this tool to see whether you’ve got potentially harmful services running.

First, you need to install the program. You can do that by entering the following command:?apt-get install sysv-rc-conf.

Once you’ve installed sysv-rc-conf, enter this command in your terminal:?sysv-rc-conf –list | grep ‘3:on’. This will?show you which services started when you booted your computer and which started later.

If you see a service that looks suspicious, disable it?with:?systemctl disable [servicename].

4. Iptables

Iptables is?a versatile firewall tool?you can use to protect your Linux system from outside threats. You can use it?to block malicious parties?from attacking your systems by using the following commands:

  • iptables -A INPUT -p tcp ! –syn -m state –state NEW -j DROP?to force SYN packets check
  • iptables -A INPUT -p tcp –tcp-flags ALL NONE -j DROP?to drop null packets
  • iptables -A INPUT -p tcp –tcp-flags ALL ALL -j DROP?to drop XMAS packets
  • iptables -A INPUT -f -j DROP?to drop incoming packets with fragments

5. Netstat

Open ports aren’t inherently dangerous. In fact, you need them to send and receive data over the internet.

However, having open ports that are hidden can be a problem.?Hackers can use?these?ports to gain access?to your system––and you won’t even know how they breached?your cybersecurity measures.

You can use?netstat -antp?to scan your system for hidden open ports. This will give you a visual of all the open ports on your system. And?when you come across a port you don’t recognize, close it?using the following command:?sudo kill $(sudo lsof -t -i:[portnumber]). This will effectively reduce the threat vectors that place your system at risk.

6. Chkrootkit

A rootkit is a collection of malicious tools that grant attackers remote access to your server.?Think of it as a key that unwelcomed visitors can use to gain entry to your system.

Rootkits are designed to be?difficult to find.?Because once you discover and remove the rootkit, you end up removing the backdoor that’s been granting hackers access.

Chkrotkit is a tool that?scans your server for suspicious programs that could be rootkits.?You can install this program with the following command:?apt-get install chkrootkit.

Once installed, use the?chkrootkit?command while you’re logged in as the root user. The program will?scan your server for malware?and notify you of any potential threats.

7. Update and Upgrade

Keeping your systems up to date is an important part of good cybersecurity. Your operating?system and applications should be routinely patched?to fix any security vulnerabilities that could compromise your server.

You can?keep your systems updated and secure?with the?sudo apt-get update && apt-get upgrade?command. The update command is used to?update the list of packages, while upgrade downloads and installs them for you.

If you’re too busy to do manual upgrades, you can?automate the process?with?sudo apt-get install unattended-upgrades. This enables automatic security updates, which ensures your system always stays patched.

Give Your Server a Multi-Layered Protection

There you have it. Seven Linux commands that will improve your system’s security and performance.

Combine these with BitNinja’s multi-layered protection to dramatically reduce your chances of being hacked.?Cybersecurity is not optional anymore. It is a must! If you haven’t tried BitNinja yet, don’t forget to register for the?7-day free trial of Bitninja on E2E Cloud

要查看或添加评论,请登录

社区洞察

其他会员也浏览了