Author: Ruwantha Nissanka

Create Snapshot backups using Timeshift in linux

Timeshift is a linux application that we can use to create snapshots in our linux system,. If something bad happens to our linux system (For an example, all the system files and settings are deleted after cyber attack) we can use the snapshot that we create using timeshift to restore the system back and undo all changes that is made to the system.  It provides functionality similar to the System Restore feature in Windows and the Time Machine tool in Mac OS. Timeshift can be configured to take incremental snapshots of the file system at regular intervals. These snapshots can be restored at a later date to u ando all changes to the system. Timeshift can also be used in a GUI mode. However, imagine a situation, where your video driver is broken due to some unstable update or maybe something terrible happens with your system and you are not able to use the Timeshift GUI version to rollback your system to the previous state, then you have only the Timeshift CLI option available. Install timeshift using the following command #sudo apt install timeshift Using the –help command, we can see all the options in timeshift #timeshift –help To check all the devices that you can use to store the snapshot, execute the following command #sudo timeshift --list-devices Use the following command to check the possibility to take the snapshot and store it...

Read More

Auditing network services with netstat in linux

The following are two reasons why you would want to keep track of what network services are running on your system: To ensure that no legitimate network services that you don’t need are running To ensure that you don’t have any malware that’s listening for network connections from its master You can use the following command to see a list of network services that are listening #netstat -lp -A inet Here’s the breakdown: -lp: The l means that we want to see which network ports are listening. In other words, we want to see which network ports are waiting for someone to connect to them. The p means that we want to see the name and process ID number of the program or service that is listening on each port.  -A inet: This means that we only want to see information about the network protocols that are members of the inet family. In other words, we want to see information about the raw, tcp, and udp network sockets, but we don’t want to see anything about the Unix sockets that only deal with interprocess communications within the operating system. If you want to see port numbers and IP addresses instead of network names, add the n option #netstat -lpn -A inet to view the established TCP connections, leave out the l option. #netstat -p -A inet The Foreign Address...

Read More

Web server scanning with Nikto in Linux

Nikto is a special-purpose tool with only one purpose; that is, it’s meant to scan web servers, and only web servers. It’s easy to install, easy to use, and capable of doing a comprehensive scan of a web server fairly quickly. Nikto is built on LibWhisker2 (by RFP) and can run on any platform which has a Perl environment. It supports SSL, proxies, host authentication, attack encoding and more. It can be updated automatically from the command-line, and supports the optional submission of updated version data back to the maintainers. To install on Ubuntu, use the following command: #apt install nikto libnet-ssleay-perl The next thing you’ll want to do is update the database of vulnerability signatures. To update the vulnerability database, use the following command: #nikto -update To do a simple web server scan, use the -h option to specify the target host #nikto -h <web_server_ip> One of the great things you can do with nikto is to specify the type of checks it runs. So, to only perform an Denial of Service test against your target. #nikto -tuning x 6 -h <web_server_ip> If you want to to be anonymous while scanning a particular web for vulnerabilities you can use a proxy server where It hides your IP address and other information. Edit the configuration file for nikto as follows. #vi /etc/nikto/config.tx Navigate to Proxy settings and change it as follows. PROXYHOST=85.28.28.209...

Read More

Over 16,000 readers, Get fresh content from “The Linux juggernaut”

Email Subscribe

ABOUT ME..!

My photo
My name is Surendra Kumar Anne. I hail from Vijayawada which is cultural capital of south Indian state of Andhra Pradesh. I am a Linux evangelist who believes in Hard work, A down to earth person, Likes to share knowledge with others, Loves dogs, Likes photography. At present I work at Bank of America as Sr. Analyst Systems and Administration. You can contact me at surendra (@) linuxnix dot com.