Things You Can Do With Linux

Oct 10, 2024

Previously, I have spoken about the power of Linux. We have discussed the benefits for the Linux command line interface (CLI) as well as the Windows CLI and some of the basic commands to know.

Let’s go over just some of the use cases that Linux is great for.

Some things you can do with it:

filter and manipulate data in real-time
manage scripts on a schedule
hunt for suspicious activity

All without having to leave your terminal.

A Linux Ubuntu CLI, at the user level (non-root)

Use Cases

One of the powerful features of the Linux CLI is the ability to chain commands together using pipes "|".

This allows you to connect multiple commands together and use the output of one command as the input for another. (Think of links literally being chained together)

Let’s go over an example, the command

find . -type f -name "*.gz" | strings -f --print-file-name | xargs zgrep "209.85.232.127"

This will list all files ending with the ".gz" extension in a detailed format. This combines the output of find and strings, with the zgrep command.

Another cool feature is the use of redirection operators ">" and ">>". These operators allow you to redirect and append output to a file respectively.

For example, the command ls -l > file.txt will create a file called "file.txt" and write the output of the ls -l command to it.

Or the command echo "1, 2, 3" >> filelist.txt

This will append the text “1, 2, 3” to the file filelist.txt. Simple examples to illustrate the concept.

There’s also the ; operator, which is used to separate commands. Letting you run multiple commands in sequence.

For example, take this command. for i in {0..10}; do echo $i; sleep 3; done; echo "done".

This will run the first counting command, print each number one at a time, sleep for 3 seconds, then run the final echo command printing “done” to the terminal.

You can start to see the many use cases in which this chaining of commands would be useful for productivity gains.

Share Danny's Newsletter

Regex

Regular expressions within grep is another powerful feature that can be used to search for patterns in text.

For example, take this command

grep -E "^[A-Z]" file.txt

This will search for lines in "file.txt" that start with an uppercase letter.

The following command

grep -E "^[aA-zZ]"

will look for any alphabetical letters, this time case-insensitive.

Regex101 is a good site to test any regex pattern. It has been a helping hand many times for me.

Manage System Services Using Cron

Another use case for the command line is to manage system services using cron.

Cron is a system service scheduler that lets you schedule commands to run at certain intervals, such as once per day, once per week, or once per month. You can specify the time in the future, or the current time to repeat occurrence at that time. For example, you can run
0 8 * * 1 tar -zcf /var/backups/home.tgz /home/

This would run a backup in the form of a tarball at 8:00 UTC every Monday.

On top of this, you can run the command line that uses cron from a script or from a script in your automation workflow.

To test different times for your cron scheduling, check out the following site.

https://crontab.guru/

Commands to Monitor For Suspicious Activity

These are just some commands you could find yourself using to discover suspicious or malicious activity.

You can try these commands on your home network as somewhat of an exercise.

Filesystem Activityhistory | grep unset HISTFILE

history | grep history -c

tail /var/log/auth.log

last | log

If you have auditd installed

ausearch -m execve

ausearch -ts today -te now

For more on auditd

Cron jobs

crontab -l

grep CRON /var/log/syslog

Network Activity

iptables -L

lsof -u <USER> -i | tail

You can also use this a quick reference sheet when you’re preparing for interviews.

Computing

We can’t talk about Linux without talking about computing. This is one that maybe the every day user doesn’t realize, but practitioners know well.

Most apps we use on a day to day basis run on Linux. (That app you’re scrolling through at night 😂, it runs on Linux).

As explained in this blog post by the Linux Foundation, over 90% of public cloud servers are running on Linux. This is because this infrastructure is better suited for massive computation. And these social apps require that computation.

On the job for any Cybersecurity, DevOps or Engineering related roles, you will be working with more Linux servers than anything else. Logging into your Mac or PC, and then SSHing into a Linux server is a usual workflow.

Free Course

These are just some of the many powerful abilities of the Linux operating system to discover.

Awhile back, I made a free course that goes over the fundamentals of Linux.

You will leave with a good foundation of the Linux operating system, get off the ground, with guidance on where to go from there.

Check it out here.

Feel free to provide feedback, I’m always looking to improve.

Linux can definitely come up in an interview round, since it is generally the OS of Cybersecurity. And knowing the fundamentals of it will be a difference maker.

See you in the next one.

Danny's Newsletter