Linux-Cli-Tutorial(by Saman Khalife)
  • Characters
  • Linux Commands
  • Quick review for commands
  • Config file parameters you can use
  • .github
    • ISSUE_TEMPLATE
      • bug_report
  • Editors-for-command-line
  • TOOLs and APPs
    • Iptables
    • Ufw
      • man
  • Git Commands
  • Installing tools and apps
    • Check-used-ports
    • Clear the cache memory in Linux
    • ulimit
    • ulimit
    • Installing WordPress with Apache
    • Installing WordPress with Nginx
    • what packages are installed by apt
    • wildcard characters for globbing
  • Lpic 1
    • LPIC-1 Exam 101 (101-500) Exam
    • LPIC-1 Exam 101 Objectives
    • how to use lvm snapshots
    • LPIC-1 Exam 102 Objectives
  • Lpic 2
    • how to use lvm
    • LPIC-2 Exam 201 Objectives
    • LPIC-1 Exam 102 (102-500) Exam
    • LPIC-2 Exam 202 Objectives
  • Lpic 3
    • LPIC-2 Exam 201 (201-450) Exam
    • LPIC-3 High Availability and Storage Clusters 306 Objectives
    • LPIC-2 Exam 202 (202-450) Exam
    • LPIC-3 Mixed Environments 300 Objectives.md
    • LPIC-3 High Availability and Storage Clusters 306 Exam
    • LPIC-3 Security Exam 303 Objectives
    • LPIC-3 High Availability and Storage Clusters 306 Objectives
    • LPIC-3 Virtualization and Containerization 305 Objectives
  • TXT FILES
    • accept
    • accton
    • aclocal
    • acpi
    • acpid
    • addr2line
    • addresses
    • agetty
    • alias
    • alsactl
    • amidi
    • amixer
    • anacron
    • apachetop
    • aplay
    • aplaymidi
    • apm
    • apmd
    • apropos
    • apt-get
    • apt
    • aptitude
    • ar
    • arecord
    • arecordmidi
    • arp
    • aspell
    • at
    • atd
    • atop
    • aumix
    • autoconf
    • autoheader
    • automake
    • autoreconf
    • autoscan
    • badblocks
    • banner
    • basename
    • batch
    • bc
    • bg
    • biff
    • bind
    • bison
    • break
    • builtin
    • bzcmp
    • bzdiff
    • bzgrep
    • bzip2
    • cal
    • cardctl
    • cardmgr
    • case
    • cat
    • cc
    • ccrypt
    • cd
    • cdparanoia
    • cfdisk
    • chage
    • chdir
    • chfn
    • chgrp
    • chkconfig
    • chmod
    • chown
    • chpasswd
    • chroot
    • chrt
    • chsh
    • chvt
    • cksum
    • clorm
    • cloumn
    • cmp
    • comm
    • compress
    • continue
    • cp
    • cpio
    • cron
    • crond
    • crontab
    • csplit
    • ctags
    • cupsd
    • curl
    • cut
    • cvs
    • date
    • dd
    • ddrescue
    • debugfs
    • declare
    • depmod
    • devdump
    • df
    • diff
    • dig
    • dircolors
    • dirname
    • disable
    • dlpsh
    • dmesg
    • dmidecode
    • dnsdomainname
    • dnssec-makekeyset
    • dnssec-signkey
    • dnssec-signzone
    • dnssec
    • doexec
    • domainname
    • dosfsck
    • dstat
    • du
    • dump
    • dumpe2fs.
    • dumpkeys
    • e2fsck
    • e2image
    • e2label
    • echo
    • ed
    • edquota
    • eject
    • elvtune
    • emacs
    • enable
    • env
    • envsubst
    • esd-config
    • esd
    • esdcat
    • esdctl
    • esddsp
    • esdmon
    • esdplay
    • esdrec
    • esdsample
    • etags
    • ethtool
    • eval
    • ex
    • exec
    • exit
    • expand
    • expect
    • export
    • expr
    • factor
    • false
    • fc-cache
    • fc-list
    • fc
    • fdformat
    • fdisk
    • fg
    • fgrep
    • file
    • find
    • finger
    • flex
    • fmt
    • fold
    • for
    • formail
    • format
    • free
    • fsck
    • ftpd
    • function
    • g++
    • gawk
    • gdb
    • getent
    • getkeycodes
    • getopts
    • goaccess
    • gorupmod
    • gpasswd
    • gpgsplit
    • gpgv
    • gpm
    • gprof
    • grep
    • groff
    • groffer
    • groupadd
    • groupdel
    • groups
    • grpck
    • grpconv
    • gs
    • gunzip
    • gzexe
    • gzip
    • halt
    • hash
    • hdparm
    • head
    • help
    • hexdump
    • history
    • host
    • hostid
    • hostname
    • hostnamectl
    • htdigest
    • htop
    • hwclock
    • iconv
    • id
    • if
    • ifconfig
    • iftop
    • ifup
    • import
    • inetd
    • info
    • init
    • insmod
    • install
    • iostat
    • iotop
    • ip
    • ipcrm
    • ipcs
    • iptables-restore
    • iptables
    • isodump
    • isoinfo
    • isosize
    • isovfy
    • ispell
    • iwconfig
    • jnettop
    • jobs
    • join
    • journalctl
    • kbdrate
    • kill
    • killall
    • klogd
    • kudzu
    • last
    • lastlog
    • ld
    • ldconfig
    • ldd
    • less
    • lesskey
    • let
    • lftp
    • lftpget
    • link
    • ln
    • loadkeys
    • local
    • locate
    • lockfile
    • logger
    • login
    • logout
    • logrotate
    • logwatch
    • look
    • losetup
    • lpadmin
    • lpc
    • lpinfo
    • lpmove
    • lpq
    • lpr
    • lprint
    • lprintq
    • lprm
    • lpstat
    • ls
    • lsatb
    • lsattr
    • lsblk
    • lshw
    • lsmod
    • lsof
    • lspci
    • lsusb
    • mail
    • mailstats
    • make
    • makedbm
    • makemap
    • man
    • manpath
    • mattrib
    • mbadblocks
    • mcat
    • mcd
    • mcopy
    • mdu
    • merge
    • mesg
    • mformat
    • mkdir
    • mkfs
    • mkraid
    • mktemp
    • mlabel
    • mmove
    • modinfo
    • LPIC-3 Mixed Environments 300 Exam
    • most
    • mount
    • mountd
    • mpartition
    • mpstat
    • mv
    • named
    • nameif
    • neofetch
    • netcat
    • netstat
    • newaliases
    • newgrp
    • newusers
    • nfsstat
    • nice
    • nl
    • nm
    • nmcli
    • nohup
    • nslookup
    • nsupdate
    • objcopy
    • objdump
    • od
    • op
    • open
    • openvt
    • passwd
    • paste
    • patch
    • pathchk
    • pgrep
    • pidof
    • ping
    • pkill
    • pmap
    • popd
    • portmap
    • poweroff
    • pppd
    • pr
    • praliases
    • printcap
    • printenv
    • printf
    • ps
    • ptx
    • pushd
    • pv
    • pwck
    • pwconv
    • pwd
    • quota
    • quotacheck
    • quotactl
    • quotaoff
    • quotaon
    • quotastats
    • raidstart
    • ram
    • ramsize
    • ranlib
    • rar
    • rarpd
    • rcp
    • rdev
    • rdist
    • read
    • readarray
    • readcd
    • readelf
    • readlink
    • readonly
    • reboot
    • reject
    • rename
    • renice
    • repquota
    • reset
    • restore
    • return
    • rev
    • rexecd
    • rlogin
    • rlogind
    • rm
    • rmail
    • rmdir
    • rmmod
    • rndc
    • rootflags
    • route
    • routed
    • rpcgen
    • rpcinfo
    • rpm
    • rsh
    • rshd
    • rsync
    • runlevel
    • rup
    • rusers
    • rusersd
    • rwall
    • rwho
    • rwhod
    • sane-find-scanner
    • sar
    • scanadf
    • scanimage
    • scp
    • screen
    • script
    • scriptreplay
    • sdiff
    • sed
    • select
    • sensors
    • seq
    • service
    • set
    • setfdprm
    • setkeycodes
    • setleds
    • setmetamode
    • setquota
    • setsid
    • setterm
    • sftp
    • sh
    • shift
    • shopt
    • showkey
    • showmount
    • shred
    • shutdown
    • skill
    • slabtop
    • slacttach
    • sleep
    • slocate
    • snice
    • sort
    • source
    • split
    • ss
    • ssh-add
    • ssh-agent
    • ssh-keygen
    • ssh-keyscan
    • ssh
    • stat
    • statd
    • strfile
    • strings
    • strip
    • stty
    • su
    • sudo
    • sum
    • suspend
    • swapoff
    • swapon
    • symlink
    • sysctl
    • sysklogd
    • syslogd
    • systemctl
    • Systemd
    • tac
    • tail
    • tailf
    • talkd
    • tar
    • taskset
    • tcpdump
    • tcpslice
    • tee
    • telinit
    • telnet
    • terminator
    • tfdp
    • tftpd
    • tmpwatch
    • top
    • touch
    • tput
    • tr
    • tracepath
    • traceroute
    • trap
    • tree
    • tset
    • tty
    • tune2fs
    • tunelp
    • type
    • ul
    • unalias
    • uname
    • uncompress
    • unexpand
    • unicode_start
    • unicode_stop
    • uniq
    • units
    • unix2dos
    • unshar
    • until
    • uptime
    • useradd
    • usermod
    • usleep
    • uudecode
    • uuencode
    • uuidgen
    • vidmode
    • vmstat
    • vnstat
    • w
    • wall
    • warnquota
    • watch
    • wc
    • wget
    • whatis
    • which
    • while
    • who
    • whoami
    • write
    • xargs
    • xdg-open
    • xinetd
    • xz
    • yacc
    • ypbind
    • ypcat
    • ypinit
    • ypmatch
    • yppasswd
    • yppasswdd
    • yppoll
    • yppush
    • ypset
    • yptest
    • ypwhich
    • ypxfr
    • zcat
    • zcmp
    • zdiff
    • zdump
    • zforce
    • zgrep
    • zic
    • zip
    • zless
    • znew
    • readme
      • Some basic info about Cloud Computing model and SRE's
      • Ansible Automation
      • Backup and Recovery
      • Linux File Systems and Storage Management
      • Linux Networking
      • shell-scripting
      • LPIC-3 Mixed Environments 300 Objectives
    • File-systems-Cocepts
      • LPIC1-101
        • LPIC-3 Security Exam 303 Exam
        • /dev/
        • /etc/apt/sources.list
        • /etc/fstab
        • /etc/init.d/
        • LPIC-3 Virtualization and Containerization 305 Exam
        • /etc/ld.so.conf
        • /etc/systemd
        • /etc/yum.conf
        • /etc/yum.repos.d/
        • LPIC-3 Virtualization and Containerization 305 Objectives
        • /media
        • /proc/
        • modprobe
        • /sys/
        • /usr/lib/systemd/user/
        • -boot
        • .bash_history
        • Application container
        • BIOS
        • D-Bus machine ID
        • EFI System Partition
        • Guest drivers
        • LD_LIBRARY_PATH
        • Linux containers
        • MBR
        • Quoting
        • SSH host keys
        • SysVinit
        • UEFI
        • VFAT
        • VMs
        • XFS
        • -etc-inittab
        • -home
        • bootloader
        • -root
        • -var
        • dpkg-reconfigure
        • apt-cache
        • bash
        • exFAT
        • ext2/ext3/ext4
        • bunzip2
        • bzcat
        • dpkg
        • Grub-install
        • grub-mkconfig
        • initramfs
        • kernel
        • egrep
        • file globbing
        • filesystem
        • gdisk
        • menu.lst, grub.cfg and grub.conf
        • Partitions
        • regex(7)
        • rpm2cpio
        • sha256sum
        • sha512sum
        • mke2fs
        • mkswap
        • mount points
        • parted
        • swap space
        • tmux
        • umask
        • umount
        • unset
        • unxz
        • updatedb
        • whereis
        • xfs_db
        • xfs_fsr
        • xfs_repair - Copy (2)
      • LPIC1-102
        • xfs_repair
        • xzcat
        • yum
        • zypper
        • -etc-X11-xorg.conf
        • -etc-X11-xrog.conf.d
        • -etc-at.allow
        • -etc-at.deny
        • -etc-bash.bashrc
        • -etc-chrony.conf
        • -etc-cron.allow
        • -etc-cron.deny
        • -etc-cron
        • -etc-crontab
        • -etc-cups
        • -etc-group
        • -etc-hostname
        • -etc-hosts.allow
        • -etc-hosts.deny
        • -etc-hosts
        • -etc-init.d-
        • -etc-inittab
        • -etc-localhost
        • -etc-localtime
        • -etc-logrotate.conf
        • -etc-logrotate.d-
        • -etc-nologin
        • -etc-nsswitches.conf
        • -etc-nto.conf
        • -etc-ntp.conf
        • -etc-passwd
        • -etc-profile
        • -etc-resolv.conf
        • -etc-rsyslog.conf
        • -etc-services
        • -etc-shadow
        • -etc-skel-
        • -etc-ssh-ssh_host_dsa_key and ssh_host_dsa_key.pub
        • -etc-ssh-ssh_host_ecdsa_key and ssh_host_ecdsa_key.pub
        • -etc-ssh-ssh_host_ed25519_key and ssh_host_ed25519_key.pub
        • -etc-ssh-ssh_host_rsa_key and ssh_host_rsa_key.pub
        • -etc-sudoers
        • -etc-systemd-journald.conf
        • -etc-timezone
        • -etc-updatedb.conf
        • -etc-xinetd.conf
        • -etc-xinetd.d-
        • -usr-bin-locale
        • -usr-share-zoneinfo
        • -usr-share-zoninfo
        • -var-log-journal
        • -var-log
        • DISPLAY
        • -var-spool-cron
        • ASCII
        • Gnome
        • Braille Display.
        • CUPS configuration files, tools and utilities
        • Gesture
        • KDE
        • Gestures.
        • High ContrastLarge Print Desktop Themes.
        • IPv4-IPv6
        • ISO-8859
        • LANG
        • LC_
        • LC_ALL
        • Logical OR
        • Mouse keys
        • On-Screen Keyboard.
        • RDP
        • Screen Magnifier.
        • Screen Reader
        • Slow-Bounce-Toggle keys
        • Spice
        • Sticky-Repeat keys
        • Subnetting
        • TCP-UDP-ICMP
        • TZ
        • X
        • UTF-8
        • XDMCP
        • Xfce
        • Unicode
        • VNC
        • Voice recognition
        • X11
        • atq
        • atrm
        • chronyc
        • exim
        • fuser
        • gpg-agent
        • gpg
        • groupmod
        • ifdown
        • logic and
        • logic or
        • lpd legacy interface
        • mailq
        • nmap
        • ntpd
        • ntpdate
        • ping6
        • pool.ntp.org
        • postfix
        • sendmail emulation layer commands
        • sendmail
        • ssh_known_hosts
        • systemd-cat
        • systemd-run
        • systemd.socket
        • test
        • timedatectl
        • tracepath6
        • traceroute6
        • tzselect
        • xauth
        • ulimit
        • unset
        • userdel
        • who, w, last
        • xhost
        • ~-.bash_login
        • ~-.bash_logout
        • ~-.bash_profile
        • ~-.bashrc
        • ~-.forward
        • ~-.gnupg-
        • ~-.profile
        • ~-.ssh-authorized_keys
        • ~-.ssh-id_dsa and id_dsa.pub
      • LPIC2-201
        • /bin/dmesg
        • /bin/uname
        • Device Naming Conventions
        • /dev/mapper/
        • /etc/auto.[dir]
        • /etc/auto.master
        • ~-.ssh-id_ecdsa and id_ecdsa.pub
        • /etc/hostname and /etc/HOSTNAME
        • /etc/hosts.allow , /etc/hosts.deny
        • /etc/hosts
        • /etc/init.d/
        • /etc/inittab
        • /etc/mtab
        • /etc/network and /etc/sysconfig/network-scripts
        • /etc/rc.d/
        • /etc/resolv.conf
        • /etc/sysctl.conf
        • /etc/systemd/
        • /etc/udev/
        • /proc/mdstat
        • ~-.ssh-id_ed25519 and id_ed25519.pub
        • /proc/sys/kernel/
        • /run/systemd/
        • /sbin/depmod
        • /sbin/insmod
        • /sbin/lsmod
        • /sbin/lspci
        • lv
        • /sbin/modinfo
        • /sbin/modprobe
        • pv
        • /sbin/rmmod
        • ~-.ssh-id_rsa and id_rsa.pub
        • LVM Volume Group (vg)
        • /usr/bin/lsdev
        • /usr/bin/lsusb
        • /usr/src
        • EFI System Partition (ESP)
        • GRUB
        • Master boot record
        • ~-.xsesion-errors
        • /boot , /boot/grub , /boot/efi
        • UEFI shell
        • WWID, WWN, LUN numbers
        • blkid
        • blocks in
        • blocks out
        • btrfs, btrfs-convert
        • bzImage
        • -etc-fstab
        • configure
        • cryptsetup
        • diagnose
        • dkms
        • efiboot.img
        • efibootmgr
        • Extlinux
        • fsck
        • -proc-mounts
        • fstrim Command
        • grub-install
        • -sbin-sysctl
        • System log files such as -var-log-syslog, -var-log-messages and the systemd journal
        • initrd and initramfs
        • SysV Init Overview
        • iSCSI Components
        • isohdpfx.bin
        • ISOLINUX
        • chkconfig
        • iw
        • iwlist
        • lib/modules/kernel-version/modules.dep
        • fsck
        • lvm.conf
        • make targets
        • mdadm.conf
        • mdadm
        • mkfs
        • mkinitramfs
        • mkinitrd
        • mkisofs
        • mkswap
        • /etc/modprobe.d/
        • module tools
        • mount and umount
        • hdparm, sdparm
        • mtr (My Traceroute)
        • Netcat(nc)
        • Nmap
        • NVMe (Non-Volatile Memory Express)
        • partition type 0xFD
        • ping , ping6
        • predict growth
        • processes blocked on IO
        • pxelinux.0
        • pxelinux.cfg/
        • resource exhaustion
        • smartd, smartctl
        • init and telinit
        • isolinux.cfg
        • sync
        • sysctl
        • syslinux
        • lib-modules-kernel-version
        • systemd-delta
        • mount
        • swapoff
        • tune2fs
        • udevadm monitor
        • udevmonitor
        • uefi-grubx64.efi
        • uefi-shim.efi
        • update-rc.d
        • /usr/lib/systemd/
        • usr-src-linux-.config
        • /usr/src/linux
        • /usr/src/linux/Documentation/
        • Xfs_info, Xfs_check, Xfs_repair, Xfsdump and Xfsrestore
        • XZ
        • zImage
      • LPIC2-202
        • /etc/aliases
        • /etc/dovecot
        • /etc/exports
        • /etc/fstab
        • named.conf
        • /etc/nginx
        • /etc/openvpn
        • /etc/passwd
        • /etc/postfix/
        • /etc/samba/
        • /etc/services
        • /etc/ssh/sshd_config
        • /etc/ssh
        • -etc-ssl-, -etc-pki-
        • /proc/mounts
        • /proc/sys/net/ipv4/
        • /proc/sys/net/ipv6/
        • /etc/samba/
        • /var/named/
        • swapon
        • systemctl
        • .htaccess Files
        • Apache2 configuration files
        • AuthUserFile, AuthGroupFile
        • Conditions and comparison operators
        • Configuration files and commands for postfix
        • DHCP Log Messages in Syslog or Systemd Journal
        • DNSSEC
        • traceroute, traceroute6
        • LDIF (LDAP Data Interchange Format)
        • PermitRootLogin, PubKeyAuthentication, AllowUsers, PasswordAuthentication, Protocol
        • Private and public key files
        • SSLCACertificateFile, SSLCACertificatePath
        • SSLEngine, SSLCertificateKeyFile, SSLCertificateFile
        • SSLProtocol, SSLCipherSuite, ServerTokens, ServerSignature, TraceEnable
        • Access Logs:
        • ACL
        • apachectl, apache2ctl
        • tune2fs, dumpe2fs and debugfs
        • dhcpd.conf
        • dhcpd.leases
        • dhcpd
        • dnssec-keygen
        • dnssec-signzone
        • doveadm
        • doveconf
        • dovecot.conf
        • /etc/pam.d
        • exportfs
        • Fail2ban
        • htpasswd
        • http_access
        • httpd, apache2
        • httpd.conf
        • Important Pure-FTPd command line options
        • ip6tables
        • -var-named
        • ldapadd
        • ldapdelete
        • ldappasswd
        • ldapsearch
        • -var-spool-postfix
        • Mail-related logs in /var/log/
        • Master File Format in DNS
        • mod_auth_basic, mod_authz_host and mod_access_compat
        • mount.cifs
        • named-checkconf
        • named-checkzone
        • named-compilezone
        • net
        • Dovecot vacation extension
        • nsswitch.conf
        • OpenSSL
        • OpenVPN
        • pam.conf
        • pam_unix, pam_cracklib, pam_limits, pam_listfile, pam_sss
        • portmapper
        • radvd.conf
        • radvd
        • Resource Record Formats
        • rpcinfo
        • samba-tool
        • Sendmail emulation layer commands
        • slapadd
        • slapcat
        • slapd-config
        • arp
        • keep, fileinto, redirect, reject, discard, stop
        • smbclient
        • Additional Samba Commands: smbcontrol, smbstatus, testparm, smbpasswd, nmblookup
        • SMB Daemons: smbd, nmbd, winbindd
        • squid.conf
        • sshd
        • sssd.conf
        • loglevel
        • vsftpd.conf
        • zone file syntax
      • LPIC3-300
        • IPC$
        • [homes]
        • tunefs.ocfs2
        • vgchange
        • vgcreate
        • HKLM\Software\Samba
        • LDIF (LDAP Data Interchange Format)
        • Microsoft-ADSI-Edit
        • Microsoft-LDP
        • microsoft mmc
        • Microsoft RSAT Tools
        • Microsoft Regedit
        • REG_SZ and REG_MULTI_SZ
        • SeDiskOperatorPrivilege
        • vgdisplay
        • Virtual Machine Generation Identifier
        • Virtual Machine Snapshots
        • allow-dns-updates
        • vgreduce
        • vgreduce
        • vgreduce
        • chmod
        • chown
        • cifscreds
        • cifsiostat
        • config backend
        • vgreduce
        • create-mask and create-mode
        • ifenslave
        • log level (or debuglevel) in Samba
        • delete veto files
        • dig
        • Directory Mask and Force Directory Mode
        • dns-forwarder
        • /etc/exports
        • /etc/fstab
        • /etc/group
        • /etc/idmapd.conf
        • ip
        • /etc/nsswitch.conf
        • /etc/pam.conf
        • /etc/pam.d/
        • /etc/group
        • /etc/resolv.conf
        • exportfs
        • ipvsadm
        • force-create-mode
        • force-directory-mode
        • force group
        • force-user
        • getcifsacl
        • getent
        • getfacl
        • getfattr
        • gpupdate
        • keepalived-configuration-file
        • kpartx
        • ldirectord-configuration-file
        • loadbalancing-algorithms
        • lvchange
        • lvconvert
        • host
        • lvcreate
        • lvdisplay
        • idmap-config
        • idmap_ad
        • lvextend
        • idmap_ldap
        • idmap_rfc2307
        • idmap_rid
        • idmap_tdb
        • idmap_tdb2
        • include
        • inherit-acls
        • lvreduce
        • FreeIPA (IPA)
        • ipa
        • ipa
        • IPA
        • ipa-adtrust-install
        • ipa-advice
        • ipa-client-install
        • ipa-replica-install
        • ipa-replica-prepare
        • ipa-server-install
        • ipactl
        • ipctl
        • kdestroy
        • kinit
        • klist
        • krb5.conf
        • lvresize
        • ldbadd
        • ldbdel
        • ldbedit
        • ldbmodify
        • ldbsearch
        • libnss_winbind
        • libpam_winbind
        • mdadm
        • log level (or debuglevel) in Samba
        • logon-path
        • logon-script
        • map-acl-inherit
        • mount
        • mount.cifs
        • mount Command
        • mkfs.gfs2
        • mkfs.ocfs2
        • multicast dns register
        • net
        • monit
        • net ads
        • net registry
        • nfs4_editfacl
        • nfs4_getfacl
        • nfs4_setfacl
        • nmbd (NetBIOS Name Service Daemon)
        • ntpd.conf
        • ntpsigndsocket
        • mount.gfs2
        • mount.ocfs2
        • mounted.ocfs2
        • multipath
        • nmcli
        • pam_mount.conf.xml
        • pam_mount.so
        • pam_smbpass.so
        • nvme-cli
        • passdb-backend
        • o2image
        • pdbedit
        • o2info
        • ocfpacemakerHealthCPU
        • ocfpacemakerHealthSMART
        • profile-acls
        • rdesktop
        • ocfpacemakerNodeUtilization
        • realm
        • Registry shares
        • registry.tdb in Samba
        • robocopy
        • ocfpacemakerocfSysInfo
        • rpcclient
        • rsync.conf
        • rsync
        • samba regedit
        • samba-tool dbcheck
        • samba-tool dns
        • ocfpacemakerping
        • samba-tool domain backup
        • samba-tool domain backup
        • samba-tool domain exportkeytab
        • samba-tool domain passwordsettings
        • pcs
        • pvcreate
        • samba-tool gpo
        • samba-tool group
        • samba-tool ntacl
        • pvdisplay
        • samba-tool spn
        • samba-tool user
        • Samba
        • samba_dnsupdate
        • secrets.tdb in Samba
        • security
        • server role
        • server services
        • server string
        • setcifsacl
        • setfacl
        • sharesec
        • smb-encrypt
        • smb.conf
        • smbcacls
        • smbclient
        • smbcontrol
        • smbcquotas
        • smbd (Samba Daemon)
        • smbget
        • smbpasswd
        • pvmove
        • smbstatus
        • smbtar
        • pvremove
        • pvresize
        • sss_cache
        • sss_debuglevel
        • sss_override
        • sss_user and sss_group
        • sssd.conf
        • rados-(including-relevant-subcommands)
        • store-dos-attributes
        • systemctl
        • tdbbackup
        • tdbdump
        • tdbrestore
        • tdbtool
        • template-homedir
        • template-shell
        • testparm
        • tls-cafile
        • tls-certfile
        • tls-dh-params-file
        • tls-enabled
        • tls-keyfile
        • rdb(including-relevant-subcommands)
        • /var/lib/samba/sysvol/
        • /var/lib/sss/db
        • /var/log/samba/
        • sbd
        • smartctl
        • vfs objects
        • vfs_acl_tdb
        • vfs_acl_xattr
        • wbinfo
        • winbind-enumerate-groups
        • smartd
        • winbind-offline-logon
        • winbind-separator
        • winbindd
        • workgroup
        • stonith
        • stonith_admin
      • LPIC3-303
        • /etc/aide/aide.conf
        • /etc/crypttab
        • /etc/openvas/
        • /etc/openvpn/
        • /etc/raddb/
        • /etc/rkhunter.conf
        • /etc/security/limits.conf
        • /etc/selinux/
        • /etc/snort
        • /etc/ssh/sshd_config
        • /etc/ssh
        • /etc/strongswan.conf
        • /etc/strongswan.d/.
        • /etc/swanctl/
        • /etc/swanctl/swanctl.conf
        • /etc/sysctl.conf
        • /etc/usbguard/rules.conf
        • /etc/usbguard/usbguard-daemon.conf
        • /etc/wireguard/
        • /proc/cgroups
        • nginx
        • slapd
        • ARP and NDP
        • Brute force attacks
        • Buffer overflows
        • CRL (Certificate Revocation List)
        • CSR (Certificate Signing Request)
        • CSRF
        • XSS
        • DoS and DDoS
        • keylogger
        • Link layer address and IP address spoofing
        • Man-in-the-Middle
        • OCSP (Online Certificate Status Protocol)
        • OpenSSL Configuration
        • PEM, DER, PKCS
        • Phishing
        • Privilege escalation
        • Rainbow tables
        • Rogue access points, routers, and DHCP servers
        • Rootkits
        • SQL and codes injection
        • Social engineering
        • slapindex
        • varlibldap
        • aide
        • apol
        • audit.rules
        • audit2allow
        • audit2why
        • auditctl
        • auditd.conf
        • auditd
        • ausearch, aureport
        • -sys-fs-group-
        • capsh
        • chcon
        • chkrootkit
        • chroot
        • conf.maldet
        • cryptmount
        • cryptsetup (Disk Encryption Setup)
        • delv
        • dnssec-dsfromkey
        • -sys-fs-group
        • dnssec-settime
        • Trojans
        • dpkg
        • ecryptfs- commands
        • ecryptfsd
        • fixfiles
        • getcap
        • getenforce
        • getfacl
        • getfattr
        • getsebool
        • grub.cfg
        • httpd.conf (Apache HTTP Server Configuration)
        • ip6tables-restore
        • ip6tables-save
        • ip6tables
        • ipset
        • iptables-save
        • iptables
        • Kismet
        • Linux Malware Detect (maldet)
        • mod_ssl (Apache SSL Module)
        • mount.ecryptfs, umount.ecryptfs
        • named.conf
        • ndpmon
        • newrole
        • ntop
        • openssl
        • openvas-adduser
        • openvas-feed-update
        • openvas-mkcert
        • openvas-nvt-sync
        • openvas-rmuser
        • openvassd
        • OpenVPN
        • pam_ecryptfs
        • pam_limits.so
        • pam_tty_audit.so
        • pulledpork.pl
        • radclient
        • radiusd.conf
        • radiusd
        • Viruses
        • radmin
        • radtest
        • radwho
        • restorecon
        • rkhunter
        • rndc
        • c
        • seaudit
        • seinfo
        • selinuxenabled
        • semanage
        • sestatus
        • setcap
        • setcon
        • setenforce
        • setfacl
        • setfattr
        • setfiles
        • setsebool
        • snort-stat
        • snort
        • ssh-keygen
        • swanctl
        • sysctl
        • systemctl
        • systemd-cgls
        • systemd-cgtop
        • Tcpdump
        • togglesebool
        • tshark
        • dnssec-keygen
        • usbguard
        • wg-quick
        • wg
        • wireshark
        • ~/.ssh/
      • LPIC3-305
        • -dev-kvm-
        • /etc/docker/daemon.json
        • /etc/libvirt — Libvirt Configuration Directory
        • -proc -[0-9]+-status
        • -proc-[0-9]+-ns
        • -sys-fs-cgroups
        • /var/lib/cloud
        • /var/lib/docker
        • CPU-flags
        • Dockerfile
        • Domain0(Dom0),DomainU (DomU)
        • Emulation and Simulation
        • Hardware Virtual Machine (HVM)
        • IaaS, PaaS, SaaS
        • Kernel-modules-kvm,kvm-intel.and.kvm-amd
        • Migration (P2V, V2V)
        • OpenStack
        • PV-DomU,HVM-DomU
        • Paravirtualization (PV)
        • QEMU Monitor
        • Terraform
        • Vagrantfile
        • brctl — Bridge Control Utility
        • capsh
        • cloud-init
        • syncd
        • dockerd
        • etc-xen-
        • guestumount — Virtual Disk Image Unmounting Tool
        • guestmount
        • guestumount
        • Hypervisor
        • ip(including-relevant-subcommands)
        • ip — Network Management Command
        • libvirtd — Libvirt Daemon (Legacy Central Virtualization Daemon)
        • LXC (Linux Containers)
        • LXD (Linux Container Daemon)
        • nsenter
        • Packer
        • tunefs.ocfs2
        • qemu-img — QEMU Disk Image Utility
        • vgchange
        • qemu — Quick Emulator
        • tunctl — TUN/TAP Device Control Utility
        • unshare
        • user-data
        • vagrant
        • virsh — Virtualization Shell for Managing VMs
        • virt-cat
        • virt-copy-in
        • virt-copy-out
        • virt-df
        • virt-diff
        • virt-filesystems
        • virt-inspector
        • virt-p2v-make-disk
        • virt-p2v
        • virt-rescue
        • virt-resize
        • virt-sparsify
        • virt-sysprep
        • virt-v2v
        • xentop
        • xl.cfg
        • xl.conf
        • xl
      • LPIC3-306
        • /etc/drbd.conf
        • /etc/drbd.d/
        • /etc/lvm/lvm.conf Configuration File
        • /etc/multipath.conf
        • /etc/network/interfaces
        • /etc/smartd.conf
        • /etc/sysconfig/networking-scripts/ifcfg-*
        • /etc/systemd/network/*.netdev
        • /etc/systemd/network/*.network
        • /proc/drbd
        • /proc/mdstat
        • /proc/sys/dev/raid
        • -sys-class-net-bond-bonding-miimon
        • -sys-class-net-bond-bonding-slaves
        • -sys-class-net-bonding_masters
        • Access Control Lists (ACLs)
        • Active-Active Cluster
        • vgcreate
        • Cluster Services
        • Disaster Recovery (DR)
        • Failover Cluster
        • Fencing (Node and Resource Level Fencing)
        • HAProxy Configuration File
        • LVS Forwarding Methods
        • Load-Balanced Cluster
        • Mean Time Before Failure (MTBF)
        • Mean Time To Repair (MTTR)
        • Primary, Secondary
        • ProtocolA,BandC
        • Quorum
        • Redundancy
        • Replication
        • Service-Level Agreement (SLA)
        • Session-Handling
        • Shared-Disk Cluster
        • Shared-Nothing Cluster
        • Split-Brain
        • State-Handling
        • Three-way replication
        • active-passive-cluster
        • apctest
        • apcupsd
        • authkeys
        • bonding.ko
        • Ceph
        • ceph-authtool
        • ceph-bluestore-tool
        • ceph-deploy
        • ceph-volume
        • ceph.conf
        • CephFS
        • cibadmin
        • connection-scheduling-algorithms
        • corosync-cfgtool
        • corosync-cmapctl
        • corosync-quorumtool
        • corosync.conf
        • crm
        • crm_attribute
        • crm_mon
        • crm_node
        • crm_resource
        • crm_shadow
        • crm_simulate
        • crm_standby
        • crm_verify
        • crushtool
        • DRBD Kernel Module
        • drbdadm
        • drbdmeta
        • drbdsetup
        • vgdisplay
        • fsck.ocfs2
        • genhash
        • gfs2_edit
        • gfs2_grow
        • gfs2_jadd
        • gluster
        • ifenslave Command
        • ip Command
        • ipvsadm
        • iscsiadm
        • iscsid.conf
        • Keepalived Configuration File
        • kpartx
        • ldirectord Configuration File
        • loadbalancing-algorithms
        • vgreduce
        • lvconvert
        • lvcreate
        • lvdisplay
        • lvextend
        • lvreduce
        • lvresize
        • mdadm
        • mkfs.gfs2
        • mkfs.ocfs2
        • Monit
        • mount.gfs2
        • mount.ocfs2
        • mounted.ocfs2
        • multipath
        • nmcli
        • nvme-cli
        • o2image
        • o2info
        • ocf:pacemaker:HealthCPU
        • ocf:pacemaker:HealthSMART
        • ocf:pacemaker:NodeUtilization
        • ocf:pacemaker:ocfSysInfo
        • ocf:pacemaker:ping
        • pcs
        • pvcreate
        • pvdisplay
        • pvmove
        • pvremove
        • pvresize
        • rados
        • rbd
        • authkey
        • smartctl
        • smartd
        • bonding.ko-(including-relevant-module-options)
        • stonith
        • stonith_admin
        • syncd
        • targets.conf
        • tgtadm
        • tunefs.ocfs2
        • vgchange
        • vgcreate
        • vgdisplay
        • vgreduce
  • Security attacks full list
Powered by GitBook
On this page
  • Types of XSS
  • Impacts of XSS
  • Example of XSS
  • Mitigation Techniques
  • Conclusion
  1. TXT FILES
  2. File-systems-Cocepts
  3. LPIC3-303

XSS

Cross-Site Scripting (XSS) is a common web application security vulnerability where attackers inject malicious scripts into web pages viewed by other users. XSS occurs when an application includes untrusted data in a web page without proper validation or escaping. Here’s an in-depth look at XSS, its types, impacts, and mitigation techniques:

Types of XSS

  1. Stored XSS (Persistent XSS):

    • Malicious scripts are permanently stored on the server (e.g., in a database), and whenever a user visits the affected page, the script executes.

    • Typically affects comment sections, forums, or any user-generated content areas.

  2. Reflected XSS:

    • Malicious scripts are injected as part of the request (e.g., through a URL query parameter) and reflected back to the user by the server.

    • Users are tricked into clicking on a crafted link containing the malicious script.

  3. DOM-based XSS:

    • Malicious scripts manipulate the Document Object Model (DOM) of the web page on the client-side, leading to script execution.

    • The payload is processed client-side by JavaScript, making detection and prevention more challenging.

Impacts of XSS

  1. Data Theft: Attackers can steal session cookies, credentials, or sensitive information from users.

  2. Client-Side Attacks: Malicious scripts can manipulate user interfaces, redirect users to malicious sites, or perform actions on behalf of the user without their consent.

  3. Web Application Defacement: XSS can modify the content of a website, potentially damaging its reputation.

Example of XSS

Consider a vulnerable PHP script that echoes user input without validation:

<?php
$user_input = $_GET['search'];
echo "Search results for: " . $user_input;
?>

An attacker could craft a URL like http://example.com/search.php?search=<script>alert('XSS')</script>.

If a user clicks on this link, the JavaScript code <script>alert('XSS')</script> executes within the context of the vulnerable page, showing an alert box with "XSS".

Mitigation Techniques

  1. Input Validation and Sanitization:

    • Validate and sanitize all user-supplied data, ensuring it matches expected formats and doesn't contain executable code.

    • Use whitelisting to allow only known safe inputs.

  2. Output Encoding:

    • Encode all user-generated content before displaying it to users to prevent browsers from executing scripts.

    • Use functions like htmlspecialchars() in PHP or frameworks that automatically encode output.

  3. Content Security Policy (CSP):

    • Implement CSP to define a whitelist of trusted sources for content, scripts, and other resources.

    • Helps prevent XSS by restricting the execution of scripts and mitigating the impact of successful attacks.

  4. HTTPOnly and Secure Flags for Cookies:

    • Set the HttpOnly flag on cookies to prevent them from being accessed by JavaScript.

    • Use the Secure flag to ensure cookies are only transmitted over HTTPS connections.

  5. Regular Security Testing:

    • Conduct regular security assessments, including penetration testing and code reviews, to identify and remediate XSS vulnerabilities.

  6. Educate Developers and Users:

    • Train developers on secure coding practices, including input validation, output encoding, and XSS prevention techniques.

    • Educate users about phishing attacks and the importance of not clicking on suspicious links.

Conclusion

XSS vulnerabilities remain prevalent in web applications and pose significant risks to user data and system security. By implementing robust security practices, including input validation, output encoding, and the use of security headers like CSP, organizations can effectively mitigate XSS risks and protect their web applications from exploitation. Regular updates and proactive monitoring are essential to maintaining a secure environment against evolving XSS attack vectors.

PreviousCSRFNextDoS and DDoS

Last updated 9 months ago