DOCSLIB.ORG

Useful Commands and Bash

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Working with files CISC3130, Spring 2013 X. Zhang 1 Outlines Finish up with awk: pipeline, external commands Commands working with files tree, ls (-d option, -1 option, -R, -a) od (octal dump), stat (show meta data of file) touch command, temporary file, file with random bytes File checksum, verification locate, type, which, find command: Finding files 2 Some useful tips Bash stores the commands history Use UP/DOWN arrow to browse them Use “history” to show past commands Repeat a previous command !<command_no> e.g., !239 “!<any prefix of previous command> E.g., !g++ Search for a command Type Ctrl-r, and then a string Bash will search previous commands for a match File name autocompletion: “tab” key 3 Output redirection: to pipeline #!/bin/awk -f END{ BEGIN { while ((getline < tmpfile) > 0) FS = ":“ { ## generate a temporay file cmd="mail -s Fellow_BASH_USER " $0 "mktemp /tmp/prog.XXXXXXXX" | print "Hello," $0 | cmd getline tmpfile ## send an email to every bash user print "temp file is: ", tmpfile } close ("mktemp") close (tmpfile); } } { # select username for users using bash pipe_mail.awk Todo: if ($7 ~ "/bin/bash") 1. print $1 >> tmpfile 2. 4 } Execute external command Using system function (similar to C/C++) E.g., system (“rm –f tmp”) to remove a file if (system(“rm –f tmp”)!=0) print “failed to rm tmp” A shell is started to run the command line passed as argument Inherit awk program’s standard input/output/error 5 Outlines Finish up with awk: pipeline, external commands Commands working with files tree, ls (-d option, -1 option, -R, -a) od (octal dump), stat (show meta data of file), cmp, diff touch command temporary file, file with random bytes locate, type, which, find command: Finding files 6 What’s in a file ? files are organized in a hierarchical directory structure Each file has a name, resides under a directory, is associated with some meta info (permission, owner, timestamps) Disk files, virtual file system, device files Contents of disk file: text (ASCII) file (such as your C/C++ source code), executable file (commands), a link to other files, … ln -s /path/to/file1.txt /path/to/file2.txt /proc filesystem stores system configuration parameters, resides in kernels memory Numerical subdirectories exist for every process. a device file or special file is an interface for a device driver that appears in a file system as if it were an ordinary file 7 For example, /dev/stdin, /dev/tty* What’s in a file ? Recall, ls –l output, first character indicates file types: d directory, - plain file, b block-type special file, c character-type special file, l symbolic link, s socket To check type of file: “file filename” To view “octal dump” of a file: od [OPTION]... [FILE]... od --traditional [FILE] [[+]OFFSET [[+]LABEL]] Important options: -A: what base to use when displaying address (default: base 8) -t: specify how to interpret file content a: named character, c: ASCII character or backslash representation d[size]: signed decimal, size bytes per integer 8 o[size], octal ; x[size], hexadecimal What’s in a file ? Example of od $echo abc def ghi jkl | od -c 0000000 a b c d e f g h i j k l \n 0000020 [zhang@storm ~]$ echo abc def ghi jkl | od -Ad –c ## same as –t c 0000000 a b c d e f g h i j k l \n 0000016 $ echo abc def ghi jkl | od -Ad -t d1 ## interpret each byte as decimal integer 0000000 97 98 99 32 100 101 102 32 103 104 105 32 106 107 108 10 0000016 $echo abc def ghi jkl | od -Ad -t x1 0000000 61 62 63 20 64 65 66 20 67 68 69 20 6a 6b 6c 0a 0000016 9 Disk space usage df report file system disk space usage df [OPTION]... [FILE]... Show information about file system on which each FILE resides, or all file systems by default. du - estimate file space usage du [OPTION]... [FILE]... Summarize disk usage of each FILE, recursively for directories. quota - display disk usage and limits 10 Compare file contents Compare files cmp file1 file2: finds the first place where two files differ (in terms of line and character) diff file1 file2: reports all lines that are different diff’s output is carefully designed so that it can be used by other programs. For example, revision control systems use diff to manage the differences between successive versions of files under their management. patch command: apply a diff file to an original patch [options] [originalfile [patchfile]] patch -pnum <patchfile 11 File checksum provide a single number, signature, that is characteristic of the file (computed from all of the bytes of the file) Files with different contents is unlikely to have same checksum Usage: Software announcements include checksums of distribution files for user to tell whether a copy matches original. 12 openssl a cryptography toolkit implementing Secure Sockets Layer and Transport Layer Security network protocols and related cryptography standards openssl program: a command line tool for using various cryptography functions from shell. Creation and management of private keys, public keys and parameters Public key cryptographic operations Creation of X.509 certificates, CSRs and CRLs Calculation of Message Digests Encryption and Decryption with Ciphers SSL/TLS Client and Server Tests Handling of S/MIME signed or encrypted mail Time Stamp requests, generation and verification 13 Message digest openssl dgst [-md5|-md4|-md2|-sha1|-sha|-mdc2|- ripemd160|-dss1] [-c] [-d] [-hex] [-binary] [-out filename] [- sign filename] [-keyform arg] [-passin arg] [-verify filename] [-prverify filename] [-signature filename] [-hmac key] [file...] Or [md5|md4|md2|sha1|sha|mdc2|ripemd160] [-c] [-d] [file...] Output message digest of a supplied file or files in hexadecimal form 14 Example $ md5sum /bin/l? 696a4fa5a98b81b066422a39204ffea4 /bin/ln cd6761364e3350d010c834ce11464779 /bin/lp 351f5eab0baa6eddae391f84d0a6c192 /bin/ls Output: 32 hexadecimal digits, i.e., 128 bits. chance of two different files with identical signatures is: 1/2128 (the book: 1/264) In 2005, researchers were able to create pairs of PostScript documents and X.509 certificates with the same hash. Later that year, MD5's designer Ron Rivest wrote, "md5 and sha1 are both clearly broken (in terms of collision-resistance)." 15 public-key cryptography Data security by two related keys: a private key, known only to its owner, and a public key, potentially known to anyone Examples: RSA, DSA algorithms Digital signature: Alice => Bob communication If Alice wants to sign an open letter, she uses her private key to encrypt it. Bob uses Alice’s public key to decrypt signed letter, and can then be confident that only Alice could have signed it, provided that she is trusted not to divulge her private key. Secrecy: If Alice wants to send a letter to Bob that only he can read, she encrypts it with Bob’s public key, and he then uses his private key to decrypt it. As long as Bob keeps his private key secret, Alice can be confident that only Bob can read her letter. 16 Secure Software Distribution many software archives include digital signatures that incorporate information from a file checksum as well as from signer’s private key. how to verify such signatures ? $ ls -l coreutils-5.0.tar* ##Show the distribution files -rw-rw-r-- 1 jones devel 6020616 Apr 2 2003 coreutils-5.0.tar.gz -rw-rw-r-- 1 jones devel 65 Apr 2 2003 coreutils-5.0.tar.gz.sig $ gpg coreutils-5.0.tar.gz.sig ##Try to verify the signature gpg: Signature made Wed Apr 2 14:26:58 2003 MST using DSA key ID D333CBA1 gpg: Can't check signature: public key not found 17 Verify using public key Obtain public key from public servers Add the public key to your key ring $ gpg --import temp.key gpg: key D333CBA1: public key "Jim Meyering <[email protected]>" imported gpg: Total number processed: 1 gpg: imported: 1 Verify the signature successfully: $ gpg coreutils-5.0.tar.gz.sig Verify the digital signature Online resource: The GNU Privacy Handbook 18 Outlines Finish up with awk: pipeline, external commands Commands working with files tree, ls and echo (-d option, -1 option, -R, -a) od (octal dump), stat (show meta data of file), cmp, diff touch command, mktemp, file with random bytes File checksum, verification locate, type, which, find command: Finding files Process-related commands 19 touch: update modification time Touch sometimes used to create empty files: their existence and possibly their timestamps, but not their contents, are significant. a lock file to indicate that a program is already running, and that a second instance should not be started. to record a file timestamp for later comparison with other files. Example: $touch -t 197607040000.00 US-bicentennial $ ls -l US-bicentennial ##List the file -rw-rw-r-- 1 jones devel 0 Jul 4 1976 US-bicentennial $ touch -r US-bicentennial birthday #Copy timestamp to the new birthday file $ ls -l birthday ## List the new file -rw-rw-r-- 1 jones devel 0 Jul 4 1976 birthday 20 Temporary files So far, we created in current directory And remove it after using it What if multiple scripts use same file name? or malicious users modify the files? Special directories, /tmp (cleared when system reboots) and /var/tmp To avoid filename collision, append process id as suffix ## create a temporary file in shell scripts tmpfile=temp.$$ ## $$ (process id) echo $tmpfile 21 mktemp command mktemp: takes an optional filename template containing a string of trailing X characters, preferably at least a dozen of them. mktemp replaces them with an alphanumeric string derived from random numbers and process ID, creates the file with no access for group and other, and prints filename on standard output.
Recommended publications
  • Better Performance Through a Disk/Persistent-RAM Hybrid Design

    Better Performance Through a Disk/Persistent-RAM Hybrid Design

    The Conquest File System: Better Performance Through a Disk/Persistent-RAM Hybrid Design AN-I ANDY WANG Florida State University GEOFF KUENNING Harvey Mudd College PETER REIHER, GERALD POPEK University of California, Los Angeles ________________________________________________________________________ Modern file systems assume the use of disk, a system-wide performance bottleneck for over a decade. Current disk caching and RAM file systems either impose high overhead to access memory content or fail to provide mechanisms to achieve data persistence across reboots. The Conquest file system is based on the observation that memory is becoming inexpensive, which enables all file system services to be delivered from memory, except providing large storage capacity. Unlike caching, Conquest uses memory with battery backup as persistent storage, and provides specialized and separate data paths to memory and disk. Therefore, the memory data path contains no disk-related complexity. The disk data path consists of only optimizations for the specialized disk usage pattern. Compared to a memory-based file system, Conquest incurs little performance overhead. Compared to several disk-based file systems, Conquest achieves 1.3x to 19x faster memory performance, and 1.4x to 2.0x faster performance when exercising both memory and disk. Conquest realizes most of the benefits of persistent RAM at a fraction of the cost of a RAM-only solution. Conquest also demonstrates that disk-related optimizations impose high overheads for accessing memory content in a memory-rich environment. Categories and Subject Descriptors: D.4.2 [Operating Systems]: Storage Management—Storage Hierarchies; D.4.3 [Operating Systems]: File System Management—Access Methods and Directory Structures; D.4.8 [Operating Systems]: Performance—Measurements General Terms: Design, Experimentation, Measurement, and Performance Additional Key Words and Phrases: Persistent RAM, File Systems, Storage Management, and Performance Measurement ________________________________________________________________________ 1.
  • A Postgresql Development Environment

    A Postgresql Development Environment

    A PostgreSQL development environment Peter Eisentraut [email protected] @petereisentraut The plan tooling building testing developing documenting maintaining Tooling: Git commands Useful commands: git add (-N, -p) git ls-files git am git format-patch git apply git grep (-i, -w, -W) git bisect git log (-S, --grep) git blame -w git merge git branch (--contains, -d, -D, --list, git pull -m, -r) git push (-n, -f, -u) git checkout (file, branch, -b) git rebase git cherry-pick git reset (--hard) git clean (-f, -d, -x, -n) git show git commit (--amend, --reset, -- git status fixup, -a) git stash git diff git tag Tooling: Git configuration [diff] colorMoved = true colorMovedWS = allow-indentation-change [log] date = local [merge] conflictStyle = diff3 [rebase] autosquash = true [stash] showPatch = true [tag] sort = version:refname [versionsort] suffix = "_BETA" suffix = "_RC" Tooling: Git aliases [alias] check-whitespace = \ !git diff-tree --check $(git hash-object -t tree /dev/null) HEAD ${1:-$GIT_PREFIX} find = !git ls-files "*/$1" gtags = !git ls-files | gtags -f - st = status tags = tag -l wdiff = diff --color-words=[[:alnum:]]+ wshow = show --color-words Tooling: Git shell integration zsh vcs_info Tooling: Editor Custom settings for PostgreSQL sources exist. Advanced options: whitespace checking automatic spell checking (flyspell) automatic building (flycheck, flymake) symbol lookup ("tags") Tooling: Shell settings https://superuser.com/questions/521657/zsh-automatically-set-environment-variables-for-a-directory zstyle ':chpwd:profiles:/*/*/devel/postgresql(|/|/*)' profile postgresql chpwd_profile_postgresql() { chpwd_profile_default export EMAIL="[email protected]" alias nano='nano -T4' LESS="$LESS -x4" } Tooling — Summary Your four friends: vcs editor shell terminal Building: How to run configure ./configure -C/--config-cache --prefix=$(cd .
  • Program #6: Word Count

    Program #6: Word Count

    CSc 227 — Program Design and Development Spring 2014 (McCann) http://www.cs.arizona.edu/classes/cs227/spring14/ Program #6: Word Count Due Date: March 11 th, 2014, at 9:00 p.m. MST Overview: The UNIX operating system (and its variants, of which Linux is one) includes quite a few useful utility programs. One of those is wc, which is short for Word Count. The purpose of wc is to give users an easy way to determine the size of a text file in terms of the number of lines, words, and bytes it contains. (It can do a bit more, but that’s all of the functionality that we are concerned with for this assignment.) Counting lines is done by looking for “end of line” characters (\n (ASCII 10) for UNIX text files, or the pair \r\n (ASCII 13 and 10) for Windows/DOS text files). Counting words is also straight–forward: Any sequence of characters not interrupted by “whitespace” (spaces, tabs, end–of–line characters) is a word. Of course, whitespace characters are characters, and need to be counted as such. A problem with wc is that it generates a very minimal output format. Here’s an example of what wc produces on a Linux system when asked to count the content of a pair of files; we can do better! $ wc prog6a.dat prog6b.dat 2 6 38 prog6a.dat 32 321 1883 prog6b.dat 34 327 1921 total Assignment: Write a Java program (completely documented according to the class documentation guidelines, of course) that counts lines, words, and bytes (characters) of text files.
  • DC Console Using DC Console Application Design Software

    DC Console Using DC Console Application Design Software

    DC Console Using DC Console Application Design Software DC Console is easy-to-use, application design software developed specifically to work in conjunction with AML’s DC Suite. Create. Distribute. Collect. Every LDX10 handheld computer comes with DC Suite, which includes seven (7) pre-developed applications for common data collection tasks. Now LDX10 users can use DC Console to modify these applications, or create their own from scratch. AML 800.648.4452 Made in USA www.amltd.com Introduction This document briefly covers how to use DC Console and the features and settings. Be sure to read this document in its entirety before attempting to use AML’s DC Console with a DC Suite compatible device. What is the difference between an “App” and a “Suite”? “Apps” are single applications running on the device used to collect and store data. In most cases, multiple apps would be utilized to handle various operations. For example, the ‘Item_Quantity’ app is one of the most widely used apps and the most direct means to take a basic inventory count, it produces a data file showing what items are in stock, the relative quantities, and requires minimal input from the mobile worker(s). Other operations will require additional input, for example, if you also need to know the specific location for each item in inventory, the ‘Item_Lot_Quantity’ app would be a better fit. Apps can be used in a variety of ways and provide the LDX10 the flexibility to handle virtually any data collection operation. “Suite” files are simply collections of individual apps. Suite files allow you to easily manage and edit multiple apps from within a single ‘store-house’ file and provide an effortless means for device deployment.
  • Shell Scripting with Bash

    Shell Scripting with Bash

    Introduction to Shell Scripting with Bash Charles Jahnke Research Computing Services Information Services & Technology Topics for Today ● Introductions ● Basic Terminology ● How to get help ● Command-line vs. Scripting ● Variables ● Handling Arguments ● Standard I/O, Pipes, and Redirection ● Control Structures (loops and If statements) ● SCC Job Submission Example Research Computing Services Research Computing Services (RCS) A group within Information Services & Technology at Boston University provides computing, storage, and visualization resources and services to support research that has specialized or highly intensive computation, storage, bandwidth, or graphics requirements. Three Primary Services: ● Research Computation ● Research Visualization ● Research Consulting and Training Breadth of Research on the Shared Computing Cluster (SCC) Me ● Research Facilitator and Administrator ● Background in biomedical engineering, bioinformatics, and IT systems ● Offices on both CRC and BUMC ○ Most of our staff on the Charles River Campus, some dedicated to BUMC ● Contact: [email protected] You ● Who has experience programming? ● Using Linux? ● Using the Shared Computing Cluster (SCC)? Basic Terminology The Command-line The line on which commands are typed and passed to the shell. Username Hostname Current Directory [username@scc1 ~]$ Prompt Command Line (input) The Shell ● The interface between the user and the operating system ● Program that interprets and executes input ● Provides: ○ Built-in commands ○ Programming control structures ○ Environment
  • Windows Command Prompt Cheatsheet

    Windows Command Prompt Cheatsheet

    Windows Command Prompt Cheatsheet - Command line interface (as opposed to a GUI - graphical user interface) - Used to execute programs - Commands are small programs that do something useful - There are many commands already included with Windows, but we will use a few. - A filepath is where you are in the filesystem • C: is the C drive • C:\user\Documents is the Documents folder • C:\user\Documents\hello.c is a file in the Documents folder Command What it Does Usage dir Displays a list of a folder’s files dir (shows current folder) and subfolders dir myfolder cd Displays the name of the current cd filepath chdir directory or changes the current chdir filepath folder. cd .. (goes one directory up) md Creates a folder (directory) md folder-name mkdir mkdir folder-name rm Deletes a folder (directory) rm folder-name rmdir rmdir folder-name rm /s folder-name rmdir /s folder-name Note: if the folder isn’t empty, you must add the /s. copy Copies a file from one location to copy filepath-from filepath-to another move Moves file from one folder to move folder1\file.txt folder2\ another ren Changes the name of a file ren file1 file2 rename del Deletes one or more files del filename exit Exits batch script or current exit command control echo Used to display a message or to echo message turn off/on messages in batch scripts type Displays contents of a text file type myfile.txt fc Compares two files and displays fc file1 file2 the difference between them cls Clears the screen cls help Provides more details about help (lists all commands) DOS/Command Prompt help command commands Source: https://technet.microsoft.com/en-us/library/cc754340.aspx.
  • System Calls System Calls

    System Calls System Calls

    System calls We will investigate several issues related to system calls. Read chapter 12 of the book Linux system call categories file management process management error handling note that these categories are loosely defined and much is behind included, e.g. communication. Why? 1 System calls File management system call hierarchy you may not see some topics as part of “file management”, e.g., sockets 2 System calls Process management system call hierarchy 3 System calls Error handling hierarchy 4 Error Handling Anything can fail! System calls are no exception Try to read a file that does not exist! Error number: errno every process contains a global variable errno errno is set to 0 when process is created when error occurs errno is set to a specific code associated with the error cause trying to open file that does not exist sets errno to 2 5 Error Handling error constants are defined in errno.h here are the first few of errno.h on OS X 10.6.4 #define EPERM 1 /* Operation not permitted */ #define ENOENT 2 /* No such file or directory */ #define ESRCH 3 /* No such process */ #define EINTR 4 /* Interrupted system call */ #define EIO 5 /* Input/output error */ #define ENXIO 6 /* Device not configured */ #define E2BIG 7 /* Argument list too long */ #define ENOEXEC 8 /* Exec format error */ #define EBADF 9 /* Bad file descriptor */ #define ECHILD 10 /* No child processes */ #define EDEADLK 11 /* Resource deadlock avoided */ 6 Error Handling common mistake for displaying errno from Linux errno man page: 7 Error Handling Description of the perror () system call.
  • Lecture 7 Network Management and Debugging

    Lecture 7 Network Management and Debugging

    SYSTEM ADMINISTRATION MTAT.08.021 LECTURE 7 NETWORK MANAGEMENT AND DEBUGGING Prepared By: Amnir Hadachi and Artjom Lind University of Tartu, Institute of Computer Science [email protected] / [email protected] 1 LECTURE 7: NETWORK MGT AND DEBUGGING OUTLINE 1.Intro 2.Network Troubleshooting 3.Ping 4.SmokePing 5.Trace route 6.Network statistics 7.Inspection of live interface activity 8.Packet sniffers 9.Network management protocols 10.Network mapper 2 1. INTRO 3 LECTURE 7: NETWORK MGT AND DEBUGGING INTRO QUOTE: Networks has tendency to increase the number of interdependencies among machine; therefore, they tend to magnify problems. • Network management tasks: ✴ Fault detection for networks, gateways, and critical servers ✴ Schemes for notifying an administrator of problems ✴ General network monitoring, to balance load and plan expansion ✴ Documentation and visualization of the network ✴ Administration of network devices from a central site 4 LECTURE 7: NETWORK MGT AND DEBUGGING INTRO Network Size 160 120 80 40 Management Procedures 0 AUTOMATION ILLUSTRATION OF NETWORK GROWTH VS MGT PROCEDURES AUTOMATION 5 LECTURE 7: NETWORK MGT AND DEBUGGING INTRO • Network: • Subnets + Routers / switches Time to consider • Automating mgt tasks: • shell scripting source: http://www.eventhelix.com/RealtimeMantra/Networking/ip_routing.htm#.VvjkA2MQhIY • network mgt station 6 2. NETWORK TROUBLES HOOTING 7 LECTURE 7: NETWORK MGT AND DEBUGGING NETWORK TROUBLESHOOTING • Many tools are available for debugging • Debugging: • Low-level (e.g. TCP/IP layer) • high-level (e.g. DNS, NFS, and HTTP) • This section progress: ping trace route GENERAL ESSENTIAL TROUBLESHOOTING netstat TOOLS STRATEGY nmap tcpdump … 8 LECTURE 7: NETWORK MGT AND DEBUGGING NETWORK TROUBLESHOOTING • Before action, principle to consider: ✴ Make one change at a time ✴ Document the situation as it was before you got involved.
  • Linux Commands Cheat Sheet

    Linux Commands Cheat Sheet

    LINUX COMMANDS CHEAT SHEET System File Permission uname => Displays Linux system information chmod octal filename => Change file permissions of the file to octal uname -r => Displays kernel release information Example uptime => Displays how long the system has been running including chmod 777 /data/test.c => Set rwx permissions to owner, group and everyone (every- load average one else who has access to the server) hostname => Shows the system hostname chmod 755 /data/test.c => Set rwx to the owner and r_x to group and everyone hostname -i => Displays the IP address of the system chmod 766 /data/test.c => Sets rwx for owner, rw for group and everyone last reboot => Shows system reboot history chown owner user-file => Change ownership of the file date => Displays current system date and time chown owner-user: owner-group => Change owner and group owner of the file timedatectl => Query and change the System clock file_name chown owner-user:owner-group- => Change owner and group owner of the directory cal => Displays the current calendar month and day directory w => Displays currently logged in users in the system whoami => Displays who you are logged in as Network finger username => Displays information about the user ip addr show => Displays IP addresses and all the network interfaces Hardware ip address add => Assigns IP address 192.168.0.1 to interface eth0 192.168.0.1/24 dev eth0 dmesg => Displays bootup messages ifconfig => Displays IP addresses of all network interfaces cat /proc/cpuinfo => Displays more information about CPU e.g model, model name, cores, vendor id ping host => ping command sends an ICMP echo request to establish a connection to server / PC cat /proc/meminfo => Displays more information about hardware memory e.g.
  • Version 7.8-Systemd

    Version 7.8-Systemd

    Linux From Scratch Version 7.8-systemd Created by Gerard Beekmans Edited by Douglas R. Reno Linux From Scratch: Version 7.8-systemd by Created by Gerard Beekmans and Edited by Douglas R. Reno Copyright © 1999-2015 Gerard Beekmans Copyright © 1999-2015, Gerard Beekmans All rights reserved. This book is licensed under a Creative Commons License. Computer instructions may be extracted from the book under the MIT License. Linux® is a registered trademark of Linus Torvalds. Linux From Scratch - Version 7.8-systemd Table of Contents Preface .......................................................................................................................................................................... vii i. Foreword ............................................................................................................................................................. vii ii. Audience ............................................................................................................................................................ vii iii. LFS Target Architectures ................................................................................................................................ viii iv. LFS and Standards ............................................................................................................................................ ix v. Rationale for Packages in the Book .................................................................................................................... x vi. Prerequisites
  • Chapter 19 RECOVERING DIGITAL EVIDENCE from LINUX SYSTEMS

    Chapter 19 RECOVERING DIGITAL EVIDENCE from LINUX SYSTEMS

    Chapter 19 RECOVERING DIGITAL EVIDENCE FROM LINUX SYSTEMS Philip Craiger Abstract As Linux-kernel-based operating systems proliferate there will be an in­ evitable increase in Linux systems that law enforcement agents must process in criminal investigations. The skills and expertise required to recover evidence from Microsoft-Windows-based systems do not neces­ sarily translate to Linux systems. This paper discusses digital forensic procedures for recovering evidence from Linux systems. In particular, it presents methods for identifying and recovering deleted files from disk and volatile memory, identifying notable and Trojan files, finding hidden files, and finding files with renamed extensions. All the procedures are accomplished using Linux command line utilities and require no special or commercial tools. Keywords: Digital evidence, Linux system forensics !• Introduction Linux systems will be increasingly encountered at crime scenes as Linux increases in popularity, particularly as the OS of choice for servers. The skills and expertise required to recover evidence from a Microsoft- Windows-based system, however, do not necessarily translate to the same tasks on a Linux system. For instance, the Microsoft NTFS, FAT, and Linux EXT2/3 file systems work differently enough that under­ standing one tells httle about how the other functions. In this paper we demonstrate digital forensics procedures for Linux systems using Linux command line utilities. The ability to gather evidence from a running system is particularly important as evidence in RAM may be lost if a forensics first responder does not prioritize the collection of live evidence. The forensic procedures discussed include methods for identifying and recovering deleted files from RAM and magnetic media, identifying no- 234 ADVANCES IN DIGITAL FORENSICS tables files and Trojans, and finding hidden files and renamed files (files with renamed extensions.
  • Dell EMC Powerstore CLI Guide

    Dell EMC Powerstore CLI Guide

    Dell EMC PowerStore CLI Guide May 2020 Rev. A01 Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2020 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners. Contents Additional Resources.......................................................................................................................4 Chapter 1: Introduction................................................................................................................... 5 Overview.................................................................................................................................................................................5 Use PowerStore CLI in scripts.......................................................................................................................................5 Set up the PowerStore CLI client........................................................................................................................................5 Install the PowerStore CLI client..................................................................................................................................