Linux Essentials Cheat Sheet v1.

0
This guide was created by Mark Baggett | Twitter: @markbaggett | sans.org/sec406

Windows User Quick Reference User Switching Commands

WINDOWS UBUNTU LINUX COMMAND EXPLANATION EXAMPLE
COMMAND EQUIVALENT WHAT IT DOES
su su – otheruser Switch to otheruser and use their user
dir ls -la A directory listing with sizes and dates environment
ipconfig.exe ifconfig or ip Show you network interfaces and addresses su su otheruser Switch to otheruser and keep your existing
ipconfig/release dhclient -r Release your DHCP ip address environment

ipconfig /renew dhclient Request a new IP from DHCP server sudo sudo <cmd> Run command as another user, when no user is
specified it assumes root
cd <new dir> cd <new dir> Change directories to new directory
whoami whoami Tell you the name you are running processes as
cd<enter> pwd Tell you the current working directory
id id Display the user information including user
tasklist ps List processes running number and group number
type cat Show the contents of a file visudo visudo Edit the /etc/sudoers file to define who can run
what as other users (root only)
findstr grep Search output for a matching string
copy cp Copy a file from the file system
Network Commands
echo echo Echo output to the screen
COMMAND EXPLANATION EXAMPLE
del rm Delete a file from the file system
rename mv Rename a file ping Send ICMP ECHO_REQUEST to a $ ping 10.1.1.1
network host to test connectivity
netstat Display TCP & UDP connection $ netstat -na
Bash Keyboard Shortcuts info (deprecated)

KEY COMBO EXPLANATION ss Display socket statistics; $ ss –l4t

replaces netstat
Control L Clear the screen
ifconfig Display information about your $ ifconfig
Control C Kill the currently running Program network interfaces, such as your
IP address (deprecated)
Control S Squelch (Pause the output)
ip Display/manipulate routing, network $ ip a show [interface]
Control Q Un-squelch (Unpause the output) devices, interfaces, and tunnels; $ ip address show ens33
Control A Go to the beginning of the line replaces ifconfig

Control E Go to the end of the lin

Control R Recall a command by searching history File Examination Commands
Up Arrow Recall the previous command from history COMMAND EXPLANATION EXAMPLE

Down Arrow Go to next command in the command history cat Print one or more files to STDOUT $ cat file.txt
$ cat file1 file2 file3 > allfiles

File System Commands grep Search for text within a file $ grep 10.10.1.1
or STDIN /var/log/apache/*
COMMAND EXPLANATION EXAMPLE file Identify the file type $ file image.jpg
image.jpg: JPEG Image Data
ls List files in directory; current directory $ ls ~/Desktop
is used if no directory is supplied head Display the first 10 lines of a file, $ head /etc/passwd
by default (use “-n X” to display $ head -n 5 /etc/passwd
cd Change the current working directory $ cd /home/me/
first X lines)
pwd Print the current working directory $ pwd
tail Display the last 10 lines of a file, $ tail /var/log/syslog
/home/me/
by default (use “-n X” to display $ tail -n 5 .bashrc
cp Copy a file $ cp orig.txt copy.txt last X lines)

mv Move or rename a file $ mv a.txt Desktop/b.txt tail -F Display new data as it’s appended $ tail -F /var/log/messages
to the end of a file (useful for
rm Delete a file $ rm file.txt watching logs; aka follow a file)
mkdir Create a directory $ mkdir examples/ less Display text from STDIN or a file, $ less /etc/passwd
one screen at a time; $ cat file | less
rmdir Delete a directory (must be empty) $ rmdir examples/
text disappears from console
find Search the file system for files $ find / -name “myfile.txt”
more Display text from STDIN or a file, $ more /etc/passwd
chmod Change file permissions $ chmod 755 myfile.txt one screen at a time; $ cat file | more
text remains on console
Touch Create an empty file $ touch new_empty_file
 SEC406 Lab Commands HFS Common Locations
COMMAND EXPLANATION / Root of the file system
ssh labD.L Begin a Lab “L” from Day “D” /etc “etcetera” folder holds configuration files
ssh del_labD.L Reset the specified lab to start over /var “variable” folder holds files that change frequently
#? Repeat the question for the current task /usr “Universal System Resources” is a Distributed mount folder that
holds binaries (installed programs)
#hint Get a hint on how to complete the task
/opt “options” folder is usually where compiled pages not installed by
a package manager go
Other Important Commands /dev “devices” is a dynamic folder for accessing system hardware
devices
COMMAND EXPLANATION EXAMPLE
/root The root users home folder
chmod Change the permissions (mode) $ chmod +w file.txt
of a file or directory /home All other users home folders

stat View detailed information about a file $ stat file.txt

passwd Change a user’s password, or your $ passwd [username]
own if no username is specified
kill Terminate or send a signal to a $ kill 8573
running process by process ID (PID)
ln Create a hard or symbolic link to a file $ ln [file] [link]
sort Sort the contents of a file or STDIN $ sort /etc/passwd
$ cat numlist.txt | sort –n
uniq Remove duplicate lines from a $ uniq mylist.txt
sorted file or sorted STDIN $ cat mylist.txt | uniq
which Identify which program on your drive $ which python
executes when you run a command /usr/bin/python