|< Day Day Up >|| |
There are several useful commands that do not fit neatly into any one category. We will examine several of these commands here. These commands include finger, who, whois, and date. The date command is the simplest, as it returns the current date and time. Enter date in all lowercase letters at the shell, and you should see something like what is shown in Figure 18.14.
Figure 18.14: The date command.
The finger command is used to get back information regarding a specific user. This often is useful for a system administrator. For example, if you run top and see that one specific user is spawning several processes on your server and those processes are consuming resources, you may want to find out about that user. In Figure 18.15, you can see the finger command used on the root user.
Figure 18.15: The finger command.
The who command is also quite useful for a system administrator. It will give you a list of all the users currently logged on to your system. This can be very important. You will want to know who is on your system. You can see the output of the who command in Figure 18.16.
Figure 18.16: The who command.
One common trick used by hackers is to log on to a system after hours using a valid user account. Some administrators create a script (we will discuss scripts in detail later in this book) that runs the who command and dumps the output to a file. You can then schedule that script to run at night, after hours. If you find that at 2 a.m. a user was shown to be logged in, and you know that user was not in the building, then you should suspect a hacker is using that user account. You can delete that account and issue the user a new account with a different password.
The whois command is quite similar to the finger command, except that normally it is used with Internet addresses. You might ask whois www.chuckeasttom.com. If the information is available, this command will return information about the party that registered that domain name. You may not be aware, but when you register a domain, the information you provide is public domain. Anyone can look up the registration information about any domain.
There is another very simple command. It is the uname command. When you enter uname at the shell, it will tell you what operating system you are using. This may seem like an entirely useless command until you consider that these shells can be used with Linux or Unix. You may not be sure whether you are sitting at a Unix machine or a Linux machine.
|< Day Day Up >|| |