Linux

https://fmhy.net/file-tools#p2p-file-transfer free stuff on internet
https://www.youtube.com/watch?v=n3CWYPGjVns - настройка окружения

https://rclone.org/ - софт копирования

https://github.com/unixhostpro/ssh-login-notification - telegram notification Sites:

https://www.linuxfromscratch.org/lfs/view/stable/ - linux from scratch
https://explainshell.com/explain?cmd=+ssh+-q+gp-vpn-public+nc+-q0+10.59.0.74+22 - explain cmd shell
https://cheat.sh/btrfs https://roadmap.sh/

Best soft recomend for use

https://micro-editor.github.io/ -

curl https://getmic.ro | bash && sudo mv ./micro /usr/bin 
mkdir -p ~/.config/micro/
echo '{ "clipboard": "terminal" }' > ~/.config/micro/settings.json

python

sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 1
alias python='/usr/bin/python3.4'
python -m pip install --upgrade yt-dlp
python -m pip install --upgrade youtube-dl
python3 -m pip install --upgrade git+https://github.com/yt-dlp/yt-dlp.git@release
apt install aria2
grep ^Package /var/lib/apt/lists/*_Packages |grep microsoft | awk '{print $2}'| sort -u # show packages from repository

Get info

# INXI sudo apt install inxi
inxi -Fazy
 
# NOFETCH
sudo add-apt-repository ppa:dawidd0811/neofetch
sudo apt update 
sudo apt install neofetch
 
#mount info
grep btrfs /proc/self/mountinfo
 
#write activity
fatrace -t -f W

alias dud='du -x --max-depth=1|sort -rn|awk -F / -v c=159 '\''NR==1{t=$1} NR>1{r=int($1/t*c+.5); b="\033[1;31m"; for (i=0; i<r; i++) b=b"#"; printf " %5.2f%% %s\033[0m %s\n", $1/t*100, b, $2}'\''|tac'
alias dus='du -x --max-depth=1|sort -rn|awk -F / -v c=159 '\''NR==1{t=$1} NR>1{r=int($1/t*c+.5); b="\033[1;31m"; for (i=0; i<r; i++) b=b"#"; printf " %0.0f Mb %s\033[0m %s\n", $1/1024, b, $2}'\''|tac'

Watch for directory

 CMD='echo '$(date +"%y%m%d %H:%M:%S")' - $(date +"%d %H:%M:%S") $(sudo du -d 0 -h /media/add300gb/postgres)' && watch -n 5  $CMD

Find large files

find ./ -type f -printf '%s %p\n' | sort -nr | head -10
sudo du -a ./ 2>/dev/null | sort -n -r | head -n 10
alias ducks='du -cks * | sort -rn | head -n 10'
 
# dto delete files in ~/.cache directory that are have not been accessed in 100 days
find ~/.cache/ -type f -atime +100 -delete
 
# Download magnet
aria2c -d ~/Downloads --seed-time=0 "magnet:?xt=urn:btih:248D0A1CD08284299DE78D5C1ED359BB46717D8C"

Подготовка к экзамену ссылка на официальные книги
https://training.linuxfoundation.org/certification/linux-foundation-certified-sysadmin-lfcs/

https://habr.com/ru/post/553000/ - полезные утилиты

hard reset Hard reset by keyboard

The Magic SysRq keys. 
Press and hold both the Alt key and the PrtSc|SysRq key, and while keeping them pressed down, tap the following key sequence, 
leaving approximately one second between each key press…:
 R, E, I, S, U, B.
mnemonic “Reboot Even If System Utterly Broken.”
unRaw — приказывает вернуть управление системой клавиатуре.
tErminate — посылает сигнал SIGTERM всем процессам, чем производится попытка безопасного завершения всех процессов с сохранением данных, исключение составляет лишь процесс init.
kIll — посылает сигнал SIGKILL всем процессам, которые не смогли быть закрыты ранее, также за исключением процесса init — все остальные процессы будут уничтожены и не сохраненные данные будут утеряны.
Sync — переписывает всё из кэша на жесткий диск, происходит синхронизация, что уменьшает возможность повреждения данных.
Unmount — перемонтирует все файловые системы в режим только для чтения — после использования этого ключа вы можете перезагружать систему нажатием Alt + SysRq + B без ущерба для системы.
reBoot — собственно команда перезагрузки системы. Если воспользоваться этим ключом без использования предыдущих, система перезагрузится в жестком режиме.

learn learning обучение redhat https://rhtapps.redhat.com/assessment/?intcmp=701f20000012ngPAAQ
linux certification https://ru.wikipedia.org/wiki/Linux_Professional_Institute_Certification

https://www.youtube.com/watch?v=WKKTzPYP18k - графика в linux

https://linux-hardware.org/?view=howto
Block device drivers https://web.archive.org/web/20120308183408/http://free-electrons.com/doc/block_drivers.pdf
ssd raid 4 https://larryjordan.com/articles/maximize-performance-with-an-ssd-raid/

precompiled version ci https://builds.smartmontools.org/

configuring https://www.youtube.com/watch?v=IE5y2_S8S8U&t=66s HomeLab Services Tour Late 2021 - What am I Self-Hosting in my HomeLab?
config conf https://www.youtube.com/watch?v=f5jNJDaztqk What's On My Home Server? Storage, OS, Media, Provisioning, Automation

https://meshcentral.com/info/

univention перевод active directory

htop understand in pics - https://hackaday.com/2020/01/30/understand-linux-htop-visually/

Manjaro

dpkg -S filename
apt-file search /usr/include/cairo/cairo.h

apt install net-tools # - {netstat, ifconfig, iwconfig, route, iptunnel, arp}
apt install iproute2 # - {ss, ip, iw, ip r, ip tunnel, ip n}
apt install procps # - {ps,top}

# Capture only new  connection  - https://serverfault.com/questions/798745/tcpdump-capture-new-connections-only
 
# The following will capture both TCP-SYN and SYN-ACK packets.
tcpdump -i <interface> "tcp[tcpflags] & (tcp-syn) !=0"
 
#The following will only capture TCP-SYN packets.
tcpdump -i <interface> "tcp[tcpflags] & (tcp-syn) !=0 and tcp[tcpflags] & (tcp-ack) =0"
 
#The reason is, SYN-ACK packets include both the SYN and ACK flags. The first filter only looked for the presence of a SYN flag.
#If you want to filter on inbound only, add the -Q in option.
tcpdump -i <interface> -Q in "tcp[tcpflags] & (tcp-syn) !=0 and tcp[tcpflags] & (tcp-ack) =0"
 
 
# filter Monitor HTTP Request and Response Headers
tcpdump -i <interface>  -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'

#https://netosec.com/buff-hackthebox-writeup/
nmap -p- -A -T4 bot.ip2u.ru   # scan remote host
# searchsploit for search exploits
# -- full scan target_host to file output_file 
nmap -p- -sS -sU -sV -O -A --reason --script=default,discovery,vuln,version,exploit,safe --script-timeout=2m --max-retries=3 --min-rate=1000 --max-rate=10000 -T4 -oA output_file target_host
# This command includes the following options:
# -p-: Scan all 65535 ports.
# -sS: Perform a SYN scan (TCP).
# -sU: Perform a UDP scan.
# -sV: Probe open ports to determine service/version info.
# -O: Enable OS detection.
# -A: Enable advanced and aggressive options (equivalent to -sC -sV -O).
# --reason: Display the reason a port is set to a specific state.
# --script: Run various NSE scripts (default, discovery, vuln, version, exploit, safe).
# --script-timeout=2m: Set a 2-minute timeout for each script.
# --max-retries=3: Limit the number of retries for each port.
# --min-rate=1000: Send a minimum of 1000 packets per second.
# --max-rate=10000: Send a maximum of 10000 packets per second.
# -T4: Set the timing template to "aggressive" (higher is faster but less accurate).
# -oA: Output results in all formats (normal, XML, and grepable).

curl test benchmark performance network
curl -Lo /dev/null -skw "\ntime_connect: %{time_connect}s\ntime_namelookup: %{time_namelookup}s\ntime_pretransfer: %{time_pretransfer}\ntime_starttransfer: %{time_starttransfer}s\ntime_redirect: %{time_redirect}s\ntime_total: %{time_total}s\n\n" https://abs.twimg.com/responsive-web/client-web/main.ba59e0f5.js 
 
time_connect: 0.109328s time_namelookup: 0.014423s time_pretransfer: 0.316707 time_starttransfer: 0.413606s time_redirect: 0.000000s time_total: 82.467500s

# PortKnocking - iptables limit 
-I INPUT 3 -m state --state NEW -m tcp -p tcp --dport 22 -m recent --rcheck --seconds 30 --name SSH2 -j ACCEPT
-I INPUT 4 -m state --state NEW -m tcp -p tcp -m recent --name SSH2 --remove -j DROP
-I INPUT 5 -m state --state NEW -m tcp -p tcp --dport 9991 -m recent --rcheck --name SSH1 -j SSH-INPUTTWO
-I INPUT 6 -m state --state NEW -m tcp -p tcp -m recent --name SSH1 --remove -j DROP
-I INPUT 7 -m state --state NEW -m tcp -p tcp --dport 7777 -m recent --rcheck --name SSH0 -j SSH-INPUT
-I INPUT 8 -m state --state NEW -m tcp -p tcp -m recent --name SSH0 --remove -j DROP
-I INPUT 9 -m state --state NEW -m tcp -p tcp --dport 8881 -m recent --name SSH0 --set -j DROP
-A SSH-INPUT -m recent --name SSH1 --set -j DROP
-A SSH-INPUTTWO -m recent --name SSH2 --set -j DROP
-I INPUT 10 -m state --state NEW -m tcp -p tcp --dport 22  -j DROP
 
 
sudo iptables -I INPUT 3 -p tcp --dport 22 -m recent --name ssh --update --seconds 3600 --hitcount 8 -j logdrop
sudo iptables -I INPUT 4 -p tcp --dport 22 -m recent --name ssh --set
sudo iptables -I INPUT 5 -p tcp --dport 22 -m recent --name ssh ! --rcheck --seconds 15 --hitcount 2 -j REJECT
sudo iptables -I INPUT 6 -p tcp --dport 22 -j ACCEPT
# -- https://ipset.netfilter.org/iptables-extensions.man.html
echo -addr >/proc/net/xt_recent/DEFAULT
 
 
# логирование пакетов
sudo iptables -N logdrop
sudo iptables -A logdrop -m limit --limit 5/m --limit-burst 10 -j LOG
sudo iptables -A logdrop -j REJECT
 
# просмотри логировани пакетов
 journalctl -k | grep "IN=.*OUT=.*" | less
<code>
 
====== Linux Console ======
 
<code BASH>
If you are fine with setting the execute permissions for everyone on all folders:
 
chmod -R -x+X *
The -x removes execute permissions for all
The +X will add execute permissions for all, but only for directories.
 
See below for a solution that uses find to really not touch folders as requested.

Tmux cheat sheet
https://leanpub.com/the-tao-of-tmux/read#prefix-key

Buffers

C-b + [ - selection mode
C+space - selection start
R - rectangle mode
C-w - save to buff and cancel
C+b + + buffers manager
C+b + ]

Start on ssh session

 ssh -Y user@hostname  ; export DISPLAY=:0 && /usr/lib/vino/vino-server

Ubuntu Azure cloud - configure with iso hyperv-cloud-image, Step by step isntruction

Linux proxmox

netboot.xyz, netboot-xyz-docker-network-boot-server-pxe

https://www.youtube.com/watch?v=X48VuDVv0do
https://www.youtube.com/watch?v=7bA0gTroJjw - need to learn right now
https://artifacthub.io/ - hub of software
https://sookocheff.com/post/kubernetes/understanding-kubernetes-networking-model/
https://medium.com/google-cloud/understanding-kubernetes-networking-pods-7117dd28727

https://www.informaticar.net/ubuntu-20-04-how-to-setup-iscsi-initiator/

sudo service open-iscsi status
sudo iscsiadm -m node --target iqn.2000-01.com.synology:RackStation.Target-5.fb2fa0d73e --login
sudo iscsiadm -m session -o show
sudo iscsiadm -m discovery -t sendtargets -p 10.59.1.150

docker run -it --rm --net host janten/iftop -i bond0

mount -t cifs //10.59.1.150/esb-smb /media/synology-esb-smb -o users,username=esb-user-1,password="PASSWORD",file_mode=0777,dir_mode=0777


mount.cifs -v -o rw,echo_interval=60,user=esb-user-1,dom=RACKSTATION,password=PASSWORD //10.59.1.150/esb-smb /media/synology-esb-smb


# /etc/fstab
//10.59.1.150/esb-smb /media/synology-esb-smb cifs users,rw,credentials=/etc/samba/sambacreds,x-gfs-show 0 0 2

mount -v  /media/synology-esb-smb 
umount -v  /media/synology-esb-smb 

/etc/sambacreds
---
username=esb-user-1
password=PASSWORD
domain=RACKSTATION


cd
echo username=esb-user-1 > /etc/sambacreds
echo password=PASSWORD >> /etc/sambacreds
echo domain=RACKSTATION >> /etc/sambacreds

chmod 600 /etc/sambacreds
chown root: /etc/samba/sambacreds


# check status
 cat /proc/mounts

Linux

Linux полезное

Linux графика

Linux hardware

Linux smartmontolls smartd smart

Linux настройка

Linux remote management удаленное управление

Linux active directory миграция

Linux HTOP

Linux.rustdesk

Linux.manjaro

Linux.network tools

Linux.boot grub uefi

Linux.Network

Linux.Network.Iptables

Linux.Tmux

Linux.Shell

VNC

Cloud-Init

Linux.Proxmox

Network Boot

Ansible

Kubernetes

ISCSI

NETWORK IFTOP SYNOLOGY

SAMBA mount CIFS SHARE fstab

Cygnus