Netstat
Netstat stands for network statistics. Network sockets can either be connected or waiting for a connection. The connections use networking protocols like Transport Control Protocol (TCP) or User Datagram Protocol UDP. They use Internet Protocol addresses and network ports to establish connections.
Sockets have two main states: They are either connected and facilitating an ongoing network communication, or they are waiting for an incoming connection to connect to them. There are other states, such as the state when a socket is midway through establishing a connection on a remote device, but putting transient states aside, you can think of a socket as either being connected or waiting (which is often called listening).
The listening socket is called the server, and the socket that requests a connection with the listening socket is called a client. These names have nothing to do with hardware or computer roles. They simply define the role of each socket at each end of the connection.
The netstat command lets you discover which sockets are connected and which sockets are listening. Meaning, it tells you which ports are in use and which processes are using them. It can show you routing tables and statistics about your network interfaces and multicast connections.
The functionality of netstat has been replicated over time in different Linux utilities, such as ip and ss. It’s still worth knowing this granddaddy of all network analysis commands, because it is available on all Linux and Unix-like operating systems, and even on Windows and Mac.
netstat -a
The ‘-a’ option is used to display all the existing connections.
netstat- a
netstat -at
To display only the TCP connection, execute the command with the ‘t’
netstat- at
netstat -au
To display only UDP connection, execute it with ‘u’ option
netstat -au
netstat -tnl
The listening connections are such connections that are available for connection requests. Any network process keeps an open port for the listening incoming connection requests.
netstat -tnl
netstat -rn
The ‘r’ option is used to display the kernel routing information. It will display the same output as route command.
netstat -rn
netstat -i
We can also display information about the network interfaces by using the netstat command. To display the network interfaces, execute the command with ‘i’ option
netstat -i
netstat -ct
To display the netstat output continuously, execute the command with the ‘c’ option
netstat -ct
nslookup
This command is also used to find DNS related query.
nslookup {domainName}
host
host command displays domain name for given IP address or vice-versa. It also performs DNS lookups related to the DNS query.
host {hostname}
host -t ns
The ‘ns’ option with ‘-t’ arguments are used to display the domain name servers.
host -t ns {hostname}
Curl
curl is a tool to transfer data from or to a server, using one of the supported protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP). The command is designed to work without user interaction.
curl {option} {url}
su
The su command allows you to run a shell as another user.
su {username}
su root
useradd
useradd commands you can add a user.
useradd -m -d /home/<userName> -c “<userName>” <userName>
useradd -m -d /home/lisa -c "lisa" lisa
userdel
To delete a user account userdel command is used. By using userdel -r option, you can delete home directory along with user account.
userdel -r {username}
userdel -r lisa
usermod
The command usermod is used to modify the properties of an existing user.
usermod -c <‘newName’> <oldName>
usermod -c 'lisa' lisak
You can change the shell mode with usermod command for a user.
usermod -s <newShell> <userName>
usermod -s /bin/bash lisak
passwd
A user can set the password with the command passwd. Old password has to be typed twice before entering the new one.
passwd {username}
// change current user password
passwd
// change another user password
passwd {username}
whoami
It tells you about the system’s username.
whoami
who
The who command gives the information about the users logged on to the system.
who
w
This command tells about the users who are logged in and what are they doing.
w
Groups
Users can be listed in different groups. Group allow us to set permission on the group level instead of setting the permission on individual level.
groupadd
The groupadd command creates or add a group in our system.
// create a group named developers groupadd developers
group
The group command tells about the group where current user belongs to.
groupmod
With the help of groupmod command you can change the name of an already existing group.
groupmod -n <oldGroup> <newGroup>
groupmod -n developers devs
groupdel
The command groupdel will delete a group permanently from the system.
groupdel developers
The “man” is a short term for manual page. In unix like operating systems such as linux, man is an interface to view the system’s reference manual.
A user can request to display a man page by simply typing man followed by a space and then argument. Here its argument can be a command, utility or function. A manual page associated with each of these arguments is displayed.
If you will provide a section number in the command, then man will be directed to look into that section number of the manual and that section page will be displayed. And if not, then by default it will display the first page and you have to go through the entire sections in a pre-defined manner.
There are many commands which help to look at the contents of a file. Now we’ll look at some of the commands like head, tac, cat, less & more and strings.
Head
The ‘head’ command displays the starting content of a file. By default, it displays starting 10 lines of any file.
head {filename}
// -n option followed by an integer specifying the number of lines to be shown.
head -n {number} {filename}
// show content of multiple files to n line
head -n {number} {filename1} {filename2}
// -c option allows to print a specific number of bytes
head -c {number} {filename}
// show content of multiple files to number of bytes
head -c {number} {filename1} {filename2}
Examples
head {filename1} {filename2}…
folaukaveinga@Folaus-MacBook-Pro-3 files % head test.txt test2.txt ==> test.txt <== test test1 sdf ewr sdfb dcxzv xcv x ==> test2.txt <== wer qwe rq wer qwe rqwe r qwe rq wer
head -n {filename1} {filename2}…
folaukaveinga@Folaus-MacBook-Pro-3 files % head -n 5 test.txt test test1 sdf ewr folaukaveinga@Folaus-MacBook-Pro-3 files % head -n 5 test.txt test2.txt ==> test.txt <== test test1 sdf ewr ==> test2.txt <== wer qwe rq wer qwe
head -c {number} {filename1} {filename2}…
folaukaveinga@Folaus-MacBook-Pro-3 files % head -c 10 test.txt test test1% folaukaveinga@Folaus-MacBook-Pro-3 files % head -c 10 test.txt test2.txt ==> test.txt <== test test1 ==> test2.txt <== wer qwe rq%
Tail
Linux tail command is used to display the last ten lines of one or more files. Its main purpose is to read the error message. By default, it displays the last ten lines of a file. Additionally, it is used to monitor the file changes in real-time. The default use of the tail command displays the last ten lines of the files.
tail -n {number} {filename1} {filename2}…
Prints the last ‘n’ lines. n is mandatory to be specified in command otherwise it displays an error
folaukaveinga@Folaus-MacBook-Pro-3 files % tail -n 5 test.txt asdf asd fasd fasd
tail -c {number} {filename1} {filename2}…
The ‘-c’ option displays the specified number of content for bytes from the last line.
folaukaveinga@Folaus-MacBook-Pro-3 files % tail -c 10 test.txt asd fasd
tail -f {number} {filename1} {filename2}…
This option is mainly used by system administration to monitor the growth of the log files written by many Unix program as they are running. This option shows the last ten lines of a file and will update when new lines are added. As new lines are written to the log, the console will update with the new lines.
folaukaveinga@Folaus-MacBook-Pro-3 files % tail -f test.txt f sad f i asdf asdf asd fasd fasd
Cat
The ‘cat’ command can be used to display the content of a file, copy content from one file to another, concatenate the contents of multiple files, display the line number, display $ at the end of the line, etc.
cat {filename}
display all content of a file
folaukaveinga@Folaus-MacBook-Pro-3 files % cat test.txt test test1 sdf ewr sdfb dcxz fasd
cat > {filename}
create a file
folaukaveinga@Folaus-MacBook-Pro-3 files % cat > test1.txt easdf asd fasd fasdf ^C folaukaveinga@Folaus-MacBook-Pro-3 files % head test1.txt easdf asd fasd fasdf
cat >> {filename}
>> appends input to the end of the file
folaukaveinga@Folaus-MacBook-Pro-3 files % cat >> test1.txt test123 sdfsdf^C
cat {filename1} {filename2}… > {newfilename}
copy contents of one file(filename1} to another file {newfilename}
with (-) a new line will be inserted while concatenating multiple files by using a hyphen (-).
folaukaveinga@Folaus-MacBook-Pro-3 files % cat test1.txt > test4.txt folaukaveinga@Folaus-MacBook-Pro-3 files % ls test test.txt test1.txt test2.txt test3.txt test4.txt folaukaveinga@Folaus-MacBook-Pro-3 files % head test4.txt easdf asd fasd fasdf test123 folaukaveinga@Folaus-MacBook-Pro-3 files % cat test1.txt test2.txt > test5.txt // add new line \n to the end of test.txt content folaukaveinga@Folaus-MacBook-Pro-3 files % cat - test1.txt test2.txt > test5.txt
cat -n {filename}
-n shows the number line
folaukaveinga@Folaus-MacBook-Pro-3 files % cat -n test5.txt
1 easdf
2 asd
3 fasd
4 fasdf
5 test123
6 123
7 123
8 s
9 df
10 asd
cat -e {filename}
The ‘cat-e’ option displays a ‘$’ sign at the end of every line. This is very useful when you are looking for the end of a line.
folaukaveinga@Folaus-MacBook-Pro-3 files % cat -e test.txt test$ test1$ sdf$ ewr$ sdfb$ dcxzv$ $
cat {filename} | more
This gives you an option to paginate what to display.
cat test.txt | more
sort {filename}
Sort content of file alphabetically.
folaukaveinga@Folaus-MacBook-Pro-3 Downloads % sort test.txt as asd asd asd asd asd asdf asdf
In Linux system, a file doesn’t include only text files, images and compiled programs, partitions, hardware device drivers and directories. Linux consider everything as as file are also files.
Create a text file
touch test.txt // using vi vi tes.txt // using vim vim test.txt
Update content of an existing file
// using vi vi tes.txt // using vim vim test.txt
Delete a file with rm command
rm means remove. This command is used to remove a file. The command line doesn’t have a recycle bin or trash unlike other GUI’s to recover the files. Hence, be very much careful while using this command. Once you have deleted a file, it is removed permanently.
rm test.txt // delete multiple files rm test1.txt test2.txt // delete files having same extension. rm *.json // delete a directory recursively rm -r test // delete files/directories recursively and forcefully rm -rf
Copy a file with cp command
cp stands for copy.
folaukaveinga@Folaus-MacBook-Pro-3 files % ls test.txt folaukaveinga@Folaus-MacBook-Pro-3 files % cp test.txt test1.txt folaukaveinga@Folaus-MacBook-Pro-3 files % ls test.txt test1.txt
Copy multiple files
// copy all directories and files int the current directory to the Download directory copy -R * /Users/folaukaveinga/Download
Move a file from one place to another with mv command
mv command is used to move existing file or directory from one location to another. It is also used to rename a file or directory. If you want to rename a single directory or file then mv option will be better to use.
mv file destination
folaukaveinga@Folaus-MacBook-Pro-3 files % ls test test.txt test1.txt folaukaveinga@Folaus-MacBook-Pro-3 files % mv *.txt test folaukaveinga@Folaus-MacBook-Pro-3 files % ls -la total 0 drwxr-xr-x 3 folaukaveinga staff 96 Nov 7 22:47 . drwx------@ 8 folaukaveinga staff 256 Nov 7 20:42 .. drwxr-xr-x 4 folaukaveinga staff 128 Nov 7 22:47 test folaukaveinga@Folaus-MacBook-Pro-3 files % cd test folaukaveinga@Folaus-MacBook-Pro-3 test % ls test.txt test1.txt folaukaveinga@Folaus-MacBook-Pro-3 test %
Rename a file
To rename a file there are other commands also like ‘mv’. But ‘rename’ command is slightly advanced then others. This command will be rarely used and it works differently on different distros of linux.
Get file type
file command is used to determine the file type. It does not care about the extension used for file. It simply uses file command and tell us the file type.
folaukaveinga@Folaus-MacBook-Pro-3 files % file test.txt test.txt: ASCII text